The current state of consumers’ cybersecurity awareness

The current state of consumers' cybersecurity awareness


With the second anniversary of GDPR on the horizon, the topic of data security is as pertinent as ever. Despite the proliferation of connected devices and the personal information and sensitive data they harbor, many consumers are unaware of just how susceptible their pocket-sized computers are to cyberattack.

consumers’ cybersecurity awareness, cybersecurity ,

Cybersecurity software sales and training in a no-touch world

Cybersecurity software sales and training in a no-touch world

The pandemic has led to an outbreak of cybercriminal activity focused on remote workers and enterprises that needed to quickly migrate to the cloud to maintain business continuity. More than 3,100 phishing and counterfeit websites were created each day in January. By March, that figure exceeded 8,300. Communication and collaboration phishing sites also grew by 50% from January to March.

Cybersecurity software, training in a no-touch world

European Commission: Still Work to Do on GDPR

European Commission: Still Work to Do on GDPR

The GDPR has successfully met its main objectives but work still needs to be done to improve cross-border investigations, increase regulator resources and address fragmented approaches across the EU, according to the European Commission..

Still Work to Do on GDPR, GDPR

How to protect remote workers from phishing and other attacks

How to protect remote workers from phishing and other attacks


Working from home is a new ‘norm’ for many organizations, but the shift toward remote work has been steadily increasing for the past decade. In fact, between 1996 and 2016 there’s been a 300% increase in the number of companies offering remote work options. Now, of course, it’s mandatory for many of us.

protect remote workers, phishing, attacks

5 Tips for Minimizing Third-Party Risk

5 Tips for Minimizing Third-Party Risk


Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.

Minimizing Third-Party Risk

Five signs a virtual CISO makes sense for your organization

Five signs a virtual CISO makes sense for your organization


As today’s threat landscape continues to feature more sophisticated, well-funded, highly organized and increasingly complex cyber adversaries, defense and remediation strategies have become much more challenging. Protecting an enterprise and preparing for current and future threats requires a great deal of expertise, planning and timely and targeted actions.

Virtual, CISO, organization

Passwords still widely used, despite known weaknesses

Passwords still widely used, despite known weaknesses

Nearly a third (29%) of organizations in Europe and the Middle East still see usernames and passwords as one of the most effective means to protect access to their IT infrastructure, two years after the inventor of the complex static password admitted they don’t work, according to Thales.

Passwords, weaknesses

The state of data quality: Too much, too wild and too skewed

The state of data quality: Too much, too wild and too skewed

We live in the age of data. We are constantly producing it, analyzing it, figuring out how to store and protect it, and, hopefully, using it to refine business practices and better understand the markets and customer we work with. However, this is all easier said than done and one of the biggest concerns that businesses have around their data is the quality – a fact confirmed by 1,900 people surveyed at the end of last year on the state of data quality. Despite being aware of data quality issues, many are uncertain about how to best address those concerns.

data quality

The Biggest Cybersecurity Mistakes CISOs Might be Making Today

The Biggest Cybersecurity Mistakes CISOs Might be Making Today

As more organizations move to the cloud, the need for airtight security has become paramount. As threats evolve and become more sophisticated, mitigating hacks and malicious attacks has become very difficult. And for many Fortune 1000 CISOs, some still believe that managing their security in-house or on-premise is safer and more cost-effective—when the opposite can very well be true.

Cybersecurity Mistakes, CISOs

21% of SMBs Don’t Have a Data Backup or Disaster Recovery Solution in Place

21% of SMBs Don't Have a Data Backup or Disaster Recovery Solution in Place

New research (…) indicates that 58 percent of C-level executives at small and medium businesses (SMBs) said their biggest data storage challenge is security vulnerability. Nearly half (49 percent) of top leaders at SMBs said cyberattacks are their biggest data protection concern. Yet more than 20 percent of SMB leaders said they do not currently have a data backup or disaster recovery solution in place.

