New data provides a multi-faceted look at the changing face of phishing attacks. This data includes who’s being targeted, the tactics being used, and why phishing attacks continue to work. If 2022 is any indication of what the remainder of this year will hold for organizations fending off cyber attacks, cybersecurity efforts are going to need a whole lot more emphasis.
In today’s one-click world, organizations of all sizes should be committed to improving their cyber security posture. Helping them to mitigate the risk of a data breach and protect their critical assets. This means having the right technology, processes, and people to monitor the environment and respond to incidents quickly and effectively. According to a recent IBM analysis, the average cybercrime takes 280 days to detect and contain and costs businesses up to $3.86 million.
Waves of change are constantly disrupting companies of all sizes around the world, particularly when it comes to cybersecurity. Digital infrastructure keeps expanding, work models constantly change, and the web between businesses gets more and more intertwined. It’s no surprise that CISOs and risk leaders are evolving. A majority of boards now see cyber risk as business risk, so they’re asking hard questions around risk and exposure.
Read the highlights from BSidesSF, a community event that brought together speakers, workshops, and villages to help us all learn to be safer.
The people closest to your business can sometimes cause the most damage. Yet while top-secret data leaks are headline news today, most insider threats are well-intentioned people who just screw up.
With the dust now settled and life returning to some semblance of normalcy, we’ve still been ruminating on our week in San Francisco. It was an incredible and busy week, with a lot of top notch sessions, discussions, and of course the bustling expo. We compiled some of our daily thoughts after each full-day at the show, which you can read here, but now with some perspective, we wanted to share our four most memorable takeaways from RSA Conference 2023.
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.
We’ve all seen it in the movies: The chief of security declares that no one could ever steal the “Famous Jewel” because it’s protected by thick glass, an impenetrable system of motion-detecting lasers, and, finally, a weight-sensitive sensor. Cut to the next scene, where a thief, dressed in sleek black, zip-lines from an open skylight, shorts the lasers, scores the glass, and with split-second timing, swaps the jewel for a replica of equal weight.
One set of valid employee credentials can provide an adversary with all they need to log into a business, move laterally, escalate privileges and achieve their goals — whether that’s removing access to accounts, terminating services, destroying data or deleting resources. Identity-based attacks are subtle, but destructive, and organizations must be on high alert for them. CrowdStrike reported 80% of cyberattacks now leverage stolen or compromised credentials.
In Part I of our two-part blog series, we recapped key drivers for ISO 27001 compliance. Now that you know why companies enthusiastically adopt the ISO 27001 standard to improve cybersecurity protection, we will take a deeper technical dive into Egnyte for ISO 27001.
