Security News > 2020 > June

Security vendor Mimecast has released its fourth annual State of Email Security report for 2020. The report is filled with data about email security, but for those looking for action items Mimecast has provided a list of 10 takeaways that point out particular risks and provide IT security decision makers with some avenues to focus on in the coming months.

Singapore will introduce a wearable device to assist with COVID-19 contact tracing and the minister responsible won't rule out making it compulsory. Vivian Balakrishnan, the minister-in-charge of Singapore's Smart Nation Initiative, said the device is necessary because uptake of Singapore's contact-tracing TraceTogether app has stalled at around 25 per cent of Singapore's population.

The most persistent vulnerabilities are: Client-side vulnerabilities. "The more operating systems and product versions a vulnerability affects, the harder it is to fix, leading to persistence. A larger list of CPEs would also reflect a bigger volume of assets in many cases and consequently a higher difficulty to remediate comprehensively by just sheer volume," Aouad told Help Net Security.

Defining perimeters made sense in the early days of network security and aligned with the basic principle of defense-in-depth - protect internal resources from external forces. While traditional perimeter security was clunky, by and large it worked, despite chokepoints that became flypaper for middleware appliances, which used largely static security policies.

They illustrate how insecure devices increase the cyber attack surface and pose a significant risk to the operational continuity of hospitals and patient safety. Say, in terms of regulations post-COVID, are you seeing any government movement in that direction? Making sure hospitals are better prepared for the day after COVID? Do you see hospitals actually better prepared for the next pandemic following this crisis?

Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures in 2018 to 968 last year, according to a RiskSense report. The study also revealed that it takes a very long time for OSS vulnerabilities to be added to the National Vulnerability Database, averaging 54 days between public disclosure and inclusion in the NVD. This delay can cause organizations to remain exposed to serious application security risks for almost two months.

The COVID-19 pandemic has, in one broad swipe, rewritten the rules regarding our workforce and jobs, with an almost instantaneous transition to remote work for those who were able to. For those companies that went into remote work mode back in March, there was little time to prepare and organizations that did not have remote work plans or policies already in place had to scramble to figure things out.

Business confidence in IT spending levels declined in the last week of May, according to IDC. IT buyers in the US, Western Europe, and some parts of Asia/Pacific indicated that they now expect total IT spending to decline by more than previously anticipated. 2020 IT spending levels in the USA. Confidence levels are still especially weak in the USA, where they have continued to trend down since the crisis began.

An online voting system approved in three US states is vulnerable to manipulation by hackers and may not protect ballot secrecy, according to an analysis by security researchers. The report comes with election officials scrambling following the outbreak of the coronavirus pandemic to enable remote voting in the November election to limit risks from crowded polling stations.

Wipro announced a collaboration with IBM to assist Wipro customers embark on a seamless and secure hybrid cloud journey. Through this alliance, Wipro will develop hybrid cloud offerings to help businesses migrate, manage and transform mission-critical workloads and applications, with security across public or private cloud and on-premises IT environments.