Home > News > featured news > 70% of Financial Organizations Are Concerned About Insider Data Theft During Remote Work

DATA SECURITY

70% of Financial Organizations Are Concerned About Insider Data Theft During Remote Work

prnewswire | October 27, 2020

Netwrix, a cybersecurity merchant that makes information security simple, today declared monetary market discoveries from its 2020 Netwrix Cyber Threats Report. Netwrix directed this online overview in June 2020 to see how the pandemic and following work-from-home activities changed the IT hazard scene.

Of the apparent multitude of verticals the online study investigated, the money related industry displayed the most extraordinary changes in cybersecurity needs. Worry about VPN misuse soar, with an astounding 94% of respondents naming it a top security hazard. Stress over gracefully chain bargain additionally took off, from half to 97%. The quantity of associations organizing intentional information burglary dramatically increased, from 30% pre-pandemic to 70% now, while worry about incidental information sharing dropped from 80% to half.

Notwithstanding this expanded worry about vindictive action, the most generally detailed occurrences included human blunders: 48% of respondents had clients succumb to phishing assaults in the initial hardly any months of the pandemic, 31% endured ill-advised information sharing, and 28% experienced episodes brought about by administrator botches.

Different discoveries of the overview include:

30% of monetary associations feel they are at more prominent cybersecurity hazard now than they were pre-pandemic. The lion's share (64%) are worried about both more regular cyberattacks and the security holes brought about by far off work.

14% of respondents announced a flexibly chain bargain since the pandemic started. Despite the fact that this function is viewed as a basic danger by practically all monetary associations now, the casualties were especially delayed in distinguishing it: 76% required days, weeks or months.

Uncertain information sharing took the longest to recognize: 51% expected days to hail the episode, while 19% required weeks and 11% required months.

"In the money related area, worry about pernicious admittance to touchy information soar in the initial hardly any months of the pandemic, more so than in some other vertical. Notwithstanding, most of occurrences at budgetary associations during that period were really brought about by the human component. To limit both malevolent and unintentional information misfortune, this industry should notice cybersecurity specialists, who suggest consolidating normal end-client preparing with adaptable arrangements that can proactively distinguish and secure touchy information and spot assaults before they become breaks," said Ilia Sotnikov, VP of Product Management at Netwrix.

About Netwrix

Netwrix makes information security simple, in this way disentangling how experts can control delicate, controlled and business-basic information, paying little heed to where it lives. In excess of 10,000 associations overall depend on Netwrix answers for secure delicate information, understand the full business estimation of big business content, pass consistence reviews with less exertion and cost, and increment its efficiency groups and information laborers.

Established in 2006, Netwrix has acquired in excess of 150 industry grants and been named to both the Inc. 5000 and Deloitte Technology Fast 500 arrangements of the quickest developing organizations in the U.S.

Spotlight

Wallarm Demo: Shadow API Detection

Learn how you can identify undocumented and unmanaged APIs in the Wallarm console with our new and improved Shadow API Detection capability:

More featured news

Spotlight

Wallarm Demo: Shadow API Detection

Learn how you can identify undocumented and unmanaged APIs in the Wallarm console with our new and improved Shadow API Detection capability:

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

AnChain.AI Integrates with Stellar to Bring Enhanced Security and Compliance to Developers

