In it's The State of Email Security report, Mimecast reports that 79% of security leaders indicate their companies had experienced a business disruption, financial loss or other setback in 2020 due to lack of cyber preparedness.
In the run-up to Prince Harry and Meghan Markle's much-anticipated royal wedding, the local Thames Valley Police (TVP) force knew that it had to make this high-profile event as secure as possible. The same security level would have to be maintained for Princess Eugene and Jack Brooksbank's royal wedding five months later, located at Windsor Castle. The police knew that both events would carry significant risk to the attendees and the general public without full security measures. Therefore, the police had to ensure that threats would be identified as soon as possible, before, after, and during the events. In fact, it was estimated that the security operation cost was in excess of $41,701,500, or £30 million, becoming one of the biggest UK operations ever.
While COVID-19 paused many activities in 2020, cybercriminals continued to keep busy evolving their arsenal of weapons for more lucrative cyberattacks. While companies adopted remote work models and third parties experienced heightened disruption, cyber risk skyrocketed with increased ransomware, credential stuffing, malware, and Virtual Private Network (VPN) exploitation. As a result, the number of data breaches in the U.S. reached 1001 cases last year, with over 155.8 million individuals affected. Now following the SolarWinds hack, President Biden is set to sign off on an executive action to address gaps in national cybersecurity. The move is causing many CSOs to look for ways to evolve beyond the reactive model to an “always-on” approach -- one that proactively mitigates potential threats and risks before they disrupt business.
After a lifetime in the protection business, the one constant in Washington that I’ve learned is that it takes tragedy to force change. The January 6 Capitol riot is not an enigma. This was a clear protective intelligence failure. The key finding of Retired Army LTG. Russel Honore’s report reviewing how the pillar of U.S. democracy could have been so easily infiltrated is that the U.S. Capitol Police (USCP) must better integrate intelligence into its operations through improved awareness, assessment, sharing, and response capabilities. We can look at effective protective intelligence as a three-part story: Act I is identifying threats; Act II is building those threats into a cohesive profile; Act III is sharing and acting on that information in order to make nothing happen. Applying this framework to January 6 helps us understand how we can and must do better and provides important takeaways for corporations.
C2MI, the largest electronic systems research center in Canada, is implementing an AI-driven thermal screening technology to increase occupant safety at its facilities and allow security staff to focus on other critical tasks.
Transparency is a cornerstone of security assurance and should be a core value among more organizations across the technology ecosystem. But how do you build that transparency? There are several key components that serve as the building blocks of transparency and security assurance. Here are five key areas to consider.
By relying on untargeted, lengthy, and vague exercises that aren’t aligned with real-world or relevant situations, businesses risk having their security awareness efforts do more harm than good.
Attacks on water systems can come in various forms, not only from pure physical threats. Having a strong and diligent workforce that emphasizes security and basic methods of cyber protection is imperative.
Device Centric Risk Management (DCRM) is a layered approach to cybersecurity that protects each device, driving remediation and mitigation directly on medical and IoT assets. To find out more about how this paradigm helps with regulatory compliance and helps mitigate cyberattacks, we speak to Motti Sorani, Chief Technology Officer at CyberMDX.
RSS
