data loss

Bad News About File Sharing Apps

Sensitive enterprise data may be leaving the safety of our corporate networks at a much faster clip than we believed – with web based file sharing services a major contributor to data flight. That’s the conclusion of a survey by the firm Elastica, which analyzed 100 million files shared on leading public cloud applications. According to the research, employees each stored an average of 2,037 files in the cloud. More concerning: fully 20 percent of the files that were “broadly shared” via file sharing services contained regulated data of one sort or another. The company put together a nice little infographic that highlights some of the larger findings. You can view it here. Read more via The Bad News About File Sharing Apps | Digital Guardian.

Continue Reading

Cyber insurance: Only fools rush in | ITworld

Cyber incidents these days tend to follow a familiar pattern: law enforcement is contacted and will begin criminal investigations. Cyber forensic investigators are hired to piece together what happened and security consultants will analyze and remove the malware from any affected systems. Finally: customers who were affected are notified and – typically -offered free credit monitoring services. All of these services come at a cost, of course, as does the business disruption that results. Current cyber insurance policies are structured to recover some or most of those costs. Now companies – from the Fortune 10 on down – are looking to hedge their online risks with various kinds of business insurance. That demand, in turn, is fueling a rapid expansion of the cyber insurance industry that was little more than a niche offering five years ago. But insurance industry experts and corporate security professionals offer words of advice for companies that think they […]

Continue Reading

Essentials for Visibility-Driven Security

Visibility is surprisingly tricky. The security industry offers many disparate tools to provide customers “visibility” into what is happening on their networks. Among them are tools that track what applications are on the network, tools for enumerating and tracking software vulnerabilities, tools for determining when sensitive data has left a network, tools that indicate when attacks are underway and tools that identify and analyze network data flows – to name just a few. Of course, layered on top of all this “visibility” are further systems that correlate and analyze what the mission-specific tools are seeing. Promises of a “single pane of glass” aside, the result is often a mishmash of data and events that require skilled security practitioners to analyze and interpret. The mishmash, in turn, leads to errors in analysis and prioritization. Albert Einstein famously said  “Any fool can know. The point is to understand.” So it is in the information security industry, where a common refrain is “you can’t protect […]

Continue Reading

You’re Doing NAT Wrong! One Million SOHO Routers Vulnerable

A vulnerability in more than 1 million small office and home office (or SOHO) routers makes them potentially vulnerable to remote attacks that could expose private internal network traffic to prying eyes, according to a warning posted by the firm Rapid7.

Continue Reading

White House Cyber Chief: JP Morgan Underscores Critical Infrastructure Risk

The White House’s cyber security czar, Michael Daniel, said the Obama Administration is deeply concerned about the reported hack of systems belonging to banking giant JP Morgan Chase & Co. but sees the incident as part of a larger trend of attacks against U.S. critical infrastructure. Asked about the targeted attack against JP Morgan and other banks and financial institutions, Daniel said that the White House was concerned, but not surprised by the incident. “We have watched for several years the trend of malicious actors in cyber try to figure out how to target critical infrastructure,” he said. “Financial services is critical infrastructure.” The White House was concerned that a major U.S. bank would fall victim to hackers, but sees it in the context of a “broad trend,” rather than an isolated incident, he said. Speaking with Michael Farrell, the Cybersecurity Editor at Christian Science Monitor, Daniel hit on many of the now-common talking […]

Continue Reading
1 19 20 21 22 23 41