Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybercriminals are increasingly abusing popular cloud apps to deliver malware to their victims. In 2020, more than half of all the malware downloads detected and blocked by the Netskope Security Cloud platform originated from cloud apps. Cloud apps are commonly abused to deliver Trojans, with attackers attempting to exploit the trust placed in the app used for delivery. Increasingly, cloud apps are also abused for next-stage downloads, with attackers attempting to blend in with benign traffic.

The trove of 1.3 million RDP credentials leaked recently is yet again proof that, In the underground economy, initial access brokerage is a flourishing market. Cybercriminals are outsourcing the initial access stage of the attack, so they can better focus on the execution and act more quickly.

There’s a common misconception that cloud providers handle security, a relic leftover from hosting providers of previous decades. The truth is, cloud providers use a shared responsibility model, leaving a lot of security up to the customer. Stories of AWS compromise are widespread, with attackers often costing organizations many thousands of dollars in damages.

If I were to ask you why you scanned for compliance at your company, I’d bet you’d tell me it was to help you pass requirements easier, to ensure that your audits are good on the first pass and so that you could troubleshoot technical issues with another process. You didn’t know about that last one? Wait, are you telling me you don’t know about the hidden benefits of compliance that you’re getting? Let’s talk.

It now takes organizations 207 days to identify and 73 days to contain security breaches, according to IBM’s 2020 Cost of a Data Breach Report. That means the average “lifecycle” of an incident is a staggering 280 days — 7 months! Moreover, cybercrimes are becoming increasingly sophisticated and attackers are quicker than ever when it comes to finding cracks in corporate infrastructure.

Today, having a strong data governance program is critical for many reasons: understanding and minimizing risk to sensitive data, maintaining security and trust, avoiding compliance fines, and empowering knowledge workers to be more effective at their jobs. The trouble is, if you don’t manage scope properly, and instead try to eat the proverbial data governance elephant all in one bite, you are setting yourself up for trouble.

Table of Contents Cybercriminals are always looking for the new weak link and social media is a point of vulnerability for many businesses. As it becomes more common for social media to be used for and by businesses, the opportunity for cybercriminals to use social media in their attacks grows. Social media is an essential tool for networking, events, advertising, keeping up with trends and more.