New research finds that the main difference between those who were successful in moving their Zero Trust initiatives forward were those that started out with formalized Zero Trust projects. Those that had dedicated budgets and formal initiatives (69%) were far more likely to continue accelerating those projects throughout the pandemic, while those that had ad hoc Zero Trust projects were more likely to stall progress or stop entirely.   

Traditional Enterprise Data loss prevention (DLP) tools were not initially designed for protecting unstructured data, and encryption and policy are not centralized and few have taken advantage of improvements in recent years. In the meantime, unstructured data has piled up and is growing.  To target this problem, a new set of vendors and products emerged with “data-centric” solutions adding to the confusion. So many vendors with a variety of capabilities to choose from, but how do you know which is right? What vendor do you choose? The answer to these questions is to think more about what you want to accomplish and weigh the approaches first.

The Cybersecurity and Infrastructure Security Agency (CISA),  the Federal Bureau of Investigation (FBI), and the U.S. Cyber Command Cyber National Mission Force (CNMF) identified tactics, techniques, and procedures (TTPs) used by North Korean advanced persistent threat (APT) group Kimsuky to gain intelligence on various topics of interest to the North Korean government.

If we ended up in a cyberbattle with some of the top nation-state actors, they could shut down supply chains, hospitals, the internet, oil and gas, electricity grids, water systems and more.  A national cyber director would be able to coordinate the cybersecurity flow of information to the executive branch and be able to coordinate a strategy to defend against these kinds of attacks.

October is National Cybersecurity Awareness Month, and we wholeheartedly support this important initiative to focus attention on the critical security challenges facing all of us. This week’s theme focuses on the continued proliferation of IoT with, “The Future of Connected Devices.” If there’s one major cyber trend we’ve seen unfold around connected devices, it’s that there is a tendency to focus cybersecurity awareness on what we can see – phones, laptops, and IoT devices, while assuming that protecting endpoints will stop the epidemic of damaging cyberattacks.

Security magazine and its partner for the Top Cybersecurity Leaders, (ISC)², is looking for enterprise information security executives, who have made and continue to make significant contributions in the cybersecurity space to their organizations and/or the enterprise-level information security profession.

A company that offers psychotherapy to thousands of patients across Finland says it’s been the victim of a data breach, with the personal information of customers held for ransom. Vastaamo, which sees patients in 20 cities including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says “an unknown hostile party” got in touch with them saying they had obtained customer details.

COVID-19 has posed a wide variety of problems to businesses of all kinds, from hospitals and grocery stores to cannabis dispensaries and schools. While security technology has always been an important investment for businesses to make, during the pandemic, the use of security technology has become more vital than ever, and has provided businesses with solutions to some of their pandemic problems. COVID-19 has helped business owners realize that their security systems have a far larger function and versatility than strictly traditional loss prevention. While many have traditionally viewed them as ways to prevent theft, such as shoplifting, or protect their employees and buildings, business owners are now being exposed to the true capabilities of their security systems.

The organizers of the first ever International Security Week (ISWeek), an event for security, counter-terrorism, cybersecurity and disaster response, that will run from 30 November 30, 2020 to December 3, 2020, announced the agenda.

The British Interactive Media Association (BIMA) recently revealed that tech workers are five times more likely to suffer from a mental health problem than the wider population.  Nominet’s latest CISO Stress Report has also revealed that almost nine in ten (88%) chief information security officers (CISOs) consider themselves under moderate to high stress levels. The same report revealed that CISOs lose on average $35 000 a year in unpaid overtime, while increased stress levels have resulted in a 26-month tenure on average.