Category: Security Intelligence

Read the original article: Taking the Risk Out of Mergers and Acquisitions In the post-COVID-19 economy, cyber risk and cybersecurity will play a central role in unlocking mergers and acquisitions (M&A) deal valuations. While economic uncertainty has contributed to a…

Read more →

Read the original article: Creating Brand Trust: A Key Currency for Business This is the first in a blog series about building and maintaining brand trust.  Brand trust has always been valuable for business, but the ways to develop it…

Read more →

Read the original article: A New Botnet Attack Just Mozied Into Town A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered. This malware has been active…

Read more →

Read the original article: Risk Management: How Security Can Learn to Do the Math Risk management is an important element in using data to get ahead of cybersecurity risks before they happen. The costs of protecting an enterprise of any…

Read more →

Read the original article: Back to Basics: Creating a Culture of Cybersecurity at Work The importance of security culture can be seen now more than ever. Many of us work remotely; there are app concerns; and the lines between personal and…

Read more →

Read the original article: Jackpotting Reveals Openings in Proprietary Software Jackpotting, an older ATM theft technique, could show security operations team members what to look out for when it comes to Internet of things (IoT) attacks in general, and even…

Read more →

Read the original article: Creating a Cybersecurity Culture Starts With Your Team As cyberattacks become more prevalent and sophisticated, companies must put more faith in their employees to make sure they don’t put data at risk or fall victim to…

Read more →

Read the original article: Data Breach Protection Must Include Physical Security If most of your business’ data and workloads are handled on public clouds, it can be easy to forget about the onsite servers. With office buildings empty, employees may…

Read more →

Read the original article: Ransomware Attacks: How to Protect your Data With Encryption Cybercriminals are making headlines using ransomware to block organizations from accessing their own critical business data to extort ransoms. Recently, the University of California San Francisco fell…

Read more →

Read the original article: Incident Response: 5 Steps to Prevent False Positives False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time…

Read more →

Read the original article: Under Attack: How Threat Actors are Exploiting SOCKS Proxies From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used…

Read more →

Read the original article: SOC 2.0: A Guide to Building a Strong Security Ops Team In a security operations center (SOC), your cybersecurity tools are only as good as the people using them and your SOC’s culture. What are the…

Read more →

Read the original article: CIAM: Building Blocks to Consumer IAM Success Consumer identity and access management (CIAM) is the connective technology between consumers and brands. CIAM is an important consideration when navigating routes to market for your products and services.…

Read more →

Read the original article: Learn How to Secure Personally Identifiable Information, Now As more work shifts to remote, organizations continue dealing with security challenges. Employees are now connecting to internal network resources from varied devices, and many may be connecting…

Read more →

Read the original article: 4 Steps to Consider When Starting a New Cybersecurity Career At a time when layoffs are painfully common, now might not seem like a great time to look for a new job or switch careers. Or,…

Read more →

Read the original article: Leverage Automation Successfully as Part of a Broader SOAR Strategy In a previous article, we explored common misconceptions about automation and the realities of using automation to improve security. This article discusses automation best practices as…

Read more →

Read the original article: Cybersecurity Operations: 5 Ways to Cut Costs Without Pain Cybersecurity frameworks are notoriously expensive to build and maintain. And, business leaders are frequently dissatisfied with their effectiveness. According to research conducted by the Ponemon Institute, enterprises spend…

Read more →

Read the original article: How Can Enterprises Protect Personally Identifiable Information? With data breaches often appearing in the news, customers and enterprise leaders alike may be concerned that the enterprise isn’t doing enough to protect customers’ personally identifiable infomation (PII).…

Read more →

Read the original article: When Your Heartbeat Becomes Data: Benefits and Risk of Biometrics Knowing who your users are today is more important than ever. This explains, in part, why integrating biometric usage into identity and access management (IAM) appears…

