IT News - Security

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches

"As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and minimize mobile security risks.

Due to the increase in new kinds of cyber attacks, traditional security methods are no longer enough for protecting enterprise data. This is especially true since malicious activity is now targeted towards remote workers and mobile devices.

This article will explore how remote work has changed the way businesses view and analyze enterprise security and why there is a need for CISOs worldwide to put greater emphasis on securing the mobile work environments..." - Security Boulevard

5 Free Ways To Get Better Business Security
Computerworld, May 25th, 2021
Tech crooks really are out to get you, but there are ways to defend your company that won't cost an arm and a leg

"Ransomware to the left of you, malware to the right-what's a small business stuck in the middle to do?" asks Steven J. Vaughan-Nichols in Computerworld

"We all know that securing your company isn't easy or cheap. As Christopher Krebs, former director of the US Cybersecurity and Infrastructure Security Agency (CISA), and Matthew Masterson, former CISA Senior Cybersecurity Advisor, both recently pointed out: we're "now in the midst of a new normal of cyber-enabled malicious activity."

That's bad enough..."

5 Tips For Building A Cloud Security Architecture
Network Computing, May 24th, 2021
Building a cloud security architecture is no easy task. You need to address your organization's security policies, relevant compliance standards, and security best practices while contending with the high complexity and dynamic nature of cloud infrastructure

Sagar Nangare writes in Network Computing, "With organizations increasingly shifting data and applications to the cloud, the security architecture is becoming critical in ensuring workloads are secure. A cloud security architecture is a framework that defines how an organization approaches cloud security for each cloud model it operates and what solutions and technologies it intends to use to create a secure environment.

Cloud security best practices should be a starting point for a cloud security architecture. Possible sources for standards are documents published by cloud providers, compliance standards by organizations like the National Institute of Standards and Technology (NIST), or security research organizations like the Center for Internet Security (CIS)..."

Cybercrimes have increased 300% since the pandemic, according to the US Federal Bureau of Investigation

"Some 95% of cybersecurity breaches are due to human error. Questionmark, the online assessment provider, has launched a new cybersecurity skills test, with cybersecurity workforce development specialists CyberVista, to help firms meet this challenge.

The average data breach costs firms $3.86m according to research by IBM Security. Despite these costs, many firms do not have people with the right skills to protect them. CyberVista estimates the global cybersecurity workforce needs to expand by 89%. Organizations have a crucial role to play by upskilling existing or new employees..."

In the aftermath of the Colonial Pipeline attack, ISACA polled more than 1,200 members in the United States and found that 85 percent of respondents think that their organization is at least somewhat prepared for a ransomware attack

"The Colonial Pipeline attack caused massive disruptions to gasoline distribution in parts of the US this month. Colonial reportedly authorized a ransom payment of US $4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organization would pay the ransom if a ransomware attack hit their organization. Only 22 percent say a critical infrastructure organization should pay the ransom if attacked.

'In a vacuum, the guidance not to pay makes total sense. We don't want to negotiate with criminals,' said Dustin Brewer, senior director of emerging technology and innovation at ISACA. 'But when you need to get your business back online, a cost/benefit analysis is going to come into play, and a company is going to do what it needs to do to have continuity. Good cyber hygiene has to be a focus to avoid getting to this point.'

The survey's other key findings included:..."

Since the beginning of the pandemic, ransomware and other cyber attacks have spiked

Abhishek Sengar writes in SecurityIntelligence, "Meanwhile, millions of people have shifted from working in offices to working remotely. Organizations are increasingly relying on video conferencing, virtual private networks (VPNs) and remote desktop protocol admin tools.

Many employers believe that, to cut down on these risks, they should invest in new and bigger solutions. However, it's also important that they review common best practices like password policies, least privilege access, patching and more..."

See all Archived IT News - Security articles See all articles from this issue