The Wiz growth story is amazing. My customers have shared the deployment impact identifying and addressing hundreds of vulnerabilities, key and container issues and malware. Redlock created this category and Wiz has taken it to a new level. Full article here…
Good summary of Ransomware gaps and risks Full article here
Insider Threat and Data Protection remain top priorities along with obtaining better visibility into your code assets. Full article here
Update on how the ISACs can share threat intelligence better as individual members and organizations. Full article here…
Move to the cloud, digital convenience and innovation will continue to drive increased cyber security investment. See full article here
9.8B allocated for Cyber Security….I expect that number to go up as the major incidents increase in 2021. Full Article Here…
Bad actors will certainly use the information for social engineering, scamming, hacking and marketing. What will penalty be on this data breach? Improved Data Protection will remain a top cyber priority. Full article here.
Congratulations to Assaf and Team, fastest growing Israeli Start Up of All time…Wow!!!! See full article here
Looks like another major Ransomware attack per the existing outage, could impact payroll checks this week. Full article here…
Congratulations Kamal!!! See full article here.
The Solar Winds breach points out the risk in the supply chain, big issue getting better visibility into supply chain risk while adhering to privacy constraints. See full article here
Email security remains a key topic on better education and innovative tools beyond the email gateways. Read full article here
We are seeing more stories about Ransomware payments and now the echo system. These stories and daily information will help the general public obtain a better understand of the amount of $$$ being lost daily to cyber incidents. We know the story about the local Bank Robber caught for stealing 1k who only had a[…]
Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend. Bad guys will continue to attack the most vulnerable. See full article here
Not a surprise, reason the banks are digging into their customers relationships with the crypto currency exchanges to avoid 3rd and 4th party risk Read full article here
Hackers are using legit Open Source monitoring tool to gain access to companies AWS workload. Cloud Security will remain a top priority. See full article here
The bad guys will continue to leverage well thought out strategies to get employees to click links, open forms, and attachments to gain access and compromise businesses. Email remains the #1 way the bad guys gain access. See full article here
Wow, what a bummer for the kids in Hartford. With all the COVID-19 issues and now they’re missing their 1st day of school due to Ransomware… See full article here.
Insider Threat and the need for better cloud security controls are the key themes with this incident. Read full article here
When the local bank gets robbed it is in the news. More news about Ransomware attacks and payments will help the public understand the magnitude of the issue, alignment of proper cyber investment, and overall business results and reputation. See full article here.
Measurable data on overall breach impact. See full article here
Not a surprise, remote work force and constant change are driving factors. See full article here…
Smart move by EU, make life more difficult for the bad guys. Full article here
Internet-accessible OT assets are becoming more prevalent across the 16 U.S. critical infrastructure sectors as companies increase remote operations and monitoring, accommodate a decentralized workforce, and expand outsourcing of key skill areas such as instrumentation and control, OT asset management/maintenance. OT and IT Discovery & Mgt. plus secure remote access will remain hot areas. Full article here…
More to watch out for in 2020, this technique helps amplify the DDoS attack without using as many resources but can also create a much more disruptive cyber-threats. Full article here.
Spear phishing are emails are again the vehicle to compromise targets by taking over their accounts quickly. Full article here
Did the high profile targets fail to enable mfa? Was this a Twitter employee, insider? Bad guys will continue to use new techniques. Full article here…
Interesting discussion about breach notification and assessing potential FTC and HIPAA changes. Read full article here.
Congratulation to Guy and team! Full article here
Companies are placing more focus on 3rd party risk management programs per increased C-19 risk and scrutiny from regulators. See full article here…
The COVID-19 coronavirus outbreak will likely have an impact on early-stage venture investment in cybersecurity, yet the need to protect remote professionals and handle the increased attacks have investors and industry professionals optimistic. Full article here…
Great presentation by Jamil at RSA which outlined their staggering cyber spend commitment, 1.25b to be a leader in this space and focus improvement areas including organizational culture; compliance with regulations and certification requirements; its relationship with customers; and its specific cybersecurity controls, especially its tools and policies. Full article here
Another story about lost PII, exposing gaps in cyber controls. All 6.5 million voters in Israel have just had their personal data leaked, reports the New York Times. The full names, addresses, and identity card numbers are among the information that was leaked about every eligible voter in the country. In some cases, phone numbers were also[…]
Congratulations to Sanjay and the Netskope Team! 3B dollar valuation backed by the top security investors quite impressive. Read full article here.
Targeted attack to disrupt daily activities. Read full article here…
The Boston Consulting reports that U.S. financial firms experience up to 300 times more cyber incidents in a year than organizations in other sectors, key driver why the Treasury Department will continue to request more detail to assess risk and compare/contrast detail. See full article here.
These emails continue to get past SPAM email gateways, account takeover emails are the toughest to identify and doing global damage. Read full articles here.
Some ISPs have been fixing via firmware updates but more need to follow. Read full article here.
Excellent summary on the top issues and expected advancement of AI and machine learning solutions to improve cyber protection, identification and remediation. Read full article here.