Read more →

Read the original article: Digital Transformation: Breaking Down Silos for Better Data Security Today, enterprises are under pressure to improve the power and reduce the cost of running mission-critical business applications by migrating to modern software architectures. By breaking down…

Read more →

Read the original article: Your Newest Cybersecurity Professional Is Already in Your Company The cybersecurity talent gap is real. The 2019/2020 Official Annual Cybersecurity Jobs Report predicts that there will be 3.5 million security jobs left unfilled globally by 2021.…

Read more →

Read the original article: New Vulnerability Could Put IoT Devices at Risk Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices…

Read more →

Read the original article: Don’t Remove Stalkerware Before Reading This Article Stalkerware is technically software with malicious intent, but security professionals should treat it as a different beast from other malware. Stalkerware is an app or apps that someone else…

Read more →

Read the original article: UEM tackles remote work: ‘2020 Gartner Magic Quadrant for Unified Endpoint Management Tools’ As summer winds down, unified endpoint management (UEM) is starting to heat up. Gartner just introduced the 2020 Gartner Magic Quadrant for Unified…

Read more →

Read the original article: How to Ensure Secure and Complete Data Destruction Data security means keeping data out of the wrong hands. This is especially important when storage media is no longer usable and needs to be decommissioned. The data must…

Read more →

Read the original article: Threat Modeling in a Container Environment As organizations turn to hybrid solutions, an increasing number of businesses are turning to container orchestration to provide a seamless solution to computing between environments. “Containers are units of software in…

Read more →

Read the original article: New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in…

Read more →

Read the original article: Safeguarding Health Care Services During COVID-19 With Dr. Saif Abed and Dan Taylor Health care organizations are coming under increased pressure from COVID-19. At the same time, they’re trying to expand digital services to patients and…

Read more →

Read the original article: Legacy Systems: Seven Things to Know When Sunsetting Nothing lasts forever. That’s true for cars, devices, even a favorite sweatshirt or pair of jeans. But it is especially true for information technology (IT).  Legacy IT systems…

Read more →

Read the original article: Help Reinforce Privacy Through the Lens of GDPR The General Data Protection Regulation (GDPR) marked its two-year anniversary in May 2020 as one of the “toughest privacy and security” regulations, according to the European Union. GDPR…

Read more →

Read the original article: Questions to Ask When Conducting Single Sign-On Enrollment Instead of asking employees to input passwords every day, single sign-on (SSO) offers a simplified but secure authentication process. SSO authentication gives a user the option of choosing…

Read more →

Read the original article: Data Democratization: Balancing Risk vs Reward Through Data Governance Expanding employees’ access to the company’s data, known as data democratization, can be controversial. A more open attitude to data within the enterprise can give people the…

Read more →

Read the original article: Vendor Management: 7 Tips for Security During Remote Work Third-party vendor management can be a risk to an organization’s data and network security. Enterprises depend on vendors to use security best practices that meet company standards…

Read more →

Read the original article: Loving the Algorithm: User Risk Management and Good Security Hygiene User risk management watches where people can’t. If you polled a random sampling of employees at various organizations, most would probably consider themselves security-minded. They would…

Read more →

Read the original article: Cloud IAM and the Path Toward Digital Transformation By 2022, 40% of global midsize and larger organizations will use identity and access management (IAM) capabilities delivered as software-as-a-service (SaaS) to fulfill most of their needs, cites…

Read more →

Read the original article: Security Modernization for the Cloud This is the first in a blog series that will focus on all phases of security delivery: design, dev/build, test, deploy, operate and learn.  Many organizations are facing new cybersecurity concerns…

Read more →

Read the original article: Endpoint Security Using AI & MITRE For Your Remote Workforce As employees increasingly work remotely, it is more important than ever to maintain visibility and threat detection in a remote working world. We have seen a…

Read more →

Read the original article: Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock…

Read more →

Read the original article: Threat Hunting Techniques: A Quick Guide Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the…

