Palo Alto Cortex Xpanse research team spent the first three months of 2021 monitoring the activities of attackers to better understand how much of an edge adversaries have in detecting systems that are vulnerable to attack. They followed a benchmark that they call “mean time to inventory” (MTTI), which is simply how long it takes somebody to start scanning for a vulnerability after it’s announced.
Xpanse research found 79% of observed exposures occurred in the cloud.
In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84% of respondents believe ransomware attacks will become more prevalent in the second half of 2021. The Colonial Pipeline attack caused massive disruptions to gasoline distribution in parts of the US this month, resurfacing preparedness for ransomware attacks as a front-burner topic for enterprises around the world. Colonial reportedly authorized a ransom payment of US $4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organization would pay the ransom if a ransomware attack hit their organization. Only 22% say a critical infrastructure organization should pay the ransom if attacked.
The National Institute of Standards and Technology (NIST) has a new document, Artificial Intelligence and User Trust (NISTIR 8332), that is now open for public comment until July 30, 2021. The document's goal is to stimulate a discussion about how humans trust artificial intelligence (AI) systems.
The National Association of School Psychologists (NASP), the National Association of School Resource Officers (NASRO), and Safe and Sound Schools (SASS) have partnered to release updated guidance on conducting armed assailant drills in schools. The author organizations represent key stakeholders in school safety and crisis planning, preparedness, and implementation. This includes school-employed mental health professionals, school security and law enforcement, school administrators, other educators, and families.
Researchers at Check Point Research analyzing Android apps have discovered serious cloud misconfigurations leading to the potential exposure of data belonging to more than 100 million users.
In a report published recently, the firm discusses how the misuse of real-time database, notification managers, and storage exposed over 100 million users’ personal data (email, passwords, names, etc.) and left corporate resources vulnerable to malicious actors.
Constella Intelligence research reveals that one in four cybersecurity leaders use the same passwords for both work and personal use; more than half experience account takeover first-hand
May 21, 2021
Constella Intelligence (“Constella”), Digital Risk Protection leader, released the results of “Cyber Risk in Today’s Hyperconnected World,” a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to reducing cyber vulnerability, allowing the industry to better understand how social media is leveraged as an attack vector and how leaders are responding to this challenge.
Due to a large portion of calls coming into the Johns Hopkins University Officer of Campus Safety and Security being mental health related, the University has decided to pilot a new program to better equip its security team to handle and respond.