February 14, 2018
In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. Join our incident response experts for a 45-minute webinar to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.
Ryan Clancy, deltarisk.com, February 9, 2018
We’re only a month into 2018 and we’ve already seen a flurry of security incidents. Meltdown and Spectre grabbed headlines early, bringing attention to a serious design flaw in Intel processor chips. Ransomware breaches that hit Allscripts and Hancock Health were born from the SamSam variant, which has only gained strength as a major threat across all sectors. What else is in store for 2018? Here are the trends you should expect to shape the industry this year.
Nick Ismail, information-age.com, February 14, 2018
RiskIQ, the digital threat management firm, has announced the release of its 2018 CISO Survey, revealing that 89.1% of all information security leaders are concerned about the rise of digital threats they are experiencing across web, social and mobile channels. Some 1,691 US and UK information security leaders across multiple verticals, including enterprise, consulting, government and education, provided insights into their cyber risk concerns and plans for 2018.
Markus Jakobsson, infosecurity-magazine.com, February 13, 2018
As we enter a new year, IT security teams and cyber-criminals are both already searching for the development that will tip the scales in the on-going cyber arms race. A common assumption is that a new malware strain or vulnerability will be the defining factor of 2018, similar to the WannaCry and NotPetya outbreaks of last year. The fact that the EternalBlue exploit used by both attacks was taken from a cache of vulnerabilities originally discovered by the NSA has many teams anticipating more attacks with currently unknown exploits this year.
Chris Albert, itproportal.com, February 12, 2018
Even the sturdiest of organisations host a probability of being sabotaged by the tiniest of cyber-attacks. An unforeseen virus slips through the impressive yet not fool-proof defences, infects the core, and the whole system comes running down. And what lies at the heart of today’s organisations? Information. It is the key element which builds or breaks a firm, depending on who’s controlling it. Especially in the present scenario, it is absolutely crucial to protect information assets.
Tara Seals, infosecurity-magazine.com, February 8, 2018
The perceived value of threat intelligence is growing, with 68% of organizations currently creating or consuming data around the latest cybersecurity campaigns. According to the SANS 2018 Cyber Threat Intelligence Survey, about a fifth (22%) of organizations have plans to use threat intelligence in the future. The adoption of threat intelligence programs has steadily grown, with more respondents than ever before using them to improve their overall cybersecurity posture. The rate climbed to 81% this year, compared to 78% in 2017 and 64% in 2016.
Insurance Journal Staff, insurancejournal.com, February 7, 2018
Major shortcomings exist in cyber security readiness for nearly three-quarters (73%) of more than 4,100 organizations in five countries, despite keen awareness of the threat, according to a study commissioned by specialist insurer Hiscox. Indeed, almost half, or 45 percent, of survey respondents experienced at least one cyber attack in the past year, while two-thirds suffered two or more attacks, said the “Hiscox Cyber Readiness Report 2018,” which surveyed a representative sample of private and public sector organizations in the UK, U.S., Germany, Spain and the Netherlands. (Hiscox published its first cyber readiness report in 2017).
Neera Desai, helpnetsecurity.com, February 8, 2018
There is a new attack vector in town – the customization of phishing kits. In a recent case uncovered by PhishMe Intelligence, a phishing kit was crafted to target residents of specific regions using either TrickBot or Locky. Instead of determining what malware to deploy, this kit determined what personal information to collect from its victims. Because the United States was the first in online banking, phishers originally began targeting United States residents. As online banking becomes more prevalent around the world, targeting victims on a global landscape requires more customization of phishing scams and techniques to match local expectations.
Dan Patterson, techrepublic.com, February 6, 2018
You wouldn’t hire a person to design your advertisements, if they don’t know anything about advertising. Similarly, you shouldn’t hire a person on your team if they don’t have a basic cyber understanding. TechRepublic’s Dan Patterson spoke with RedSeal CEO Ray Rothrock to discuss how schools and companies can help close the cyberskills gap. Below is a transcript of the interview.
Catalin Cimpanu, bleepingcomputer.com, February 6, 2018
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. On average, every ransomware attack costs companies $133,000, but some infections were more widespread than others, and 5% of respondents said they dealt with ransomware incidents that cost between $1.3 to $6.6 million.