5 considerations for building a zero trust IT environment
Zero trust isn’t a product or service, and it’s certainly not just a buzzword. Rather, it’s a particular approach to cybersecurity. It means exactly what it says – not “verify, then trust” but “never trust and always verify.” Essentially, zero trust is about protecting data by limiting access to it. An organization will not automatically…
The top four Office 365 security pain points
Many novice Office 365 (O365) shops do not know where platform-specific security vulnerabilities lie, or even that they exist. The threats that you are unaware exist do not cause pain until they rise up and bite – then the agony is fierce. Companies get themselves into trouble when they do not fully understand the way…
Three API security risks in the wake of the Facebook breach
Facebook recently pledged to improve its security following a lawsuit that resulted from a 2018 data breach. The breach, which was left open for more than 20 months, resulted in the theft of 30 million authentication tokens and almost as much personally identifiable information. A “View As” feature that enabled developers to render user pages…
Security pros anticipate automation will reduce IT security headcount, but not replace human expertise
The majority of companies (77 percent) continue to use or plan to use automation in the next three years, according to a Ponemon Institute and DomainTools survey. The biggest takeaway in this year’s study is that 51 percent of respondents now believe that automation will decrease headcount in the IT security function, an increase from…
Organizations struggling to find skilled security staff, leaving 82% of security teams understaffed
83% of IT security professionals feel more overworked going into 2020 than they were at the beginning of 2019, and 82% said their teams were understaffed, according to a Tripwire survey. Hard to find skilled security staff The strain on cybersecurity teams is exacerbated by the inability to find experienced staff, and 85% acknowledged it…
What makes some organizations more cyber resilient than others?
Despite higher levels of investment in advanced cybersecurity technologies over the past three years, less than one-fifth of organizations are effectively stopping cyberattacks and finding and fixing breaches fast enough to lower the impact, according to a report from Accenture. Based on a survey of more than 4,600 enterprise security practitioners around the globe, the…
Data breach: Why it’s time to adopt a risk-based approach to cybersecurity
The recent high-profile ransomware attack on foreign currency exchange specialist Travelex highlights the devastating results of a targeted cyber-attack. In the weeks following the initial attack, Travelex struggled to bring its customer-facing systems back online. Worse still, despite Travelex’s assurances that no customer data had been compromised, hackers were demanding $6 million for 5GB of…
There is no easy fix to AI privacy problems
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems. Not only does ML require vast amounts of data for the training process, but the derived system is also provided with access to even greater volumes of data as part of the inference processing while in…
IoT cybersecurity’s worst kept secret
By improving access to data and taking advantage of them in fundamentally different ways to drive profitability, IT security executives are rapidly changing perceptions of their office. Although making better sense of and use of data may be standard fare in other areas of the enterprise, who knew that modern IoT cybersecurity solutions would become…
2020 forecast: Attackers will target non-traditional systems
While plenty of attacks will continue to hit traditional targets such operating systems and humans, 2020 will see many attackers taking aim at non-traditional systems. Containers, connected devices and the communications between the two technologies will be a primary focus of both security researchers and attackers. New technologies continue to shake up corporate infrastructure, and…