Chances are, you’ve never heard of The Office of Foreign Assets Control (OFAC). However, if your company is trying to recover from a ransomware attack, you could unwittingly find yourself in OFAC’s crosshairs and subject to business-crippling fines and penalties. OFAC has been called “the most powerful yet unknown agency in the U.S. government.” An [...]
“Open Sesame!” With this phrase, the title character of the 18th-century folk tale “Ali Baba and the Forty Thieves” was able to gain entry to a secret cavern filled with gold, silver and other riches. The part of the story most people forget is that Ali Baba’s brother was later killed after he forgot the [...]
Most conversations about IT security — and investments in IT security — tend to focus on external forces trying to infiltrate a network at the perimeter, steal sensitive data and sell it to the highest bidder. However, many experts agree that insider threats represent a significant security risk to organizations. An insider threat is typically [...]
In 1978, a marketing manager with Digital Equipment Corporation sent an unsolicited electronic message to hundreds of ARPANET users promoting the company’s new mainframe computers. It is the first known instance of spam, and it kicked off four decades worth of unwelcome, unwanted and unrelenting email abuses. Email has since become the de facto standard [...]
Ransomware attacks are up sharply during the coronavirus pandemic, with researchers identifying nearly 80 million such attacks during the first half of 2020 — a 109 percent increase from 2019’s midyear total. In a particularly concerning trend, many of these attacks are now targeting backup data in addition to primary data. Robust backup practices have [...]
Few organizations would give every employee access to HR and accounting systems. But an astonishing number of organizations fail to control access to other sensitive information. A 2019 study by Varonis Data Lab found that 53 percent of companies had at least 1,000 sensitive files that could be accessed by all employees. Almost one-quarter (22 [...]
Cybersecurity has never been more difficult. Threats are growing more frequent, sophisticated and costly. Data, devices and other assets keep moving beyond the reach of network perimeter defenses. Increasing government and industry regulations keep adding layers of complexity. If only there was an instruction manual that explained how to deal with it all. Turns out, [...]
Many organizations have done a remarkable job of transitioning to remote work — virtually overnight. IT teams who may have had limited experience working with remote workers found themselves grappling with virtual private networks (VPNs), collaboration platforms, and cloud-based applications and data storage. They deserve a giant pat on the back for keeping their organizations [...]
The University of California at San Francisco announced recently that it paid a $1.14 million ransom to regain access to medical school data that was encrypted during a ransomware attack. The incident illustrates a disturbing trend — ransomware attacks are steadily increasing, as are the ransom amounts being demanded. The average ransom demanded in attacks [...]
The sudden shift to remote work has led many small businesses to adopt practices that may be creating considerable cybersecurity threats. For example, several surveys find that as many as half of remote workers are potentially exposing sensitive company information by using unsecured applications and endpoint devices. The Department of Homeland Security’s cybersecurity division has [...]
