We have been hearing about the “convergence” of physical and cyber security for years, but even today there are still debates about whether it has happened yet (spoiler alert: it hasn’t). Part of the challenge might be that the word convergence itself can apply to more than one kind of activity – for example, some believe it applies to the linkages or integration of IT and security systems, while others believe it applies to IT and security organizational structures and teams.
Do you know who is calling you? In many cases, employees rely on caller ID or a familiar name to allow callers to build trust and potentially exploit them. Vishing (or social engineering) is a practice where verbal communication is used to deceive a potential victim.
New technologies, including cloud computing, the Internet of Things and artificial intelligence, are constantly bringing new opportunities and challenges to attackers and defenders alike. This is not just the age of machines but of machine-scale. As such, IT security analysts need new tools to defend the network.
Last month’s ASUS APT attack doesn’t come as a surprise to any security-conscious industry watcher – this highlights a long-standing flaw in many software supply chains today. Attackers have been engaged in spoofing websites, stealing credentials and gaining unauthorized access for years. Injecting malicious code into legitimate tools that are designed to protect represents the next evolution in putting companies and their customers at risk.
Both the government and the private sector are scrambling for talent. Thousands of information-security jobs are going unfilled as the industry in the U.S. struggles with a shortage of properly trained professionals. By one estimate, there will be 3.5 million unfilled cybersecurity jobs by 2021.
Many enterprises face challenges when choosing the right security partners to implement and maintain their systems. Security management places a premium on their specific physical security strategies, either because of the complexity of their needs, or the specific system demands and compliance regulations associated with their specific business classification. Therefore, the goal should be to partner with suppliers whose focus is to deliver the solutions that best fulfil desired system functionality and operations.
School and campus safety is an ever evolving challenge. New threats emerge almost daily, and administrators and security personnel need a way to respond should students and staff face a dangerous situation. The foundation of any good safety plan is strong communication.
It can be expected that costs associated with cybercrime will rise in the near to medium term and have a material impact on the global economy – while putting individual citizens’ and corporations’ important data at risk by cyber criminals. Due to the convergence of an escalation in the number of security vulnerabilities, an increase in hacker capabilities and tools as well as new legislation being enacted in the European Union, the estimated costs due to cybercrime may be conservative.
Multiple cyber-attacks and compromise of personal information of millions of people globally show that the complexity and intensity of cybersecurity attacks are on the rise, and it could have broader political and economic ramifications. As cybercrimes become more lucrative and cybercriminals become smarter, cybersecurity too will have to be intelligence driven, enabling a swift response to the advanced attacks.
In 2018, we witnessed some of the biggest data breaches ever – affecting businesses and consumers alike. From social media, hospitality, healthcare and even mail delivery, 2018 proved that there is no escaping cybersecurity flaws, regardless of the type of business or its popularity. For example, we witnessed the data of approximately 500 million Marriot guests get breached and a USPS security flaw that exposed the personal data of more than 60 million people.