Read more →

Read the original article: Defending the Oil and Gas Industry Against Cyber Threats The oil and gas industry is one of the most powerful financial sectors in the world, critical to global and national economies. Therefore, this industry is a…

Read more →

Read the original article: Measuring Effectiveness Across Globally Connected Security Operations Centers What’s it like to measure and optimize global security operations centers (SOCs)? Measuring a SOC is a bit like the operating the performance of a machine or a…

Read more →

Read the original article: Measuring Security Operations Center Effectiveness Globally Do you know what is it like to measure and optimize global security operations centers (SOCs)? At IBM Managed Security Services’ (MSS), we measure an SOC a bit like operating…

Read more →

Read the original article: 6 Ransomware Trends You Should Watch for in 2020 A ransomware infection can have a significant financial impact on an organization. American digital security and data backup firm Datto found that ransomware is costing businesses more…

Read more →

Read the original article: How Employing Encryption for Data Security Changed History Human history is full of examples of encryption playing pivotal roles in war, competition and transitions of power. Throughout recorded time, people have employed encryption as a tactical tool…

Read more →

Read the original article: Build a Roadmap for Cyber Resilience The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that…

Read more →

Read the original article: DDoS Attacks Increase in Size, Frequency and Duration Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared…

Read more →

Read the original article: Enhance Integrated Risk Management Solutions With Modern Technologies Many business leaders struggle to efficiently respond to risk and compliance needs because of the complex regulatory landscape, ever-evolving risk scenarios and inconsistent internal processes. It’s only been…

Read more →

Read the original article: How and Why to Take a Holistic Approach to Threat Modeling By taking a broader, more expansive view of threat modeling, organizations can consider the whole picture of their security strategy and improve efficiency. Threat modeling…

Read more →

Read the original article: What’s New in the 2020 Cost of a Data Breach Report In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual…

Read more →

Read the original article: Darknet Cybersecurity: How Finance Institutions Can Defend Themselves Financial firms continue to move to digital-first deployments, as retail branches close, and people shift to remote work. This shift makes understanding and preventing even common darknet, or…

Read more →

Read the original article: All-in-one MSS is the Future — Are You Ready? Managed security service providers (MSSPs) can speed up detection and response capabilities in complex, distributed security environments. However, many traditional managed security providers simply act as alert…

Read more →

Read the original article: Aviation Can Anticipate an Increase in State-Sponsored Activity The combination of lockdown measures, travel restrictions and stalling demand brought on by COVID-19 has caused an unprecedented collapse in the global air transport industry. Facing a projected…

Read more →

Read the original article: 5 Core Tenets for Effective Multicloud Security For a growing number of organizations adopting cloud-based deployment models, the cloud security challenge is clear. For example, how do I rapidly transform my business in a way that is…

Read more →

Read the original article: Leveraging Open Source Can be Powerful for Cybersecurity Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short…

Read more →

Read the original article: Securing Travel and Transportation Operations Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting…

Read more →

Read the original article: 4 Steps to Help You Plan a Cyber Resilience Roadmap What is cyber resilience?  According to IBM Security’s 2020 Cyber Resilient Organization Report, a cyber resilient organization is one that “more effectively prevents, detects, contains and…

Read more →

Read the original article: Why Cyber Ranges Are Effective To Train Your Teams Cyber ranges may be one of the most effective ways to train IT professionals in defending against cyber attacks. The virtual environments deliver simulated real-world attacks that…

Read more →

Read the original article: What Are Insider Threats and How Can You Mitigate Them? There are several types of insider threats that organizations should be aware of and each presents different symptoms for security teams to diagnose. The post What…

Read more →

Read the original article: Mitigating Container Risk Requires a Comprehensive Approach Containers have become a staple among large banks and financial services firms, which have used the technology in production. It has captured the attention of the broader market, that…

Read more →

Read the original article: #TwitterHack: Power, Privilege and Pandemic On Wednesday, July 15, the Twitterverse was ablaze with what Twitter itself has described as a “coordinated social engineering attack” that was launched at around 4pm ET. The outcome of this…

