It was almost exactly ten years ago that U.S. Counter Terrorism Advisor Richard Clarke stood before the Congressional committee investigating the 9/11 attacks and uttered the famous phrase, “Your government failed you. Those entrusted with protecting you failed you. And, I failed you.” It was a seminal moment in America’s processing of the tragedy of 9/11 because an adult stood up and declared himself to be accountable.
I have to admit I sometimes wish the cyber-security industry would admit similar accountability. The fact of the matter is that this $71 billion industry IS failing to protect us from the cyber-threats we now face each day. Continue reading
In the latest instalment of what Anton Chuvakin’s refers to as his “philosophical security blog posts,” the Research VP at Gartner has a critical message that should be heeded by all executives, managers, and decision-makers who have a hand in protecting their organization from cyber attacks: “Defeat the Casual Attacker First!!!” Continue reading
A cybersecurity awareness survey has revealed that today’s bad actors may have an unintentional and unwitting ally in very high places: board members in the UK’s FTSE 350 Index.
According to the survey, which was conducted by KPMG on behalf of the UK government’s FTSE 350 Cyber Governance Health Check (a.k.a. Cyber Health Test):
- 65% of board members have not reviewed their company’s risk management plans or policies with respect to safeguarding critical information and assets.
- 61% of board members do not see cybersecurity risks as operational risks.
- 45% of board members do not understand the implications of losing critical information and assets due to a cybersecurity attack.
- 39% of board members do not have an acceptable grasp of their company’s critical information and data assets.
- 25% of board members do not routinely get intelligence from their CISO or other security executives on cybersecurity threats facing the company.
Fresh on the heels of being named as one of the 100 Coolest Cloud Security Vendors by CRN, it is my pleasure to share that Seculert’s blog has been recognized as one of the 50 Best Cloud Security Blogs of 2015 by GetVoIP.
“Along with outlining cyberthreats, [Seculert’s] blog also provides cybersecurity tips, vendor news, and more on how to get around the vulnerabilities present on many modern networks,” wrote GetVOIP’s Founder and CEO Reuben Yonatan. Continue reading
According to a new report from the Identity Theft Resource Center (ITRC), the number of US data breaches reached a record high of 783 in 2014 — a 28% jump over 2013, and 18% higher than the previous record of 662 data breaches tracked in 2010. Continue reading
The Spamhaus Project, an international nonprofit organization whose mission is to track the Internet’s spam operations and sources, has published its “Spamhaus Botnet Summary 2014” — and the synopsis isn’t inspiring, to say the least.
While safeguarding assets has always been core priority for financial advisory firms, in today’s world the list of threats isn’t comprised of just brazen thieves and rogue employees: it must also include hackers who want nothing more than to slip past their cybersecurity defenses, breach their network, and steal their private data for financial gain. Continue reading
On behalf of my colleagues worldwide, I am thrilled to share that Seculert has been named as one of the “100 Coolest Cloud Security Vendors” by The Channel Company’s CRN, which is the global online and print media leader in the IT channel. Continue reading
In recent months, most headline-grabbing advanced malware attacks — such as those at Target and Staples — involved multi-stage infections designed to quietly steal data for as long as possible.
But in a recent article for ComputerWeekly.com, Mike Gillespie, the director of cyber research and security at The Security Institute, is warning enterprises to be wary of another kind of malware attack: one designed to loudly destroy machines rather than silently grab data.
The ability to pinpoint the individual employee who has been breached is invaluable to the incident response process.
Seculert now adds such employee context to breach incidents that are detected through our Log Analysis module by identifying the specific user affected. Knowing the user identity can assist with the prioritization of incidents and shorten the time it takes to locate and remediate the infected device. Continue reading