It’s time to celebrate National Cybersecurity Awareness Month again. Let’s look at what happened since we last honored this “holiday.”
We started 2018 with over three million records breached fromJason’s Deli; moved into spring with five million records from Saks/Lord&Taylor and 37 million from Panera Bread restaurants. May saw breaches from fitness tracking company PumpUp and clothing retailer UnderArmor. July was a new low point with breaches from Ticketfly, the Sacramento Bee newspaper chain, and MyHeritage. And let’s not forget Exactis with 340 million records placed online.
Even with this list, I haven’t accounted for many other breaches of the past year, including the various data leaks generated when the companies put cloud storage buckets online unprotected. A single check box and the data in all of these situations would have been easily secured.
Of course, who doesn’t remember Facebook’s woes, which thanks to Cambridge Analytica, divulged information on more than 100 million accounts. And if we look beyond private data leaks, we find the City of Atlanta learned an expensive lesson – their backups were worthless after being hit by a ransomware attack. This cost them nearly their entire annual IT budget.
With security awareness, you are only as good as yesterday’s response. Every day, someone tries to leverage their way into your network, your data and your corporate reputation. Every day, your network is bombarded with thousands of phishing attempts. Someone is sending multiple emails with infected attachments; hackers continuously try reused or (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by David Strom. Read the original post at: http://www.rsa.com/en-us/blog/2018-10/practice-cybersecurity-every-day-not-just-october.html