The majority of organizations don’t know if the security tools they deploy are working, and are not confident they can avoid data breaches, according to AttackIQ. AttackIQ released the report based on Ponemon Institute research evaluating the efficacy of enterprise security strategies. Ponemon surveyed 577 IT and IT security practitioners in the United States who…

70 percent of organizations are more frequently seeing insider attacks, with 60 percent experiencing one or more within the last 12 months, and 68 percent feeling “extremely to moderately” vulnerable to them, according to Nucleus Cyber. Not only are organizations seeing a dramatic increase of attacks from insiders, but 85 percent are finding it difficult…

Data breaches have become a priority in most business’ cybersecurity agenda. The series of breaches that companies experienced in 2018 emphasized what security experts have warned about – that threats are ever present and persistent. Last year, even companies with market capitalizations in the billions of dollars like Under Armor, and Marriott fell victim to…

For the last 50 years, the fundamental and largely unchanged model for identifying and authenticating users has been based on the combination of a username and password, sometimes augmented with “second factor” techniques. While this approach has mostly served financial and other high-security industries well, it’s increasingly shown to suffer from five drawbacks: 1. Complex…

Security or compliance? Stop choosing between them

The difference between security and compliance is more than just process. It’s philosophy and practice. Compliance can be one tactical execution of a great security strategy or potentially a bureaucratic check-the-box effort. While security and compliance share similar goals, IT too often meets specific requirements for system compliance but misses the underlying security needs of…

In cybersecurity, deception is redundant if it cannot fulfill its critical aim – to misdirect, confuse, and lure attackers into traps and dead-ends. It is the art of tricking attackers into overextending and exposing themselves. To deceive attackers, an organization’s security team must see things from the adversary’s perspective. Several key components are required to…

Technology is transforming our world beyond recognition and both public and private sector organizations are at a tipping point where they must embrace digital transformation or risk being left behind. Concepts which once seemed futuristic and out of reach – autonomous vehicles, remote surgery, and smart cities – are now within our sights and 5G…

As organizations migrate more of their data and operations to the cloud, they must maintain a robust cybersecurity posture, a Bitglass report reveals. Each year, Bitglass conducts research on the state of enterprise cloud security in order to identify key trends and common vulnerabilities. This year’s report found that 75 percent of organizations leverage multiple…