DATA SECURITY

GetApp Annual Data Security Report Reveals Information Security a Top Concern for Businesses

GetApp | September 29, 2021

GetApp, a recommendation engine that helps SMBs make informed software purchasing decisions, released findings from its 2021 Data Security Report. The results reveal that, regardless of industry, information security incidents have become more of a targeted threat for businesses, increasing in amount and efficacy.

Of all the security incidents identified by over 900 surveyed employees at U.S. businesses, the three most threatening incidents were: increasingly severe ransomware attacks, more effective phishing schemes, and rampant reusing of passwords.

Respondents reported phishing emails have nearly tripled in effectiveness over the past two years. Phishing emails are rapidly becoming more difficult to spot and thus far more destructive.

Over the past year, ransomware attacks have increased by 25%. Ransom demands were significantly higher than average for businesses in specific industries, such as banking and financial services and construction, with higher payouts.

The report found that password reuse is strongly associated with higher incidences of security breaches. Reported account takeovers were three times as common among people who reuse passwords as those who don’t.

Data security threats are becoming more targeted to individual victims, whether that’s a phishing scheme aimed at a specific person or ransomware attacks on a particular company.Companies must redouble security training efforts and fortify their networks to protect against today’s increasingly sophisticated cybercriminals.

Zach Capers, senior analyst at GetApp.

Alarmingly, 23% of the IT security managers surveyed say their company doesn’t have protocols in place to report a suspected cyberattack and 33% don’t have a formal cybersecurity incident response plan. Read the in-depth report for further insight regarding sensitive data, cyberattacks, and how your industry is keeping up with data security needs.

About GetApp
GetApp is the recommendation engine SMBs need to make the right software choice. GetApp enables SMBs to achieve their mission by delivering the tailored, data-driven recommendations and insights needed to make informed software purchasing decisions. GetApp is a Gartner company. For more information, visit www.getapp.com.

Survey methodology
GetApp’s 2021 Data Security Survey was conducted from August 20 to August 24 among 973 respondents to learn more about data security at U.S. businesses. Respondents were screened for full-time employment and 90 identified as their organization’s IT security manager.

Spotlight

Remote control software provides internal help desks and VAR support organizations with a cost-effective support tool. By gaining direct access to a user’s PC, desktop technicians and other support personnel can quickly diagnose and resolve problems and upgrade remote desktops without leaving their desks. Despite the benefits in terms of increased productivity and reduced support costs for overworked IT departments, some organizations have been reluctant to install remote control products because of the potential security risks. Symantec pcAnywhere 12.0 focuses on these security issues and includes new features that help prevent unauthorized access and protect file transfers. With Symantec pcAnywhere 12.0, IT organizations can confidently realize the promise of remote control software today.

Spotlight

Remote control software provides internal help desks and VAR support organizations with a cost-effective support tool. By gaining direct access to a user’s PC, desktop technicians and other support personnel can quickly diagnose and resolve problems and upgrade remote desktops without leaving their desks. Despite the benefits in terms of increased productivity and reduced support costs for overworked IT departments, some organizations have been reluctant to install remote control products because of the potential security risks. Symantec pcAnywhere 12.0 focuses on these security issues and includes new features that help prevent unauthorized access and protect file transfers. With Symantec pcAnywhere 12.0, IT organizations can confidently realize the promise of remote control software today.

Related News

SOFTWARE SECURITY

RangeForce introduces cloud-based security team threat exercises

RangeForce | June 29, 2022

RangeForce, a provider of team cyber defense readiness at scale, announced that it has improved its platform for team threat exercises with new features that make it simpler for organizations to hasten the development of their security teams' skills through multi-user detection and response drills involving simulated attacks. Through the use of RangeForce team threat exercises, security teams can set up the security stack to be defended, select an attack scenario, carry out the threat exercise, analyze the post-exercise data, and create a customized training program. RangeForce threat exercises produce realistic digital artifacts of both signal and noise that demand teams to demonstrate their cyber preparedness. They use high-intensity, real-world assault scenarios that call security experts to work in teams to discover and neutralize cyber threats. "RangeForce threat exercises are based on years of running hundreds of live cyber events and deliver the most realistic experience for teams using headline making attack scenarios and the same security tools they use every day. They provide participants the opportunity to acquire hands-on skills so they build the muscle memory to meet threat actors head on." Ben Langrill, Senior Director of Product Engineering for RangeForce RangeForce exercises take place in a cyber-environment that goes beyond the standard tabletop exercise, forcing participants to use well-known security tools like Splunk and Fortigate to identify and address threats. Instead, events follow the NIST cybersecurity architecture and combine threat intelligence, threat hunting, digital forensics, and system hardening expertise to reduce threats depending on current malware patterns.