Read more →

Read the original article: Mitigating Containers Risk Requires a Comprehensive Approach Containers have become a staple among large banks and financial services firms, which have used the technology in production. It has captured the attention of the broader market, that…

Read more →

Read the original article: New Research Exposes Iranian Threat Group Operations IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In…

Read more →

Read the original article: Deciphering Between Incident Management and Crisis Management Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage…

Read more →

Read the original article: Focusing on the Fundamentals of Network Security IBM X-Force has reported a huge increase in COVID-19-related spam. Malicious domains have also rapidly expanded during the first quarter of 2020.  Focus on Security Fundamentals   One of the…

Read more →

Read the original article: Zero Trust in 2020: More Important Than Ever Before In a perfect world, all organizations would implement Zero Trust for its inherent security benefits. In today’s uncertain environment, every security strategy that mitigates risk is critical,…

Read more →

Read the original article: A Quick Guide to Using the ONG-C2M2 Model The Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2) can help oil and natural gas (ONG) organizations evaluate their cybersecurity programs and make improvements. These tools…

Read more →

Read the original article: Securing Your Environment While Working Remotely Before the coronavirus pandemic hit, working from home used to be a novelty for many employees. According to a June 2020 IBM Security and Morning Consult “Work From Home Survey,”…

Read more →

Read the original article: Securing Data in a Multicloud Environment The multicloud environment is becoming the standard for businesses, with 93% of organizations using this approach, according to a Flexera 2020 State of the Cloud report. The public cloud services…

Read more →

Read the original article: Overcoming Data Security Challenges in a Hybrid, Multicloud World Cloud computing is evolving at a rapid pace. Today, there’s a range of choices for moving applications and data to cloud that includes various deployment models from…

Read more →

Read the original article: Updating Legacy Systems Amid Growing Cybersecurity Concerns Over the past few months, a shift to remote working has raised many security questions for businesses trying to protect their data. And, ensuring that legacy systems are secure…

Read more →

Read the original article: Future-Proofing Data With a Data Encryption Plan Data volume storage needs are growing exponentially across hybrid multicloud environments. Meanwhile, companies are being faced with a greater number of regulations to follow, as well as increased exposure to…

Read more →

Read the original article: Video Conferencing Security Tips You May Have Overlooked Video conferencing applications grew substantially following the outbreak of the coronavirus (COVID-19) global pandemic. According to Research and Markets article “Video Conferencing Demand Rises due to Social-Distancing,” video…

Read more →

Read the original article: COVID-19 Cybercrime Capitalizing on Brazil’s Government Assistance Program IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity…

Read more →

Read the original article: Why Zero-Click Cyberthreats Should Be on Your Radar For years, the statistics have told us that human error is the greatest contributor to cyberattacks. We’ve stressed the importance of training, training and more training to prevent…

Read more →

Read the original article: How Growing Businesses Should Tackle Cybersecurity Challenges When we think about the most public cyber attacks and data breaches, we generally associate them with large enterprises. The truth is cyber attacks are not limited by company…

Read more →

Read the original article: The Modern Workplace: Keeping Remote Workers Productive and Secure Results from the March 30, 2020, Gartner CFO Survey indicate that 74% of businesses intend to shift some employees to permanent remote work following their initial experience…

Read more →

Read the original article: The 2020 Cyber Resilient Organization: Preparation and Technology Differentiate High Performers The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth…

Read more →

Read the original article: These Cybersecurity Trends Could Get a Boost in 2020 The events of early 2020 have prompted organizations to shift priorities across the board, and security processes are no exception. While the current working environment has presented…

Read more →

Read the original article: The Security Risks of Contactless Payment Contactless payment first arrived in the 1990s and is now having its moment. Both companies and consumers are looking for ways to conduct business with as little physical interaction as…

