Security News

The unsanctioned use of corporate IT systems, devices, and software - known as shadow IT - has increased significantly during the shift to remote work, and recent research found almost one in seven are concerned about information security because of employees following shadow IT practices. Shadow IT can be tough to mitigate, given the embedded culture of hybrid working in many organizations, in addition to a general lack of engagement from employees with their IT teams.

In this article, I'd like to explore some of the threat detection program challenges CISOs are facing and provide some tips on how they can improve their security operations. CISOs ensure the security operations program for threat detection, investigation and response is executing at peak performance.

"Kubernetes attacks are actually quite common, especially given how popular the container orchestration software is," said Trevor Morgan, product manager at comforte AG. "The array of threats to Kubernetes environments is quite broad.". As an example of how popular targeting vulnerable cloud infrastructure has become, Akamai security researcher Larry Cashdollar recently set up a simple Docker container honeypot, just to see what kind of notice it might attract from the wider web's cadre of cyberattackers.

Cyber attacks will continue to be a threat to businesses, but with Dell Technologies you can have peace of mind that your data and IT assets are secure, protected, and available. We stop at nothing to help thwart threats with intrinsically secure infrastructure and devices, comprehensive detection and response, data protection, and cyber-recovery.

According to the report, the global median dwell time-which is calculated as the median number of days an attacker is present in a target's environment before being detected-decreased from 24 days in 2020 to 21 days in 2021. Organizations' improved threat visibility and response as well as the pervasiveness of ransomware-which has a significantly lower median dwell time than non-ransomware intrusions-are likely driving factors behind reduced median dwell time, per the report.

Cybersecurity Advisory warns of Russian-backed cyber threats to infrastructure. The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the U.K. released a joint Cybersecurity Advisory on April 20, warning organizations based in these countries that Russia's invasion of Ukraine could expose them to increased rates of malicious cyber activity.

The National Association of Corporate Directors, SecurityScorecard and the Cyber Threat Alliance released a report that examines the U.S. Securities and Exchange Commission's recently proposed rules and amendments on cybersecurity reporting requirements for public companies. The report concludes that the proposed rules, if enacted as currently drafted, would strengthen the ability of public companies, funds and advisors to combat cybersecurity threats and implement risk mitigation processes.

"Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups," added CISA Director Jen Easterly. The Five Eyes cybersecurity agencies recommends measures critical infrastructure orgs should take to harden their defenses and protect their information technology and operational technology networks against Russian state-sponsored and criminal cyber threats, including ransomware, destructive malware, DDoS attacks, and cyber espionage.

On overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware. "Security team managers are most concerned that current email security solutions do not block serious inbound threats, which requires time for response and remediation by the security team before dangerous threats are triggered by users," according to the report, released Wednesday.

In his blog post for Government Technology, he pointed out the significant rise of criminal copycats that deliver malware through software updates, the increase in mobile malware attacks, the packaging of malware with other threats that target specific organizations, and the weaponization of malicious software. Malware weaponization is particularly alarming in light of the geopolitical conflict the world is facing right now.