Security firm disclosed a Microsoft data breach that exposed customer data affecting over 65,000 organizations in 111 countries. Microsoft expressed disappointment at the security firm for exaggerated numbers and releasing a search tool.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Nearly half of IT and business leaders said that the expanding attack surface is “spiraling out of control.” But throwing even more tooling and people at the issue doesn’t address the underlying problem which lies in a disconnect between the teams, processes and tools that a CISO probably already has in place.
Smart Devices Adding Security Updates to Combat Vulnerabilities, but EU Consumers Remain Unimpressed
Research finds that a number of manufacturers are not providing security updates for smart devices for nearly as long as their expected life cycles. In addition, manufacturers often do not specify exactly how long they plan to support security updates.
According to iapp, almost half of all data breaches in 2022 began with stolen credentials and ransomware damages are expected to exceed $30 billion worldwide in 2023.
Medibank is Australia’s largest health insurance provider with some 3.7 million customers. In some cases, medical records are among the health insurance policies and the thief had named about 1,000 high-profile or at-risk people.
A large chasm of cultural disconnect remains in the realm of security. Employee engagement is a particular problem, with less than half saying that they were very likely to report a cybersecurity incident.
Organizations are facing a complex patchwork of cybersecurity tools that are not integrated or are too niche. It's time to audit the current security stack, identify gaps and redundancies, and then create a go-forward plan to course-correct.
Symantec warned that a Chinese state-sponsored cyber espionage group responsible for hacking a U.S. state legislature and potentially a defense company had renewed interest in the country.
The Russia-Ukraine conflict is having a substantial impact on how businesses view their defenses. 64% believe that their organizations have either been targeted or impacted by nation-state attacks.
Globally, 65% of board members feel that their organization is at risk of a material cyber attack in the next 12 months. However, 47% also say that their company is unprepared for this eventuality.










