IT - Security

How To Avoid A Costly Enterprise Ransomware Infection
HelpNet Security, March 17th, 2020
In most cases of human-operated ransomware attacks against enterprises, the hackers don't trigger the malware immediately

"What are the attackers waiting for? One of the reasons for the delay is the wish to spread the ransomware to many systems before running it. But they also like to wait for the weekend or at least the night, when there's few or no employees - IT, IT security or others - to notice something is wrong and to react promptly to minimize the damage..."

Many security and IT teams suddenly have to support and protect employees who must work remotely due to the COVID-19 crisis. Make sure you cover these areas

"Your boss just called and all your employees are mandated to work from home for the next two to three weeks due to the potential COVID-19 pandemic. What could go wrong?

What risks are you now bringing to the firm? These are the actions should you take immediately to ensure you can allow your workforce to work remotely and securely..."

Almost 65% of the nearly 300 international cybersecurity professionals canvased by Gurucul at RSA Conference 2020 said they access documents that have nothing to do with their jobs

"Meanwhile, nearly 40% of respondents who experienced bad performance reviews also admitted to abusing their privileged access, which is double the overall rate (19%)..."

'We knew insider privilege abuse was rampant in most enterprises, but these survey results demonstrate that the infosecurity department is not immune to this practice,' said Saryu Nayyar, CEO of Gurucul. 'Detecting impermissible access to resources by authorized users, whether it is malicious or not, is virtually impossible with traditional monitoring tools. That's why many organizations are turning to security and risk analytics that look at both employee and entity behaviors to identify anomalies indicative of insider threats.'

Security expert predicts at least a 30-40% increase in cyber attacks during the coronavirus pandemic as remote working increases

"The vulnerability of endpoints, from mobile phones and laptops through to home computers will be exploited by cyber attackers to gain access to corporate networks during enforced coronavirus remote working, according to Dave Waterson, CEO at security protection software company, SentryBay.

He predicts that cyber attacks exploiting endpoints will rise by at least 30-40%..."

The 10 Most Powerful Cybersecurity Companies
CSO Online, March 17th, 2020
What makes these 10 security vendors the biggest power players? We break it down.

"Anyone who ever attended an RSA conference understands that cybersecurity vendors introduce hundreds of amazing, innovative products every year. But C-level execs aren't looking for the flashiest new point products. Faced with a severe shortage of security professionals and up against rapidly evolving threats, CISOs are looking for strategic partners, advisory services, and vendors that offer broad platforms. They are also gravitating toward managed security services and cloud-based solutions..."

The traditional network security model, in which traffic is routed through the data center for inspection and policy enforcement, is for all intents and purposes obsolete

"A 2019 study by research firm Gartner found that 'more users, devices, applications, services and data are located outside of an enterprise than inside.'

Driven by the adoption of multi-cloud infrastructure and applications, mobility and distributed workforces, the focal point for security has shifted to users and devices. As a result, the current data center-centric approach to network security is struggling to support a load it was not designed to bear..."

See all Archived IT - Security articles See all articles from this issue