Data Security

GetApp Annual Data Security Report Reveals Information Security a Top Concern for Businesses

GetApp, a recommendation engine that helps SMBs make informed software purchasing decisions, released findings from its 2021 Data Security Report. The results reveal that, regardless of industry, information security incidents have become more of a targeted threat for businesses, increasing in amount and efficacy.

Of all the security incidents identified by over 900 surveyed employees at U.S. businesses, the three most threatening incidents were: increasingly severe ransomware attacks, more effective phishing schemes, and rampant reusing of passwords.

Respondents reported phishing emails have nearly tripled in effectiveness over the past two years. Phishing emails are rapidly becoming more difficult to spot and thus far more destructive.

Over the past year, ransomware attacks have increased by 25%. Ransom demands were significantly higher than average for businesses in specific industries, such as banking and financial services and construction, with higher payouts.

The report found that password reuse is strongly associated with higher incidences of security breaches. Reported account takeovers were three times as common among people who reuse passwords as those who don’t.

Data security threats are becoming more targeted to individual victims, whether that’s a phishing scheme aimed at a specific person or ransomware attacks on a particular company.Companies must redouble security training efforts and fortify their networks to protect against today’s increasingly sophisticated cybercriminals.

Zach Capers, senior analyst at GetApp.

Alarmingly, 23% of the IT security managers surveyed say their company doesn’t have protocols in place to report a suspected cyberattack and 33% don’t have a formal cybersecurity incident response plan. Read the in-depth report for further insight regarding sensitive data, cyberattacks, and how your industry is keeping up with data security needs.

About GetApp
GetApp is the recommendation engine SMBs need to make the right software choice. GetApp enables SMBs to achieve their mission by delivering the tailored, data-driven recommendations and insights needed to make informed software purchasing decisions. GetApp is a Gartner company. For more information, visit www.getapp.com.

Survey methodology
GetApp’s 2021 Data Security Survey was conducted from August 20 to August 24 among 973 respondents to learn more about data security at U.S. businesses. Respondents were screened for full-time employment and 90 identified as their organization’s IT security manager.

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Cloud Security

Fortinet New SASE Offerings Improve Cloud Protection for Microbranches

Fortinet | September 05, 2023

Fortinet, the worldwide cybersecurity leader driving the integration of networking and security, has announced new enhancements to its market-leading single-vendor Secure Access Service Edge (SASE) offering. FortiSASE already shields the hybrid workforce using a unified agent and includes SD-WAN integration for the branch. This solidifies FortiSASE's position as the market's most comprehensive offering. The list of Fortinet extended SASE solutions: SASE for Microbranches and IoT/OT Devices: FortiSASE now offers expanded integrations within the Fortinet wireless local-area network (WLAN) suite to aid organizations in securing microbranches and associated devices. FortiAP wireless access points intelligently offload traffic from microbranches to a SASE point of presence (POP) for scalable security inspection of all devices, including IoT and OT devices. This integration also implies that the Fortinet WLAN portfolio can be managed by the same straightforward, cloud-based management console customers already use for FortiSASE. Enhanced Data Loss Prevention Service: As a component of its cloud-delivered security services, FortiSASE includes the FortiGuard-powered Data Loss Prevention (DLP) service to safeguard sensitive data across the entire hybrid environment. This service now consists of a broader range of file types, data identifiers, and Software-as-a-Service (SaaS) applications, along with sophisticated data matching techniques to prevent accidental data breaches. By constant DLP enhancement, Fortinet provides organizations with a detailed understanding of their cloud applications and the tools needed to defend against new threats effectively. End-to-end Digital Experience Monitoring: For comprehensive network and SaaS application monitoring, Fortinet's Digital Experience Monitoring (DEM) solution integrates with FortiSASE to offer insights across users, Fortinet global SASE POPs, and the performance of SaaS applications such as WebEx, Office365, and Dropbox. In addition, this integration enable endpoint monitoring to provide end-to-end visibility, empowering IT teams with the data they need to decrease resolution times and ensure a positive user experience. Leveraging FortiGuard AI-Powered Security Services, Fortinet's SASE provides an extensive set of features, including unified security, streamlined management, and end-to-end Data Edge Management (DEM). This is accomplished by seamlessly integrating cloud-based security components, such as a cloud access security broker, secure web gateway, and Firewall-as-a-Service, in conjunction with networking functionalities through Software-Defined Wide Area Networking (SD-WAN). In addition, the solution incorporates Universal Zero Trust Network Access (ZTNA) capabilities to ensure resilient and secure connectivity to and from the internet, privately hosted applications, and Software as a Service (SaaS) applications.

Read More

Software Security

Palo Alto Joins Telstra as the First Sole Cyber Security Vendor

Palo Alto | September 22, 2023

Palo Alto Networks has announced a strategic partnership with the largest telecommunications company in Australia, Telstra. This signifies Palo Alto Networks' commitment to delivering an expanded portfolio of cybersecurity solutions and services to meet the needs of Telstra's extensive business clientele. The partnership strengthens the existing 10-year relationship between Palo Alto Networks and Telstra. Palo Alto Networks, a global cybersecurity company, has announced teaming up with Telstra, Australia's largest telecommunications company, to offer an enhanced range of cybersecurity solutions and services to Telstra's business clients both in Australia and around the world. This collaboration marks a significant milestone, as Palo Alto Networks becomes the first dedicated cybersecurity company to be recognized as a technology alliance partner for Telstra's enterprise customer segment. Telstra serves customers in over 200 countries and territories. Telstra's technology alliance partners collaborate to create and provide comprehensive services encompassing connectivity, voice, and professional services. These services are designed to assist businesses of all sizes in addressing their challenges and capitalizing on opportunities. Regional Vice President for Australia and New Zealand of Palo Alto Networks, Steve Manley, stated, This new alliance with Telstra reinforces Palo Alto Networks’ position in the Australian market as the leading cyber security vendor to leading telecommunications carrier in Australia. It also reinforces our increased commitment to offering industry-leading joint solutions with one of the country’s most trusted managed service providers. Together, Palo Alto Networks and Telstra will collaborate to offer businesses with best-of-breed cyber security solutions to help keep them safe in a rapidly changing market landscape. [Source – Web Wire] This new partnership further solidifies the long-standing 10-year relationship between Palo Alto Networks and Telstra. It also builds upon previous agreements that expanded Telstra's SecureEdge portfolio with offerings like SecureEdge Cloud for business clients and Sovereign SecureEdge for the Australian government and agencies, both powered by Palo Alto Networks' advanced cloud-based security services. David Burns, Enterprise Group Executive at Telstra, said, Cyber security has become one of the top concerns among businesses worldwide, including here in Australia, and especially in the wake of a no. of high-profile cyber breaches. We’re now seeing the industrialization of cybercrime and the scale of threat continues to evolve and grow. As a result, we all need to be constantly changing, adapting, and looking at new technologies that can assist protect us and our customers’ data. As a leading provider of network, managed, and professional services, this new alliance between Telstra and Palo Alto Networks further boosts our capabilities to help customers protect their organizations and data from evolving cyber threats. [Source – Web Wire]

Read More

Cloud Security

Cisco Secure Application to Provide Business Risk Observability

Cisco | September 15, 2023

Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment. The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings. Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact. Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications. In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments. As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles. As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications. According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development. As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses. Mark Leary, Research Director, IDC, stated, Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security [Source – Cision PR Newswire] Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said, An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments. [Source – Cision PR Newswire]

Read More