Read more →

Read the original article: Vulnerable Powerline Extenders Underline Lax IoT Security Multiple vulnerabilities have been found in Tenda PA6 Wi-Fi Powerline extender, version 1.0.1.21. This device is part of Tenda’s PH5 Powerline Extender Kit and extends the wireless network through…

Read more →

Read the original article: An Apple a Day: Treating BYOD Pains with Apple User Enrollment Even with workers returning to the office—it might be a trickle or a flood depending on the organization—the shift towards remote work is moving from just…

Read more →

Read the original article: Visibility and Threat Detection in a Remote Working World At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would…

Read more →

Read the original article: Three Approaches to Cybersecurity Planning for Post-Pandemic Cloud Adoption The global pandemic has been dictating how the whole world is reforming, businesses included. Different forums and analyst reports are increasingly calling out the future of businesses…

Read more →

Read the original article: A Game of Chess: Entropy and Patterns in Threat Intelligence During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned…

Read more →

Read the original article: Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as…

Read more →

Read the original article: Best Practices for Managing Data Privacy & Responding to Privacy Breaches A constantly changing regulatory environment has become the “new normal” for data privacy, and 2020 is no exception. The California Consumer Privacy Act (CCPA) went…

Read more →

Read the original article: The Importance of People and Culture within the Security Operations Center Security operations centers (SOCs) have changed dramatically over the last decade. Gartner predicts that by 2022, 50 percent of all SOCs will transform into modern centers with…

Read more →

Read the original article: Introducing Collaborative Automated Course of Action Operations (CACAO): An Emerging Cybersecurity Standard to Quickly Define and Share Playbooks A common challenge security teams face is ensuring their organization can continue to operate despite cyber attacks — in other…

Read more →

Read the original article: The Latest Mobile Security Threats and How to Prevent Them For many of us, the last few months have drastically increased our reliance on mobile capabilities. Through the increased use of corporate mobile apps, virtual private…

Read more →

Read the original article: Multifactor Authentication: The Next Battleground X-Force Incident Response and Intelligence Services (IRIS) has responded to multiple security incidents where multifactor authentication (MFA) was not implemented—but where implementing MFA might have significantly reduced the impact of the incident. Such…

Read more →

Read the original article: The Journey to Simplicity: User Experience in Security Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors.…

Read more →

Read the original article: How Threat Actors Are Adapting to the Cloud With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put…

Read more →

Read the original article: Three Key Pillars of Smart Identity For years, identity and access management (IAM) was that painful necessity that businesses knew they had to spend time and resources on, but it was always done kind of grudgingly. Oh,…

Read more →

Read the original article: German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign…

Read more →

Read the original article: Shift Your Cybersecurity Mindset to Maintain Cyber Resilience As the business world navigates the ups and downs of today’s economy, a mindset shift will be required to maintain cyber resilience. The post Shift Your Cybersecurity Mindset…

Read more →

Read the original article: How Zero Trust Will Change Your Security Design Approach How would Zero Trust change the way security solutions are designed and where does one even start when implementing Zero Trust principles into their architecture? Learn more…

Read more →

Read the original article: It’s Time to Take a Fresh Look at Zero Trust A convergence of trends and technologies is making Zero Trust an increasingly necessary cybersecurity strategy. The post It’s Time to Take a Fresh Look at Zero…

Read more →

Read the original article: How Cybersecurity Leaders Can Chart the Seas of Business Communication As organizations manage a variety of changes this year, cybersecurity leaders can serve as pillars of stability by keeping communication on track and on point. The…

Read more →

Read the original article: Managed Data Activity Monitoring (DAM) Is More Important Than Ever Data activity monitoring (DAM) should be given strong consideration to help thwart potential data breaches and enhance security as work environments continue to evolve. The post…

Read more →

Read the original article: What Enterprises Can Expect Following the Cyberspace Solarium Commission Report The United States Cyberspace Solarium Commission has made several recommendations for how the U.S. can strengthen its online infrastructure through government-enterprise cooperation. The post What Enterprises…

Read more →