Five Billion Records Exposed in 2018

Infosecurity Magazine | February 14, 2019

Last year was the second highest on record in terms of data breaches and leaks, with over 6500 reported, according to Risk Based Security. The security vendor revealed that 6515 incidents were reported globally in 2018, second only in the past 12+ years to 2017’s 6728. When it came to number of records exposed, the figure of around five billion for last year came third to 2016’s 6.4 billion and 2017’s 7.9 billion. However, the caveat is that just over a quarter of breached organizations were unwilling or unable to disclose the number of records exposed, so the figure could be much higher. For the purposes of this study, Risk Based Security collated incidents related to traditional hacking-based breaches and increasingly common IT misconfigurations which expose records but don’t necessarily mean they’ve ended up on the dark web. It also counted “fraud,” which is the category assigned to the Facebook-Cambridge Analytica incident which exposed 87 million social media users to the shady political consultancy.

Spotlight

The new research analyzed 126 popular mobile health and finance apps from the US, UK, Germany, and Japan. It also examined the perceived level of security app users and app executives believe to have in their applications.

Spotlight

The new research analyzed 126 popular mobile health and finance apps from the US, UK, Germany, and Japan. It also examined the perceived level of security app users and app executives believe to have in their applications.

Related News

SOFTWARE SECURITY

Fusion Connect Introduces Extensive Security Portfolio to Help Enterprises Take Control of Their IT Environment

Fusion Connect | July 22, 2022

Fusion Connect, a leading provider of managed security and collaboration services, has launched a comprehensive security offering with a new endpoint management and security service that allows businesses to identify, control, and secure devices and applications at a time when security threats continue to disrupt companies globally. The new portfolio enables organizations to better understand the complete picture of their security risks and take action to mitigate them. Fusion Connect provides a complete solution that secures against threats while also hunting for unknown vulnerabilities that can upend a business from managing network components with advanced edge security for unified threat management (UTM) and remote access VPN to device level management. Additionally, the new portfolio helps organizations to improve reaction time to threats by connecting and securing any element in the organization's environment. The centralized platform enables enterprises to take swift action by providing a wide range of capabilities to improve IT efficiency and security hygiene. Fusion Connect's enhanced security measures come at a time when a massive talent shortage persists globally. According to (ISC)², the size of the cybersecurity workforce is 65% below what it needs to be. "Heavier workloads, unfilled positions, and security employee burnout are making things especially chaotic in cybersecurity. "With cyberattacks becoming more common, more sophisticated, and more costly, businesses need to quickly fill gaps and stop just simply firefighting. Using artificial intelligence and strategic managed services partners are ways to ensure organizations are protected and can mitigate threats before the attack occurs. And that's what our latest offering addresses." Ken Morford, Vice President of Security at Fusion Connect Fusion Connect plans to continue expanding its comprehensive security portfolio to empower CISOs to gain the control, visibility, and speed needed to thwart cyber threats and keep their networks and organizations secure. About Fusion Connect Fusion Connect manages, orchestrates, and secures the critical technology infrastructure that enables the connected enterprise. We tailor our highly available and secure cloud communication, collaboration, security, and network management platforms to meet the unique needs of our mid-market and enterprise customers. Our AI-based management systems, along with our highly skilled technicians, dynamically ensure world-class application performance under any conditions.

Read More

SOFTWARE SECURITY

Legal Industry Leader HBR Managed Services Partners with Tanium to Enhance Security and IT Services Capabilities

