Kaspersky recently conducted a study based on anonymized OS metadata provided by consenting Kaspersky Security Network users. The survey found that almost one quarter (22%) of PC users are still using the end-of-life OS Windows 7, which stopped receiving mainstream support in January 2020 by way of the vendor no longer sending software updates including critical security fixes.
While COVID-19 paused many activities in 2020, cybercriminals continued to keep busy evolving their arsenal of weapons for more lucrative cyberattacks. While companies adopted remote work models and third parties experienced heightened disruption, cyber risk skyrocketed with increased ransomware, credential stuffing, malware, and Virtual Private Network (VPN) exploitation. As a result, the number of data breaches in the U.S. reached 1001 cases last year, with over 155.8 million individuals affected. Now following the SolarWinds hack, President Biden is set to sign off on an executive action to address gaps in national cybersecurity. The move is causing many CSOs to look for ways to evolve beyond the reactive model to an “always-on” approach -- one that proactively mitigates potential threats and risks before they disrupt business.
After a lifetime in the protection business, the one constant in Washington that I’ve learned is that it takes tragedy to force change. The January 6 Capitol riot is not an enigma. This was a clear protective intelligence failure. The key finding of Retired Army LTG. Russel Honore’s report reviewing how the pillar of U.S. democracy could have been so easily infiltrated is that the U.S. Capitol Police (USCP) must better integrate intelligence into its operations through improved awareness, assessment, sharing, and response capabilities. We can look at effective protective intelligence as a three-part story: Act I is identifying threats; Act II is building those threats into a cohesive profile; Act III is sharing and acting on that information in order to make nothing happen. Applying this framework to January 6 helps us understand how we can and must do better and provides important takeaways for corporations.
Transparency is a cornerstone of security assurance and should be a core value among more organizations across the technology ecosystem. But how do you build that transparency? There are several key components that serve as the building blocks of transparency and security assurance. Here are five key areas to consider.
Matthew Ireland has been named Chief Information Security Officer (CISO) at NTT Research to focus on both information security and physical security at the organization.
Device Centric Risk Management (DCRM) is a layered approach to cybersecurity that protects each device, driving remediation and mitigation directly on medical and IoT assets. To find out more about how this paradigm helps with regulatory compliance and helps mitigate cyberattacks, we speak to Motti Sorani, Chief Technology Officer at CyberMDX.
Critical infrastructures must balance the utility of expanding their network of connected devices with the threats posed by bad actors. Managing the risk emerging from these threats will require an understanding of the specific style of threats posed, as well as how to counter them.
In March, President Biden allocated 9 billion dollars in his American Rescue Plan Act of 2021 to upgrade technology and boost talents hiring in cybersecurity. Where would that money be best used and how can the new administration convert this plan into a safe cyber landscape for the U.S.? To find out, we speak to Jeff Alerta, Chief Technology Officer of Inverselogic.
Cybersecurity has always been tremendously important to organizations. But in the current environment, adequate security measures are harder than ever to implement. Many organizations now manage thousands of laptops, mobile devices, and apps. Moreover, these devices and platforms are being used by employees across a variety of settings, including in their homes, in offices, and even while traveling.
With more powerful malware, a tightening regulatory environment, and greater consumer security consciousness raising the stakes for organizational cybersecurity, understanding how personal data monitoring impacts cybersecurity has never been more vital.
RSS
