CyberSecurity


Study: 90 Percent of Organizations Experienced an Identity-Related Incident in Last Year

Identity-related incidents continue to dominate today's headlines. Clorox, MGM and Caesars fell prey to social engineering, while 23andMe suffered a breach as a result of a hacking method called credential stuffing and UnitedHealth lacked multi-factor authentication (MFA). Although these companies made headlines due to the extent of the breach, today's study revealed that only 10% of respondents didn't have an identity-related incident in the last 12 months, consistent with last year's report.



Cybersecurity Career Opportunities Continue to Outpace Supply

Demand for cybersecurity talent continues to outpace supply despite growth in available education and training programs, according to new data from CyberSeek, the most comprehensive source of information on the U.S. cybersecurity workforce.

New FTC Data Shed Light on Companies Most Frequently Impersonated by Scammers

New data from the Federal Trade Commission shows that Best Buy/Geek Squad, Amazon, and PayPal are the companies people report scammers impersonate most often. A newly released data spotlight shows that consumers in 2023 submitted about 52,000 reports about scammers impersonating Best Buy or its Geek Squad tech support brand, followed by about 34,000 reports about scammers impersonating Amazon. PayPal was the third-most impersonated company with about 10,000 reports from consumers.

87 Percent of US Critical Infrastructure Organizations Concerned About AI-Powered Cyberthreats

84% of the US' critical infrastructure organizations have identified the use of AI to drive cyber threats as a current security concern. This dramatic rise in concern about how cybercriminals use AI is revealed in new research by cybersecurity services firm Bridewell, surveying 519 staff responsible for cybersecurity in US critical infrastructure organizations, in sectors such as civil aviation, telecommunications, energy, transport, media, financial services and water supply

7 Steps to an Effective Cybersecurity Training Regimen

Maybe it’s a phishing attack—an innocent-looking email from a company leader or reputable company but generated by a malicious threat actor.

Importance and Need for Certification in SASE Adoption

In today’s dynamic landscape, the evolution of the digital economy serves as a compelling catalyst for organizations to revamp their networks, facilitate remote work, enhance cloud connectivity, reinforce cybersecurity, and maximize productivity. In particular, the shift to cloud computing and remote work has increased the need for secure access for any user from any device and any cloud to network resources.

Survey: 70 Percent of CISOs Feel at Risk for Cyber Attack in Next 12 Months

Proofpoint, Inc., a cybersecurity and compliance company recently released its annual Voice of the CISO report, which explores key challenges, expectations and priorities of chief information security officers (CISOs) worldwide.

Survey: C-Suite Cyber Leaders Optimistic about Defenses, but Large Percentage Suffered Recent Cyber Attack

A recent survey conducted by KPMG, the audit, tax, and advisory firm, reveals that despite a growing number of attacks and breaches, C-suite cyber leaders are optimistic about the effectiveness of their defenses. The survey also highlights the growing importance of artificial intelligence (AI) in the fight against cyber threats. According to the survey of 200 C-suite cyber leaders at companies with revenue of $1 billion and above, 40% reported that their company had suffered a recent cyberattack resulting in a security breach, with 38% experiencing one to three attacks.

Protecting Data is Critical

To say that the Internet of Things (IoT) has become a part of everyday life would be a dramatic understatement. At this point, you would be hard-pressed to find an electronic device that is not connected to the internet.

New Report Says Vulnerability Exploitation Boom Threatens Cybersecurity

Verizon Business recently released the findings of its 17th-annual Data Breach Investigations Report (DBIR), which analyzed a record-high 30,458 security incidents and 10,626 confirmed breaches in 2023—a two-fold increase over 2022.

Cybersixgill Unveils Third-Party Intelligence, Exposing Threats to Organizations Stemming from Their Supply Chain

Cybersixgill, the global cyber threat intelligence data provider, broke new ground today by introducing its Third-Party Intelligence module. The new module delivers vendor-specific cybersecurity and threat intelligence to organizations’ security teams, enabling them to continuously monitor and detect risks to their environment arising from third-party suppliers and take preemptive action before an attack executes.

Survey: 72% of CISOs Are Concerned Generative AI Solutions Could Result In Security Breach

Metomic recently released its “2024 CISO Survey: Insights from the Security Leaders Keeping Critical Business Data Safe.” Metomic surveyed more than 400 Chief Information Security Officers (CISOs) from the U.S. and UK to gain deeper insights on the state of data security. The report includes survey findings on various cybersecurity issues, including security leaders’ top priorities and challenges, SaaS app usage across their organization, and biggest concerns with implementing generative AI solutions.

New Research Shows a Continuing Increase in Ransomware Victims

GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals.

OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance.

i-PRO Advocates for Responsible AI Practices in Physical Security

i-PRO Co., Ltd. (formerly Panasonic Security), a global leader in professional security solutions for surveillance and public safety, underscores the critical importance of ethical and responsible AI practices in the physical security domain.

Axis ­­Raises the Bar on Cybersecurity to Provide Wide-Ranging FIPS 140-Compliant Products to Government Customers

Axis Communications announces plans to expand the number of network physical security products certified to FIPS 140 under the Federal Information Processing Standards. This move will improve the cybersecurity postures of Axis customers that must meet the FIPS 140 certification, specifically in the government and critical infrastructure sectors.

Graylog and SOC Prime Form Exclusive Partnership to Make Threat Detection and Response More Effective and Efficient

Graylog, a provider of in SIEM, Enterprise Log Management and API Security, together with SOC Prime, provider of the foremost platform for collective cyber defense, today unveiled their strategic technology partnership. Now available in beta, this collaboration promises to redefine the effectiveness and efficiency around how businesses identify and mitigate cyber threats.

Versa Next Generation Firewall Achieves Recommended Rating and 99.90% Security Effectiveness Score from Independent Testing Lab

Versa Networks, provider of in AI/ML-powered Unified Secure Access Service Edge (SASE), today announced that Versa Next Generation Firewall (NGFW) received a Recommended Rating, the highest rating given by CyberRatings.org. In the Q1 2024 Cloud Network Firewall comparative report, Versa achieved an overall security effectiveness score of 99.90% with the fastest Rated Throughput of any vendor. As a result of CyberRatings’ rigorous testing of 11 cloud network firewall vendors, Versa NGFW once again demonstrated superior performance, security effectiveness, and value.

Stop the Cybersecurity Blame Game

In December, genetic testing company 23andMe acknowledged a hack that led to the theft of nearly seven million customers’ data. As the New York Times reported, criminals obtained “ancestry trees, birth years and geographic locations.” This kind of digital theft may have felt personal to many of those impacted.

How to Roll Out Microsoft Copilot Securely and Ensure Data Security

Microsoft Copilot is a robust AI productivity tool integrated into Microsoft 365 applications. Copilot can significantly improve your daily workflows by assisting you with drafting documents and presentations, capturing action items in Teams meetings, analyzing data in Excel, and other tasks. However, adopting Copilot can also introduce unexpected data security risks because it is built on native access controls within Microsoft 365, meaning it can access all data a user has access to, including documents, emails, and notes. Therefore, it is crucial to prepare your organization for a secure Copilot rollout and ensure that your sensitive data remains under control in the future.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Webinars

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3