Prnewswire | May 09, 2023

AnChain.AI, a leading Web3 digital asset security, and risk monitoring firm, today announced its integration with Stellar, the pioneering decentralized open-source blockchain network for cross-border payments and asset issuance. This integration paves the way for Stellar's thriving developer community to leverage AnChain.AI's AI-powered Web3 risk management and security solutions to enhance their security posture as they drive innovation. As digital assets and cross-border payments continue to rise, the need for fraud prevention solutions has become increasingly apparent. AnChain.AI's CISO Investigation platform provides an additional layer of trust to institutions developing on Stellar. By utilizing AnChain.AI's Open Blockchain Ecosystem Intelligence (OpenBEI), Stellar developers can prioritize security and customer safety from the earliest phases of building. "As the Web3 ecosystem continues to expand, it's becoming increasingly clear that security is not a luxury, but a necessity," said Dr. Victor Fang, CEO & Co-founder of AnChain.AI. "We are committed to providing cutting-edge security and risk monitoring solutions that enable Web3 platforms to operate with confidence. We're excited to build a more secure and sustainable Web3 future on Stellar." AnChain.AI utilizes AI digital asset risk assessment and early detection of suspicious activity. AnChain.AI's technology solutions underpin the regulatory efforts of leading government agencies, financial institutions, and enterprises worldwide, including the United States Securities and Exchange Commission (SEC). Through this integration, AnChain.AI continues demonstrating its commitment to a more secure blockchain ecosystem, ensuring that all participants in the Stellar community can confidently engage. "Having AnChain.AI integrate with Stellar is a breath of fresh air for the thriving community of Stellar projects," said Mark Heynen, Vice President of Partnerships at Stellar Development Foundation. "These types of solutions help equip developers and enterprises with the necessary tools to prioritize security and compliance from the get-go. This integration lays a sturdy foundation for Stellar ecosystem innovators to create more secure cross-border payment and asset issuance solutions." This integration represents a significant step towards increasing community awareness of the risks associated with rapidly evolving Web3 technology, particularly as regulatory scrutiny in the digital asset space intensifies. By solidifying a shared commitment to sustainable and secure development, this integration lays the foundation for the next-generation Web3 innovation on the Stellar network. Join the growing number of enterprises, financial institutions, government agencies, and users and developers who trust AnChain.AI for their Web3 and digital asset security needs. If you're a user or developer on Stellar looking to enhance your security and compliance posture, get started today. About AnChain.AI AnChain.AI (HQ in San Francisco) is an award-winning AI-powered cybersecurity company enhancing Web3 security, risk, and compliance strategies. AnChain.AI was founded in 2018 by cybersecurity and enterprise cloud veterans. Backed by both Silicon Valley and Wall Street VCs, and selected in the Berkeley Blockchain Xcelerator, we are trusted by 100+ customers from over 10+ countries in sectors: VASPs, financial institutions, and government, including the U.S. SEC (Securities and Exchange Commission). AnChain.AI Web3 Security Suite protects over $50 billion Web3 crypto assets. RSA Innovation Sandbox Finalist 2023. CNBC Top Startups Award 2022.

Read More

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Aqua Security Launches Industry First Real-Time CSPM

Globenewswire | May 17, 2023

Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money. “Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.” With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications. “One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi. Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster. Identify Attacks That Agentless Solutions Cannot See Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late. Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks. “Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi. Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%. Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix. For more information on Aqua’s Real-Time CSPM, visit the blog. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces Volume 3 of the ICS Cybersecurity Field Manual, Featuring Actionable Guidance to Protect Against Evolving Threats

Prnewswire | May 15, 2023

SANS Institute, the global leader in cyber security training and education, has announced the latest SANS ICS Cybersecurity Field Manual Volume 3, a continuation from Volumes 1 and 2, providing Industrial Control Systems (ICS) cybersecurity professionals and ICS risk managers with more advanced insights into industrial control system specific incident response, risk-based ICS vulnerability management, ICS defender skillsets, team management, and ICS security tools and protocols to defend these systems. The first two volumes, released in 2022 and 2023, offered a comprehensive overview of ICS security, and the third volume provides more detailed, actionable guidance in the areas of active incident response, environment and safety concerns, vulnerability management and patching, threat detection, system design, network architecture, and effective risk management. Volume 3 also shares the security skillset recipe for the best ICS security team defenders. "The SANS ICS Cybersecurity Field Manual series is an essential tool for all Industrial Control Systems (ICS) security professionals," said ICS expert, field manual author, and Certified SANS Instructor, Dean Parsons, "and it should find a home on the desk of every control system operator, critical infrastructure cyber defender, and ICS/OT risk manager, in all industrial control system sectors globally. Security professionals must up defenses and staff skillsets to meet the evolving threats, so the ICS Cybersecurity Field Manual should be a necessity in the ICS Incident Response jump bag." SANS will be hosting a webcast featuring Parsons to discuss the new edition of the manual on Wednesday, May 10, 2023, at 10:00 AM EDT. Attendees will learn about the latest manual edition and gain insights on how to best protect ICS systems. To join the webcast, please register here: https://www.sans.org/webcasts/discover-ics-cybersecurity-field-manual-vol-3/ Continue to enrich your ICS Security career by downloading the new ICS Cybersecurity Field Manual Vol. 3 as well as ICS Cybersecurity Field Manuals Vol. 1 and 2 here: https://www.sans.org/mlp/ics-resources/ AboutSANS Institute The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cybersecurity events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on technical certifications in cybersecurity. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's and bachelor's degrees, graduate certificates, and an undergraduate certificate in cybersecurity. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to manage their "human" cybersecurity risk easily and effectively. SANS also delivers a wide variety of free resources to the InfoSec community, including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system-the Internet Storm Center. At the heart of SANS are the many security practitioners representing varied global organizations, from corporations to universities, working together to support and educate the global information security community.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

AnChain.AI Integrates with Stellar to Bring Enhanced Security and Compliance to Developers

