Expert(s):
CTOfeature_status*/ ?>
Bitglass

Comments Dotted : 15
November 24, 2020

Hoard Of Spotify User Data Exposed By Hackers’ Careless Security Practices – Experts Reaction
All companies should understand that it is essential to have full visibility and control over their customer data in order to prevent a breach.
A staggering 53% of consumers admit to reusing the same password across multiple sites, even knowing the risks associated. This poor password hygiene allows cybercriminals the opportunity and access to various accounts for the same individual across multiple services, rendering their digital footprint incredibly vulnerable as a result. All consumers, not just users impacted by this incident, need to make a habit of diversifying their login credentials across different accounts in order to.....Read More
A staggering 53% of consumers admit to reusing the same password across multiple sites, even knowing the risks associated. This poor password hygiene allows cybercriminals the opportunity and access to various accounts for the same individual across multiple services, rendering their digital footprint incredibly vulnerable as a result. All consumers, not just users impacted by this incident, need to make a habit of diversifying their login credentials across different accounts in order to mitigate the chances of their account being hijacked. Companies can prevent credential stuffing by adopting advanced security solutions that identify suspicious login, taking action before breaches can occur. These controls enable businesses to verify users’ identities and enforce measures, such as multi-factor authentication (MFA), which can limit an attacker’s chance of hijacking a corporate email address in the first place. All companies should understand that it is essential to have full visibility and control over their customer data in order to prevent a breach. To do so, organisations must implement security solutions that remediate misconfigurations, enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent the leakage of sensitive information.  Read Less
November 13, 2020

Animal Jam Kids’ Virtual World Hit By Data Breach, Impacting 46m Accounts: Expert Commentary
Incidents like this emphasise the criticality of ensuring that proper cloud security controls are implemented to defend users’ data.
The personally identifiable information (PII) and financial information connected to users’ gaming accounts are valuable data that attackers can use to commit financial fraud, identity theft, and trade on dark web marketplaces. Incidents like this emphasise the criticality of ensuring that proper cloud security controls are implemented to defend users’ data. To mitigate the risks of future data breaches and protect sensitive data, all organisations must have full visibility throughout.....Read More
The personally identifiable information (PII) and financial information connected to users’ gaming accounts are valuable data that attackers can use to commit financial fraud, identity theft, and trade on dark web marketplaces. Incidents like this emphasise the criticality of ensuring that proper cloud security controls are implemented to defend users’ data. To mitigate the risks of future data breaches and protect sensitive data, all organisations must have full visibility throughout their IT ecosystem or anywhere their sensitive data is stored in order to monitor and prevent any suspicious activity. By leveraging flexible, cost-effective solutions that enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage, organisations can ensure the privacy and security of customer information.  Read Less
November 10, 2020

Experts Insight On Hotel Booking Firm Leaks Info From Millions Of Guests
detect misconfigurations through cloud security posture management, encrypt sensitive data at rest
Every year, hotel and booking platforms collect sensitive consumer data and store the personally identifiable information of millions of guests. To mitigate the risks of future data breaches and protect sensitive data, hospitality organisations and other companies need to have full visibility and control over their data. By leveraging multifaceted solutions that enforce real-time access control, detect misconfigurations through cloud security posture management, encrypt sensitive data at.....Read More
Every year, hotel and booking platforms collect sensitive consumer data and store the personally identifiable information of millions of guests. To mitigate the risks of future data breaches and protect sensitive data, hospitality organisations and other companies need to have full visibility and control over their data. By leveraging multifaceted solutions that enforce real-time access control, detect misconfigurations through cloud security posture management, encrypt sensitive data at rest, and manage the sharing of data with external parties, and prevent data leakage, organisations can ensure the privacy and security of customer information.  Read Less
October 27, 2020

Experts Opinion On Amazon Sacking Insiders Over Data Leak
By understanding modern threats and deploying appropriate security solutions, many of these risks can be mitigated and even eliminated.
A recent Bitglass study found that 73% of organisations believed insider attacks had become more frequent over the past year. Cloud adoption and bring your own device (BYOD) policies have improved businesses’ agility, but have also made sensitive data more accessible, presenting a significant IT security challenge. Unfortunately, in cloud-based IT environments, organisations often struggle to detect anomalous or careless employee behaviours. As such, many must revise their approaches to.....Read More
A recent Bitglass study found that 73% of organisations believed insider attacks had become more frequent over the past year. Cloud adoption and bring your own device (BYOD) policies have improved businesses’ agility, but have also made sensitive data more accessible, presenting a significant IT security challenge. Unfortunately, in cloud-based IT environments, organisations often struggle to detect anomalous or careless employee behaviours. As such, many must revise their approaches to data protection. By understanding modern threats and deploying appropriate security solutions, many of these risks can be mitigated and even eliminated.  Read Less
October 09, 2020

