The costs of a data breach are on the rise. According to Ponemon’s 13th annual Cost of a Data Breach Study, the global average costs of a breach rose 6.4 percent over the previous year to $3.86 million in 2018. During that same period, the average cost for each lost or stolen record containing sensitive or confidential information increased 4.8 percent to $148.
To protect themselves against these rising costs, companies are turning to cyber insurance in droves. German reinsurance giant Munich Re said that the insurance market protecting companies against digital threats will likely double by 2020 to over $8 billion, as reported by Security Week. Given this forecast, many companies will undoubtedly purchase cyber insurance for the first time within the next few years. To help them get started, I’d like to provide some best practices for purchasing a policy.
Understanding Suspicious User Types in Your Organization
Whether unintentional or malicious in nature, user-based threats can have devastating consequences on your organization. While your focus may be on protecting your organization from outside incidents, you also need to guard yourself from insider threats. Despite your best efforts to keep your organization safe — such as providing security training and company best practices — users are often the weakest link in your defenses.
Understanding user behavior is often difficult because there are many different types of users. Complicating matters, you don’t know if your users’ actions are unintentional or deliberate. That’s why you need to add an additional layer of analytics beyond your security information and event management (SIEM) platform with user and entity behavior analytics (UEBA).
As with traditional IT networks, Operational Technology (OT) networks are undergoing a digital transformation process of their own. The goal is to improve productivity, efficiency, up-time, and flexibility through better monitoring. To do this, online sensors and connected systems are replacing traditional serial connections, proprietary protocols, and programmable logic controllers to better manage and control industrial environments. At the same time, the integration of automation, communications, and networking in industrial environments is an integral part of the growing Industrial Internet of Things (IIoT).
According to the FBI, losses related to Business Email Compromise (BEC) attacks have increased by 136% from December 2016 to May 2018. Why the increase? The answer is actually pretty simple: BEC attacks are easy to launch, there’s limited risk of being caught, and they work! It ranks #1 in the IC3’s 2017 Internet Crime Report for the volume of victim losses, representing nearly half (48%) of the total losses of the top 10 Internet crimes.
As IT and operational technology networks converge, organizations are exposing their traditionally isolated OT networks to new cyber-risks. Cybercriminals have already begun designing new malware threats, like CrashOverride/Industroyer, Triton and VPNFilter, to target vulnerable OT systems. While some of these new attacks target SCADA (supervisory control and data acquisition) and ICS (industrial control system) systems, most are focused on highly vulnerable industrial IoT devices.
Traditionally, OT engineers attached devices to monitor and control the OT infrastructure through a serial connection, which made them less available to traditional hackers. Today, as OT managers add serial-to-Ethernet converters to these devices, they are becoming prime targets. Part of the reason is that many of these devices are highly vulnerable to attack. For example, many run aging operating systems, such as Windows XP, that are highly susceptible to exploitation. In addition, most OT networks simply haven’t deployed the sorts of security technologies commonly in place in IT networks. As a result, targeting IIoT devices has certain advantages for some cybercriminals.
Note: this post originally appeared in the Riverbed blog, but due to strong interest in cloud visibility we are reposting.
Many organizations, even those not typically associated with technology, are migrating application workloads to the cloud. This trend is growing because of benefits such as increased flexibility, agility and availability. In most cases, the migration process is in hybrid mode, with some workloads moving to public cloud providers such as Amazon Web Services (AWS), others using private cloud software, and still others running on traditional physical hardware.
Location analytics solutions have been around for a while. But despite the valuable data they can provide, they are still primarily perceived as a tool for big box retail environments, such as malls, grocery stores, and department stores. In such environments, location analytics are commonly used to track consumers while they shop to help retailers do things like identify natural customer movement patterns, address congestion, identify places within a shopping environment that are less frequently visited, or place specific merchandise in high traffic areas.
But the reality is that any number of verticals can realize benefits from leveraging the sort of information that a presence analytics solution provides. Knowing where people are, where they’ve been, and how they’re moving around a location can be of key importance to a wide variety of vertical markets, including hospitality industries, transportation hubs, public venues, theme parks, and even large healthcare facilities. In fact, any business that needs to manage large numbers of people or evaluate the effectiveness of the placement of resources or services can benefit from location-based analytics.
Financial, Healthcare, Government, and Retail IT Professionals Review Fortinet’s Enterprise Firewall Solution
Recognition in the Magic Quadrant for Enterprise Network Firewalls
Each year, Gartner evaluates the enterprise firewall market based on the capabilities and features of the solutions being offered throughout the cybersecurity space. The Gartner Magic Quadrant for Enterprise Network Firewalls examines today’s solution providers based on completeness of vision and how effectively they are able to execute this vision. According to the report, “products in this market must be able to support single-enterprise firewall deployments and large and/or complex deployments. These include traditional “big firewall” data center placements, branch offices, multitiered demilitarized zones (DMZs), and, increasingly, virtual versions for the data center and various cloud environments.” Learn more about Fortinet’s Enterprise Firewall and the company’s position as a Leader in the Gartner Magic Quadrant.
Security Pros Fear Data Compromise, Financial Loss, and More from Cryptomining. But Are Risks Founded?
For over a year now Lastline has witnessed a tremendous increase in malware designed for criminal cryptocurrency mining, or “cryptomining.” Of course, we all know that Bitcoin has been the go-to cryptocurrency for criminal payments in ransomware, but now on the back of Bitcoin’s successful usage in cybercrime, we are seeing the adoption of other currencies in money-making activities by other criminal groups. According to coinmarketcap.com, there are now over 2,000 cryptocurrencies, up from 1300 at the beginning of the year, with new initial coin offerings (ICOs) taking place all the time.