Chances are, you’ve never heard of The Office of Foreign Assets Control (OFAC). However, if your company is trying to recover from a ransomware attack, you could unwittingly find yourself in OFAC’s crosshairs and subject to business-crippling fines and penalties. OFAC has been called “the most powerful yet unknown agency in the U.S. government.” An [...]
“Open Sesame!” With this phrase, the title character of the 18th-century folk tale “Ali Baba and the Forty Thieves” was able to gain entry to a secret cavern filled with gold, silver and other riches. The part of the story most people forget is that Ali Baba’s brother was later killed after he forgot the [...]
Most conversations about IT security — and investments in IT security — tend to focus on external forces trying to infiltrate a network at the perimeter, steal sensitive data and sell it to the highest bidder. However, many experts agree that insider threats represent a significant security risk to organizations. An insider threat is typically [...]
Few organizations would give every employee access to HR and accounting systems. But an astonishing number of organizations fail to control access to other sensitive information. A 2019 study by Varonis Data Lab found that 53 percent of companies had at least 1,000 sensitive files that could be accessed by all employees. Almost one-quarter (22 [...]
Cybersecurity has never been more difficult. Threats are growing more frequent, sophisticated and costly. Data, devices and other assets keep moving beyond the reach of network perimeter defenses. Increasing government and industry regulations keep adding layers of complexity. If only there was an instruction manual that explained how to deal with it all. Turns out, [...]
The University of California at San Francisco announced recently that it paid a $1.14 million ransom to regain access to medical school data that was encrypted during a ransomware attack. The incident illustrates a disturbing trend — ransomware attacks are steadily increasing, as are the ransom amounts being demanded. The average ransom demanded in attacks [...]
Firewalls have been an essential first line of defense in network security for decades, serving as the gatekeeper between internal network resources and the outside world. However, mismanaged or misconfigured firewalls are barely better than having no firewall at all. The massive Capital One breach last year illustrates the danger. A misconfigured firewall rule enabled [...]
Even with advanced technologies available to hackers, what technique do they use most often to gain access to sensitive data or spread malware? Phishing attacks. Hackers know it’s much easier to trick a human with a deceptive email than it is to trick or circumvent security software. Instead of trying to pick a lock, they [...]
Cybersecurity has always been a cat-and-mouse game, with malicious actors and security professionals continually refining their tactics to stay one step ahead of the other. Artificial intelligence (AI) is fundamentally changing the game. While IT organizations are using AI to augment security, cybercriminals are also leveraging the technology to find new ways around defense mechanisms. [...]
It’s the most wonderful time of the year — for cybercriminals. We’ve entered the peak season for cybercrime, with various studies indicating that cyberattacks increase by up to 60 percent during the holidays. The Department of Homeland Security recently warned of an expected spike in a range of malicious activity, including unsolicited emails that contain [...]