Wisepay: School Payments Service Hit By Cyber-Attack
A staggering 59% of consumers reuse passwords across multiple accounts.
Payment card-skimming malware continues to be a security challenge for retailers around the globe. Unfortunately, when armed with payment card information or personally identifiable information (PII), malicious parties can make fraudulent purchases, sell said data on the dark web for a quick profit, and much more. A staggering 59% of consumers reuse passwords across multiple accounts. This means that if a cybercriminal appropriates a single password, they can potentially gain access to a.....Read More
Payment card-skimming malware continues to be a security challenge for retailers around the globe. Unfortunately, when armed with payment card information or personally identifiable information (PII), malicious parties can make fraudulent purchases, sell said data on the dark web for a quick profit, and much more. A staggering 59% of consumers reuse passwords across multiple accounts. This means that if a cybercriminal appropriates a single password, they can potentially gain access to a user's accounts across a number of retailers and services where said password is reused. Users impacted by this incident should change their passwords on all of the accounts where they use these now exposed credentials, and avoid re-using passwords across different accounts altogether. Companies must deploy security solutions that can prevent data leakage; for example, cloud access security brokers (CASBs) that provide features like cloud security posture management (CSPM), data loss prevention (DLP), user and entity behaviour analytics (UEBA), and encryption of data at rest. With these types of capabilities, businesses and consumers can be certain that their data is truly secure as they make purchases.  Read Less
October 06, 2020

Experts On UK’s HMRC ‘Bombarded’ By 5,000 Malicious Email Attacks Every Day
These controls enable businesses to verify users’ identities and enforce measures.
While phishing attacks are not a groundbreaking threat and there is an elevated level of awareness around these schemes, hackers can still find success with this tactic by taking advantage of major news. During this stressful time, recipients of these messages are more likely to click on malicious URLs, open attachments, and give up personal data. Most organisations have responded by educating employees about how they can best identify phishing attacks as well as telling them what they should.....Read More
While phishing attacks are not a groundbreaking threat and there is an elevated level of awareness around these schemes, hackers can still find success with this tactic by taking advantage of major news. During this stressful time, recipients of these messages are more likely to click on malicious URLs, open attachments, and give up personal data. Most organisations have responded by educating employees about how they can best identify phishing attacks as well as telling them what they should do if they suspect an email they have received is fraudulent. Additionally, many companies will rely on native email security measures capable of filtering messages from unknown senders and warning of any malicious payloads. Despite the above, cybercriminals have a wealth of strategies and resources that they can utilise during the Coronavirus pandemic in order to achieve an even higher rate of success with phishing schemes. By leveraging sensitive information that already exists in the dark web due to previous data breaches, threat actors can hijack corporate email accounts and initiate lateral phishing attacks. When an email originates from a trusted source within an organisation, recipients will tend to lower their guard, making it more likely that sensitive information will be lost. For example, it’s conceivable that hackers may hijack an HR manager’s email account in order to send employees messages that appear to pertain to work-from-home policies and remote data access, but are actually asking for credentials or personal information. Companies can combat lateral phishing threats by adopting advanced security solutions that identify suspicious logins and take actions before breaches can occur. These controls enable businesses to verify users’ identities and enforce measures, such as multi-factor authentication (MFA), which can limit an attacker’s chance of hijacking a corporate email address in the first place.  Read Less
September 10, 2020

