Home > RSS Feeds > Security
  • Recovering from a breach typically doesn't end with remediation. Lingering impacts, particularly if sensitive financial data is breached, can last from several months to several years, according to a new survey conducted by the SANS Institute and security vendor Identity Finder. The study, "Cleaning Up After a Breach, Post Breach Impact: A Cost Compendium," finds that the biggest breaches target personal information, followed by identity and financial information. Not only does the lingering effect cause financial losses due to the need for credit monitoring, information hot lines and credit card reissuance fees, it also can have an impact on brand reputation, sales/revenue, stock prices and customer churn. The survey also revealed that the biggest impact on the cost of post-breach activities includes disruptions to daily work, time to fully remediate, media attention and compliance violations. However, the study finds that organizations can reduce the cost of breaches when they have the right processes to handle post-breach activities and data protections that minimize exposure after a breach occurs. Here are key takeaways from the analysis.

  • NEWS BRIEFS: In addition to Ingram Micro's news, this week's briefs cover CloudBolt's partner program, Five9's channel program expansion, and more.

  • The sharp rise in data breaches has prompted organizations to look for better ways to secure their data. The challenge is that not many of them have significant experience or expertise with new authentication technologies. A survey of 308 cyber-security professionals by Wakefield Research on behalf of SecureAuth Corp., a provider of multi-factor authentication and single sign-on software, shows general agreement that traditional passwords don't provide the same level of security they once did. Almost a quarter surveyed admitted their organizations suffered multiple breaches in the last year. The good news is that IT security budgets are expected to be higher in the coming year. Many firms will need help from solution providers with IT security expertise, not only in determining what biometric and two-factor authentication technologies to implement as an alternative to passwords, but also in implementing them in a way that won't compromise the end-user experience. After all, securing something in a way that actually will be used by people requires a rare mix of skill and talent that most organizations today could leverage through IT security experts in the channel.

  • The fundamentals matter the most when protecting an organization from insider threats, whether they are accidental or malicious, according to a new report from research and advisory firm Aite Group. The outcome of a data breach is the same, exposing an organization's data and impacting its bottom line through reputational damage and remediation efforts. Based on Aite's discussions with asset managers and global custodian service providers, the report, "Cybersecurity Insider: The Asset as Threat," finds that accidental events are undercounted primarily due to fear of reputational damage. The study, which also examines data from IBM, CERT, Advisen and other sources, reveals that financial institutions, in particular, face a multitude of information security challenges. These challenges range from a lack of policy and procedure adherence and poor access management controls, to a need to balance security with an organization's performance, keeping employees informed about cyber-security risks, and a talent shortage of security professionals. In many of these cases, it opens up new opportunities for managed security services companies to provide services around specific security tasks. Here are key takeaways from the report covering insider threats, protection methods and challenges.

  • With eight in 10 organizations experiencing IT security incidents in 2015, IT professionals are becoming more proactive about preventing them, according to a new Spiceworks survey of nearly 200 IT pros. By implementing measures ranging from educating employees about risks to investing in more security solutions, a little more than seven in 10 survey respondents expect their organizations to be more secure in 2016. The study, "Battling the Big Hack," also reveals that IT pros are gearing up for external security threats next year. However, the survey reveals a disconnect between what they perceive as their biggest IT security threats versus the actual threats. For example, little more than half said ransomware is a top concern in 2016, but only one-fifth of organizations experienced a ransomware incident this year. To combat these threats, IT teams are investing in sophisticated security solutions, such as those for battling advanced persistent threats. Here are survey takeaways that point to revenue opportunities for the channel.