CISOs must assess risks and identify the real security budget
Organizations spend an average of 5.6 percent of the overall IT budget on IT security and risk management, according to Gartner. However, IT security spending ranges from approximately 1 percent to 13 percent of the IT budget and is potentially a misleading indicator of program success, analysts said. “Clients want to know if what they…
Real-Time Payments, Real-Time Fraud Risks?
Real-time payments, near real-time payments, faster payments, immediate payments — those are just some names used to describe the increasing speed of the settlement transaction process. Slow clearing times for payments can have a negative effect on businesses and consumers, but a quicker process may introduce fraud risks. The National Automated Clearing House Association (NACHA)…
BYOD: How to provide secure access to network resources
IT organizations have little or no choice when it comes to Bring Your Own Device (BYOD) programs. Employees want to access the network with their personally owned devices, and in today’s landscape where employers compete for skilled employees, companies want to be known for giving employees the privilege of doing so. That leaves IT organizations…
The global decline of cybersecurity confidence
Tenable Network Security solicited insights from 700 security practitioners in nine countries and across seven industry verticals to calculate a global index score reflecting overall confidence that the world’s cyber defenses are meeting expectations. According to this year’s data, global cybersecurity confidence fell six points over 2016 to earn an overall score of 70 percent…
IDG Contributor Network: What your CEO needs to know about securing the Internet of Things
The recent Internet of Things-based DDoS attack on Dyn heralded the beginning of a new era for businesses. For better or for worse, industry experts’ warnings about the need to consider all “endpoints” rather than limiting security efforts to workstations and servers were vindicated. The event should be a wake-up call. Already six in 10…
Avalanche Botnet Comes Tumbling Down In Largest-Ever Sinkholing Operation
The Avalanche botnet – linked to many of the world’s most troublesome ransomware, RATs, and banking Trojans – has been dealt a critical blow in what Europol called today the “largest-ever use of sinkholing to combat botnet infrastructures.” Five individuals were arrested and 800,000 domains seized, sinkholed, or blocked in an international takedown operation that…
Mirai Evolving: New Attack Reveals Use of Port 7547
When the source code for the Mirai botnet was made public in late September, a top concern was that bad actors might modify the code to increase the number of Internet of Things (IoT) devices they can compromise. It seems these fears have been realized. A few weeks ago, Reverse Engineering Blog disclosed a vulnerability…
San Francisco Muni says server data not accessed in ransomware hit
The San Francisco Municipal Transportation Agency said late Monday that no data had been accessed from its servers in a ransomware attack on the Muni transit system and the agency has never considered paying the ransom asked by the attacker. The statement by the SFMTA follows reports that the alleged attacker has threatened to dump…
McAfee Labs predicts 14 security developments for 2017
Intel Security released its McAfee Labs 2017 Threats Predictions Report, which identifies 14 threat trends to watch in 2017. “To change the rules of the game between attackers and defenders, we need to neutralize our adversaries’ greatest advantages,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs. “As a new defensive technique is developed,…
Access Management Resolution in the Digital Era
There seems to be continuing confusion about what access management means. In layman’s terms, accessing an application implies the process of authentication — i.e., opening a browser or accessing a link — where you may be prompted to enter your credentials. If the user provides the right set of credentials, he or she gains access…