IT - Security

10 Of The Biggest Cyber Attacks Of 2020
SearchSecurity, January 5th, 2021
Here is a list of 10 of the largest cyber attacks of a pandemic-dominated 2020, including several devastating ransomware incidents and a massive supply chain attack

"A pandemic-focused year made the events of 2020 unprecedented in numerous ways, and the cyber attacks were no different.

As the world transitioned to virtual everything -- work, school, meetings and family gatherings -- attackers took notice. Attackers embraced new techniques and a hurried switch to remote access increased cyberthreats across the board. For example, K-12 schools took a brunt of the hit, and new lows were reached like the exfiltration of student data. The list of top cyber attacks from 2020 include ransomware, phishing, data leaks, breaches and a devastating supply chain attack with a scope like no other. The virtually-dominated year raised new concerns around security postures and practices, which will continue into 2021..."

IT Security: 10 Essentials For CIOs In 2021
The Enterprisers Project, January 6th, 2021
Our rapid adoption of new digital tools during the past year makes security more important than ever. These best practices will help keep your data safe in 2021 and beyond

"The boundaries between traditional IT and cybersecurity are all but gone: Every key leader now has a stake in maintaining cyber resilience. But no role is more affected than the CIO. Here are some straightforward tactics to keep you grounded as you navigate security dangers in 2021.

1. Keep an adaptable mindset

One of the most effective and efficient things a CIO can do is to plan for rapid change and learn to improvise, adapt, and overcome any challenge. The evolving threat landscape is dynamic and evolves constantly. Criminals are well-resourced and well-coordinated, and they have an army of automated tools at their fingertips to exploit the global economy. CIOs must remain vigilant at all times to ensure they are not next to be publicly called out for a breach that could have been prevented..."

Looking to improve your business's security program? Our top-10 list of cybersecurity advice breaks out best practices and tips for security professionals and for employees

"Each employee of a business, from end users to security professionals to executives, has a role in protecting their business from cyber attacks. The actions that each employee takes -- or doesn't take -- can make the difference between "just another day" and a major security breach that harms the business's reputation and costs the business a lot of money.

To help businesses improve their security practices, we've compiled a list of cybersecurity best practices for security professionals to follow, and a list of cybersecurity tips for all employees to keep in mind. These lists focus on particularly important things for businesses today to address..."

Ransomware, the pandemic, and government hackers made 2020 a banner year for cybercrime. Here's what security experts say is in store for this year.

"Ransomware, COVID-19, and nation-state attacks made 2020 a banner year for cybercrime. Many organizations were caught unprepared, even though there had been plenty of warnings about potential pandemics and nothing unexpected at all about more ransomware attacks or countries waging cyberwar.

There are no signs this year will be better on the cybersecurity front. Criminals are sitting on piles of money they can invest in improving their attack technologies and infrastructure, and nations will continue to pursue their political goals via sophisticated hacks..."

Best Practices For Securing Modern Data Architecture
SecurityIntelligence, January 4th, 2021
Today's cloud-native data management platforms can help businesses unlock the potential of their data

"These modern data management and storage platforms are designed to deliver lean, high-performance architecture for agile application teams to ensure solid business outcomes, such as rapid time to market. Modern platforms, built for the cloud and in the cloud, offer benefits that make them easier to use and maintain. This helps reduce the total cost of ownership. Newer data services can often support global tasks like credit card payments and health care claims..."

Many open source security tools are being hijacked, experts warn

"In a strange turn of events, popular penetration testing tools were found as being most commonly used by attackers. Cybersecurity researchers at Recorded Future's Insikt Group found Cobalt Strike and Metasploit as the most popular option for hosting malware command and control (C&C) servers.

The researchers collected more than 10,000 unique C&C servers across at least 80 malware families through 2020..."

With the sun rising on 2021, security pros are turning their attention toward another year of trying to catch up with the bad actors

"In the past 12 months, the IT security industry saw a resurgence in malware, an increase in rogue phishing scams and much more. But with the sun rising on 2021, security pros are turning their attention toward another year of trying to catch up with the bad actors.

In it, they see a future with a threat landscape not all that much different from the present--but with a few changes in scenery..."

Secure A Remote Workforce By Killing VPN
Network Computing, January 4th, 2021
VPN served its purpose well, but Zero Trust Network Access is now transforming the definition of remote access solutions

"Since the 90s, providing remote employees with access to IT resources has been defined by the VPN. Stacks of expensive, proprietary VPN appliances filled data centers and allowed users to tunnel into the network to access everything from email to ERP systems. These tunnels provided a simple way to give employees access to the tools they needed, but often at the cost of weak visibility and complex configuration. As applications migrated to the cloud and the number of remote users grew at an exponential rate, VPN failed to keep up with customer demands..."

Thirty years ago, hackers were contented with attacking browsers or applications and disrupting enterprise networks.

"They pursued intellectual property and customer data - and sold that to competitors. But today, they are after something much bigger than that...

Health and health care are going to be important considerations for the world in 2021. With the availability of vaccines, the world will limp back to normalcy this year. With that, the rate of unemployment should drop, and the crime graph will also dip. And hopefully, cybercriminals will mend their ways.

Yet, the bad guys are now thinking of ways to leverage the current situation..."

As a company's cyber risks evolve, so must its culture. Here are five tips for creating a cybersecurity culture that protects the business and is meaningful for employees

"Building a cybersecurity culture has always been an important element of an organization's cybersecurity strategy. But experts believe the massive shift to remote work induced by the COVID-19 pandemic elevated the topic in the minds of security and nonsecurity pros alike -- with good reason.

Nearly 60% of security professionals said working from home has made their organizations more vulnerable to cyber threats, and 60% of organizations have detected a moderate to dramatic increase in cyber attacks during the pandemic. That's according to results from the fourth annual Cybersecurity Report Card Survey by Seattle-based threat intelligence company DomainTools..."

See all Archived IT - Security articles See all articles from this issue