The sharp rise in ransomware attacks on the critical infrastructure sector has cost millions of dollars in terms of payment and recovery in the past year. Ransomware attacks grew an astounding 485% in 2020 compared to 2019. As these attacks increase in persistence and scale, the federal government and NIST guidelines to improve cybersecurity and curb ransomware provide the required security measures to protect against such disruptive attacks....

Forrester Research has estimated that 80 percent of security breaches involve weak, default, stolen, or otherwise compromised privileged credentials. As a result, cybersecurity experts have recommended augmenting usernames and passwords with multi-factor authentication (MFA) to add an additional layer of security for access control. By adopting an “MFA Everywhere” approach, organizations can establish a reliable deterrent and ultim...

The healthcare industry is a prime target for threat actors, as it deals with a vast amount of highly sensitive data which needs to remain current and accurate, as life or death decisions may depend on it. In turn, healthcare records are a hot commodity on the Dark Web, often going for a far higher price than credit cards. That’s why it’s no surprise that healthcare is a heavily regulated industry. Those who work in this vertical n...

Modern Phishing Campaigns And Effective Prevention Phishing scams and schemes are becoming more creative every day as businesses and individuals find themselves the target of new tactics and techniques. User education and beefing up an organization’s email security systems are two essential steps that can minimize the exposure to phishing campaigns. However, recent research indicates that these preventive measures are not effective, as n...

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. And while probably one of the most prescriptive industry regulations available in the market, many organizations are struggling to turn their PCI compliance paper blueprint into an effective security program that withstands the scrutiny...

Government agencies hold a vast amount of sensitive information, ranging from personnel records, budgetary data, inter-community communications to intelligence findings related to terrorists and hostile nations. In turn, governments all over the world are continually under threat of cyber-attacks launched by rival nation-states, terrorist groups, hacktivists, and cyber criminals. In addition, they are facing insider threats as showcased by Edw...

YOU’VE SECURED THE WORKFORCE, NOW SECURE PRIVILEGED ACCESS WITHOUT A VPN. Current work-from-home requirements have resulted in government agencies enabling entire workforces for remote access. As the FBI and other agencies report, this is a boon for cyber attackers who see this expanded attack surface as a feeding frenzy opportunity. Agencies of all sizes are at increased risk and need to secure remote access for privileged users, whose...

KILL TWO BIRDS WITH ONE STONE:RANSOMWARE & PRIVILEGED ACCESS ABUSE While security awareness programs, regular updates to anti-malware, application whitelists, and data back-up cover your security basics, organizations need to understand that ransomware is just one form of exploit that can easily be replaced by another. According to Forrester, an estimated 80 percent of data breaches are tied to privileged access abuse. By implementing Iden...

Learn the anatomy of a hack.Prevent a data breach. It’s a common belief that data breaches require a tremendous amount of sophistication to “break” through the almost impenetrable perimeter defenses that organizations have put in place. Hackers don't break in. They log in! Post-mortem analysis concludes that the source of a hack is most often compromised credentials, and the data proves it: 74 percent of respondents acknowled...

Cybersecurity Best Practices: The Basics and Beyond October is National Cybersecurity Awareness Month and a great time to take a critical look at your cybersecurity at home, in the office, and everywhere you go. Many people adopt different attitudes and practices regarding their personal and professional cybersecurity. It's our responsibility to protect not only ourselves but also our organizations. The first step is to be aware of modern thre...