how long would it take your organization to notify customers of a security breach v1

Report: Organizations not completely clear on what IT security incidents to report

Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored. But when a cyber incident hits ... Read More
More than 1 in 4 have been breached

Unpatched Vulnerabilities Caused Breaches in 27% of Orgs, Finds Study

In May 2019, Verizon Enterprise released the 12th edition of its Data Breach Investigations Report (DBIR). Researchers analyzed a total of 41,686 security incidents, of which there were 2,013 data breaches, for the publication. More than half (52 percent) of those reported breaches involved some form of hacking. The report ... Read More

Survey: Geopolitical Issues Affect How Two-Thirds of Cybersecurity Professionals Do Business

It’s a turbulent time in geopolitics today, and activity in the geopolitical landscape inevitably intertwines with increased cyber activity across borders. Reports of nation-state attacks are on the rise. Attacks on U.S. energy infrastructure, NotPetya, the Sony breach and the WannaCry global outbreak have all recently been attributed to nation-states ... Read More

Report: 80% of IT Security Pros Think the Skills Gap Has Worsened Since 2017

The U.S. government had its longest government shutdown in history between 22 December 2018 and 25 January 2019. It’s not yet clear what overall impact this closure had on U.S. digital security. In the short term, a SecurityScorecard report found that federal agencies’ network security ratings slightly declined but that ... Read More
94% container

60% of Organizations Suffered a Container Security Incident in 2018, Finds Study

| | containers, DEVOPS, security
Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they ... Read More

Concern Over IoT Security Grew for Most BHUSA Attendees in Past Year, Reveals Survey

The Internet of Things (IoT) is one of the greatest forces driving technology today. According to Statista, the number of IoT devices is expected to reach 1.2 billion by the end of 2018. That number will grow to over 20 billion by 2020, per Gartner’s estimates, with more than 65 ... Read More

Two-Thirds of Organizations Don’t Use Hardening Benchmarks to Establish a Secure Baseline, Report Reveals

The Center for Internet Security’s Critical Security Controls (“the CIS Controls”) are incredibly useful in helping organizations defend themselves against digital threats. By adopting the first five controls alone, it’s possible for companies to prevent 85 percent of attacks. Adopting all 20 controls can prevent as much as 97 percent ... Read More

Infosecurity Europe Survey: Security Professionals Gearing up for Rise in Nation-State Attacks

In the midst of some of the most interesting times in geopolitical history, Tripwire wanted to see how the infosec community is currently feeling about nation-state attacks. It thus decided to conduct a survey while at Infosecurity Europe 2018 in London. Specifically, Tripwire surveyed 416 attendees to see what the ... Read More
Tripwire Survey: Energy IT and OT Pros Collaborating More Effectively on ICS Security

Tripwire Survey: Energy IT and OT Pros Collaborating More Effectively on ICS Security

With most industrial control systems (ICS) now connected to the Internet, energy organizations have had to shift how they think about security. Addressing new digital threats against the Industrial Internet of Things (IIoT) has presented unique challenges, not just technologically but also organizationally. This next set of results from Tripwire’s ... Read More

Tripwire Survey: Most RSAC Attendees Favor Shorter Vulnerability Disclosure Timelines

With continued debate around responsible disclosure and increased attention around security research techniques, Tripwire wanted to get a pulse on what the community considers responsible practices today. In surveying 147 attendees at the RSA Conference in San Francisco a couple weeks ago, we found out a number of interesting perspectives ... Read More