Networks
The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
-
74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened
According to the results of a recent survey [PDF] of 250 IT professionals, 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened. The survey, conducted by iSense Solutions for Bitdefender, also found that two thirds of companies would pay an…
-
74 Percent of Organizations Using Two-Factor Authentication Face User Complaints
A recent?SecureAuth?survey of 300 cyber security professionals or IT decision makers found that 74 percent of respondents who use two-factor authentication (2FA) said they receive complaints about 2FA from their users — and 9 percent say they simply “hate it.” “It’s not surprising that organizations are receiving an increasing amount of complaints about 2FA,” SecureAuth…
-
69 Percent of Companies Have Suffered Data Loss Due to Employee Turnover
According to the results of a recent Osterman Research survey of 187 IT and/or HR decision makers, fully 69 percent of respondents have suffered significant data loss resulting from employees who left. While 96 percent of respondents disable access to employees’ mailboxes when they depart, 49 percent don’t monitor access to every application and source…
-
5 Essential IoT Security Best Practices
Securing the Internet of Things is an especially hot topic right now thanks to some bad botnets — and, of course, some major IoT vulnerabilities. This month the Mirai botnet waged the world’s largest DDoS attack in history against Dyn, a major domain-name server. The attack wreaked havoc across the entire internet, taking down major…
-
Two-Thirds of Americans Think They’re Tech Savvy… But They’re Not
A recent survey of 2,056 U.S. consumers found that two-thirds of them see themselves as tech savvy, and 75 percent are concerned about their security and privacy online. Still, the survey, commissioned by Arbor Networks and conducted by Regina Corso Consulting, also found that 64 percent of respondents (and 71 percent of millennials) said they…
-
2 Do’s and 2 Don’ts of Incident Response and Anomaly Detection
By Alan Hall, Blue Coat (now part of Symantec) With the cost of a breach up 29 percent from 2013 — and continuing to rise — according to a recent Ponemon report, enterprise leaders are under mounting pressure to implement security solutions that are effective in detecting threats in this evolving cybersecurity landscape. While organizations…
-
48 Percent of Companies Don’t Inspect the Cloud for Malware
A recent survey of 643 IT and IT security practitioners in the U.S. and Canada found that fully 48 percent of respondents don’t inspect the cloud for malware, and another 12 percent are unsure whether they do or not. Notably, among those that do inspect, 57 percent say they have found malware. The survey, sponsored…
-
Selecting a Threat Risk Model for Your Organization, Part Two
No threat risk model (an assessment of software, network or other risks and threats) is complete without a methodology for rating threats. In an earlier article we addressed two common and simple threat risk models, both developed by Microsoft — STRIDE and DREAD — along with the more complex CVSS (Common Vulnerability Scoring System). Here…
-
M&A Due Diligence, Cyber Security, and the Massive Yahoo Data Breach
Yahoo! Inc. recently announced that at least 500 million users’ names, email addresses, phone numbers, birthdates, hashed passwords, and in some cases encrypted or unencrypted security questions and answers were stolen from the company’s network in late 2014 in what it believes was a state-sponsored attack. The breach, which was uncovered only recently, comes just…
-
Which Threat Risk Model Is Right for Your Organization?
Threat risk modeling, which involves identifying, quantifying and addressing security risks associated with IT systems, is a big part of the job for security professionals. Fortunately, numerous threat risk models have been developed. Some are geared toward specific purposes (such as web application development), but can be adapted in other ways and for other uses.…
