Because network intrusions are inevitable, organizations need to improve detection to more quickly respond to attacks, says Carolyn Crandall of Attivo Networks. And deception technology can play a critical role, she says.
In this edition of the ISMG Security Report: Privacy watchdogs in the EU begin enforcing GDPR in less than 30 days; are organizations ready? Also, a look at the top 10, real-world online threats facing business and financial software firm Intuit.
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public? Software legend Ray Ozzie says he has an idea. But it's unlikely to quell the debate over hard-to-break encryption.
Two recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations. What steps should entities take to mitigate those risks?
The Thai government has seized servers used to run the so-called GhostSecret cyber espionage campaign that targets organizations in the finance, healthcare and critical infrastructure sectors - and beyond. McAfee suspects the attacks are being launched by "Hidden Cobra" - a hacking group tied to North Korea.
Are you a fraudster craving an easy way to generate Microsoft Office documents with embedded malicious macros designed to serve as droppers that install banking Trojans onto a victim's PC? Say hello to a toolkit that debuted in February called Rubella Macro Builder.
Visibility in the cloud includes understanding all aspects of critical applications and comparing this data in real time with historical data, says Sharon Besser of GuardiCore. This enables implementation of an effective and efficient security policy, he says.
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
To combat credential stuffing and other types of rising attacks, organizations need data - and lots of it - to feed machine learning and artificial intelligence algorithms to better detect these types of high volume attacks, says Shape Security's Dan Woods.