The Ponemon Institute has just released the 6th annual Ponemon Institute 2015 Cost of Cyber Crime. The report notes that the average cost of a cyber attack has climbed significantly, and is now $12.7 million (up from $11.6M in 2014). Resolution times have also increased significantly, 32 to 45 days – a 41% increase. In response, István Szabó, Product Manager of syslog-ng at BalaBit offers three crucial steps organizations need to take to accelerate both their detection times and response/recovery effots. “The Ponemon data is in step with recent reports,” says Szabó. “For example, according to the latest Verizon Data…
ISBuzz Team
New Nessus Agents for Amazon, Debian and Ubuntu Linux, and new Nessus scanner for AWS help customers simplify cloud vulnerability management Tenable Network Security®, Inc., the leader in continuous network monitoring™, announced new capabilities for Nessus® v6 that allow customers to simplify and extend vulnerability management for cloud environments by reducing the cloud infrastructure attack surface. When moving to cloud computing, many organizations discover that the benefits of the cloud are accompanied by unexpected security challenges separate from the traditional vulnerability management hurdles of securing transient devices and managing credentials. Traditional vulnerability management programs are also limited by the lack…
How well do you think companies are dealing with security threats? Does it vary much between sectors? Companies are not taking web vulnerabilities seriously. In our latest research of over 30,000 websites, 86% had at least one serious vulnerability where an attacker could compromise the system and cause serious commercial or reputational damage. What is really shocking however, is that it took an average of 193 days to remediate 61% of these vulnerabilities. This means that 39% of flaws were never closed, leaving many businesses open to attack. This is precisely why we continuously see breaches making the headlines. These statistics…
Introduction With cyber-attacks as well as cyber-crime against large companies rising 40 percent globally in 2014, network security needs to be looked at afresh and in a new dimension. Adding to this problem is the massive proliferation of mobile and smart phones across the world. With most mobiles capable of accessing the internet from any where around the world, the problem of IT security is getting more and more acute with each passing day. In this context, let us take a look at how cyber-attackers are going at secure networks and are gaining ground faster than before, and the steps…
Successful attempts by hackers like Lizard Squad to take down major websites have become so common that barely a week goes by without another victim. Recently, the Thai Government, Reddit and the National Crime Agency’s have been targeted by Distributed Denial of Service (DDoS) attacks. The number and intensity of DDoS attack are rising in 2015. For businesses reliant on their websites this is an alarming trend. But it is not a surprising one given that web application security is often poorly understood and incorrectly deployed. A DDoS attack can take different forms, but essentially it involves a website’s servers being…
61 Percent Cite Privileged Account Takeover as Most Difficult Cyber Attack Stage to Mitigate; Nearly Half Still Believe They Can Prevent Attackers from Breaking into a Network Newton, Mass. Cyber attacks that exploit privileged and administrative accounts – the credentials used to manage and run an organization’s IT infrastructure – represent the greatest enterprise security risks, according to a new survey released by CyberArk (NASDAQ: CYBR). Sixty-one percent of respondents cited privileged account takeover as the most difficult stage of a cyber attack to mitigate, up from 44 percent last year. In addition, 48 percent believe that data breaches are…
Jonathan Perez, global privacy officer, at BMC welcome this decision and call for the use of Binding Corporate Rules for data regulation. [su_note note_color=”#ffffcc” text_color=”#00000″]Jonathan Perez, Global Privacy Officer, BMC : “The decision taken by the European Court of Justice is a clear message being sent out to the businesses that Safe Harbour can no longer be relied on. In today’s world where digital transformation affects every industry, it is of importance that individuals trust that their data is being adequately handled and protected. Safe Harbour is 15 years old and needed to be reassessed especially in view of the…
Turn-key Security Device Reduces Network Attack Surface and Alert Fatigue Ixia [1] (Nasdaq: XXIA), a leading provider of application performance and security resilience solutions, launched a new front line of defense for enterprise networks. Ixia’s ThreatARMOR represents another innovation for the company’s Visibility Architecture, enabling enterprises to reduce the ever-increasing size of their global network attack surface. ThreatARMOR is a natural complement to an existing security infrastructure, decreasing the volume of security alerts generated and freeing resources to focus on critical issues. ThreatARMOR shrinks the network attack surface : A network attack surface is the sum of every access avenue…
Marc Gaffan, VP and GM of the Incapsula product line at Imperva, commented on news that the Thai Government was hit by a DDoS cyberattack and that tens of thousands of people have signed a petition against the proposal they call the “Great Firewall of Thailand,” a reference to the so-called “Great Firewall of China” commonly used to refer to the Chinese government’s censorship over Internet content. [su_note note_color=”#ffffcc” text_color=”#00000″]Marc Gaffan, VP and GM of the Incapsula product line at Imperva : ”Distributed Denial of Service, or DDoS, attacks have become a weapon of choice for activists of all kinds…
We all know that Confidentiality, Integrity and Availability, also known as the CIA triad, is simple and widely applicable security model. But is this simple security model is sufficient to address security challenges pose by new technologies such as Big Data and Internet of Things? Big Data poses extra challenges to this triad because of (1) enormous amount of data to be secured, (2) number of sources sending data and (3) variety of data formats. Similarly, Internet of Things (IoT) allows physical objects or “things” to collect and exchange data and thus will present different type of security risk such…