3 Easy Ways to Get the Most Out of a Small Information Security Budget

| January 11, 2017

article image
Though organizations have increased spending on security products and talent, many IT leaders may feel as if the increased spending doesn't keep up with dollars lost to attacks. Research by Venafi notes a large percentage of today's CIOs believe they are "wasting millions on inadequate cybersecurity."This is not to suggest the answer is to cut back. You can't do cyber security on a $0 technology or staffing budget. But one thing remains clear and cannot be argued, the threat vector is growing and will continue to grow. Putting your effort into the right places, you can achieve 24/7/365 compliance and strong defenses on a small budget. In this blog, you'll learn three aspects of security strategy with big impacts.

Spotlight

Bitdefender

Bitdefender is the most successful Romanian IT company and a leading technology player in the global software security market. The company is developing and supporting a broad range of IT security products and services for both consumer and enterprise markets in over 100 countries worldwide. Bitdefender is continuing its global expansion through local key partners and its current own offices in Germany, Spain, USA, the UK, the Nordic countries and the UAE. Moreover, Bitdefender is also setting sail for Asia, Africa and Latin America. The company is also strengthening its position based on a series of global strategic partnerships.

OTHER ARTICLES

What Lessons Can We Takeaway from Las Vegas’ Recent Thwarted Cyberattack?

Article | February 27, 2020

Picture this: a news story detailing a cyberattack in which no data was exfiltrated, thousands (or even millions) of credit card details weren’t stolen, and no data was breached. While this isn’t the type of headline we often see, it recently became a reality in Las Vegas, Nev. On January 7, 2020, news broke that the city of Las Vegas had successfully avoided a cyberattack. While not many details were offered in the city’s public statement, local press reported that the attack did employ an email vector, likely in the form of a direct ransomware attack or phishing attack. The use of the word “devastating” in the public statement led many to believe ransomware was involved. This inference isn’t farfetched—and is likely a correct conclusion—given that cities throughout the U.S. have seen ransomware attacks on critical systems. Attacks that have cost those cities millions of dollars.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | February 12, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

SASE: A NEXT-GENERATION CLOUD-SECURITY FRAMEWORK

Article | November 3, 2020

The ongoing pandemic has forced organizations across the globe to install work-from-home policies. A majority of the workforce in various industries, especially IT, have already adapting to working remotely. With a sudden rise in remote users and growing need and demand for cloud services, a huge volume of data is being transmitted between datacenters and cloud services. This has also given rise to the increased need for network security and a safer means of data transmission. The existing network security approaches and techniques are no longer dependable for the required levels of security and access control. To secure these surging digital needs, Gartner debuted an emerging cybersecurity framework in the form of what it calls SASE.

Read More

NCSC makes ransomware attack guidance more accessible

Article | February 28, 2020

The UK’s National Cyber Security Centre (NCSC) has updated its guidance to organisations on how to mitigate the impact of malware and ransomware attacks, retiring its standalone ransomware guidance and amalgamating the two in a bid to improve clarity and ease confusion among business and consumer users alike. The NCSC said that having two different pieces of guidance had caused some issues as a lot of the content relating to ransomware was essentially identical, while the malware guidance was a little more up-to-date and relevant. The service said the changes reflect to some extent how members of the public understand cyber security. For example, it implies a distinction between malware and ransomware even though technically speaking, ransomware is merely a type of malware. “Not everyone who visits our website knows that. Furthermore, they might well search for the term ‘ransomware’ (rather than ‘malware’) when they’re in the grip of a live ransomware incident,” said a spokesperson.

Read More

Spotlight

Bitdefender

Bitdefender is the most successful Romanian IT company and a leading technology player in the global software security market. The company is developing and supporting a broad range of IT security products and services for both consumer and enterprise markets in over 100 countries worldwide. Bitdefender is continuing its global expansion through local key partners and its current own offices in Germany, Spain, USA, the UK, the Nordic countries and the UAE. Moreover, Bitdefender is also setting sail for Asia, Africa and Latin America. The company is also strengthening its position based on a series of global strategic partnerships.

Events