Blockchain, IOT, Neural Networks, Edge Computing, Zero Trust. I played buzzword bingo at RSA 2020, where the phrase dominated the entire venue. Zero Trust is a conceptual framework for cybersecurity that characterizes the principles required to protect modern organizations with distributed infrastructure, remote workforces, and web connected applications.
The average cost of a data breach is now nearly $4 million, and the unfortunate truth is third-parties are a significant source of cyber risk. These increasing costs are why cybersecurity vendor risk management (VRM) is a top priority for CISOs, Vice Presidents of Security, and other members of senior management, even at the Board level. In addition to financial costs, regulatory and reputational costs are increasing.
Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data.
We find ourselves in strange times. In response to the ongoing coronavirus epidemic, organizations have swiftly closed their offices and mandated that all employees begin working from home. This development has created security challenges with which many organizations are still grappling.
National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 revision 2 is a Risk Management Framework for Information Systems and Organizations: A System Lifecycle Approach for Security and Privacy. NIST SP 800-37 rev 2 was published in December of 2018 and describes the Risk Management Framework (RMF) and guidelines on how to apply RMF to information systems.
I was asked a very interesting question during an interview yesterday, and the more I think about it the more I thought it would make an interesting thought piece.
On April 7, 2020, the San Francisco International Airport (SFO) released a notice confirming that two of its websites, SFOConnect.com and SFOConstruction.com, were targets of a cyberattack in March 2020. The attack has been attributed to a hacker group that was attempting to steal the Windows logins of the airport’s employees. When we hear news about cyberattacks, a few typical, yet crucial questions spring to mind: How did the attackers perform the cyberattack?
The news cycle is full of third-party data breaches and data leaks. And for a good reason, they often expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Cyber attacks and misconfiguration are more common than ever before. Organizations need to invest in tools to prevent data breaches and reduce cybersecurity risk: particularly risks that involve third and fourth-parties.
Cyber attacks, misconfiguration, and data leaks are more common than ever before. Our news cycle is full of first and third-party data breaches that expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Not only are data breaches more common, but they're also more costly. The average cost of a data breach is now nearly $4 million globally.
If you want to skip ahead to see the MITRE ATT&CK eval round 2 results visualized in an easy-to-configure Kibana dashboard, check it out here.
