MSSP articles

You’ve put a lock on your door. Why not add eight more, just to be sure? The cybersecurity industry will sell you as many tools as you are willing to buy, so why not run them all?

The cybersecurity vendor market is quite complicated and it’s easy to get lost in the acronym soup. Whether it’s to make their product sound different or just the proclivity of the tech industry to abbreviate everything, it can be incredibly challenging for non-security people to understand what’s important and what isn’t. Making matters worse, many of the services overlap, meaning that you can invest in two “different” services or platforms and end up getting the same thing in both. One […]

Enterprises are juicy cyberattack targets for several reasons. They provide an enormous quantity of user data that hackers can exfiltrate; and, equally important, enterprises have the budget to pay large sums in ransomware attacks. Additionally, many enterprises deal with government contracts and house sensitive information that hostile nations are interested in. Enterprise security monitoring is essential when the stakes are this high. Let’s dive into what those stakes are, and how security monitoring can help. How can enterprise security monitoring […]

Some cybercriminals don’t probe your network to unleash a ransomware attack. Some of them just want login secrets to sell on for the next wave of cybercriminality.

Vulnerability management is an essential element of every cybersecurity plan. It involves the ongoing monitoring of a company’s digital footprint to find and fix any vulnerabilities in devices, systems, and applications that bad actors could exploit. It decreases a company’s risk exposure and is a proactive way of ensuring threat actors can’t gain access to a company’s private data. It’s also a huge undertaking. Many applications, including those that are cloud-based, that companies use need to be checked and patched […]

The manufacturing sector has suffered the highest percentage of cyberattacks of any sector for three years in a row, according to IBM’s latest X-Force Threat Intelligence Report. Of the top 10 attacked sectors, manufacturing suffered 25.7% of all attacks, followed by finance and insurance at 18.2%. The highest “action on objective”—meaning “the cyber attacker’s end goal”—was malware. Ransomware represented 17% of actions on objective. The same report reveals that 85% of attacks on critical infrastructure could have been prevented with […]

The financial services industry has historically been one of the most targeted industries for cyberattacks, and it’s not difficult to imagine why. Roughly 95% of attacks are financially motivated, and hackers are going directly to the source by targeting the financial services sector. Not only do these financial institutions have direct access to cash, they also tend to be high-revenue businesses that can’t afford to be disrupted or take a reputational hit, so they’re more likely to pay a ransom.  […]

The average cost of a data breach in 2023 was $4.45 million — a 15% increase over three years, marking yet another year in which the average cost has risen significantly. Yet, costs can balloon even higher. Just recently, Change Healthcare had to shell out billions after its breach earlier this year. With the devastatingly high costs of cyberattacks, acting only after you’ve been compromised is a good way to incur some heavy payments or, in some cases, even go […]

Banks with safe deposit vaults don’t set them up so that every box gets the same key. But when it comes to online accounts, we’re not always so careful…

HTTPS needed at least two decades to take hold, for a bunch of curious and sometimes contradictory reasons. Join Paul Ducklin for Part 2 of this peculiar but educational tale…

If you work in a large organization with an extensive attack surface, you might have considered establishing a security operations center (SOC) for more dedicated monitoring and response. Establishing a SOC makes sense for enterprise organizations that face constant threats, handle sensitive and high-value data, and/or have large and complex infrastructures. Such organizations include financial institutions, healthcare organizations, government agencies, high-profile companies, large entertainment companies with A-list celebrities on their rosters, and massive e-commerce companies. For these organizations, a SOC […]

ChatGPT’s release in late 2022 brought the AI industry out of obscurity, turned Nvidia into the fourth-largest company in the world, and generally reawakened the stock market. Yet it didn’t take long for the naysayers and FUD (Fear-Uncertainty-Doubt) mongers to start spreading terrifying news about AI’s risks—everything from supposedly AI-created malware to robots developing general intelligence and taking over the world. Seriously. However, 1.5 years later, we can now take a step back, evaluate what’s happened, —and what hasn’t— and […]

The healthcare industry has had a rough start to 2024. It’s still reeling from February’s attack on Change Healthcare that brought production screeching to a halt. The breach shut down offices and healthcare facilities, cut off patient access to medication and care, and cost large hospitals and pharmacies upward of $100 million per day. Though Change has managed to get many of its systems back online, an American Medical Association survey conducted on April 29 found that 60% of respondents […]

Just how much security does a VPN give you? What could go wrong with the security you think you’re enjoying, and what potential problems do you need to be aware of?