From the IoT to Insider Threats, 2018 Figures to Keep Security Leaders on Their Toes

As the world looks forward to saying goodbye to the crazy year that was 2017, security experts are chiming in about what to expect in 2018, and the news is not good: insider attacks, tax scams, election hacks, and holes created by the Internet of Things lead the list of threats that cyber security teams can expect to be most prominent in the coming year. Probably not the Christmas gift list they had in mind. Given what we saw in 2017, there's no reason not to believe the experts. With organizations as varied as Equifax, Uber and the Securities Exchange Commission having revealed significant…
Read more

Shoring Up Online Retail Security Can Ensure A Merry E-Christmas For All

One thing we can all be sure of this holiday season: Lots of Americans are choosing to avoid the insanity in shopping malls by firing up their computers, phones and tablets to take care of their Christmas shopping online instead. Even though a steady flow of large-scale data breaches have hit American companies in recent months (hello, Equifax, Whole Foods and Uber, just to throw out a few prominent names), most shoppers have been undeterred. Consider a report from Adobe Insights that online sales for Thanksgiving Day and Black Friday reached a combined $7.9 billion, up 18 percent from 2016, …
Read more

Cyber Criminals Are Turning to a New Source of Valuable, Loosely Protected Data, and You Won’t Believe What Industry It’s In

It's time for today's cybersecurity awareness test: What industry has accounted for 2 percent of all data breaches during 2017, more than healthcare, social media or retail? Finance would be a good guess, but it would be skewed by the scale of the Equifax breach. Government would make sense, too, given that the IRS was breached earlier this year and the SEC in September revealed a substantial breach that occurred last year. But as surprising as it is, the answer is education. Ryan Cloutier, an edtech security specialist, offered this surprising reality check about education breaches during an…
Read more

SecDevOps: Minimizing Vulnerabilities While Enabling Fearless Innovation

One of the big trends sweeping the IT world is the embracing of DevOps. But, as attendees at the recent DevOps Enterprise Summit in San Francisco were reminded, a DevOps strategy ultimately is only as strong as the security wrapped around it. Look at it this way: The point of DevOps is to get an organization's software development and operations teams on the same page to speed up the development process. But when you removing the obstacles that typically slow development teams and free them to innovate without fear, you also open yourself up to potential security holes. What if a buggy piece…
Read more

The Time to Rally Around Protecting Our Critical Infrastructure is Now

The massive 2003 power outage that left more than 50 million Americans and Canadians in the dark may have been a harbinger of things to come. The outage served as a sort of dress rehearsal for what happens when a major chunk of the power grid is rendered useless, and the fact that it was caused by a programming error in the distributor's alarm system should still make us very nervous. Some 14 years later, it seems clear that not only could hackers likely mimic the conditions that unfolded that fateful August 14, they could probably take it several steps further. It's just such a fear that…
Read more

Achieving the Ultimate Buy-In: Getting Everyone in Your Organization Thinking and Acting with the Data Security in Mind

It's no longer a secret that relying on your company's IT security team to be the sole provider of workplace cyber security is folly. Recent incidents such as the WannaCry ransomware attack and the catastrophic Equifax breach remind us that in today's cloud-dominated, always-connected, device-centric world, everyone connected to a business—from employees and management to contractors and customers—plays a role in keeping data secure. In fact, the concept of workplace cyber security being everybody's business has emerged as a major theme of National Cyber Security Awareness Month, which just…
Read more