According to ESG research, 45% of organizations report having a problematic shortage of cybersecurity skills in 2017. Of course, this applies to all areas of cybersecurity but recent ESG research shows that the skills shortage has a direct impact on security analytics and operations. The research also reveals some of the ramifications of these cybersecurity skills shortages.
Large enterprises like Equifax, Target, Sony and Home Depot may have grabbed headlines for cyber attacks, but small to mid-size businesses are the most exposed and the easiest prey. That’s because small businesses have fewer resources and may falsely believe that hackers only target large organizations. Last year, small organizations accounted for 85% of data breach claims, and breaches of less than 10,000 records cost on average $4.66 million.
More companies are moving towards cloud technologies for lower costs, faster time to market, and increased employee productivity. However, the vulnerability of common cloud servers creates many new security challenges, the full impact of which we are just starting to determine. Spohn Security Solutions offers advice on catching vulnerabilities and proofing your company against cloud attacks.
Researchers have discovered a key flaw in the WPA2 Wi-Fi encryption protocol that allows hackers to intercept credit card numbers, passwords, photos and other sensitive information. The new exploit is called KRACK, short for Key Reinstallation Attacks. The research has been kept under wraps for weeks ahead of a coordinated disclosure. The vulnerability affects the core WPA2 protocol itself and is effective against devices running Android, Linux, and OpenBSD, and to a lesser extent macOS and Windows, as well as MediaTek Linksys.
Following a first survey from December 2016, ReportLinker conducted a new research on cybersecurity to find out if opinions and attitudes towards this threat have shifted since last year. Many Americans don’t feel they personally are at much risk of a cyberattack, they are however a large majority to think cyberattacks are becoming more a threat now.
As security and employee safety remain at risk, unpreparedness is still affecting many corporations according to the Trends in Corporate Security survey from Rave Mobile Safety. Rave, provider of critical communication and data platform solutions trusted to save lives, has released the findings of a corporate security survey. Completed anonymously by 150 managers in corporate safety and security, employee safety, physical plant security, IT security and business continuity, respondents identified factors driving corporate safety and security decision making. According to the data, even with growing awareness around risks in the workplace, there is a continued unpreparedness in corporate security.
NTT Security Corporation, the specialized security company of NTT Group, has launched “IT/OT Integrated Security Services.” The new services will be taken to market globally through the NTT Group companies, Dimension Data, NTT Communications, and NTT DATA, forming part of its suite of integrated services to enable successful digital transformation initiatives for its clients.
The US government has banned federal agencies from using Kaspersky Lab security software, a Russian company, over concerns it may be tied to state-sponsored espionage. Acting Homeland Security Secretary Elaine Duke has issued a directive given at least six federal agencies a timeline to get rid of the software from government networks.
Virginia Gov. Terry McAuliffe declared Thursday that Virginia is the first state to adopt the National Initiative for Cyber Security Education (NICE) Framework, developed by the National Institute of Standards and Technology, in an official capacity. The latest version of the framework —also known as NIST Special Publication 800-181— was published earlier this month with the intention of providing a “common, constant lexicon” for a fast-growing industry in which everyone seems to have a different name for the same thing.
Rob Joyce, the Trump administration’s cybersecurity coordinator, said Tuesday the U.S. is lacking 300,000 cybersecurity experts needed to defend the country. He also had a warning for the public about using software from Kaspersky Lab. U.S. officials believe the company has ties to the Kremlin – and the federal government has vowed not to use its products. FBI agents have also interviewed Kaspersky employees working in the U.S.