Security risks to a business during times of unrest include assets, people and reputation. It is important for businesses to minimize presenting their facilities as a soft target for opportunistic criminal activity. Having a proactive plan in place to deter criminal activity will aid in protecting employees and assets.
In 2020, we adapted. So did bad guys. The FBI saw a 400% increase in cyberattacks as adversaries probed the new landscape for vulnerabilities. We haven’t even begun to see the results of these attacks. 2020 blew up expectations, and we should expect more of the same in the coming years.
In the age of heightened public cloud adoption and widespread cloud Software-as-a-Service (SaaS) usage, cybercriminals are making use of OAuth – a permissions delegation and authorization protocol – to compromise cloud environments. As such, controlling which applications users interact with has become a business imperative. Let’s take a closer look at what OAuth is, the role it plays in allowing users to access resources across environments, the ways attackers are abusing OAuth and what organizations can do to better protect their cloud data.
Finding and implementing a cybersecurity risk framework is a challenge every organization faces. Time has shown that this endeavor almost always calls for the heavy lifting to be carried by chief information security officers (CISOs) and their staff. So where do you start?
What are some current trends in cybersecurity threat research? To get some insight, we spoke to Aamir Lakhani, cybersecurity researcher and practitioner with FortiGuard Labs.
Telehealth was an unexpected technology bright spot in 2020, as the Office for Civil Rights (OCR) relaxed enforcement of certain aspects of HIPAA, helping to reduce COVID exposure via virtual rounding and virtual visits. The following three high-level recommendations provide a basis for defense in depth for healthcare organizations in 2021.
The average employee is the greatest risk to an organization’s security. Here’s how to rethink enterprise-wide training to fight cybercrime and utilize gamification to make it stick.
What is the best path forward? Should companies upgrade their existing platforms or replace them entirely? What makes the most sense both financially and for the security of your data?
RSS
