Home > RSS Feeds > Security
  • Most people would agree that no company is immune from cyber-attacks, but the good news is that most organizations have some kind of plan in place to deal with them. However, nearly one-third of their IT teams believe key hardware and software systems are being left unprotected, according to the NetEnrich 2016 Cyber-Attack Readiness survey of 174 IT professionals. The biggest causes of cyber-attacks, said these IT pros, are stolen or weak passwords, followed by testing and monitoring system failure, and advanced persistent threats (APTs). Many of them believe these attacks could have been prevented by having a stronger cyber-security policy and better tools for testing and monitoring. Partnering with third-party consultants or managed security service providers also can significantly boost protection plans. Nearly 70 percent of the companies that use consultants or MSSPs to develop or implement their plans said their services were very helpful. Here are key survey takeaways that highlight why organizations need to be more proactive in their security plans, and why they should consider getting help from external partners.

  • COMMENTARY: While companies are allocating more of their IT budgets to security, the amount of time and energy spent on these issues is rising, as well.

  • New research indicates a direct correlation between the use of automated tools to find and fix vulnerabilities and misconfigurations in security and network devices and satisfaction levels to complete those tasks. A majority of organizations that use automated tools, whether on physical, virtual or cloud networks, were the most satisfied with the ability to perform those activities, according to the survey of 275 IT professionals. The study, released by Skybox Security and conducted by research and marketing firm CyberEdge Group, reveals that remediation and provisioning need the most improvement. Other trouble spots include collecting data about virtual and cloud-based systems and applications, as well as analyzing and remediating firewall rules that violate policies and regulations. These areas need improvement and automation in the immediate future, particularly as many organizations transition to hybrid IT networks, face a shortage of security professionals, and as global regulatory requirements become stricter, according to Skybox. Here are key survey takeaways pointing to trouble spots that solution providers can help address.

  • A new survey shows that a majority of U.S. consumers will think twice about shopping at a retail store that was a victim of a cyber-attack. Two of their biggest worries when online are security and downloading malware. The study, commissioned by Arbor Networks, finds that U.S. consumers are holding businesses to a high standard to protect their personal information, yet many haven't taken the basic steps to protect themselves from cyber-attacks. The survey of 2,057 American adults shows that they use poor online security practices and that the worst offenders are millennials. These findings are a wake-up call for retailers—if they haven't already implemented a strong cyber-security plan that ensures their customers' online safety when shopping. Solution providers can help with a range of products and services that include adding distributed denial-of-service (DDoS) attack protection and installing security information and event management (SIEM) monitoring, along with the basics such as firewalls and spam filters. Here are key survey takeaways that reveal high anxiety among Americans about their online safety and the need for IT security services.

  • If there is one bright spot in the run-up to the U.S. presidential election, it's the increased interest in cyber-security careers among millennials. This is thanks partly to nearly daily news reports over the past few months about Russian cyber-attacks and leaks of the Democratic Party's private emails. A global survey, commissioned by Raytheon and the National Cyber Security Alliance, reports the number of young adults who have read or heard a news account of cyber-attacks has doubled in the past year. The report finds that growing awareness and increased interest in cyber-security has been driven by initiatives such as cyber competitions in school and cyber safety education. But there is more work to be done particularly in outreach to females. The gender gap exists and appears to be getting worse, which can have an impact on talent recruitment. The survey shows progress in the overall outreach to young adults but also indicates that industry and business leaders, along with educators and parents, need to do a better job of communicating about opportunities in the cyber-security field, particularly for young females. Channel Insider examines key study findings.

  • A marked increase in the volume and complexity of IT security attacks appears finally to be pushing more organizations to rely on external IT security expertise. In a global survey of 200 IT professionals with responsibility for security, more than a third said they rely on third-party service providers to secure their IT environments. The study, conducted by The Economist Intelligence Unit on behalf of NEC, finds that while there are mixed opinions concerning how vulnerable their organizations are to major cyber-attacks, nearly three-fourths of those polled say they definitely will be a target of a serious cyber-attack or are likely to be targeted. For IT service providers across the channel, increased awareness of the challenges involving modern IT security is a double-edged sword. Although more awareness creates potential new opportunities, that increased awareness also means that the IT service provider is likely to be held most accountable in the almost inevitable event of a serious attack. Channel Insider examines key takeaways from the study.

  • Organizations are undermining cyber-security strides they have made by failing to enforce best practices concerning known vulnerabilities, including privileged accounts, third-party vendor access and data stored in the cloud, a new survey from security specialist CyberArk concludes. According to the poll of 750 IT and IT security decision-makers, well-publicized breaches have increased cyber-security awareness but in some cases have driven false confidence in companies' ability to protect their organizations from cyber-attacks. A majority of the respondents believe the IT security industry is making progress against cyber-attacks. However, John Worrall, chief marketing officer at CyberArk, said most cyber-attacks are a result of "poor security hygiene" and "organizations can't lose sight of the broader security picture while trying to secure against the threat du jour." Here's a look at how businesses are progressing in their cyber-security programs and where security solution providers can help close gaps.

  • Two of the biggest reasons businesses continue to struggle with insider threats are the adoption of cloud computing technology and bring-your-own-device (BYOD) practices. A new survey reveals that nearly three-fourths of the organizations polled believe they are vulnerable to insider threats. Many of them point to an increase in devices with access to corporate data as a major contributor to the rise in insider leaks. Although the industry's adoption of cloud and BYOD is generally perceived as a positive trend for businesses, these shifts are having an impact on insider threats. The Bitglass Corporate Spies report, based on a survey more than 500 cyber-security professionals, finds that with the adoption of cloud and mobile devices, insiders have access to corporate data from any device and from anywhere. The problem is "careless" users who share sensitive data externally or lose a mobile device that contains sensitive data, according to Bitglass, which offers mobile security and cloud access security broker solutions. The companies at the greatest risk are those that don't have visibility and control over their data. Here's a look at key findings from the study.