Prnewswire | May 09, 2023

AnChain.AI, a leading Web3 digital asset security, and risk monitoring firm, today announced its integration with Stellar, the pioneering decentralized open-source blockchain network for cross-border payments and asset issuance. This integration paves the way for Stellar's thriving developer community to leverage AnChain.AI's AI-powered Web3 risk management and security solutions to enhance their security posture as they drive innovation. As digital assets and cross-border payments continue to rise, the need for fraud prevention solutions has become increasingly apparent. AnChain.AI's CISO Investigation platform provides an additional layer of trust to institutions developing on Stellar. By utilizing AnChain.AI's Open Blockchain Ecosystem Intelligence (OpenBEI), Stellar developers can prioritize security and customer safety from the earliest phases of building. "As the Web3 ecosystem continues to expand, it's becoming increasingly clear that security is not a luxury, but a necessity," said Dr. Victor Fang, CEO & Co-founder of AnChain.AI. "We are committed to providing cutting-edge security and risk monitoring solutions that enable Web3 platforms to operate with confidence. We're excited to build a more secure and sustainable Web3 future on Stellar." AnChain.AI utilizes AI digital asset risk assessment and early detection of suspicious activity. AnChain.AI's technology solutions underpin the regulatory efforts of leading government agencies, financial institutions, and enterprises worldwide, including the United States Securities and Exchange Commission (SEC). Through this integration, AnChain.AI continues demonstrating its commitment to a more secure blockchain ecosystem, ensuring that all participants in the Stellar community can confidently engage. "Having AnChain.AI integrate with Stellar is a breath of fresh air for the thriving community of Stellar projects," said Mark Heynen, Vice President of Partnerships at Stellar Development Foundation. "These types of solutions help equip developers and enterprises with the necessary tools to prioritize security and compliance from the get-go. This integration lays a sturdy foundation for Stellar ecosystem innovators to create more secure cross-border payment and asset issuance solutions." This integration represents a significant step towards increasing community awareness of the risks associated with rapidly evolving Web3 technology, particularly as regulatory scrutiny in the digital asset space intensifies. By solidifying a shared commitment to sustainable and secure development, this integration lays the foundation for the next-generation Web3 innovation on the Stellar network. Join the growing number of enterprises, financial institutions, government agencies, and users and developers who trust AnChain.AI for their Web3 and digital asset security needs. If you're a user or developer on Stellar looking to enhance your security and compliance posture, get started today. About AnChain.AI AnChain.AI (HQ in San Francisco) is an award-winning AI-powered cybersecurity company enhancing Web3 security, risk, and compliance strategies. AnChain.AI was founded in 2018 by cybersecurity and enterprise cloud veterans. Backed by both Silicon Valley and Wall Street VCs, and selected in the Berkeley Blockchain Xcelerator, we are trusted by 100+ customers from over 10+ countries in sectors: VASPs, financial institutions, and government, including the U.S. SEC (Securities and Exchange Commission). AnChain.AI Web3 Security Suite protects over $50 billion Web3 crypto assets. RSA Innovation Sandbox Finalist 2023. CNBC Top Startups Award 2022.

Read More

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Aqua Security Launches Industry First Real-Time CSPM

