The Security Briefing

Breaking Information Risk Management News and Trends

A closer look at phishing attacks helps businesses with cybersecurity

You can’t battle an enemy without knowing what you’re up against, which is why reviewing studies such as the one we’ll be exploring today is so important. Not only is it fundamental for those who are working on cybersecurity within a company, but also for the executive team who is a lot less aware of the real dangers their company is up against.

The numbers don’t lie when it comes to breach

If you think breach can’t happen to you, this idea is probably fading quickly. Especially, when you review the number of breaches and types of companies breached. In 2016 alone, more than four billion data records were stolen.

Why businesses are still at such high risk of breach

Even though organizations have invested in security solutions, nearly half of them have had a breach in the last twelve months. When reviewing a recent global survey by the Ponemon Institute, it becomes clear why businesses still find themselves at risk.

Your cybersecurity checklist for 2017

Being the last week of 2016, it only seems fit to evaluate what has been done up to now by organizations to secure their enterprise so that you can know what still needs to be done in 2017 and/or what you haven’t been doing all along that would benefit your enterprise’s cybersecurity.

3 growing cyber threats for businesses in 2017

As a new year heads our way, it is important to evaluate what types of cyber threats to expect so that you can prepare. Even though 2017 won’t come without its surprises; there’s a lot businesses can learn from 2016. The types of breaches and cyberattacks that took place can help any business, no matter the industry, to start making improved cybersecurity plans for 2017.

Cybersecurity in 2017 starts with a 3 step to do list

Findings from a cybersecurity survey by Kaspersky Lab makes clear areas that continue to be a challenge for businesses when it comes to their organization’s state of security. From these challenges we have a three step plan for 2017 to get on track with cybersecurity…

Study finds most businesses won’t recover from a cyberattack

IBM and the Ponemon Institute study finds that 66% of organizations won’t recover from a cyberattack. Even though the study focuses on business resilience following a cyberattack, when you look closely, you see the connection of the study’s findings to something even more significant…

Election hacking concerns aren’t the only indication of the IoT security problem

When it comes to cybersecurity it’s obvious how important it is with the increasing number of IoT devices like voting machines, medical devices, and even devices that we may think are old and not vulnerable, such as pagers. This US election period, for example, has shown the growing concerns around a potential hack during an election, and…

CTO and CIO challenges make it hard to get security on track

There are a number of headaches that IT executives, such as CTOs and CIOs, face in any type of business, including financial services companies. The things that keep these executives up at night involve a number of challenges. Some that stood out from a recent article discussing this very topic are worth mentioning.

Effective data breach preparedness is still a long ways away

Even though organizations know about the importance of data breach preparedness with 86% of companies having a data breach response plan in 2016 versus 61% in 2013, a recent study by the Ponemon Institute shows that they’re far from implementing their plans in a way that helps them weather the storm if breach happens.

The board of directors are missing the mark when it comes to cybersecurity

There’s always a lot of talk about the board and cybersecurity. This topic is important because without the board’s approval, organizations can’t take the necessary steps to improve cybersecurity. As time passes and mega breaches keep popping up, like the recent Yahoo mega breach, the board does seem to be getting more interested in cybersecurity. However, the question remains, what’s the board’s cybersecurity ‘why’?

Vulnerabilities continue to leave the door open to insider threat and more

The number of vulnerabilities that organizations can confront are so many that if you’re not in the business of security or dealing with security matters, it can come as a bit of a shocker. Furthermore, the types of vulnerabilities can also be foreign territory for those who haven’t had extensive experience in the field. It is for this very lack of knowledge and expertise that so many businesses find themselves at a loss in tracking, as well as minimizing their security risks.

Overconfidence in breach detection puts all businesses at risk

A little over a year ago Tripwire conducted a study that showed energy sector IT professionals were overconfident in their ability to detect breach. Unfortunately, this overconfidence persists. This year’s Tripwire study showed that 72% of energy IT pros believe they could detect configuration changes to endpoint devices on their organization’s network within the hour.

Insider threats are no joke and the hidden costs prove it

The types of security risks that organizations face vary in nature, which is why there’s such a push for all types of businesses to take a holistic approach to information security. Not only do businesses deal with the continuous evolution of threats, but they also deal with vulnerabilities that are hard to manage and resolve. One of these types of weak spots is insider threat.