Security News

The study explores the extent to which organizations plan to prioritize endpoint security and management practices in order to combat the growing cyber threats facing the modern hybrid workforce. The report reveals that, despite the flood of devastating breaches and software vulnerabilities in 2021, few organizations are focused on enhancing their security posture and operational resilience.

Spirion released a guide which provides a detailed look at sensitive data breaches in 2021 derived from analysis conducted against the Identity Theft Resource Center database of publicly reported data breaches in the United States. 2021 was the most prolific year on record for data breaches, surpassing 2017's all-time high.

Imperva fellow explains why data privacy is about much more the breaches and just knowing where your data is. I could be a network firewall and say, "By protecting your network, I'm protecting your data. Therefore, I do data security." The same thing would be true of encryption or, even more specific, technologies like tokenization or pseudo-anonymization or all of these things to hide your data in certain ways, all of these are data security and trying to protect data.

ESG as a box-ticking exercise 40% of risk professionals view their organization's current ESG strategy as a box-ticking exercise, rather than driving real impact. Risk at the board level Risks that are currently top of mind at board meetings are regulatory changes and compliance, human capital, including talent management, retention and recruitment and lack of diversity within the board or management team.

Interest in specific topics within cybersecurity grew significantly. Between last year's high-profile incidents involving ransomware, supply chain attacks, the exploitation of critical systems vulnerabilities and the new focus on cryptocurrency theft, it's likely that interest in cybersecurity topics will continue to climb in 2022 and beyond.

Ransomware was the most common attack method behind third-party breaches in 2021, initiating more than one out of four incidents analyzed. Despite immense cybersecurity improvements following the onset of the COVID-19 pandemic, the healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents last year.

The US Federal Communications Commission is considering imposing stricter rules requiring telecommunications carriers to report data breaches to customers and law enforcement more quickly. Chairwoman Jessica Rosenworcel drafted a document outlining the new proposal to strengthen the FCC's powers for disclosing data breaches and leaks to customers and federal agencies of "Customer proprietary network information." The updated rules, published this week, would keep the FCC in line with other federal and state data breach laws, she said.

A tally of public data breach reports so far shows that tens of millions of healthcare records have been exposed to unauthorized parties. Most of the largest data breaches result from ransomware attacks and the first ten of them account for more than half of all the healthcare records exposed in 2021.

A GoodFirms survey outlines the current password behavior of online users, risk factors associated with password management, and the best measures, policies, and practices to safeguard passwords from attacks or breaches. 30% of surveyees reported password leaks and security breaches owing to poor password practices and weak password setups.

Cybercriminals will continue to exploit vulnerabilities within remote working and the vaccine ecosystem, but also set their sights on new targets such as online gambling. As more states legalize online sports betting, phishing scams will target the growing ranks of online gamblers, particularly new entrants.