DARKReading: Understanding Machine Learning, Artificial Intelligence, and Deep Learning, and When to Use Them (Sept. 7th)
IT - Security

9 Tips To Prevent Phishing
CSO Online, July 25th, 2022
From rewarding employees for savvy security smarts, to showing them how breaches are relevant to their every-day duties, we've got the phishing prevention tips you need.

Phishing, in which an attacker sends a deceptive email tricks the recipient into giving up information or downloading a file, is a decades-old practice that still is responsible for innumerable IT headaches. Phishing is the first step for all kinds of attacks, from stealing passwords to downloading malware that can provide a backdoor into a corporate network.

The fight against phishing is a frustrating one, and it falls squarely onto IT's shoulders.

According to IBM, the average cost of a breach was $1.76 million less at organizations with a mature zero trust approach than those without.

t's understandable why this verify-first, trust-later mentality has gained steam over the last few years. And the reality is, that organizations don't have much of a choice. The world saw an alarming 105% surge in ransomware cyberattacks last year (Sonic Wall), and that number will only continue to rise.

While a zero trust framework can create a more secure environment that protects against unauthorized access to sensitive data and digital assets, it does not come without challenges. Knowledge workers can only thrive when they have access to the tools and applications they need to succeed. But zero trust roadblocks to access can -and often do - bring workflows to a halt. Access to sensitive data is part of the job, but if people change roles and find themselves locked out of pertinent files or applications, their work suffers.

Flying Blind In Security Operations
DARKReading, July 25th, 2022
Too many organizations are STILL getting breached. Every day across large and small organizations, intrusions and breaches happen.

Every day across organizations both large and small, intrusions and breaches happen. Attackers get inside. If the organizations are fortunate, they detect and get them out before they do any damage. They remediate the situation before the intrusion turns into an official breach. But for many less fortunate, when breaches happen they can last for weeks, months, or years under the radar. Once finally discovered, the investigations can be long and painful, and they often get publicized.

The 2020s is set to see a rapid growth of fintech and neobanking offerings in Australia. Unquestionably, there are many positives to this trend, but there will also be an increase in cybersecurity challenges to accompany it.

While accelerated collaboration and sandboxing between traditional businesses and fintechs will drive innovation and competitive advantage, the start-up culture that underwrites this progress will prioritise growth and enhance capabilities over cybersecurity. Unfortunately, this puts their clients, their companies, and partners at risk.

Senior tech execs gathered recently for a roundtable discussion on the growth of fintechs and neobanks in this country, the opportunities it presents, and the critical trends businesses must be aware of in 2022 when it comes to charting a course for progressing in this sector in a strong but safe way. The conversation was supported by Palo Alto Networks and NTT.

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale.

Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of data storage and correspondence has had to shift to meet the needs of remote and hybrid workers, with companies being forced to take a more rigorous approach to data security.

Top 7 Data Loss Prevention Tools For 2022
SearchSecurity, July 27th, 2022
Data loss prevention software is a necessity for most companies. Our guide gives you a quick overview of seven top DLP providers and tells you what works -- and what doesn't.

Of all the security techniques aimed at ensuring data security and combating data breaches, data loss prevention tools are far and away the most common. DLP tools constantly monitor and analyze data to identify potential violations of security policies and, if appropriate, stop them from continuing. DLP tools range the gamut, from those focusing on a single part of an organization, such as email services or laptops, to ones specializing in data backup, archival and restoration.

What's New In The 2022 Cost Of A Data Breach Report
SecurityIntelligence, July 27th, 2022
The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020.

New research in this year's report also reveals for the first time that 83% of organizations in the study have experienced more than one data breach and just 17% said this was their first data breach. And at a time when inflation is growing, breached businesses have passed higher costs to customers, with 60% of organizations in the study reporting that they increased the price of goods and services in response to losses from the breach.

5 Benefits Of Moving To The Cloud
IT Security Guru, July 29th, 2022
As competition becomes fiercer, with technology being a primary tool for attaining competitive advantage, migrating to the cloud has become inevitable.

