Security Magazine

1. Don’t let your guard down over IT security during the pandemic

   Healthcare providers remain firmly focused on dealing with the global pandemic, juggling the often-conflicting demands of providing care while keeping patients and staff safe. The financial impact of the pandemic has left many providers on the brink of bankruptcy amid falling patient visits deferred elective surgeries, and insufficient government aid to “fill the gap.”

2. The top 10 fastest-growing cybersecurity skills

   A new examination of the top 10 fastest-growing cybersecurity skills shows employers are ready to pay more for workers who can prevent attacks before they occur by building a secure digital ecosystem from the ground up, according to data from Burning Glass Technologies.

3. Faking social responsibility may get you hacked

   New research from University of Delaware's Lerner College Professor John D’Arcy suggests that some hackers may be motivated by disappointment in a company’s attempts to fake social responsibility.

4. People are less concerned with their cyber safety despite significant rise in COVID-19 related attacks

   Less than one in three (31%) Americans are concerned about their data security while working from home during the COVID-19 global health crisis, according to a new study.

5. Gym company NRG Labs implements virtual technology to help with tailgating and COVID-19 response

   Massachusetts-based NRG Lab, which owns and operates three gyms in the state, need a solution to tackle "tailgating" so unauthorized visitors don't enter immediately behind authorized members, as well as to ensure continued safe operation, protecting its bottom line during the heath crisis.

6. Could the U.S. Presidential election be hacked?

   The answer is yes, but the how may be different that you think.

7. Predictions on privacy within your enterprise for 2021

   Forrester Research Inc. has laid out some of its predictions regarding privacy in 2021. Among those predictions include a 100% increase in regulatory and legal activity related to employee privacy, a significant change in whom privacy leaders report to within the enterprise and more. 

8. How $377 million will be lost due to ad fraud in the 2020 US campaign

   The U.S. Presidential Election has, in many ways, been digital. Spend on digital ads in the race reached $2.9 billion in 2020. This was up sharply from $0.4 billion four years ago, marking the continuing prominence of digital political campaigning since President Obama's campaign manager, David Plouffe heralded the channel as a deciding factor in the election 12 years ago. However, an increasing challenge for this online ad spend has been ad fraud. In a new study, in association with the University of Baltimore, we see that marketers will $35 billion to digital ad fraud in 2020. Ad fraud is the practice of fraudulently representing online advertising impressions, clicks, conversion or data events in order to generate revenue. In the case of the political campaigns, often money is spent reaching bots rather than voters.

9. 93% of security operations center employing AI and machine learning tools to detect advanced threats

   Security operations centers (SOCs) across the globe are most concerned with advanced threat detection and are increasingly looking to artificial intelligence (AI) and machine learning (ML) technologies to proactively safeguard the enterprise, according to a new study by Micro Focus, in partnership with CyberEdge Group.

10. NARUC releases cybersecurity tabletop exercise guide and Gridex V case study

    The National Association of Regulatory Utility Commissioners Center for Partnerships & Innovation announced the release of the Cybersecurity Tabletop Exercise Guide and Public Utility Commission Participation in GridEx V: A Case Study. These new publications highlight the need for public utility commissions and utilities to coordinate on cybersecurity preparedness efforts.

11. Ghana Ports and Harbors Authority conducts drills for security personnel and incident response

    Random simulations took place to test security personnel’s aptitude included prevention, detection and disposal of stowaway attempts, port-users gate clearance procedures, access control procedures and understanding of video surveillance operations.

12. COVID-19 workplace guidelines mandatory in New Jersey by executive order

    To help keep New Jersey workers and the workplace safe during the coronavirus, the Governor of New Jersey Phil Murphy has issued an executive order with mandatory safety standards that private and public companies must adhere and comply to dealing with COVID-19 response.

13. CISA: Ransomware activity targeting the healthcare and public health sector

    The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.  

14. New poll suggests enterprises should harden systems against unconventional attack vectors

    SafeGuard Cyber announced the results of a new survey of 600 senior enterprise IT and security professionals. The study revealed the need to harden unconventional attack vectors in cloud, mobile, and social media technologies. Moreover, enterprise organizations are juggling the twin demands of budget constraints and the need to drive business outcomes.

