Security News
Most companies with small security teams face the same issues. Many of these companies turn to virtual CISOs to provide security expertise and guidance.
Be we have to balance this and also not turn remote work into a world where everyone must be available 24/7. People still need to be able to shut off work as well. What we lost in the ability to meet directly with people can be a benefit in a remote world where managers and leaders - who are often the stakeholders the intelligence team needs to talk to - are able to be more efficient.
For a CISO that faces the cyber threat landscape with a small security team, the challenge is compounded. Compared to CISOs at large enterprises, CISOs small to medium-sized enterprises have smaller teams with less expertise, smaller budgets for technology and outside services, and are more involved in day-to-day protection activities.
"Healthcare IT teams have daunting technical challenges to ensure network bandwidth, resilience, and security in the face of surging online care, including telemedicine, remote workforces, and medical IoT," explained Ray Watson, VP of innovation at Masergy. "The IDG Healthcare IT survey reveals that an integrated network and security strategy is now an imperative to address these challenges."
While in 2020 organizations were focused on adapting existing technology to borderless and disconnected environments, we will see a massive shift to cloud-native solutions in 2021. In addition to new attacks on container-based environments, 2021 will bring the heightened threat of ransomware and new solutions to combat disinformation.
Malwarebytes is running a holiday deal where you can get 40% off Malwarebytes Premium and the Malwarebytes for Teams business product for a limited time. The latest version of Malwarebytes is 4.2, and it was released at the end of October with enhanced protection, including faster scan speeds and better protection against malware, ransomware, and exploits.
By natively supporting popular cloud data platforms, Immuta now provides a single, powerful solution for data teams to automate cloud data access control, discovery and classification, and privacy protection-significantly improving productivity, unlocking more data for more data consumers, and minimizing the risk of data leaks or breaches. Immuta also unveiled new research that suggests the majority of data-driven organizations will adopt multiple cloud data platforms and utilize sensitive data for analytics, creating a large market need for centralized cloud data access governance.
2020 is shaping up to be a banner year for software vulnerabilities, leaving security professionals drowning in a veritable sea of patching, reporting and looming attacks, many of which they can't even see. "Based on vulnerability data, the state of software security remains pretty dismal," Brian Martin, vice president of vulnerability intelligence with Risk Based Security, told Threatpost.
A zero-click remote code execution bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. Microsoft did not assign a CVE to this vulnerability, stating "It's currently Microsoft's policy to not issue CVEs on products that automatically updates without user's interaction."
At some point since August, Microsoft quietly fixed a cross-site scripting bug in its Teams web app that opened the door to a serious remote-code-execution vulnerability in the Linux, macOS, and Windows desktop versions of its Teams collaboration app. The security researcher who identified the issue suggests Microsoft should have done more to acknowledge the risk, noting that Microsoft didn't bother to publish details or obtain Common Vulnerabilities and Exposures identifiers for the flaws because Teams gets automatically updated.