Phishing emails remain the number one delivery mechanism for ransomware. The ransomware attack on the Lansing Board of Water and Light in Michigan, which forced the utility to shut down its accounting system, email service and phone lines, succeeded because a single employee opened an attachment to a phishing email.
Patching used to need more planning and manual intervention, but as internet access has improved, many manufacturers now provide built-in Updater Services. Microsoft have taken this further, resorting to patch-guerilla tactics: Ambush Updates. They know what’s best for you, and if you won’t restart your PC then they will. Usually this will always be when it’s least convenient for you, such is Murphy’s Law.
After a data breach, regulators strive to evaluate if an enterprise fulfilled "reasonable" cybersecurity standards… without defining what "reasonable" looks like.
More than 7 million data records are stolen every day.
July 27, 2018
As companies and businesses rely more on technological advancements to collect and store consumer information, they run the risk of exposing sensitive data to anyone from malicious groups to tech-savvy individuals.
A study IBM Security and conducted by Ponemon Institute found that the average cost of a data breach globally is $3.86 million, a 6.4 percent increase from the 2017 report.
There seems to be a constant supply of news stories involving high-profile, high-impact criminal cyber activity. More often than not, the data breaches that we hear about occur at large businesses or global organizations. This leads many people to think that it’s only those big companies who are at risk of being attacked. They incorrectly assume that today’s cybercriminal is always looking for a giant financial payout or a huge cache of personal data. But the reality is that small and mid-size businesses (SMB) are actually at greater risk.
Like the GDPR before it, the CCPA is getting a lot of attention because of the rights California residents will have to access data held by companies, to have that data removed, and to prohibit the sale of personal data. The new law, which does not go into effect until 2020, also creates the potential for some eye-popping payments directly to consumers impacted by a breach.