Globenewswire | May 17, 2023

Aqua Security, the pioneer in cloud native security, today announced the launch of Real-Time CSPM, a next-gen cloud security posture management (CSPM) solution, offering the best visibility and context in the industry. Real-Time CSPM provides a complete view of multi-cloud security risk, pinpoints threats that evade agentless detection, and dramatically reduces noise so security practitioners can rapidly identify, prioritize, and remediate the most important cloud security risks, saving time and money. “Customers have told us that they are bogged down by too much noise from current CSPM offerings,” said Amir Jerbi, CTO and co-founder, Aqua Security. “They receive too many findings yet lack complete visibility and therefore the ability to properly prioritize. Simply put, they fix the wrong things and end up compromised. This is where Aqua comes in. We are introducing Real-Time CSPM so security practitioners can pinpoint the most significant cloud risks and remediate them quickly.” With Real-Time CSPM, teams have a complete view of cloud security risk and surface the most critical findings. This includes the ability to match correlated findings across multi-cloud environments, deduplicate findings and focus on identifying real cloud risks with smarter insights. Instead of wasting time on issues with low effective risk, customers can focus on what truly matters most and provide the context needed for resource owners to remediate quickly and secure their cloud applications. “One of the world’s largest telcos turned to Aqua to provide better visibility and context. They went from 120M risk findings to 50k and they saw a reduction in their attack surface by 99% in just months. If everything is a priority, then nothing is – that’s why they chose Aqua,” said Jerbi. Detailed context also allows teams to connect issues found in their cloud to their respective code repositories. With better prioritization and the ability to identify risk ownership, Real-Time CSPM then allows for rapid remediation of those most critical issues. Security professionals can focus their limited resources to manage, investigate and respond faster. Identify Attacks That Agentless Solutions Cannot See Point-in-time scanning opens the door for increased attacks. According to the IDC report, “The State of Cybersecurity Maturity in Vulnerability Management Among U.S. Organizations,” 74% of organizations scan less than 85% of their IT assets when they do scan, leaving an opportunity for many vulnerabilities to go undiscovered until an attacker makes use of them. By then it is too late. Aqua Real-Time CSPM eliminates that risk and delivers real-time visibility and risk prioritization in a single, unified platform for faster, more effective risk management. Unlike point-in-time scanning solutions, Aqua Real-Time CSPM provides a deeper layer of visibility for better context, leading to the ability to prioritize the most critical cloud security risks. “Other CSPM solutions give you a false sense of security. Whether you scan daily or monthly, you’re only seeing a portion of the risks with a point-in-time scan. And that’s not true security,” said Jerbi. Further data from Aqua Nautilus, Aqua’s cloud security research team, supports the need for real-time scanning. Nautilus uses an extensive honeypot network to detect and analyze over 80,000 attacks a month. Of those attacks, one in three do not leave a footprint and would be missed by point-in-time scanning solutions. Similarly, zero-day attacks are missed, whilst other standard operating procedures like ephemeral containers and transient attacks raise that number to 50%. Real-Time CSPM is part of the Aqua Cloud Security Platform, a cloud native application protection platform (CNAPP). The Aqua Platform is composed of a fully integrated set of security and compliance capabilities to discover, prioritize, and eliminate risk in minutes across the full software development life cycle. Aqua improves operational efficiency by connecting cloud to code and tracing runtime risks to the code and developer who can fix them. By connecting CSPM to runtime, it shields risks that cannot be immediately addressed with a code fix. For more information on Aqua’s Real-Time CSPM, visit the blog. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1M Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry's most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. For more information, visit https://www.aquasec.com/.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces Volume 3 of the ICS Cybersecurity Field Manual, Featuring Actionable Guidance to Protect Against Evolving Threats

Prnewswire | May 15, 2023

SANS Institute, the global leader in cyber security training and education, has announced the latest SANS ICS Cybersecurity Field Manual Volume 3, a continuation from Volumes 1 and 2, providing Industrial Control Systems (ICS) cybersecurity professionals and ICS risk managers with more advanced insights into industrial control system specific incident response, risk-based ICS vulnerability management, ICS defender skillsets, team management, and ICS security tools and protocols to defend these systems. The first two volumes, released in 2022 and 2023, offered a comprehensive overview of ICS security, and the third volume provides more detailed, actionable guidance in the areas of active incident response, environment and safety concerns, vulnerability management and patching, threat detection, system design, network architecture, and effective risk management. Volume 3 also shares the security skillset recipe for the best ICS security team defenders. "The SANS ICS Cybersecurity Field Manual series is an essential tool for all Industrial Control Systems (ICS) security professionals," said ICS expert, field manual author, and Certified SANS Instructor, Dean Parsons, "and it should find a home on the desk of every control system operator, critical infrastructure cyber defender, and ICS/OT risk manager, in all industrial control system sectors globally. Security professionals must up defenses and staff skillsets to meet the evolving threats, so the ICS Cybersecurity Field Manual should be a necessity in the ICS Incident Response jump bag." SANS will be hosting a webcast featuring Parsons to discuss the new edition of the manual on Wednesday, May 10, 2023, at 10:00 AM EDT. Attendees will learn about the latest manual edition and gain insights on how to best protect ICS systems. To join the webcast, please register here: https://www.sans.org/webcasts/discover-ics-cybersecurity-field-manual-vol-3/ Continue to enrich your ICS Security career by downloading the new ICS Cybersecurity Field Manual Vol. 3 as well as ICS Cybersecurity Field Manuals Vol. 1 and 2 here: https://www.sans.org/mlp/ics-resources/ AboutSANS Institute The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cybersecurity events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on technical certifications in cybersecurity. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's and bachelor's degrees, graduate certificates, and an undergraduate certificate in cybersecurity. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to manage their "human" cybersecurity risk easily and effectively. SANS also delivers a wide variety of free resources to the InfoSec community, including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system-the Internet Storm Center. At the heart of SANS are the many security practitioners representing varied global organizations, from corporations to universities, working together to support and educate the global information security community.

Read More

More featured news