Despite Heightened Cyber-Risks, Few Security Leaders Report to CEO
Despite mounting concerns over data breaches and the growing sophistication of the threat landscape, top management at most organizations still don’t appear to view cybersecurity as a business-critical function.
Far from being close to the CEO, the survey shows the average security leader is, in fact, three levels removed from the chief executive, making it challenging for them to clearly articulate enterprise security risks to top leadership.
Most security leaders don’t have a direct relationship with the CEO and the board, even though they have complete ownership or significant influence over their organizations’ cybersecurity budgets.
The recent reports on cybersecurity threats should be enough for CEOs to realize just how important it is to have proper security measures to protect their data and information.
Protecting an organization from security threats is not only the job of the CISO but also of the CEO and the board. They must realize that an organization’s security is an investment. They are the ones accountable and responsible for any cyber threats that occur within their organization.
CEOs must also understand that any interruptions in the information systems can greatly harm the organization’s operations and may sometimes result in losing their customer trust. When CEOs work in tandem with the security team, everyone wins. Therefore, CEOs must make cybersecurity their number one priority.
One in Five Manufacturing Firms Targeted by Cyberattacks
Cybercriminals and attack groups continue to target manufacturers, with about one in five companies in the sector compromised in a successful attack, according to a survey published by security firm Morphisec this week.
The “Manufacturing Cybersecurity Threat Index” report consists of survey responses from 567 manufacturing employees and found that nearly a quarter of firms are attacked weekly, and more than a third are attacked every month. The numbers are likely conservative, as not all manufacturing employees are aware when a company is attacked.
While ransomware attacks have a significant impact on the business and so are often obvious to employees, the rise of attacks by infostealers — malware to find and exfiltrate valuable data — on manufacturing means that more subtle attacks are often overlooked, says Daniel Petrillo, director of security strategy and products at Morphisec.
The digital manufacturing industry with its heavy reliance on creating a digital thread and process data, and information, makes it a prime target for cyberattacks. This industry with the immense intellectual property of CAD designs makes it easy target and without robust data security measures it could end up being an easy prey to hackers.
SECUDE’s HALOCAD applies Microsoft Information Protection (MIP) for securing priceless CAD files throughout their lifecycle, even beyond the industry’s IT boundaries.
Businesses that pay ransoms are more likely to suffer second attacks
A new study shows that 80 percent of businesses that chose to pay a ransom demand have suffered a second ransomware attack, often at the hands of the same threat actor group.
The research from Cybereason also reveals that of those that opted to pay a ransom demand in order to regain access to their encrypted systems, 46 percent report that some or all of the data was corrupted during the recovery process.
The study of almost 1,300 security professionals shows 35 percent of businesses that paid a ransom demand shelled out between $350,000-$1.4 million, while seven percent paid ransoms exceeding $1.4 million.
More than half of businesses that were under cybersecurity threats ended up paying huge amounts as ransom. But paying does not guarantee anything near full recovery. Sometimes, businesses got only half of their data back with the rest of them inaccessible and were consequently subjected to a second attack.
Paying ransom only encourages cybercriminals. Therefore, businesses must have sound cybersecurity measures to protect their sensitive data and information. A comprehensive data-centric security solution will ensure that data is protected even if leaves the organization’s network.
To know how we can help with your SAP data protection with our flagship product HALOCORE do get in touch with us. SECUDE has been in the data security business for more than two decades and our products HALOCORE and HALOCAD use Microsoft Information Protection (MIP) to protect sensitive SAP and CAD/PLM data even in the hands of unauthorized users.
Nearly 10% of SMB Defense Contractors Show Evidence of Compromise
More than half of SMB contractors in the US defense supply chain are critically vulnerable to ransomware attacks, a new report has claimed.
Cybersecurity vendor BlueVoyant chose to analyze a representative sample of 300 smaller contractors from a defense industrial base (DIB) estimated to have anywhere from 100,000-300,000 suppliers.
The resulting Defense Industry Supply Chain & Security 2021 review uncovered concerning signs of weaknesses in this complex ecosystem of contractors — potentially putting national security at risk.
Data breaches, malware attacks, phishing attacks, spyware, ransomware, and others are major problems for SMBs. Given the fact that these businesses manage an ever-increasing volume of valuable data such as intellectual property, financial records, personal information, and much more, cyberattacks against them aren’t a big surprise.
As large businesses are increasing their cybersecurity spends, cybercriminals turn towards small-to-medium-sized businesses (SMBs) as they are smaller and weaker targets. SMBs need a data-centric security solution with a Zero Trust strategy
Global Ransomware Damage Costs Predicted To Exceed $265 Billion By 2031
Ransomware will cost its victims more around $265 billion (USD) annually by 2031, Cybersecurity Ventures predicts, with a new attack every 2 seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities. The dollar figure is based on 30 percent year-over-year growth in damage costs over the next 10 years.
That represents a significant acceleration from recent years, when scattershot ransomware was building momentum and extracting money from a largely unaware world.
Ransomware is the most active threat facing organizations today. Ransomware hackers often target and threaten to sell or leak data if the ransom is not paid. The amount ransom actors demand is exorbitant. Such ransomware attacks now require a holistic data security risk mitigation strategy.
Using strong passwords, restricting users’ permissions, applying the principle of least privilege to all systems and services, allowing only approved programs to run, monitoring all access, etc. are some of the ways to prevent such attacks.