SMBs Don’t Have a Data Backup, Disaster Recovery Solution, data protection, cyberattacks

Nearly 60% of Security Professionals Trust Cybersecurity Findings Verified by Humans over AI

Nearly 60% of Security Professionals Trust Cybersecurity Findings Verified by Humans over AI

New research revealed that while over half of organizations use artificial intelligence (AI) or machine learning in their security stack, nearly 60 percent are still more confident in cyberthreat findings verified by humans over AI.

security professionals, artificial intelligence (AI), cybersecurity, Cybersecurity Findings Verified by Humans over AI

Hacking has become a viable career, according to HackerOne

Hacking has become a viable career, according to HackerOne

HackerOne announced findings from the 2020 Hacker Report, which reveals that the concept of hacking as a viable career has become a reality, with 18% describing themselves as full-time hackers, searching for vulnerabilities and making the internet safer for everyone. Not only are more hackers spending a higher percentage of their time hacking, they’re also earning a living doing it.

Hacking, career

Do your employees feel valued? 64% have one foot out the door

Do your employees feel valued? 64% have one foot out the door

The estimated current cybersecurity workforce is 2.8 million professionals, while the amount of additional trained staff needed to close the skills gap is 4.07 million professionals, according to (ISC)2. This makes retaining employees a top priority, but how can companies be successful at this?

employees, valued

Data Privacy Day 2020: Five Learnings from the Past

Data Privacy Day 2020: Five Learnings from the Past

This Data Privacy Day 2020, we urge individuals and organizations around the world to learn from the fallout of the mega-breaches of the recent past. We provide five positive steps that companies around the world can take to better protect consumers, employees and more.

Data Privacy Day, GDPR, data privacy

5 Tips on How Companies Can Prepare for Cyberattacks and Data Breaches

5 Tips on How Companies Can Prepare for Cyberattacks and Data Breaches

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.” These sage words unfortunately describe the dilemma many companies are facing on a daily basis with increasing frequency. Whether because of a lack of resources to commit to cybersecurity or the C-suite’s reluctance to do things differently, companies are suffering from a rash of bad actors seeking to profit from cyberattacks and the loss of data because of negligent handling by insiders.

How Companies Can Prepare for Cyberattacks, Data Breaches, cybersecurity, cyberattacks

A Resilient Answer to Disasters

A Resilient Answer to Disasters width=

The Second Law of Thermodynamics tells us that the total entropy can only increase over time for an isolated system. In other words, contrary to what we may believe or may simply hope, things fall apart. It’s not an accident. It’s a law of physics, and its awful simplicity is clear and frightening.

Resilient Answer to Disasters, disaster recovery, business continuity

How to Achieve Cybersecurity with Patience, Love and Bribery

How to Achieve Cybersecurity with Patience, Love and Bribery

Your five-year-old hears the doorbell ring just after you’ve jumped in the shower. They’ve been trained by your example to answer the door when they hear the bell, but are a bit too young to have had the “never answer the door unless I’m with you” talk. The man at the door is dressed in a sharp uniform that says Acme Repair (meep meep). Your child doesn’t read yet, but they recognize an authority figure when they see one (thanks Wile E Coyote), and let him in when he says, “Your mom called to have the heater fixed.”

How to Achieve Cybersecurity, data breaches, cybersecurity

65% of stressed-out cybersecurity and IT workers are thinking about quitting

65% of stressed-out cybersecurity and IT workers are thinking about quitting

A recent report found that the average tenure of a chief information security officer (CISO) is only 18 to 24 months, citing constant stress and urgency of the job as the core reasons. For comparison, the average tenure of a chief financial officer is 6.2 years and the average tenure of a chief executive officer is 8.4 years.

cybersecurity, chief information security officer, ciso

More CISOs now report directly to the CEO

More CISOs now report directly to the CEO

Businesses around the world are finally appearing to take their cybersecurity strategy to the highest level, with CEOs now often involved in the big calls.

