As a result of the COVID-19 pandemic, more people than ever are working remotely. Because of this recent and rapid transition, users are accessing corporate resources from their homes and generating unprecedented amounts of network traffic. IT departments face increased pressure to ensure business continuity by providing remote users with access to essential corporate applications and services through Virtual Private Networks (VPNs), which are designed to provide access to private networks through shared or public networks.
Ransomware is costing businesses—in ransom, yes, but also in downtime, the cost of which is typically 23 times greater than the ransom requested. The attacks are affecting large organizations and cities including Atlanta and Baltimore. Cybercriminals aren’t just attacking end-users; MSPs are the latest on the hit list.
While employees are the key to identifying cybersecurity vulnerabilities quickly, many companies have failed to create a welcoming environment for whistleblowers. During COVID-19, how can you safely blow the whistle?
To detect and contain breaches faster, it’s become increasingly important to go beyond the typical malware detection capabilities and invest in the ability to detect and react to lateral movement within the environment. Lateral movement is a core piece of an attacker’s strategy once he’s gained a foothold within the environment. What three steps can you take to help stop lateral movement focus on security measures that minimize dwell time?
Ransomware. It may be the most feared word of security and risk managers. After countless headlines and costs of over 11.5 billion dollars in 2019 alone, organizations around the world are understandably terrified of being hit by a ransomware attack. What are four steps you can take to protect against ransomware?
On April 21, the Small Business Administration (SBA) revealed that around 8,000 small business loan applicants had their potentially sensitive information exposed in a data leak affecting the website being used to host the online application.
Last year, ASIS International released the Enterprise Security Risk Management (ESRM) Guideline, which takes a different approach to traditional security. The ESRM Guideline was released at the 2019 Global Security Exchange (GSX) in September, and the Maturity Model is now available on the ASIS website.