Last year, Verizon’s data breaches report showed that “human error” was the only factor with year-over-year increases in reported incidents. The average cost of data breaches from human error stands at $3.33 million, according to IBM’s Cost of a Data Breach Report 2020. Even big companies and government entities have fallen victim to data breaches caused by human error.

The phrase “social engineering” sounds innocuous — but, this approach to hacking threatens organizations of all sizes. Social engineering may be an unfamiliar term, but the attacks that fall under this category are well-known. For instance, phishing attacks and ransomware attacks have seen massive increases in the last year. By some estimates, ransomware is up 700% and phishing campaigns are up over 200%.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore the possibilities and challenges of a passwordless era.

The SolarWinds supply chain attack against the US Government was the largest and most sophisticated breach in history. A post mortem operation is still underway and with every stage of its progression, cybersecurity experts become increasingly flabbergasted at the INNOVATIVE complexity of the techniques used. But despite nation-state's efforts to conceal their tactics, they left some highly-valuable clues about their methods that could be leveraged to sharpen supply chain attack defenses.

Supply chain attacks are on the rise, yet few businesses are equipped to face this threat. This could be due to a growing despondency towards cybersecurity in light of the SolarWinds attack. If the nation-state hackers were sophisticated enough to bypass highly-secure Government agency critical infrastructures, how could any organization prevent a supply chain attack? The answer is a change of mindset - don't assume a supply chain attack might occur, assume it will occur.

In the first part of this blog series, we saw a brief overview of what a security operations center (SOC) is and how it operates. In this part, we’ll take a look at the typical activities that SOC analysts carry out every day to protect their organization from constantly evolving cyber threats and the skill sets that come in handy in effectively carrying out their duties.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Got a Mac? Lots of Macs? OK, then have this nice warm feeling that someone cares enough to give you a nice surprise sometime down the line. What to place bets on how nice that present will be?

It is imperative for any national security agency to diagnose, identify, and address the possible vulnerabilities within their defence system to avert exploitation of the nation’s security.