The state of information security for companies in the U.S. is scary. 2014 was a record setting year in terms of data breaches with a staggering 783 breaches reported. That means on average more than 2 breaches were reported every day in 2014. The percentage by industry sector remained about the same as previous years although Health and Medical have the lion share at 42.5% and Business at 33%. When people hear about breaches, they immediately think about hackers. Yet hacking is responsible for only 29% of breaches.
In 2017 alone, there was more than $150 billion in merger, acquisition, and divestiture activity in the telecom space. The end result is a more consolidated industry landscape with fewer telecom carriers than ever, which can make it harder for small and mid-sized enterprises to operate.
Organizations that maintain protected health information (PHI) sink or swim based on their plan for protecting data confidentiality. Healthcare compliance is a major cost center and is growing annually – for small, mid-sized, and large enterprises alike.
The focus is growing for the European Union's forthcoming "General Data Protection Regulation," or GDPR. As its May 25, 2018 implementation date draws nearer, organizations are starting to understand the magnitude of change this major regulation will drive.
In the era of Bring Your Own Device and distributed virtual teams, remote access to sensitive network resources is quickly emerging as the biggest internal cybersecurity threat.
As more of the workplace moves online and team members require flexible access to IT assets from around the world, remote access has become a major headache for system administrators.
Topics: Data Breach, IT Security, vulnerabilities, vCISO, threat assessment, cybersecurity, enterprise security, Third-Party Vendor Access, Virtual Chief Information Security Officer, Remote Access, granular permissions, audit trail
Cybersecurity is one of the most important ongoing business concerns for any enterprise.
Major security risks are not limited to the Fortune 500. On the contrary, small and mid-sized businesses are often completely wiped out by the repercussions of a network breach.
Topics: Ransomware, Compliance, Risk Assessment, Network Vulnerabilities, cybersecurity, enterprise security, Network Breach, sensitive financial and healthcare information, calculating ROI in cybersecurity, Optimize Security Investments, Manage Threats, Security Training
For businesses around the world – but particularly those based in the United States – the threat environment in IT has never been more complex. Unfortunately, many businesses build their IT security practices on received wisdom: Assumptions that simply don’t hold up in practice.
Two new and related security vulnerabilities called “Spectre” and “Meltdown” are significant because they affect computing platforms with Intel, AMD, or ARM central processing units (CPU’s). This includes Mac, Windows, Linux, Android and other platforms. These vulnerabilities take advantage of the ability to extract information from instructions that have been executed on a CPU using the CPU cache as a side-channel.
Cybersecurity should be a priority for any organization. With a new cyberattack launched every 39 seconds, there is little hope for any organization to fly under the radar, no matter how small it is.
Today, a disconnect exists between management and IT departments that exacerbate the multi-billion dollar losses and cybersecurity expenses in which businesses incur every year. This misalignment stems from a traditional siloed approach to cybersecurity: Management orchestrates the daily operations of the company while the security team focuses on cyberthreats. This results in what RSA calls a "gap of grief," which impairs an organization's ability to mitigate and defend from threats. RSA outlines several key steps to bridge this gap by transforming a disconnected approach into a business-driven security™ strategy.