Mitigating the security risks of cloud-based migrations requires both planning and thorough knowledge of product-specific obstacles. In a May 2015 presentation shared on Microsoft Developer's Network, Microsoft researchers stated that 35% of the Exchange user base had completed an Office 365™ migration. Many other organizations will be making the switch to cloud-based Microsoft products in the coming months.
Reddit. Twitter. Netflix. Amazon.
These four sites aren't only some of the most popular web services worldwide. They're all organizations that have suffered downtime due to distributed denial of service (DDoS) attacks in recent weeks.
Wired's Kim Zetter defines DDoS as " an attack that overwhelms a system with data—most commonly a flood of simultaneous requests sent to a website to view its page." These attacks can result in extended periods of downtime for businesses, frustrated customers, and lost revenue.
Much like cyber terrorism, cyber insurance has recently had a growth spurt. Companies first started considering working with insurance companies to mitigate cyber incidents just before the new millennium. It was the late 1990s, and the threat of "Y2K" worried some organizations about coverage.
If you're confident the antivirus software you set up recently can protect your IT infrastructure from malware, these quick facts on the state of malware might change your mind:
- Panda Security reported there were around 230,000 new malware samples produced daily in 2015. Tellingly, more than a quarter of all malware samples ever recorded in history were produced last year.
- Jonathan Dale, IBM's Director of Marketing, warned organizations in his Security Intelligence article that 2016 could be 'the year' of mobile malware.
- While OS X is supposedly more immune to malware, Carbon Black's Threat Research team found out otherwise—it turns out that 2015 was the most prolific year of successful OS X malware attacks in history.
In addition, a shift in the ultimate motive of malware authors has led to malware becoming more difficult to detect and remove.
While many cybercriminals complete data retrieval in a matter of minutes or less, others prefer a long-haul approach to harvesting protected information. The recent surge in advanced persistent threats (APTs), ransomware, and other sophisticated crime is an indicator that well-hidden viruses are definitely something to watch out for.
Three out of ten organizations believe they were hit by an APT in 2015, according to Galois research. The latest security threats are characterized by their ability to remain undetected for long periods of time on a company's network. In some cases, criminals have gone unnoticed for years.
The Ashley Madison data breach of 2015 shows that non-financially motivated cybercrime is alive and well.
Experian's 2016 Data Breach Report predicts that 'hacktivism' was likely to experience a resurgence in the coming months. Citing recent high-profile attacks, Experian analysts warn businesses to stay vigilant. These types of breaches often have a goal of causing public embarrassment or exposure or harming operations, which can be more damaging than pure data theft for profit.
For cybercriminals, targeting the banking industry with phishing emails may provide a relatively easy path to a major payday.
Regardless of where your financial institution currently stands in regards to security, being prepared for phishing attacks is crucial. In this blog, you'll learn about the state of banks and phishing, as well as technical safeguards for protection.
Are your passwords an open invitation to cybercriminals? Even if you believe your organization has adequate access management policies in place, you may be surprised at the weak, default, and repeated passwords lurking in places throughout your company's network.
In the past year, 77% of data breaches involved an insider, according to Verizon.
From disgruntled employees committing sabotage to innocent mistakes, humans are one of your organization's greatest information security risks. In fact, a shocking amount of high-profile data breaches in recent years have occurred because of employee behaviors.
While it's crucial for information security pros to understand human vulnerabilities, the root cause of data breaches isn't always as simple as human action. In many cases, a combination of technical, policy, and human failures can contribute to an incident with data loss.