15. Developing a playbook on how to respond to a breach

    While breaches are an inevitable part of doing business, you can limit the negative impact by developing a solid playbook that charts a course to recovery. Examine potential threats, work out how to handle discrete scenarios, and spell it all out for your employees. By compiling policies and work streams, assigning responsibilities, and setting expectations you can build real resilience. Cool heads prevail in a crisis, and nothing curbs the spread of panic as well as a clearly delineated plan. But it’s not enough to craft a playbook, you also need to test it before it can serve as a critical piece of governance for your organization. Let’s take a closer look at the best way to go about developing a playbook.

16. Ryuk ransomware responsible for one third of all ransomware attacks in 2020

    SonicWall Capture Labs threat researchers unveiled third-quarter threat intelligence collected by the company’s more than 1 million global security sensors. Year-to-date findings through September 2020 highlight cyber criminals’ growing use of ransomware, encrypted threats and attacks leveraging non-standard ports, while overall malware volume declined for the third consecutive quarter.

17. Business email compromise during a pandemic: Why cyber insurance is more urgent than ever

    In this ongoing virtual environment, organizations remain highly vulnerable to the significant cybersecurity risks exposed by widespread remote work - business email compromise (BEC), in particular. How did business email compromise become such a serious threat for organizations, and why should cyber insurance be top of mind right now, as a result? Let’s dive in.

18. 2021 healthcare cybersecurity strategy: Start at the end

    With the healthcare industry expected to spend $125 billion on cybersecurity from 2020 to 2025, dollars must be spent for maximum efficiency. The question is, how to allocate those funds most effectively at a time when cybercriminals have placed a huge target on hospitals, research labs, pharmaceuticals and insurance carriers. Organizations need to take a layered approach to security to protect their organizations and sensitive patient data. The smartest approach is to start at the perimeter and work back toward existing enterprise protections – here’s how to do that.

19. Eaton achieves IEC and UL cybersecurity certifications for product development processes

    During its Cybersecurity Perspectives forum kicking off, power management company Eaton announced it is the first company to have its product development processes certified by both the International Electrotechnical Commission (IEC) and global safety science organization UL. 

20. The three challenges of network tool sprawl and how to solve them

    It’s easy to see how network tool sprawl gets started. The needs and challenges facing security and networking groups are immense. Network speeds have steadily increased, and there are always new demands and uses. Network conditions and requirements change weekly, if not daily. Security threats increase in number and approach. At the same time, technological advancement rapidly brings new solutions to the market that are beneficial in addressing networking and security needs.

21. Enterprise Internet of Things (IoT) cybersecurity

    IoT plays an important role that allows enterprises to go through digital transformation. However, in many cases organizations start to become aware that they do already have a large number of IoT devices which were introduced gradually over the years. One of the main concerns that an organizations face when dealing with IoT is managing risks involved in increasing number of IoT devices. Because of their ability to interact with the physical world, there are safety and privacy concerns when it comes to the security of IoT devices. This paper provides an overview of IoT components, followed by risks and sample attacks. Finally, a list of current and prospective future security solutions is discussed.

22. IoT Security Foundation launches vulnerability disclosure platform for IoT industry

    An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities while helping IoT vendors comply with new consumer IoT security standards and regulations.

23. Whit Chaiyabhat promoted to Head of Global Security at Takeda

    Whit Chaiyabhat was promoted to serve as Takeda Pharmaceuticals' Head of Global Security in mid-October. Congrats!

24. The pressures the online gaming community faces when it comes to cybersecurity

    Online games and specifically the Massive Multi-Player (MMO) games, experience multiple attacks from hackers, platform competition that try to block players’ access to the gaming platforms, as well as cheating players that can attack other players slowing their connection, while gaining a competitive advantage. These attacks can take the entire game offline, resulting in hundreds of thousands of dollars lost, according to Radware’s threat research team.

25. Portland State University will not meet goal of transitioning to unarmed police officers this fall, but remain committed to goal

    Portland State University will be unable to meet its fall goal of transitioning to unarmed sworn officers on campus due to a number of issues, however, the University says it remains committed to this eventual goal.