The cybersecurity threat landscape is quickly changing. Administrators have become more cautious when it comes to security and governing access, end users have become tech-savvy and security-aware, and attackers have also raised their game. Living-off-the-land attacks, or LOTL, is one clear trend today, with attackers exploiting preinstalled features and default tools built into system.
USB devices are undeniably valuable, but they can be dangerous. On one hand, they are useful in transporting enterprise-critical data, but on the other, they can wreak havoc if misplaced, corrupted due to a human or hardware-related error, or stolen. It’s no wonder some companies forbid the use of USB devices altogether.
Coronavirus has disrupted daily life for so many around the world in a shockingly short span of time. Lifestyles have shifted. A new normal, albeit a panic-stricken one, has set in. One-third of the global population is under lockdown to slow the spread of coronavirus. Many organizations have adopted temporary work-from-home measures to keep themselves up and running.
Fear, uncertainty, and doubt are powerful emotions, and time and again, hackers attempt to leverage these for their own gain. As the coronavirus develops into a worldwide pandemic, hackers are taking advantage of the fear many of us feel to spread malware. We’re seeing an abundance of coronavirus-themed phishing, business email compromise (BEC), malware, and ransomware attacks targeting different industries, especially in the health sector.
The global corporate landscape is on the brink of a complete premises lockdown in light of the COVID-19 crisis. Service disruption is inevitable, and enterprises’ business continuity plans are being put to the test. Despite this challenge, it’s heartening to see companies across nations take quick steps to ensure the health and safety of their employees during these trying times.
The National Institute of Standards and Technology (NIST), a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce, recently released their guidelines for password security. Some of them are contrary to what we’ve come to believe are good password policies. Our IT security expert will talk more about these guidelines in our upcoming webinar. Let’s take a look at what some of them are.
ManageEngine brought home its first set of accolades for 2020: two InfoSec Awards presented by Cyber Defense Magazine at RSA Conference 2020. Amidst the over 3,000 cyberdefense innovators that were assessed by Cyber Defense Magazine for its 2020 InfoSec Awards, ManageEngine was recognized for its identity and access management (IAM) offering, AD360, and for its insider threat prevention in Log360.
The cybersecurity market is ever-changing and primarily driven by sophisticated cyberattacks, disruptive technological growth, and stringent data protection regulations like the GDPR and CCPA. We are constantly evolving our solutions to meet these dynamic market needs. We believe our recognition in the Gartner Magic Quadrant for security information and event management (SIEM) for the fourth consecutive time proves that our efforts have been channeled in the right direction.
We’re pleased to announce the debut of ManageEngine Application Control Plus, an application whitelisting, blacklisting, and privilege management solution. IT operations could come to a standstill if applications suddenly ceased to exist, but applications can be considered double-edged swords. As important as applications are, they also form the largest threat vectors in any network.
From maintaining electronic health records and generating medical reports, to carrying out robot-assisted surgeries and setting up online doctor-patient communication portals, the healthcare industry is becoming increasingly reliant on technology to effectively carry out day-to-day operations. While incorporating advanced technology assists healthcare professionals in providing better care for patients, it also increases the attack surface for cybercriminals looking to exploit sensitive data.
