In order to respond to cyber attacks, enterprises must invest their time and resources into efficiently training their teams and improving their organizational cyber resilience with the help of effective cyber exercises.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Russian hackers had access to Ukraine's biggest telecoms provider for most of 2023, and likely had "full access" for at least the months of November and December.
Healthcare tech solutions provider HealthEC LLC has experienced a data breach impacting nearly 4.5 million individuals across various states.
23andMe's defense as regards data privacy laws is essentially to claim that a data breach did not actually occur, given that the incident stemmed from the failure of certain users to change passwords that had been exposed elsewhere.
As we step into 2024, the IAM landscape continues to evolve. Decentralized identity, identity data engineering, and the integration of analytics and generative AI stand as pivotal pillars that will shape the success of IAM strategies in the coming year.
Europol, Group-IB, and Sansec identified and notified over 400 online shops infected with stealth JavaScript credit card skimmer variants leaking customer payment data.
Russian hackers have reportedly accessed surveillance cameras in apartment buildings and parking facilities, and are most interested in those that are near critical infrastructure or air defense systems and can have their viewing angles changed remotely.
BlackCat has since taken back at least partial control of its Tor site after a major law enforcement action. A "this website has been unseized" graphic has appeared along with a rant in Russian promising revenge.
Comcast Xfinity leaked the personal information of nearly 36 million customers in a massive data breach stemming from an exploited Citrix vulnerability.
By fostering a culture of continuous improvement that thinks outside the box of compliance, IT teams and security leaders can feel confident in their cybersecurity resilience.










