According to a survey of IT decision-makers by Palo Alto Networks, 78% of respondents reported an increase in non-business IoT devices on corporate networks in the last year. For the second year, survey responses warn of needed security changes to protect corporate networks from non-business IoT devices.
As an answer to this emerging challenge, XDR provider Cynet has added a new SaaS Security Posture Management tool to its existing platform. Regardless of the size of an organization or its security team, managing the security policy and posture of dozens to hundreds of SaaS applications is a complex task, and one that requires the right tools to expedite and optimize.
Cyware revealed a research detailing the challenges affecting modern security operations teams and the negative business impact of siloed security operations. According to the study, conducted by Forrester Consulting, 71% of security leaders report their teams need access to threat intelligence, security operations data, incident response data, and vulnerability data, yet 65% of respondents find it very challenging to provide security teams with cohesive data access.
Installing updates is slower and their size gets incrementally bigger due to the long backlog caused by the two or more updates for each Windows platform released every month. Microsoft increases Windows Update's overall performance by marking earlier updates for expiration as part of a regular evaluation process.
External security threats and the risk introduced by a remote and distributed workforce are the most notable, along with cost-cutting and consolidation, but there are plenty of ways IT pros can help their companies deal with the challenges ahead. Dealing with security breaches. According to the SolarWinds survey, security breaches are seen as the biggest external factor influencing an organization's risk exposure.
Mobile application security is about delivering leakage-free, vulnerability-free, tamper-proof and self-protecting mobile apps. Mobile applications' time-to-market is rushed by urgent business needs and their conception is not conducted as thoroughly as developers and security teams would want.
Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. As of writing, other Surface devices, including the Surface Pro 4 and Surface Book, have been deemed unaffected, although other non-Microsoft machines using a similar BIOS may be vulnerable.
A comprehensive third-party security program can align your vendor's security with your internal security controls and risk appetite. The right third-party security management platform can be a smart way to get your program off the ground or automate the one you already have in place.
Compliance was the primary driver for many businesses to build a cyber security program. Starting with frameworks like The Health Insurance Portability and Accountability Act and Visa's Cardholder Information Security Program - which later evolved into the Payment Card Industry Data Security Standards, or PCI DSS - failure to meet compliance requirements was met with strict penalties that included hefty fines or the inability to process payments.
Businesses planning to look at remote work as a long-term strategy should take the time to reassess any "Band-aid" security solutions that may have been applied at the beginning of the pandemic and look at ways that security can be prioritized permanently. It's very important for remote workplaces to ensure that they're regularly backing up company data to the cloud.