Data Breaches: What Do the Numbers Mean?

| February 17, 2019

article image
Risk Based Security came out with their annual data breach report this past week. Overall, 2018 brought the second-highest number of reported data breaches of any year on record. “It’s been an unusual year for breach activity,” commented Inga Goddijn, executive vice president of Risk Based Security. “We’ve been monitoring breach events for more than a dozen years now and this is the first time we’ve observed a slow start to the year following by a growing number of disclosures as the months pass. We suspect various factors including the allure of crypto mining had an impact on breach activity early in the year, but disclosures rebounded throughout the summer and into the last quarter.” The full report is available by visiting their website here. Goddijn said of the work, “we were curious to see if the General Data Protection Regulation (GDPR) would have a discernible impact on how long it takes for an organization to go public with a breach report. Curiously, the average number of days between discovery and disclosure has been approximately 49 days for the past two years. Goddijn commented, “From 2014 until 2017, the average number of days had been declining. We assumed awareness of GDPR reporting requirements would put pressure on organizations to continue to close the gap. So it was surprising to see 2018 end at an average of 49.6 days, slightly above 2017’s average of 48.6 days.

Spotlight

Untangle, Inc.

Untangle® is an innovator in cybersecurity for the below-¬enterprise market, safeguarding people’s digital lives at home, work and on-¬the-¬go. Untangle’s integrated suite of software and appliances provides enterprise-¬grade capabilities and consumer-¬oriented simplicity, bringing a new generation of smart security to homes and small-¬to-¬mid-¬sized businesses. *2016 Inc. 5000 fastest growing private companies in America *2016 Global Excellence Awards – Gold Winner, Product or Service Excellence of the Year – Firewalls *2016 Cyber Defense Magazine Infosec Editor's Choice for Firewall & VPN Appliances *2016 SC Awards - Finalist for "Best SME Security Solution" *Best in Biz Awards 2015 - Silver winner in Most Customer Friendly Company of the Year – Small Category *Deloitte's 2015 Technology Fast 500 - Ranked # 169 fastest growing cos. in N.A. *Silicon Valley Business Journal 2015 Fast Private List *Spiceworks #1 Best Content Filtering Appliance *Spiceworks #1 Best Software Firewall

OTHER ARTICLES

5G and IoT security: Why cybersecurity experts are sounding an alarm

Article | March 2, 2020

Seemingly everywhere you turn these days there is some announcement about 5G and the benefits it will bring, like greater speeds, increased efficiencies, and support for up to one million device connections on a private 5G network. All of this leads to more innovations and a significant change in how we do business. But 5G also creates new opportunities for hackers.Gartner predicts that 66% of organizations will take advantage of these benefits and adopt 5G by 2020 — with 59% of them planning to use 5G to support the Internet of Things across their business. Already, manufacturers including Nokia, Samsung, and Cisco have either started developing 5G enterprise solutions or have publicly announced plans to do so. In the enterprise, full deployment of private 5G networks will take time, as it requires significant investments to upgrade legacy network infrastructures, observers say. In the meantime, there are instances of devices in the workplace already operating on a 5G network.

Read More

Delivering on the promise of security AI to help defenders protect today’s hybrid environments

Article | February 20, 2020

Technology is reshaping society – artificial intelligence (AI) is enabling us to increase crop yields, protect endangered animals and improve access to healthcare. Technology is also transforming criminal enterprises, which are developing increasingly targeted attacks against a growing range of devices and services. Using the cloud to harness the largest and most diverse set of signals – with the right mix of AI and human defenders – we can turn the tide in cybersecurity. Microsoft is announcing new capabilities in AI and automation available today to accelerate that change. Cybersecurity always comes down to people – good and bad. Our optimism is grounded in our belief in the potential for good people and technology to work in harmony to accomplish amazing things. After years of investment and engineering work, the data now shows that Microsoft is delivering on the potential of AI to enable defenders to protect data and manage risk across the full breadth of their digital estates.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | February 12, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

Is the CEH v11 Course Worthwhile to Pursue After Windows 11 Update?