Funding boost to help healthcare suppliers improve cyber security: Expert Commentary
Strategic investments in cybersecurity will make a significant impact on protecting healthcare businesses against cybersecurity risks.
Healthcare organisations are major targets and will see any and all lapses in security exploited by malicious individuals, both internal and external. Companies handling medical records are heavily targeted by cybercriminals, therefore, they take every precaution necessary to protect patient data. Hundreds of hospitals, medical offices, and imaging centers have contributed to over a billion exposed records. According to Bitglass' Healthcare Breach Report, the number of records breached in.....Read More
Healthcare organisations are major targets and will see any and all lapses in security exploited by malicious individuals, both internal and external. Companies handling medical records are heavily targeted by cybercriminals, therefore, they take every precaution necessary to protect patient data. Hundreds of hospitals, medical offices, and imaging centers have contributed to over a billion exposed records. According to Bitglass' Healthcare Breach Report, the number of records breached in 2019 (27.5 million) was more than double that of 2018 (11.5 million) – which itself was over double that of 2017 (4.7 million). The average number of individuals affected per breach reached 71,311 in 2019, nearly twice that of 2018 (39,739), indicating that breaches are becoming more common and much larger over time. The rapid digitisation of patient records means it’s been very difficult to implement consistent data security policies and training schemes to educate staff on keeping data safe. As healthcare organisations make patient data more accessible to individuals and new systems, they must make information security their top priority. Strategic investments in cybersecurity will make a significant impact on protecting healthcare businesses against cybersecurity risks, which will potentially save billions in the long run. With this new funding, and by procuring cloud apps with a strong security track record and third-party tools to secure data in the cloud, healthcare organisations will be able to improve their ability to protect medical records and allow them to focus on their core competency – delivering care services.  Read Less
September 07, 2020

Experts Insight On Ransomware attack on Argentina federal agency
Governments must ensure adequate employee training to protect from ransomware.
To prevent future ransomware attacks and safeguard highly sensitive information, federal agencies must have full visibility and control over their data. This can be accomplished by leveraging multi-faceted solutions that defend against malware on any endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage. In addition, governments must ensure adequate employee training to.....Read More
To prevent future ransomware attacks and safeguard highly sensitive information, federal agencies must have full visibility and control over their data. This can be accomplished by leveraging multi-faceted solutions that defend against malware on any endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage. In addition, governments must ensure adequate employee training to protect from ransomware.  Read Less
August 18, 2020

Security Experts On Carnival Hit With Ransomware Attack Exposing Data
This includes solutions that can automatically block malware in the cloud that is both at rest or in transit.
The travel industry is an extremely attractive target to cybercriminals, as they can collect and store personally identifiable information (PII) on billions of passengers every year, including passport numbers, credit card information, email addresses and much more. Whilst it’s unclear at this time how the hackers infiltrated Carnival’s systems, they have said the attackers "accessed and encrypted a portion of one brand's information technology systems," and that the intruders also.....Read More
The travel industry is an extremely attractive target to cybercriminals, as they can collect and store personally identifiable information (PII) on billions of passengers every year, including passport numbers, credit card information, email addresses and much more. Whilst it’s unclear at this time how the hackers infiltrated Carnival’s systems, they have said the attackers "accessed and encrypted a portion of one brand's information technology systems," and that the intruders also downloaded files from the company's network. To thwart ransomware attacks and mitigate their impact, all organisations need advanced threat protection. Organisations should leverage security solutions that can identify and remediate both known and zero-day threats on any cloud application or service, and protect managed and unmanaged devices that access corporate resources and data. This includes solutions that can automatically block malware in the cloud that is both at rest or in transit. Additionally, organisations must ensure adequate employee security training to identify phishing attempts and illegitimate emails as phishing is the primary vector for ransomware attacks.  Read Less
July 15, 2020

Hacker “NightLion” Steals 8,200+ Databases From Cybersecurity Firm
The reputational and financial repercussions of breaches can impact a company for years.
Outsourcing services provides significant advantages for growing businesses, but relying upon third-party partnerships can expand the attack surface for bad actors looking to gain access to company and customer data. While the incident involving DataViper was clearly motivated by revenge, bad actors frequently target third-party vendors in order to gain access to enterprise data that may otherwise be well protected. The reputational and financial repercussions of breaches can impact a company.....Read More
Outsourcing services provides significant advantages for growing businesses, but relying upon third-party partnerships can expand the attack surface for bad actors looking to gain access to company and customer data. While the incident involving DataViper was clearly motivated by revenge, bad actors frequently target third-party vendors in order to gain access to enterprise data that may otherwise be well protected. The reputational and financial repercussions of breaches can impact a company for years. According to IBM, the average total cost of a breach is roughly $3.92 million and, if a third party is involved, cost per breach rises by an average of more than $370,000. To safeguard data and maintain customer trust, companies must secure access to their resources, block threats like malware, prevent data leakage, enable secure remote work, and comply with regulatory frameworks. This can be accomplished by employing advanced security platforms that provide consistent security for all interactions between devices, apps, the web, and more, from a single control point. Additionally, any organisation that outsources services must prioritise managing and assessing third-party risk.  Read Less