Cyber-threat intelligence groups need to more often investigate their organization's specific threats and better integrate with other business groups, experts say
"Cyber-threat intelligence (CTI) teams face a host of challenges - a shortage of skilled workers and a lack of resources, for example - but two of the most serious hurdles are, in many ways, self-inflicted: A "snobby" culture that isolates groups and often focuses on the latest interesting threats rather than the actual dangers facing the business, cybersecurity experts told attendees at two industry conferences last week..."
Organizations are building confidence that their cybersecurity practices are headed in the right direction, aided by advanced technologies, more detailed processes, comprehensive education and specialized skills, a research from CompTIA finds
"Eight in 10 organizations surveyed said their cybersecurity practices are improving.
At the same time, many companies acknowledge that there is still more to do to make their security posture even more robust. Growing concerns about the number, scale and variety of cyberattacks, privacy considerations, a greater reliance on data and regulatory compliance are among the issues that have the attention of business and IT leaders..."
Is your cybersecurity budget covering all the bases? Here's a look at seven expenses that budget planners often minimize or fail to address
"It is almost always less expensive to prevent a cyberattack than to repair the damage after one occurs. Still, many enterprises compile cybersecurity budgets with critical omissions that can leave the organization vulnerable to significant financial damage.
Every organization, regardless of its size or focus, should create a rational, accurate cybersecurity budget. "Budgets bring an element of reality and practicality to just about everything," says Humayun Zafar, a professor of information security and assurance at Georgia's Kennesaw State University..."
Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley
"Security professionals are aware of the proven benefits of the MITRE ATT&CK framework - the free, globally accessible service that offers comprehensive and current cyber security threat information to organisations - but are not necessarily confident in the ability of their security systems to successfully detect all the tactics and techniques identified in it..."
National Cybersecurity Awareness month is upon us. And, so is the opportunity to look at what common C-suite misconceptions could be handcuffing security awareness efforts
"As we enter the back half of 2020, now is the time to look at myths and highlight their relevancy in this chaotic year. Which myths are in the modern threat landscape? And, have any been proven true?
Let's take a look at six possible cybersecurity myths and what you can do to prevent them..."
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced that paying ransom to cybercriminals is now illegal
"In an official advisory, the agency stated that organizations that facilitate ransomware payments to hackers on behalf of ransomware victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, are violating OFAC regulations.
'Ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States. Ransomware payments may also embolden cyber actors to engage in future attacks,' OFAC said..."
As the frequency and intensity of ransomware attacks increase, one thing is becoming abundantly clear: organizations can do more to protect themselves
"Unfortunately, most organizations are dropping the ball. Most victims receive adequate warning of potential vulnerabilities yet are woefully unprepared to recover when they are hit. Here are just a few recent examples of both prevention and incident response failures:
- Two months before the city of Atlanta was hit by ransomware in 2018, an audit identified over 1,500 severe security vulnerabilities.
- Before the city of Baltimore suffered multiple weeks of downtime due to a ransomware attack in 2019, a risk assessment identified a severe vulnerability due to servers running an outdated operating system (and therefore lacking the latest security patches) and insufficient backups to restore those servers, if necessary.
- Honda was attacked this past June, and public access to Remote Desktop Protocol (RDP) for some machines may have been the attack vector leveraged by hackers. Complicating matters further, there was a lack of adequate network segmentation.
Other notable recent victims include Travelex, Blackbaud, and Garmin. In all these examples, these are large organizations that should have very mature security profiles. So, what's the problem?..."
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity
"As COVID-19 continues its devastation around the world, businesses have faced a slew of unexpected challenges from this global pandemic. In response, many companies have moved their entire workforce to remote models, but this adjustment brings with it a massive increase in security risks - and many businesses find themselves unprepared and in uncharted territory. Though cybercriminals were also caught off-guard by COVID-19, they are now finding new avenues of attack that many companies have never faced before.
For decades before the pandemic began, security teams congregated in a physical 'war room' to foster collaboration and quickly and efficiently work together to fight off cybersecurity crises as a team. These war rooms typically take on one of two scenarios..."
More than 80% of global employees do not want to return to the office full-time, despite 30% employees claiming that being isolated from their team was the biggest hindrance to productivity during lockdown, a MobileIron study reveals
"The COVID-19 pandemic has clearly changed the way people work and accelerated the already growing remote work trend. This has also created new security challenges for IT departments, as employees are increasingly using their own personal devices to access corporate data and services.
Adding to the challenges posed by the new 'everywhere enterprise' - in which employees, IT infrastructures, and customers are everywhere - is the fact that employees are not prioritizing security. The study found that 33% of workers consider IT security to be a low priority..."
See all Archived IT - Security articles
See all articles from this issue