Besides levelling the playfield, cloud technologies are a future-ready solution that makes running a business simpler and safer. Here, we look at five benefits of moving to the cloud.

1. Improved security

The cloud is designed for maximum data security, thanks to high levels of encryption and security layers that give it an edge over on-premise servers and data centres. While this higher level of security and data integrity does not mean that you will not experience cloud security challenges, implementing the right strategies will help keep most risks and threats at bay.

Average cost of a data security breach has hit another record-high of $4.35 million and 60% of businesses have opted to increase the price of their products and services to buffer the loss incurred, reveals IBM's 2022 research.

The average cost of a data security breach has hit another record-high of $4.35 million per incident, growing 12.7% over the past two years. And some businesses are passing the buck to customers, even as the cost of products and services has climbed amidst inflation and supply chain constraints.

This year's figure was up 2.6% from last year's $4.24 million per breach, according to IBM's 2022 Cost of Data Breach report, which further revealed that 83% of companies surveyed had experienced more than one data breach. Conducted by Ponemon Institute, the report analysed 550 organisations across 17 global markets that were impacted by data breaches between March 2021 and March 2022.

IAM Enterprise Temperature Check
Security Boulevard, July 25th, 2022
Managing the identity ecosystem for enterprises has become increasingly complex over the last two years.

From the increase in cybercrime spurred on by the COVID-19 pandemic to the surge in remote work-that is not going anywhere anytime soon-enterprise security teams are having to juggle an unprecedented number of challenges and priorities when it comes to identity access management (IAM).

IAM has long been overlooked in terms of cybersecurity management, often because organizations have viewed it as falling under the purview of HR or the IT help desk. However, considering 61% of all data breaches involve credential compromises-be it via theft or brute force attacks-more and more organizations are beginning to view IAM as a core component of their cybersecurity health. Furthermore, with the cost of the average cybersecurity breach approaching $6 million, enterprises can ill afford not just the reputational toll of a cybersecurity incident, but the financial consequences as well.

Trends To Ensure Cybersecurity In 2022
Cyber Defense Magazine, July 27th, 2022
With the arrival of the pandemic almost 2 years ago, it became clear that companies are increasingly vulnerable to attacks by hackers and cybercriminals.

In this period, in particular, these incidents have occurred in large part due to the fact that most companies have had to work with their workforce from home, which has opened up a huge gap that cybercriminals have been able to exploit. Below, we share some reflections that assess critical trends that CISOs (Chief Information Security Officer) must take into account during this 2022.

Ransomware or data hijacking is not going away anytime soon. Thanks to the particularity of working from home or home office, this attack modality has become standard and has increased considerably throughout 2021 due to the fact that workers do not have the necessary protection of their equipment to avoid any kind of vulnerability of their data. The 2021 figures seem to ensure that in 2022 this type of cyber threat will continue.

White House Announces Free Cybersecurity Training
Security Boulevard, July 29th, 2022
As part of the Cyber Workforce and Education Summit held at the White House last week hosted by Chris Inglis, national cyber director, numerous organizations made pledges to boost training and education offerings.

CompTIA, in partnership with ConnectWise, will run a nationwide pilot program to fill critical cybersecurity roles for managed services providers, while Cisco made a commitment to train an additional 200,000 students in the U.S. over the next three years.

Fortinet said it would make its information security awareness and training service available for free for all K-12 school districts across the country, and (ISC), the world's largest nonprofit association of certified cybersecurity professionals, announced its One Million Certified in Cybersecurity program.

Call it a 'cyber tax': Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services.

Sixty percent of breaches have resulted in companies recouping the cost of fines, clean-up, and technological improvements by increasing prices, essentially making consumers pay for breaches and companies' lack of preparedness, according to an annual report published on July 27.

The "Cost of Data Breach Report 2022" report, based on a survey of executives and security professionals at 550 companies, says the average cost of a data breach continued to rise in 2022, reaching an average of $4.4 million globally (up 13% since 2020) and $9.4 million in the United States.

See all Archived IT - Security articles See all articles from this issue