Trend analysis is an important topic within threat intelligence. It lets us forecast where things are headed; whether they’re getting better, worse or different; and where we should be focusing our precious budgets. The UK’s National Cyber Security Centre (NCSC) recently released the Incident trends report (October 2018 – April 2019). This highlights some of the trends seen across various UK government entities, organizations and sectors.
What do healthcare, banking, and the insurance industry all have in common? RISK! Regardless of industry, having an application, or system compromised could mean the exposure of extremely sensitive information. If such information became public knowledge your business could suffer tremendously. For many companies, a data breach is the worst possible situation imaginable. How does an organization work to reduce the impact of a system being compromised?
Cyberattacks in the healthcare industry show no signs of abating. In 2018, 15 million healthcare records were breached. Alarmingly, in the first half of 2019 alone, 32 million healthcare records were compromised as a result of multiple incidents including the American Medical Collection Agency (AMCA) breach. At AMCA, 24 million patient records were affected when an unauthorized user accessed systems that contained sensitive information like SSN, provider names and medical information.
Sometimes your best intentions are thwarted by technology. That was the case when Thom Langford and I attempted to do a Q&A session after our webinar “Modern Skills for Modern CISOs.” Unfortunately, the session ended before we got the chance to answer the questions that the audience had submitted. The silver lining is that we had the chance to write our answers thoughtfully instead of answering them on the spot.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. A great choice in the news this week. I have to start with a huge breach of another hotel chain with the added misfortune that it also reaped US military bookings. Ouch.
Corporate espionage is espionage conducted for commercial or financial purposes. Corporate espionage is also known as industrial espionage, economic espionage or corporate spying. That said, economic espionage is orchestrated by governments and is international in scope, while industrial or corporate espionage generally occurs between organizations.
On December 23, 2017 the Thomas Fire, which at the time was the largest wildfire in the history of the State of California, approached the Santa Barbara campus of Westmont College. Students, faculty, and staff could see the smoke in the near distance and the ashes falling on campus. It was as if the sky was literally falling. Clearly, this was no ordinary forest fire—if there is such a thing as an ordinary forest fire.
As cybersecurity measures are improving day by day, threat actors are also being sophisticated and creating high profile attacks to evade modern defense systems. These attacks result in generating major incidents, which are the highest-urgency and highest-impact incidents that can affect too many individuals or/and companies at the same time depriving critical data or hampering critical business operations.