A study (…) found one in five CISOs now report directly to the CEO, highlighting the importance that security-focused roles are playing as companies look to keep their data protected.

ciso cybersecurity, cisos report, iso 27001, information security

Wikipedia hit by DDoS attack

Wikipedia hit by DDoS attack

The site was taken down across Europe.

The world’s most popular online encyclopaedia, Wikipedia, has suffered a severe DDoS (distributed denial of service) attack, which resulted with multiple servers across the globe going offline in different points in time.

DDoS attack

Corporate Social Responsibility Is Key To Closing The Cybersecurity Talent Gap

Corporate Social Responsibility Is Key To Closing The Cybersecurity Talent Gap

The cybersecurity talent gap is undeniable. It’s also a presidential priority and well-established trend that some estimates project will reach 3.5 million unfilled positions by 2021. And it’s not just a question of numbers but also skills. A January report by the Center for Strategic & International Studies asked if cybersecurity education and training programs are teaching the right skills to fill needed jobs and found that “the evidence suggests that the answer may be no.”

Cybersecurity Talent Gap

Financial Industry Hit By Surging Numbers of Cyber-Incidents

Financial Industry Hit By Surging Numbers of Cyber-Incidents

Financial services companies in the UK were hit by 819 cyber-incidents, which were reported to the Financial Conduct Authority in 2018. According to a freedom of information (FOI) request made by accountancy firm RSM, the data showed that there had been a huge rise from the previous year, with 69 reported in 2017.

Cyber-Incidents, cyber-attacks, financial industry

Human error still the cause of many data breaches

93% of Companies Are Overconfident of Their Ability to Stop Data Breaches

With the incidence of reported data breaches on the rise, more than half of all C-suite executives (C-Suites) (53%) and nearly three in 10 Small Business Owners (SBOs) (28%) who suffered a breach reveal that human error or accidental loss by an external vendor/source was the cause of the data breach, according to a Shred-it survey (…).

 

Ability to Stop Data Breaches, PAM

Insider Threats: An Underestimated Risk

Insider Threats: An Underestimated Risk

What is an insider threat? Security professionals know that insider threats, by their nature, are a broad-based threat and, more than ever before, can be extremely difficult to defend against. In this article, we will briefly discuss the possible risks, as well as some options for building up your defenses.

Insider threats, information, security, cyber threats, cybersecurity

Study Finds More than 2.3 Billion Online Files Currently Exposed

Study Finds More than 2.3 Billion Online Files Currently Exposed

More than two billion files exposed across SMB-enabled file shares, misconfigured network-attached storage (NAS) devices, FTP and rsync servers and Amazon S3 buckets were found in a “Too Much Information: The Sequel,” report by Digital Shadows. A total of 750 million more than last year, the report says.

GDPR, Online Files Currently Exposed

Cybersecurity Skills Shortage is Impacting Organizations

Cybersecurity Skills Shortage is Impacting Organizations

Seventy-four percent of organizations are impacted by the cybersecurity skills shortage, according to a study of cybersecurity professionals by the Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG).

Cybersecurity Skills Shortage, cybersecurity, cybersecurity professionals

How to Properly Position the CISO for Success

How to Properly Position the CISO for Success

As I travel the U.S. and the world, I am frequently asked what the proper reporting structure is for the Chief Information Security Officer (CISO). While it sounds cliché, the real answer is “it depends.” First, it is critical to understand the security goals for the organization and leadership’s perspective on security. Other factors such as company maturity, size, industry and the role you want the CISO to play should be considered. Only then can you determine if the CISO should report to the CEO, the CIO, the CRO, the CFO or some alternative reporting structure.

Position the CISO for Success, CISO, cybersecurity, security

Data Protection Commission Investigates Facebook

Data Protection Commission Investigates Facebook

After Facebook alerted the Data Protection Commission (DPC) that it had found hundreds of millions of user passwords stored in its internal servers in plain text format, DPC launched an investigation to determine whether the company had acted in compliance with the General Data Protection Regulation (GDPR), according to an April 25 press release.

Cybersecurity Workforce, GDPR, passwords,