Security News

One of the most valuable steps an organization can take is to establish a cyber-threat profile, which is a deep-dive look at your organization's adversaries, vulnerabilities and risk. The creation of a cyber-threat profile should be based on intelligence and due diligence and should be used to drive action for the other cyber-defense functions.

The report found that while 81% of those surveyed consider their security to be above average or exceptional, many lack basic cyber hygiene - 41% lack a password complexity requirement, one of the cheapest, easiest forms of protection, and only 55.6% have implemented multi-factor authentication. "The loss of data and resources due to ransomware attacks can be debilitating. Though organizations are taking this threat seriously, too many are failing to take basic preventative steps. This report indicates a disturbing misplaced confidence that defenses never fail or that paying a ransom after an attack will always work - they do, and it won't," said Ted Ross, CEO of SpyCloud.

Vulnerability scanners are not enough, according to an expert who champions an all-encompassing holistic approach to vulnerability management as a means to eliminate surprises. If that's not bad enough, there is confusion surrounding managing vulnerabilities, with most organizations depending on vulnerability scanners and some kind of policy as to when to update or patch the software/hardware.

Thus, security teams often place focus on the race itself and forget about the actual goal or finish line. For example: "Our mission is to continuously improve the organization's security posture by preventing, detecting, analyzing and responding to cybersecurity incidents." It is missing the finish line.

The U.S. Department of Energy CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. In 2021, students have many more opportunities to learn about cybersecurity topics and compete within the CyberForce program.

Owl Cyber Defense Solutions announced the opening of its new regional office, located in Abu Dhabi. The new office, hosted and sponsored by Al Makamin Commercial Projects LLC, part of Sultan International Holding, LLC -, will house Owl's in-region field staff that support the company's growing customer base of oil and gas, petrochemical, power generation, transmission and distribution, nuclear, renewable energy and water/wastewater operators; along with serving government agencies.

Accenture has acquired Sentor, a Sweden-based independent provider of cyber defense and managed security services. The company's portfolio includes advisory services, security testing, managed detection and incident-response capabilities, powered by a 24/7/365 security operations center in Stockholm.

A critical security bug in Palo Alto Networks' Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug is an improper-authorization vulnerability that "Enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API," according to the security vendor's Tuesday advisory.

As more businesses move their critical data and cybersecurity defenses to the cloud and the volume of network traffic increases substantially, enterprise cybersecurity teams are rethinking their use of sandbox environments. It's becoming increasingly easier to avoid the sandbox as enterprises generally direct only a sampling of their traffic to the sandbox.

U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. The Transportation Security Administration directive being issued Thursday will also mandate that the owners and operators of the nation's pipelines report any cyber incidents to the federal government and have a cybersecurity coordinator available at all times to work with authorities in the event of an attack like the one that shut down Colonial Pipeline.