In canvassing the security industry, CBInsights came up with a list of startups with early-to mid-stage high-momentum that have pioneering technology with the potential to transform cybersecurity. They split the companies into the following categories: Quantum Encryption, Predictive Intelligence, Deception Security, Autonomous Systems, IoT Security, Mobile Security, Automobile Security, Critical Infrastructure Security, and Cyber Insurance.CB Insights created a Company Mosaic, which uses data to track private company health, using signals including recency of financing, total raised, and investor quality. We’ve gathered this data via our machine learning technology (dubbed The Cruncher) as well as via several thousand direct submissions from firms and individual professionals.To read this article in full or to leave a comment, please click here(Insider Story)
Trivial matter?Image by Steve Traynor/IDGThe average user has around 26 to 55 applications downloaded to his smartphone device. Most likely, you have entertainment and gaming apps, a banking app, a few social media apps, fitness apps, and eCommerce apps to shop at your favorite stores.To read this article in full or to leave a comment, please click here
Trivial matter?Image by Steve Traynor/IDGThe average user has around 26 to 55 applications downloaded to his smartphone device. Most likely, you have entertainment and gaming apps, a banking app, a few social media apps, fitness apps, and eCommerce apps to shop at your favorite stores.To read this article in full or to leave a comment, please click here
New products of the weekImage by A10Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.To read this article in full or to leave a comment, please click here
New products of the weekImage by A10Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.To read this article in full or to leave a comment, please click here
When it came to the physical plant, it used to be easy with surveillance cameras and access badges to tell if an insider was up to no good. Now with a more virtual network, you can’t always know if the person sitting in the next cubicle is gaining access to confidential documents.
While the insider threat still connotes an employee of the company, the intruder is no longer someone located within the confines of the building. Accessing the network can happen from such public places as the local coffee shop.
“For companies today, where old corporate lines are disappearing more frequently, the challenges only increase. Enterprises need to adapt their policies and procedures to prevent threats by securing corporate end-point equipment and the right tools that protect and allow users to do their work,” said Matias Brutti, a hacker at Okta. “Work environments are constantly changing, so monitoring is difficult on a corporate level.”To read this article in full or to leave a comment, please click here
When it came to the physical plant, it used to be easy with surveillance cameras and access badges to tell if an insider was up to no good. Now with a more virtual network, you can’t always know if the person sitting in the next cubicle is gaining access to confidential documents.
While the insider threat still connotes an employee of the company, the intruder is no longer someone located within the confines of the building. Accessing the network can happen from such public places as the local coffee shop.
“For companies today, where old corporate lines are disappearing more frequently, the challenges only increase. Enterprises need to adapt their policies and procedures to prevent threats by securing corporate end-point equipment and the right tools that protect and allow users to do their work,” said Matias Brutti, a hacker at Okta. “Work environments are constantly changing, so monitoring is difficult on a corporate level.”To read this article in full or to leave a comment, please click here
This past February marks the two-year anniversary when Livingston County, Michigan, was hit by ransomware. The wealthiest county in the state had three years’ worth of tax information possibly at the mercy of cybercriminals.As a local government, county CIO Rich C. Malewicz said they have been a target of ransomware, but in this instance they had backups at the ready. He said the most memorable ransomware attack was a result of a watering hole campaign using malvertizing to infect users visiting a local news website. “This attack was very clever in that all you had to do to get infected was visit the website, you didn't even have to click on the page. Once the user went to the local news website, they were immediately redirected to a site hosting exploit code and the infamous page appeared demanding a ransom with instructions,” he said.To read this article in full or to leave a comment, please click here
This past February marks the two-year anniversary when Livingston County, Michigan, was hit by ransomware. The wealthiest county in the state had three years’ worth of tax information possibly at the mercy of cybercriminals.As a local government, county CIO Rich C. Malewicz said they have been a target of ransomware, but in this instance they had backups at the ready. He said the most memorable ransomware attack was a result of a watering hole campaign using malvertizing to infect users visiting a local news website. “This attack was very clever in that all you had to do to get infected was visit the website, you didn't even have to click on the page. Once the user went to the local news website, they were immediately redirected to a site hosting exploit code and the infamous page appeared demanding a ransom with instructions,” he said.To read this article in full or to leave a comment, please click here
New products of the weekImage by Illusive NetworksOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.VM Backup version 7Image by altaroTo read this article in full or to leave a comment, please click here
New products of the weekImage by Illusive NetworksOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.VM Backup version 7Image by altaroTo read this article in full or to leave a comment, please click here