Congratulations to the Armis Team!!! Game changing products drive fantastic multiples validated by smart Investors and successful customer deployments. Cheers!!!! Read full article here
After an Iranian general was killed in a U.S. drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses. No doubt, tension in Middle East will spark more attacks and[…]
Cloud, Cyber and Kube spending will continue to increase in 2020, consistent feedback from our customer base. Full article here…
Cyber security budgets continue to increase and money keeps pouring into Cyber Innovation companies. Peer discussions regarding deployment value critical in purchasing or investing in the early stage companies. Read full article here
Cyber Insurance a must have investment, contract language critical to who pays or not. Expect much tighter language in the future. Read full article here…
Third Party risk, what happens when your vendors cant pay? Business impact? Risk? Disruption? Read full article here…
Patients Whose HIV Test Results Were Exposed Will Get $75. Read full article here.
Real impact on business bottom line! Investment in cyber protection will continue to increase. Read full article here.
More access to PII data, passwordless authentication can’t come fast enough for Words with Friends game users. For the time being, it is smart to change passwords on other services too. See full article here.
Good to see press on this issue/pain, the public is clueless about the amount $$$ being paid to Ransomware daily…we know about every $1,000, etc…stolen from banks in our area yet little on real $$$ cyber losses/payments… See full article here.
Congratulation to the HYPR Team! Getting rid of passwords and shared secrets will be a huge time saver for many along with a much easier authentication experience. Read full article here.
Iranian fraudsters targeting intellectual property, critical to identify and protect crown jewel IP and applications. Full read article here…
This law is going to drive major spend in Data Protection in 2020. The British Airways GDPR fine of 230MM and Marriott fine of 124MM tip of the iceberg. Read full article here…
The breach occurred via a spear phish e-mail attack on an employee. E-Mail remains the #1 method fraudsters penetrate organizations. Read full article here.
Major problems for those exposed with low IT budgets. Read full article here…
This is not a surprise, Capital One is one of the most Cloud forward financial firms in the world. Unfortunately, not a fun position per the risk for Security professional’s personal name, reputation and trust. Core reason many Global Banks remain cloud careful on the journey to the cloud. Full Article Here…
Correct and understanding your cloud workload inventory, data exposure. Data Protection is a top security initiative for my customers. Full Article Here….
Discovering and monitoring/managing unmanaged IoT devices hot topic per potential impact/damage to Labs, Manufacturing Plants, Corporate networks, etc. Read full article here…
This has driven many meetings this week with my customers to assess current state risk. Former Amazon employee/insider and lost Capital One PII, this will be a hot topic on Capitol Hill. Read full article here…
Most Cloud forward FS company got breached per a misconfigured AWS server, former AWS employee was the perpetrator who went public about the stolen PII data. Read full article here…
Consistent issue, we must do a better job attracting BS & BA students into Cyber through offering intro classes with different options per the multiple roles/requirements needed. Read full article here…
Turning on two factor authentication would stop this invasion of privacy and accessing user accounts. Read full article here…
The Police got hit with Ransomware and Water Power Authority Business E-Mail Compromise-2.3MM loss. BEC is a major problem, my customers are moving this up the Cyber Innovation priority list. Read full article here…
BA is hit hard for losing personal data. This is 367x higher than the previous Facebook 500k fine. The UK law mirrors the GDPR law, this fine will drive more focus on data protection and compliance. Read full article here…
Congratulations to the TrapX Team! See full article here…
Insider threat remains top priority. Many underestimate human factors. Read full article here…
Companies are paying these fees daily, we hear about the local bad guys stealing small money from local banks yet the the thousands being paid for Ransomware is not being reported in our newspapers. Read full article here…
More PII exposed=new business opportunity in the Dark Web! Companies will start creating new data retention policies which decrease the time stored. Read full article here…
Congratulations to the SecurityScorecard Team!!! Read full article here…
Natural progression after millions of personal documents are exposed on the internet. Read full article here…
Third party partnership exposes Quest Read Full Article Here…
Yikes, major exposure! About 885 million documents, including bank account numbers, mortgage records, Social Security numbers, drivers’ license images and tax records, have been leaked by First American Financial Corp.’s website. Anyone with a web browser and a URL for a legitimate document could access the real estate title company’s records. Full article here…
This has delayed home sales and halted water Bill’s for 2 weeks. The city will not pay the ransom and working around system outages. Read full article here…
Account takeover and spear phish e-mails targeting third parties who have relationships with the targeted companies will continue to increase in 2019. Read full article here…
Congratulations to Yevgeny and Team! My early adopters have confirmed the deployment value of Armis. READ FULL ARTICLE HERE
Account takeover emails are difficult to stop, another example of the potential damage. Read full article here…
Wow, scary… Full article here…
Disclosing breaches faster per the pressure of data privacy regulation will continue to be a hot topic. View full article here…
Ransomware takes down production lines in one of the world largest aluminum manufacturers. No ransom was requested, they just took down the lines. I expect increased security investment in Manufacturing and Lab environments to improve cyber resiliency and visibility. Full article link here
Hottest product in the Insurance Market. The Cyber losses will continue to significantly increase. Read full article here…
Great week at the RSA conference this week. This article summarizes hot topics. The key metric remains successful enterprise deployments to determine potential impact and value. Read full article here