Nowadays, it’s common to hear about yet another high-profile security breach in which critical data is leaked, resulting in damage to the organization’s reputation and bottom line. Unfortunately, it's impossible to remove all risks in your organization but there are ways to best protect against them and improve your security posture.
Whether you view a data breach as your worst nightmare, or simply an inevitable occurrence for the average organisation, knowing what to do and how to respond when it happens to your organisation is critical. A well-executed response contains a crisis and stops it from snowballing, as well as helping you navigate your organisation—and your suppliers and customers—through any follow-on analysis or potential post-incident investigations.
If you’re a Google Chrome user, you may have received the pop-up alert “Your password was exposed in a non-Google data breach” in your web browser. The alert informs users of any recent security breaches which may have compromised their account passwords. Read on to learn more about what this alert means for your data security and the appropriate steps to secure your personal data.
Third-party data breaches are one of the most concerning issues in cybersecurity today. You need your third parties to do business, but you can’t always trust (or verify) that their cybersecurity controls are as strong as they say, no matter how many questionnaires you send out. And of course, cybercriminals know that by hitting vendors rather than every single company separately, they can get the most ill-gotten gains for their effort.
Another day, another data breach has become a common refrain, in a world saturated with data breaches and other types of data exposures. But over the past few years, a subtle change in the nature of breaches has taken place. We documented some of this change in our analysis of the 100 largest breaches in the 21st century, highlighting that breaches were getting larger and more likely the result of misconfigurations.
This blog was written by an independent guest blogger. Businesses that allow employees to work from home are more likely to encounter a new security threat — compromised smart home devices. Smart technology connected to an employee’s home network, like smart thermostats, appliances, and wearables, can all fall victim to hackers. Workers that join their employer’s network remotely can unwittingly allow compromised devices to open the doors to hackers.
In April 2022 alone, there were 14.3m records breached due to 80 significant security incidents. These incidents make up a complex, shifting landscape of cyberattacks that require increasingly sophisticated defenses. While many of our methods are becoming more complex, some of our mechanisms are timeless, like the security whitelist. Also called an “allow list,” the security whitelist defines the permitted actions and blocks everything else.
Cybercriminals choose their targets based on two conditions - maximum impact and maximum profit. Financial institutions perfectly meet these conditions because they store highly valuable data, and their digital transformation efforts are creating greater opportunities for cyber attackers to access that data. This is why the financial sector is disproportionately targeted by cybercriminals, behind healthcare.
The Federal Bureau of Investigation (FBI) recently released a Flash Report regarding BlackCat Ransomware breaches. This ransomware as a service (RaaS) has compromised at least 60 entities worldwide and is the first ransomware group to do so successfully using RUST, considered to be a more secure programming language that offers improved performance and reliable concurrent processing.