The problem: spearphishingImage by John Singleton Copley/National Gallery of ArtSpearphishing is a top attack vector used by cyber adversaries today. Consists of fraudulent emails that appear to be legitimate which target specific organizations, groups, or individuals to gain access to information systems. Targeted spear phishing also leverages social engineering which includes research about specific targets of interest. Organizations rely on email connectivity with the outside to function and thus is an entry into a potential target’s environment that bypasses many of the legacy security stack.To read this article in full or to leave a comment, please click here
The problem: spearphishingImage by John Singleton Copley/National Gallery of ArtSpearphishing is a top attack vector used by cyber adversaries today. Consists of fraudulent emails that appear to be legitimate which target specific organizations, groups, or individuals to gain access to information systems. Targeted spear phishing also leverages social engineering which includes research about specific targets of interest. Organizations rely on email connectivity with the outside to function and thus is an entry into a potential target’s environment that bypasses many of the legacy security stack.To read this article in full or to leave a comment, please click here
No matter how intelligent they claim to be, many smart home gadgets are vulnerable to hackers. Nowadays even the lock on your front door is susceptible to a cyberattack. No longer do you only have to worry about someone simply picking the lock, now a burglar could go through cyberspace to unlatch the door.Just like the lock on your front door to keep out burglars, you should protect your high-tech devices from cyber threats. Start by choosing different passwords for your internet router and each of your smart devices. It is also important to use multi-factor authentication as an added protection to prevent a hacker who guesses your password from breaking into your home. You should regularly install manufacturer updates to make sure you are running the most current security system in your home.To read this article in full or to leave a comment, please click here
No matter how intelligent they claim to be, many smart home gadgets are vulnerable to hackers. Nowadays even the lock on your front door is susceptible to a cyberattack. No longer do you only have to worry about someone simply picking the lock, now a burglar could go through cyberspace to unlatch the door.Just like the lock on your front door to keep out burglars, you should protect your high-tech devices from cyber threats. Start by choosing different passwords for your internet router and each of your smart devices. It is also important to use multi-factor authentication as an added protection to prevent a hacker who guesses your password from breaking into your home. You should regularly install manufacturer updates to make sure you are running the most current security system in your home.To read this article in full or to leave a comment, please click here
Potentially difficult timesImage by ThinkstockIn tech, divestitures are a fact of life and solutions are bought and sold all the time. But that doesn’t change the fact that when it happens to a solution that your company uses, it can make things difficult for you. Although your vendor’s divestiture is out of your control, you can at least do your due diligence in limiting any negative impact to your company. With that in mind, ZL Technologies lists 10 things you should worry about if your vendor divests.To read this article in full or to leave a comment, please click here
Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here
Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here
Recently inboxes have been hit by the so-called “airline phishing attack.” It is a new take on an old phishing email. It uses multiple techniques to capture sensitive data and deploy an advanced persistent threat (APT).Barracuda Networks has seen this attack with several of its customers, especially in industries that deal with frequent shipping of goods or employee travel, such as logistics, shipping, and manufacturing. The attacker will either impersonate a travel agency or even an employee in HR or finance who is sending an airline ticket or e-ticket. The email will be constructed to appear inconspicuous.The attacker will have researched his target, selecting the airline, destination and price so that these details look legitimate in the context of the company and the recipient, Barracuda reports. After getting the employee to open the email, an APT embedded in an email attachment goes into action. The attachment is typically formatted as a PDF or DOCX document. In this attack, the malware will be executed upon opening the document. To read this article in full or to leave a comment, please click here
Recently inboxes have been hit by the so-called “airline phishing attack.” It is a new take on an old phishing email. It uses multiple techniques to capture sensitive data and deploy an advanced persistent threat (APT).Barracuda Networks has seen this attack with several of its customers, especially in industries that deal with frequent shipping of goods or employee travel, such as logistics, shipping, and manufacturing. The attacker will either impersonate a travel agency or even an employee in HR or finance who is sending an airline ticket or e-ticket. The email will be constructed to appear inconspicuous.The attacker will have researched his target, selecting the airline, destination and price so that these details look legitimate in the context of the company and the recipient, Barracuda reports. After getting the employee to open the email, an APT embedded in an email attachment goes into action. The attachment is typically formatted as a PDF or DOCX document. In this attack, the malware will be executed upon opening the document. To read this article in full or to leave a comment, please click here
Ryan Francis