Eighty-four percent of CISOs in North America believe cybersecurity breaches are inevitable, and a lack of influence in the boardroom is making it difficult to justify the necessary cybersecurity budgets.
It is more important than ever to harden access to your video surveillance infrastructure to provide increased visibility and control over the environment.
When it comes to cybersecurity, no doubt humans are the weakest link. No matter how many layers are added to your security stack, nor how much phishing education and awareness training you do, threat actors continue to develop more sophisticated ways to exploit the human vulnerabilities with socially engineered attacks. In fact, as security defenses keep improving, hackers are compelled to develop more clever and convincing ways to exploit the human attack surface to gain access to sensitive assets.
In the last few years, executives overseeing energy, utility and other industrial organizations have begun to worry about the threat of cyberattacks on our nation’s most critical infrastructures. Ten years ago, their main concerns were focused on safety or environmental risks. Back then, operators believed the virtual barricades, or air gaps, between networks and technologies were sufficient enough to defend against malware and cyberattacks.
Technology has advanced at an astonishing rate in the last decade, and the pace is only set to accelerate. Capabilities that seemed impossible only a short time ago will develop extremely quickly, aiding those who see them coming and hindering those who don’t. Developments in smart technology will create new possibilities for organizations of all kinds – but they will also create opportunities for attackers and adversaries by reducing the effectiveness of existing controls. Previously well-protected information will become vulnerable.
By using a malware attack on the bank’s ATM server, hackers stole customer information and withdrew 805 million rupees in 14,849 transactions in just over two hours on August 11, mostly overseas.
While casting blame for your local team’s loss on Sunday may make for great sports talk, asserting blame for your company’s data breach is an uncomfortable exercise of self-effacement. It is a matter that many company leaders are struggling with. According to a recent survey conducted by the Ponemon Institute, 67% of CISOs expect a data breach or cyberattack in 2018.
Phishing emails remain the number one delivery mechanism for ransomware. The ransomware attack on the Lansing Board of Water and Light in Michigan, which forced the utility to shut down its accounting system, email service and phone lines, succeeded because a single employee opened an attachment to a phishing email.
In the simplest terms, the “attack surface” is the sum total of resources exposed to exploit within your enterprise. Defending the attack surface was a lot less complicated when a defined corporate “perimeter” existed, neatly separating a company’s assets from the outside world. But, next-gen technologies (e.g., cloud computing and software-defined networking) have dissolved the perimeter, causing the attack surface to grow exponentially.
Like the GDPR before it, the CCPA is getting a lot of attention because of the rights California residents will have to access data held by companies, to have that data removed, and to prohibit the sale of personal data. The new law, which does not go into effect until 2020, also creates the potential for some eye-popping payments directly to consumers impacted by a breach.
