Security News > 2021

In a survey of 582 information security professionals, 50% say they do not believe their organization is prepared to repel a ransomware attack. In order to protect organizations from the next big ransomware attack, security teams must invest in protecting the human attack surface and understanding the enterprise technology habits within its organizations that make it most vulnerable.

We need to understand every packet, bit, flow, application, interaction on the network as well as device and user interactions. Through vigilant monitoring and baselining of behavior, we can better understand at-risk devices and behavior and act quickly to limit or prevent infection.

Guardicore unveiled new zero trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization's AWS security posture that can put data at risk.

U.S. motorists worry about the cybersecurity of their connected vehicles, according to a survey by HSB, part of Munich Re. Some even believe a hacker could confront them over their car audio systems or disable automotive safety features. The HSB poll by Zogby Analytics found that 37 percent of consumers who responded were somewhat or very concerned about the cyber security and safety of connected and automated vehicles.

More companies are calling workers back to the office, but will they readily return? A new study by global staffing firm Robert Half shows that about 1 in 3 professionals currently working from home due to the pandemic would look for a new job if required to be in the office full time. 49% of all employees surveyed said they prefer a hybrid work arrangement, where they can divide time between the office and another location.

The enterprise governance, risk, and compliance market is expected to register a CAGR of 12.5% in the forecast period. Enterprise GRC helps organizations anticipate, understand, and holistically manage their risks.

Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world. The hack occurred four months ago but was only discovered in the wild by a Codecov customer on the morning of April 1, 2021, the company said in a note acknowledging the severity of the breach.

The U.S. Cybersecurity and Infrastructure Security Agency on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service attacks, data leaks, and remote code execution. The four security flaws were discovered and reported to CISA by researchers Tal Keren and Sharon Brizinov from operational technology security company Claroty.

Cado Security, provider of a cloud-native digital forensics platform, has secured $10 million in Series A funding, which brings the total amount raised by the company to date to $11.5 million. Founded in April 2020, the London, United Kingdom-based security firm helps enterprises investigate and respond to cyber-incidents in cloud environments.

Amazon Web Services announced the general availability of AQUA for Amazon Redshift, an innovative new distributed and hardware-accelerated cache that delivers up to ten times better query performance than other enterprise cloud data warehouses. AQUA brings compute to the storage layer, helping customers avoid networking bandwidth limitations by eliminating unnecessary data movement between where data is stored and compute clusters.