Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

 



January 10, 2018 | Threats & Incidents

 Education Companies Least Susceptible to Phishing Attacks

Education stuck out as having the lowest click rate per phishing campaign of any industry in 2016, according to the Verizon 2017 DBIR. The overall click rate for education companies was just 6 percent, while manufacturing (13 percent) had the highest click rate and was most susceptible to a phishing attack.

Read More »


January 9, 2018 | Budgeting, Sizing

 IT Budgets: Projected 2018 Spend on AI Technology

More than three-quarters of IT decision makers surveyed will spend at least 11% of their IT budgets on artificial intelligence (AI) because they see AI as a way to stay competitive, particularly for the IT and security teams within their organizations.

Read More »


January 9, 2018 | Budgeting, Sizing

 CIO or CEO Controls Security Budget for Over Half of Organizations

In more than half (52 percent) of organizations, either the CIO or CEO has the most influence on security spending. In only 18 percent of organizations, the chief information security officer (CISO) controls the security budget, while the CFO is the main influencer in 12 percent of organizations.

Read More »


January 9, 2018 | Infosec Outlook

 DevSecOps on the Rise in Most Organizations Using Cloud Services

DevSecOps is designed to help distribute security throughout the organization and improve the efficiency of security teams. Such a function is now found in 45% of organizations using cloud services, with 49% planning to introduce this function in the future. Only 6% of the IT professionals surveyed stated that they have no plans to introduce a DevSecOps function.

Read More »


January 9, 2018 | Threats & Incidents

 Two-Thirds of Malware Came From Malicious Email Attachments in 2016

Email attachments were by far the most common attack vector for malware installation in 2016, according to the 2017 Verizon Data Breach Investigations Report. A total of 66 percent of identified malware installations stemmed from email attachments, with the remaining 34 percent attributed to other threat vectors, such as web downloads.

Read More »


January 9, 2018 | Threats & Incidents

 DDoS Attack Size Spiked in 2016

The largest recorded distributed denial-of-service (DDoS) attack reached 800 Gigabits-per-second (Gbps) in 2016, according to Arbor Networks’ 2017 Worldwide Infrastructure Report. The 800 Gbps represented a significant increase over the largest DDoS attack recorded in 2013, which was 309 Gbps.

Read More »


January 9, 2018 | Threats & Incidents

 Internal Incidents Were Leading Cause of Breaches in 2016

A survey of 3,588 IT and business professionals found that the leading cause of breaches in 2016 (41 percent) was internal incidents within their organizations. This includes inadvertent misuse or accidents, as well as abuse with malicious intent. The second most common cause of a breach in 2016 was external attacks targeting a business partner/third-party supplier.

Read More »


January 9, 2018 | Threats & Incidents

 How Malware Infects Users via Email

To infect users with malware, attackers most commonly use email. The attack begins with a malicious email disguised as a routine notification, often including an attachment. Once the user opens the attachment, a Powershell script is executed to download the malware, which is often ransomware.

Read More »


January 9, 2018 | Penetration Testing and Red Teaming
By Shannon Lietz, IANS Faculty

 Best Practices for Working with Bug Bounty Programs

Bug bounty programs like HackerOne, Bugcrowd and Synack can help organizations uncover code flaws before the bad guys do, but what are the best ways to leverage them without busting the budget? In this Ask-an-Expert live interaction, IANS Faculty Shannon Lietz explains the importance of solid security basics and preparation prior to engagement. 

Read More »


January 8, 2018 | Leadership Skills

 Breach Awareness Low for Business Executives Worldwide

While it may seem like the Equifax breach or WannaCry ransomware were well-publicized incidents, the fact remains that non-security executives and board members remain largely unaware of these stories. For instance, only 34 percent of board and senior-level executives in the U.S., UK and Germany were aware of the WannaCry ransomware attack, while just 28 percent were aware of Equifax. On the other hand, 68 percent of these executives and board members were aware of the Hillary Clinton emails story.

Read More »