Read More

SOFTWARE SECURITY

SafeGuard Cyber Delivers Context-Aware Response with Microsoft Azure AD and Okta

SafeGuard Cyber | August 01, 2022

SafeGuard Cyber, the leading provider of security and compliance solutions for email and communication-based threats, today announces automated response and multi-channel user onboarding with Microsoft Azure AD and Okta integrations for its security and risk management platform. These integrations enable automated and workflow-based responses to advanced social engineering threats such as impersonation and account takeover, as well as other threats, business risks, and compliance violations. The integrations extend the SafeGuard Cyber platform's multi-channel detection capabilities, with the ability for security and compliance operation teams to manage and automate responses to threats and risks across all communication channels. "In the current economic climate, organizational leadership needs to ensure optimum resource utilization in security operations and reduce unnecessary costs," said Chris Lehman, CEO of SafeGuard Cyber. "Many of our enterprise customers have made significant investments in Azure AD or Okta to manage identities across their organizations, and our new capabilities allow them to streamline operations and maximize ROI for their security and overall operations." Integrated response through SafeGuard Cyber enables security architects and operations teams to deliver the ideal response to threats and business risks, either in an automated or direct action through the SafeGuard Cyber platform as part of incident management or an investigation. "As the threats of fraud, impersonation, and social engineering increasingly result in material breaches and financial losses through ransomware and business compromise, the need to have a context-aware, zero-trust foundation with detection and response capabilities is more urgent than ever. "Our integrations with Okta and Azure AD enable organizations moving towards a cloud or hybrid workplace to simplify identity-based responses to communication-based threats, while enriching authentication to include context and intent of interactions." Rusty Carter, chief product officer at SafeGuard Cyber Context-aware and advanced integrated response with Okta and Azure AD is available for all SafeGuard Cyber customers and delivers: Automated user onboarding for monitoring communications by group Automatic, risk-based responses that include user-session invalidation Support for all SafeGuard Cyber protected channels SafeGuard Cyber detects attacks and identifies risk by understanding how humans interact and communicate. The company's Natural Language Understanding-based SaaS platform offers the industry's most advanced visibility and detection of phishing, BEC and malware attacks that span the full range of modern business communications channels, including social media, collaboration, mobile messaging, conferencing, CRM and the Microsoft 365 ecosystem. About SafeGuard Cyber SafeGuard Cyber provides the only comprehensive technology solution for addressing cybersecurity threats and compliance risks across the modern cloud workplace. The company's patented and award-winning Natural Language Understanding technology analyzes and correlates conversations across 30 communication channels and 52 languages, including collaboration, social, chat, messaging, and conference platforms, in order to detect and prevent communication-based threats like social engineering. By stopping attacks at the social engineering stage, SafeGuard Cyber allows companies to prevent data breaches, ransomware, invoice fraud, and many other threats. The company's cloud-based Machine Learning also provides compliance solutions for governance and policy enforcement that empower customers to communicate through modern apps and social networking.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

Phosphorus Announces New Partnership with Dewpoint to Expand Its xIoT Security Solutions and Platform in US Market

Phosphorus | September 26, 2022

Phosphorus, the leading provider of advanced and full-scope security for the extended Internet of Things (xIoT), today announced a partnership with Dewpoint. The IT and security solutions provider will act as a value-added reseller (VAR) for Phosphorus in the US market. The new partnership will see the two companies jointly delivering a new generation of xIoT security solutions in the US to meet growing enterprise demand for xIoT attack surface management and remediation capabilities. “xIoT security is a critical need for today’s enterprises, and these risks are left unaddressed by traditional IT security solutions. We look forward to working with Dewpoint to help expand our US sales channels and bring the world’s most advanced xIoT security platform to more organizations.” Kal Gajera, Director of North America Channels at Phosphorus Phosphorus’s Extended Enterprise xIoT Security Platform is the world’s first and only automated security platform capable of delivering xIoT Attack Surface Management, xIoT Hardening, and Remediation, and xIoT Detection and Response across the full range of IoT, OT, and Network-connected devices—spanning both new and legacy devices. This enables large organizations to scale xIoT technologies (which can amount to millions of devices per organization) without having to add any additional employees to find, fix, and monitor them. ABOUT PHOSPHORUS Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things across the enterprise xIoT landscape. Our Extended Enterprise xIoT Security Platform delivers Attack Surface Management, Hardening & Remediation, and Detection & Response to bring enterprise xIoT security to every cyber-physical Thing in your enterprise environment. With unrivaled xIoT discovery and posture assessment, Phosphorus automates the remediation of the biggest IoT, OT, and Network device vulnerabilities—including unknown and inaccurate asset inventory, out-of-date firmware, default credentials, risky configurations, and out-of-date certificates. ABOUT DEWPOINT Dewpoint has been bringing business and technology together since 1996. We make sure technology is solving all your business problems, providing transparency of spend for executives, and enhancing collaboration and flexibility. As the IT industry and businesses continue to change, Dewpoint provides the thought leadership and industry expertise to offer a new level of services in project management, digital innovation, infrastructure, security, cloud, and a range of tailored professional and managed service solutions for all our clients.

Read More