HBR Consulting | August 16, 2022

HBR Managed Services (HBR), a comprehensive strategy, operations and technology consulting firm focused on the legal industry, today announced its partnership with Tanium, the industry's only provider of converged endpoint management (XEM) for complex security and technology environments. Recognizing that law firms are attractive targets for cyber criminals, HBR is leveraging the Tanium platform to provide IT operations management, IT asset discovery, and security threat response to manage system updates at scale, thereby helping the firm's IT managed services and network operating center (NOC) clients reduce risk and operating costs. "The Tanium platform allows us to automate patching of OS and applications on servers and workstations, whether those endpoints are attached to a firm's network or not," said Bill Elser, vice president of engineering services at HBR. "That's critical in today's hybrid environment, allowing us to quickly prevent or remediate security or other operational issues by deploying registry changes and executing scripts." "The legal field faces unique challenges not only to protect the integrity and reputation of individual firms, but to safeguard the various constituencies they serve. "Tanium is keenly aware of the heightened risks the industry faces and we are proud to align with a leader like HBR as they work to secure the interests of their clients. We look forward to expanding this long-term partnership as they continue to grow." Todd Palmer, SVP of partner sales of Tanium "We're pleased to add Tanium to our roster of best-in-class vendor partners," added Chris Petrini-Poli, HBR's executive chairman. "HBR is committed to continually innovating services and partnering with best-in-class tool providers. Throughout the past year, we've been investing in relationships that will help us continue to provide exceptional, cost-effective service to our clients. We're proud to be on the leading edge of using top-of-the-line technology that ensures a continuously updated and monitored, safe and secure IT environment, while allowing HBR's team to operate as efficiently as possible." About HBR Consulting HBR Consulting (HBR) provides law firms and corporate law departments with strategic guidance, operational improvement, and technology solutions that drive innovation while managing cost and mitigating risk. HBR's proven combination of experience, relationships, and insights—spanning the legal ecosystem—delivers sustainable financial and competitive advantages for its clients. Visit www.hbrconsulting.com and follow HBR on LinkedIn and Twitter. About Tanium Tanium, the industry's only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Compliance, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune's list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That's the power of certainty.

Read More

DATA SECURITY

SentinelOne and Cribl Partner to Deliver Data Flexibility Across Cybersecurity and Observability

Cribl | August 04, 2022

Cribl, the leader in enabling open observability, today announced a new partnership with SentinelOne, an autonomous cybersecurity platform company. The partnership enables SentinelOne customers to leverage Cribl's observability product suite to streamline cybersecurity triage, optimize data collection, and provide security teams control of their data. By integrating Cribl's observability product suite with Singularity XDR, SentinelOne customers can now unlock the value of all observability data. Key benefits include the ability to: 1) Operationalize endpoint and extended detection and response (EDR & XDR) of data sources in joint customer environments, 2) Streamline for triage and investigative functions in the Security Operations Center (SOC), and 3) Progress cybersecurity programs with enhanced threat intelligence, threat hunting, and adversary simulation. "Today's cybersecurity risk levels are increasingly associated with the ability to understand data across enterprise assets. "Our partnership with Cribl helps optimize data collection at scale, enabling security teams to minimize risk and save time." Chuck Fontana, SVP Business Development at SentinelOne "We're excited to partner with the SentinelOne team," said Zac Kilpatrick, VP of Channel and Alliances at Cribl. "To keep up with persistent threats and the ever-changing security landscape, SOC activity must move from reactivity to proactivity. SentinelOne's autonomous and proactive approach to cybersecurity is differentiated in the market and aligns with Cribl's objective of optimizing analytics platform cost and performance." Integration with SentinelOne's Cloud Funnel Cribl's product suite now integrates with SentinelOne's Cloud Funnel, a data subscription enabling XDR data to be stored locally in an enterprise's data lake. This solution works with any data type, such as file, process, DNS, flow, behavioral, registry, commands, scripts, and more. Cloud Funnel's flexibility provides SentinelOne customers the ability to choose which data type they need, optimize it to find the right signal, and route it for maximum efficiency - all at machine speed. Integration with DataSet Cribl Stream now supports SentinelOne's DataSet as a destination to seamlessly route data from legacy log analytics solutions. DevOps and IT teams choose DataSet to analyze data in real-time, effortlessly scale to petabytes, and cost-effectively retain data for longer periods of time for compliance and audit purposes. The new integration enables Cribl customers to pipeline their data to DataSet without changing their data instrumentation, collection, and ingestion. SentinelOne and Cribl will also continue bringing new offerings to market, including integrating Cribl Stream into SentinelOne's Singularity XDR platform. About Cribl Cribl makes open observability a reality for today's tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It's enterprise software that doesn't suck, enables tech professionals to do what they need to do, and gives them the ability to say "Yes." With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA.

Read More