6 security metrics that matter – and 4 that don’t
One of the most challenging executive tasks for CISOs is quantifying the success and the value of the cybersecurity function. Indeed, security leaders and their organizations have used a myriad of metrics over the years. Yet, many executives and board members have complained that those measures failed to provide them with adequate insight or understanding…
European Electrical Energy Organization Discloses Breach
ENTSO-E represents 42 electricity transmission system operators (TSOs) from 35 countries in Europe. TSOs are responsible for the transmission of electric power across the main high-voltage networks, and ENTSO-E works with them on the implementation of energy policies and achieving Europe’s energy and climate policy objectives. “A risk assessment has been performed and contingency plans…
How to prevent attackers from using Windows against you
One of the topics covered In a recent RSA Conference presentation was how attackers are using the victims’ own Windows operating system against them to avoid detection. This concept of “living off the land” (LotL) — the use of binaries, DLLs and other computer code that is already on our system — makes it harder…
3 Things to Do Today to Help Combat the Gender Gap in Cybersecurity
The cybersecurity industry has a problem: In 2019, women made up only 20 percent of the cybersecurity workforce. This statistic would be alarming in any industry given the amount of research that espouses the benefits of more balanced, diverse workforces. But it is especially troublesome in cybersecurity, where we already face a serious skills shortage….
In 2020, IoT Security Must Be Part of Your Threat Management Strategy
Internet-enabled devices are emerging more and more in business and personal environments. Often going unnoticed, they simply appear within network infrastructures, using wired or wireless connections and expanding the enterprise attack surface. In fact, enterprises nowadays likely have more internet of things (IoT) devices on their networks than traditional endpoints — according to Armis, by…
How Visa built its own container security solution
Like many large enterprises, financial services giant Visa has embraced containerization technologies that enable companies to move from legacy monolithic apps to microservice-based application architectures that are easier to maintain, update and deploy at scale on cloud infrastructure. But splitting apps into microservices also comes with the challenge of ensuring the containers hosting the various…
Corporate cybersecurity concerns and spend continue to rise, but so do breaches
More than 50 percent of security and IT leaders agree that they are very concerned about the security of corporate endpoints given the prevalence of sophisticated attack vectors like ransomware, disruptionware, phishing and more, according to a survey from RSA Conference 2020 by Absolute. Cybersecurity spending on the rise According to recent industry reports, 2019…
Hackers using hidden mobile apps and unique distribution methods to target consumers
Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers, according to McAfee. Last year, hackers targeted consumers with a wide variety of methods, from backdoors to mining cryptocurrencies. Hackers have expanded the ways of hiding their attacks, making them increasingly difficult to identify and remove, which makes it seem…
Online payment fraud attempts see 73% increase
Online payment fraud attempts increased by 73 percent in 2019, according to a report from Sift. Additional findings in the report reveal that cybercriminals are using mobile devices more than desktops or laptops to commit payment fraud. In fact, though Windows is the top single operating system for fraudsters, iOS and Android combine to make…
How adaptive trust makes security efficient
Zero trust is a comprehensive security framework that requires everyone—and every service account—to authenticate identity before entering the corporate network. Every app and every device, as well as all the data they contain, must also be verified for each session. Considering the multitude of people, devices, and apps it takes to make today’s businesses hum,…