In the rapidly evolving cybersecurity landscape, the concept of Zero Trust has emerged as a critical framework for enhancing security infrastructure. A recent survey conducted by PlainID, the Authorisation Company™, provides valuable insights into the implementation of Zero Trust programmes. This article aims to spotlight the key findings from the survey. The survey reveals that while Chief Information Security Officers (CISOs) are implementing a Zero Trust framework, only 50% stated that authorisation forms part of their Zero Trust programme. This lack of comprehensive Zero Trust implementation could potentially expose organisations to security vulnerabilities. The key findings from the survey are…
ISBuzz Team
The IBM Cost of a Data Breach Report 2023 serves as a critical resource for understanding the financial implications of data breaches. This article aims to spotlight the key findings from the report, providing valuable insights for business leaders. The findings are summarized in the table below: Key FindingsStatisticsAverage total cost of a data breachReached an all-time high in 2023 of USD 4.45 million, a 2.3% increase from 2022 and a 15.3% increase from 2020.Number of breaches identified by an organization’s own security teams or toolsOnly one-third of companies discovered the data breach through their own security teams. 67% of…
In a bid to bolster the security of digital products like smart TVs, home cameras, connected toys, and smart fridges before they hit the market, representatives from EU member states have agreed on a shared position regarding the proposed Cyber Resilience Act. This legislation lays down broad cybersecurity requirements for products with digital components. The State Secretary for Digitalisation and Artificial Intelligence, Carme Artigas Brugal, hailed this development as a significant milestone in advancing the EU’s commitment towards a secure digital single market. She stressed the need for IoT and other connected devices to meet basic cybersecurity standards, thereby offering…
In the digital age, data is one of the most valuable assets a company can possess. However, with the increasing value of data comes the increasing risk of data loss, breaches, and non-compliance with data protection regulations. This is where Symantec Data Loss Prevention (DLP) comes into play. As an industry-leading solution, Symantec DLP is designed to mitigate these risks by providing comprehensive discovery, monitoring, and protection of your data. This review aims to provide an in-depth look at Symantec DLP, its features, ease of use, integration capabilities, customer support, potential shortcomings, and overall value. Product Overview Symantec DLP is…
In the realm of data loss prevention (DLP) solutions, Forcepoint DLP has solidified itself as a market-leading choice, recognized for its comprehensive coverage, robust feature set, and user-friendly interface. This review provides an objective analysis of this software, giving an overview of its key features, potential shortcomings, and overall performance. Product Overview Forcepoint DLP, part of the larger Forcepoint suite of cybersecurity tools, is designed to meticulously identify, monitor, and protect data throughout its lifecycle – in use, at rest, and in transit – across every network, cloud, and endpoint. This solution is a vital cog in Forcepoint’s Human-Centric Cybersecurity…
In the vast and evolving world of cybersecurity, where cryptic jargon and a vast array of certifications can sometimes seem daunting, it is vital to recognize that the pathway to success lies not merely in the accumulation of theoretical knowledge but in acquiring and honing practical skills. Mastery over these skills allows one to transcend theoretical understanding, paving the way for tangible problem-solving and facilitating confidence among peers and superiors alike. Here, we explore five crucial skills that form the cornerstone of a successful career in cybersecurity. 1. Mastering Virtual Machines: The Pathway to Versatility Virtual Machines (VMs) are essentially…
Description: Fortinet has urgently issued security updates to remediate a critical vulnerability in its SSL VPN product. The vulnerability, identified as CVE-2023-27997, enables attackers to execute arbitrary code on susceptible systems. This vulnerability originates from the way Fortinet SSL VPN processes requests for a specific file. By sending a carefully crafted request to the SSL VPN, an attacker can exploit this vulnerability and effectively execute arbitrary code on the compromised system. In response to this critical issue, Fortinet has swiftly released updates for all affected versions of its SSL VPN product. Users are strongly urged to apply these updates without…
The Verizon 2023 Data Breach Investigations Report (DBIR) presents a comprehensive analysis of global data breaches, offering valuable insights into the contemporary state of cybersecurity threats. In this analysis, we will delve into key findings from the report, including the prevalent role of human error, persistent threat of ransomware, and the impact of the Log4j vulnerability. Human Error and Social Engineering According to the DBIR report, human error is involved in 74% of all breaches, encompassing errors, privilege misuse, use of stolen credentials, and social engineering incidents. The ubiquity of human error emphasizes the importance of focusing on people as…
38% of organisations hit with ransomware in 2022 were repeat victims Highlights: Barracuda Networks, Inc., a trusted partner and leading provider of cloud-first security solutions, today published its 2023 Ransomware Insights report, which shows that 73% of the organisations surveyed report being hit with at least one successful ransomware attack in 2022 — and 38% say they were hit twice or more. The organisations that were hit multiple times were more likely to say they’d paid the ransom — 42% of those hit three times or more paid the ransom to restore encrypted data, compared to 31% of victims of a single…
Jamf Threat Labs reveals that organisations are still using out-of-date software on devices, exposing them to cyber threats Jamf (NASDAQ: JAMF) today announced the release of its latest Security 360 Report analysing the threats impacting devices used in the modern workplace. A significant finding from the report is that 1 in every 5 devices ran an operating system that was not up to date. As we approach the three-year mark since the global pandemic led to a drastic change in global work environments, the focus for many has shifted from “how do we continue business operations?” to “how do we keep remote users…