Article | September 13, 2021

If you are finding it confusing to decide whether to pursue the CEH v11 course now after the Windows 11 update, then you have certainly landed on the right page. We are here to make things clear to you so that you can make your decision without any hassle. When it comes to Certified Ethical Hacking, it is considered to be one of the most popular testing certifications at present in the industry. It is highly popular because it assists many with complete know-how of the skills that are required for the purpose of white hat hacking. The certified professionals are able to anticipate any kind of cybercrime from before and respond to it proficiently to avert any kind of business damage. In the time of the pandemic, many business organizations have to move to digital platforms to reach their customers without lockdown troubles. This is the reason why investment in the domain of cybersecurity has also gained a wave. Businesses have realized what the value of having their infrastructure cyber resilient is. This shows why the opportunities for skilled experts in the cybersecurity domain are never going to end in the coming future, and pursuing the course of CEH v11 is a great move to follow. To make things more convincing, we are here to help you with the importance the course of Certified Ethical Hacking brings into play and how you must choose the right career path in the respective field. Let’s get started. Ethical Hacking: What It Is To The World? When it comes to ethical hacking, it is acknowledged as the procedure of networks, applications, or smart devices to assess any kind of vulnerabilities if available. This type of assessment assists in reacting quickly and taking the right measures to enhance the cybersecurity of the entire infrastructure. A certified ethical hacker is basically an expert who understands the different vulnerabilities in the system and gets them fixed without any delay. This is done by following the ethical approach so that there is no such problem repeated again in the future. What do You get To Learn From CEH v11 in 2021? With the CEH v11 course, you get to learn 24 exceptional challenges in 4 different levels that include 18 attacking vectors. You get to know about various emerging attackers that include targeted ransomware, File-less malware, API threats, and more. In this course, you also get a complete understanding of different from enumerating techniques that include Telnet, NFS, SMB, IPV6, FTP, and BGP. This course also covers Malware reverse engineering, so you get a complete understanding of Dynamic and static malware assessment. Cloud computing is another prime concept that you get covered in this course, where you learn about Docker, Container Technology, Serverless computing, Kubernetes, Cloud Hacking procedures. CEH v11 also covers a proper understanding of Hacking web applications that includes web shell concepts, Web API. Webhooks, Web API security, and hacking. You also get to learn more about WPA3 Encryption and cracking. It also covers operation technology, side-channel attacks, HMI-based attacks, and more. Why is CEH An Ideal Career Option? Ethical hacking is possessing five phases of different procedures with every single process, including different actions that block any kind of vulnerabilities. With CEH v11 certification, you get a complete understanding of all these phases. These phases are basically divided in the form of network assessment, testing, and various other risk analysis procedures. As the world of technology is growing significantly, so is the risk of cyber-crime. This is the reason why businesses are looking for ethical hacking specialists who can assist them remain protected from all the potential risks. As the dependency on data science is growing across all industries, it is important that we protect the information and digital assets in the best possible way. There is no doubt that hacking is a heinous act, and almost all businesses are aware of the risks associated with it. To get protected from these risks, organizations around the world are in search of professional, ethical hackers who ensure that there is no vulnerability outside their doors. This is why the opportunities in the domain of ethical hacking have increased in the last few years, and there is no reason why you can’t say that pursuing CEH v11 is an ideal career option. Posts Up For Grabs After CEH v11 Course Anyone who is interested in developing their career in ethical hacking, including the following: Security Officer Security Analyst/Administrator Systems Security Engineer Security Manager /Specialist Auditor Security Professional Risk Analyst Vulnerability Analyst Network Administrator System Administrators Network Engineer Job Roles You Might Need To Take Responsibility As Certified Ethical Hackers Security Analyst Manual Ethical hacker Vulnerability Assessment Analyst Cyber Defense Analyst Cybersecurity auditor IT security administrator System security administrator Senior Security Consultant Security audit Network Security Engineer Cybersecurity Analyst Network Engineer SOC Security Analyst Information Security Analyst Warning Analyst InfoSec Security Administrator Benefits of Taking Up CEH v11 Certification To make it even convincing for you, below mentioned are a few of the benefits you avail with CEH v11 certification. Take a look: You are certainly able to open a lot of career opportunities with the respective course. It lets you advance in your career significantly. You get to understand what hackers might do to harm your business, and accordingly, you can take precautions. You get your knowledge related to risks and vulnerabilities improved with the assistance of the respective course. You benefit from a lucrative package in terms of salary as a Certified Ethical Hacker. Lastly, you also get to learn different types of real hacking tools as well. Wrap Up This shows why you must not hesitate and pursue the CEH v11 course even after the latest Windows 11 update. It gives you an edge over the other candidates and lets you have a successful career ahead. Good Luck!

Read More

Spotlight

Untangle, Inc.

Untangle® is an innovator in cybersecurity for the below-¬enterprise market, safeguarding people’s digital lives at home, work and on-¬the-¬go. Untangle’s integrated suite of software and appliances provides enterprise-¬grade capabilities and consumer-¬oriented simplicity, bringing a new generation of smart security to homes and small-¬to-¬mid-¬sized businesses. *2016 Inc. 5000 fastest growing private companies in America *2016 Global Excellence Awards – Gold Winner, Product or Service Excellence of the Year – Firewalls *2016 Cyber Defense Magazine Infosec Editor's Choice for Firewall & VPN Appliances *2016 SC Awards - Finalist for "Best SME Security Solution" *Best in Biz Awards 2015 - Silver winner in Most Customer Friendly Company of the Year – Small Category *Deloitte's 2015 Technology Fast 500 - Ranked # 169 fastest growing cos. in N.A. *Silicon Valley Business Journal 2015 Fast Private List *Spiceworks #1 Best Content Filtering Appliance *Spiceworks #1 Best Software Firewall

Events