Beyond the challenges around risk and uncertainty, can bug bounties really deliver on their promise? Even as crowdsourced security testing continues to gain acceptance, what’s important is designing the right model to increase efficiency and avoid diminishing marginal returns.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Investors can no longer ignore the cyber resilience of their target companies, in fact the new WEF report shows they should be actively play a role in incentivizing responsible and secure innovation.
It appears that Chinese hackers have been running Cloud Hopper attacks targeting tech providers for access to their customers' corporate intellectual property and government secrets.
Proposed Active Cyber Defense Bill “hack back” will allow victims of hacker attacks to carry out digital vigilantism but what are the consequences when companies take law into their own hands?
Cybereason recently exposed a multi-year cyber espionage operation carried out by Chinese hackers where they follow their targets moving from country to country by hopping from one breached network to another.
Cloud solution provider PCM claimed minimal impact to their customers even though recent breach of Office 365 administrative credentials could lead to exposure of personal data and sensitive business documents.
Despite the potential for visual hacking to take place in public, only 30% of business travelers say that their organizations have educated them on how to protect sensitive information.
Supply chain security is a hot issue for enterprises with increasing third party data breaches. Recent (ISC)² study indicates these breaches are more likely the fault of a large enterprise partner than a small one.
Russia has been making news for hacking utility systems in other nations and for a change, news has emerged that U.S. is conducting cyber attack on power grid in Russia by planting malicious code.
Medical companies affected by AMCA healthcare data breach have begun alerting investors and shareholders which may cause them to lose tens of millions of dollars in stock market valuation.










