Five Billion Records Exposed in 2018

Infosecurity Magazine | February 14, 2019

Five Billion Records Exposed in 2018
Last year was the second highest on record in terms of data breaches and leaks, with over 6500 reported, according to Risk Based Security. The security vendor revealed that 6515 incidents were reported globally in 2018, second only in the past 12+ years to 2017’s 6728. When it came to number of records exposed, the figure of around five billion for last year came third to 2016’s 6.4 billion and 2017’s 7.9 billion. However, the caveat is that just over a quarter of breached organizations were unwilling or unable to disclose the number of records exposed, so the figure could be much higher. For the purposes of this study, Risk Based Security collated incidents related to traditional hacking-based breaches and increasingly common IT misconfigurations which expose records but don’t necessarily mean they’ve ended up on the dark web. It also counted “fraud,” which is the category assigned to the Facebook-Cambridge Analytica incident which exposed 87 million social media users to the shady political consultancy.

Spotlight

Martin Borrett, Director of the IBM Institute for Advanced Security Europe, discusses how IBM recognise that our clients are struggling with increasingly sophisticated attacks against their organizations. In order to tackle those attacks, our clients are gathering more information from security devices on their network, systems and applications sources. The struggle comes from failing to pull out intelligence and insight from that information, filtering out the noise and pinpointing the true attack to their organization and that approach, we call, Security Intelligence.

Related News

Napatech Lands Mobile Network Security Design Win

prnewswire | September 16, 2020

Napatech, the leading provider of reconfigurable computing platforms, today announced a new design win with a US-headquartered provider of analytics for roaming, security, and risk management. Napatech's SmartNIC hardware and software will be used by the original equipment manufacturer (OEM) in their signaling firewall to improve the performance, scalability, and security of mobile networks. Network security vulnerabilities are magnified in 5G networks with more operator types, access points and devices, combined with technologies emerging from edge and cloud computing. As operators begin to roll out 5G connectivity, signaling firewalls play a critical role in securing mobile networks, users, applications, and services that span 2G, 3G, 4G and 5G designs.

Read More

DATA SECURITY

AdvIntel & KPMG LLP announce alliance around cyber threat detection and ransomware response

AdvIntel | October 01, 2021

AdvIntel, a leading cybersecurity threat prevention and loss avoidance company with a unique and unparalleled ability to detect and disrupt ransomware and KPMG LLP, the global audit, tax and advisory firm, today announced an alliance around AdvIntel's "Andariel" Threat Prevention & Loss Avoidance Platform. The profile of ransomware victims has moved upmarket over the past year as the adversaries have enhanced their capabilities faster than cyber defenses at an alarming trend. The state of the current cyber security market is full of uncertainties. The current breach response is traditionally reactive, leading to a breach after a breach. Now, with the unique alliance, we are effectively reversing the traditional breach paradigm with the vision to disrupt breaches before they turn into ransomware. Our goal is to bring the world closer to a ransomware-free future via the proactive and preventative breach response. According to AdvIntel CEO, Vitali Kremez Andariel' s ability to track botnet initial compromises enables AdvIntel' s customers to take action before data and personally identifiable information is leaked, which could prevent regulatory, reputational, and legal losses related to data breach legal liability. Ed Goings, KPMG National Lead for Cyber Response Services stated "Intelligence of this level is a complete game changer. Many companies state they provide threat intelligence, but this is the first time I have seen actionable intelligence that can be used to potentially identify corporate ransomware attacks before they happen." Moreover, some of the tracked botnets have a unique relationship with some of the monitored ransomware families. Therefore, by timely identifying botnet activity in their systems, AdvIntel's clients can identify and potentially avert tremendous losses from ransomware attacks. Incident response case support through Andariel enables a corporate cyber investigation team by providing immediate information on the "patient zero", the way cyber infection spreads through the system, as well as the vulnerabilities which lead to the compromise. Andariel aims to significantly decrease the time and resources spent on investigations, as well as to decrease the insurance claims and coverage of the remediation effort. AdvIntel and KPMG will jointly go to market to combat cyber incidents, by providing early-warning alerting, applied threat detection, and long-term strategic threat intelligence. AdvIntel and KPMG are already working jointly with several cyber insurance providers around the threat prevention and loss avoidance needs of their customer base. About AdvIntel AdvIntel is the world's first and only cybercrime and adversarial disruption firm which leverages Andariel, a next-generation threat prevention and loss avoidance platform which has visibility beyond a company's own internal network. Andariel sheds light on the botnet and breach ecosystem in order to spot threats and compromises preemptively and proactively. Whether prolific botnets, ransomware syndicates, cyber extortionists, carders, advanced persistent threat groups, or crimeware operators, Andariel ensures ultimate visibility into these threats before they actualize and do harm. About KPMG LLP KPMG LLP is the U.S. firm of the KPMG global organization of independent professional services firms providing audit, tax and advisory services. The KPMG global organization operates in 146 countries and territories and has close to 227,000 people working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

Read More

Cybrary Announces 7 Free Courses to Encourage Cybersecurity and IT Training Amidst the COVID-19 Pandemic

Cybrary | July 13, 2020

Cybrary, the world's largest online cybersecurity career development platform, today announced it is offering seven free courses for the month of July on topics ranging from threat intelligence and network security to Kali Linux and cloud. This new offering follows in the spirit of their Scholars Program announcement which was developed to support professionals impacted by COVID-19."The long-lasting effects of COVID-19 have been felt across industries and our dedication to supporting professionals impacted during this unprecedented crisis remains unwavering," said Ryan Corey, CEO and co-founder of Cybrary. "Through this free offering, we hope to give back and encourage ongoing cybersecurity and IT training to support people re-entering the workforce, and to help build a more secure digital world by providing learning opportunities available to everyone."These courses are available free for a limited time only, from now until August 1, 2020. To enroll in any or all of these free courses, please visit www.cybrary.it to sign up today.

Read More

Spotlight

Martin Borrett, Director of the IBM Institute for Advanced Security Europe, discusses how IBM recognise that our clients are struggling with increasingly sophisticated attacks against their organizations. In order to tackle those attacks, our clients are gathering more information from security devices on their network, systems and applications sources. The struggle comes from failing to pull out intelligence and insight from that information, filtering out the noise and pinpointing the true attack to their organization and that approach, we call, Security Intelligence.