Overlooked risks can cost companies millions in financial and reputational damage — but existing commercial threat intelligence solutions often lack data coverage, especially from these alternative web spaces.
How does this impact corporate security operations, and how can data coverage gaps be addressed?
In its quarterly report, toy maker Mattel announced it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted in July 2020.
Japanese gaming giant Capcom has disclosed a data breach which led to unauthorized access of some files and systems. The developer claimed that the incident impacted email and file servers, among other systems.
Blackbaud, cloud software provider, has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack and data breach that the company suffered in May 2020.
Risk Based Security released their 2020 Q3 Data Breach QuickView Report, revealing that the number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record.”
While breaches are an inevitable part of doing business, you can limit the negative impact by developing a solid playbook that charts a course to recovery. Examine potential threats, work out how to handle discrete scenarios, and spell it all out for your employees. By compiling policies and work streams, assigning responsibilities, and setting expectations you can build real resilience.
Cool heads prevail in a crisis, and nothing curbs the spread of panic as well as a clearly delineated plan. But it’s not enough to craft a playbook, you also need to test it before it can serve as a critical piece of governance for your organization. Let’s take a closer look at the best way to go about developing a playbook.
Traditional Enterprise Data loss prevention (DLP) tools were not initially designed for protecting unstructured data, and encryption and policy are not centralized and few have taken advantage of improvements in recent years. In the meantime, unstructured data has piled up and is growing.
To target this problem, a new set of vendors and products emerged with “data-centric” solutions adding to the confusion. So many vendors with a variety of capabilities to choose from, but how do you know which is right? What vendor do you choose? The answer to these questions is to think more about what you want to accomplish and weigh the approaches first.
Any apparent election interference from countries like Iran and Russia is typically met with partisan posturing. But while politicians are busy debating which candidate might benefit, there’s a good chance that someone, somewhere, is trying the same thing again right now.
Foreign interference like the recent incident announced by the U.S. Director of National Intelligence John Ratcliffe is more common than ever because no online data is completely safe from hackers, and digital data is valuable for what it reveals.
Defending against insider threats is one of the biggest challenges an organization can face, and the COVID-19 pandemic has only made detection more challenging as remote employees continue to use virtual private networks (VPNs) to access sensitive company files and information. Here, we talk to Carolyn Crandall, Chief Deception Officer at Attivo Networks, to discuss how security teams can use deception technology to detect and prevent insider threat attacks.
