“The Future is History that Hasn’t Happened Yet.” History has demonstrated that while connected devices yield great utility, they also unintentionally expose us to points of vulnerability
source: Cryware Social
Barnes & Noble confirms a cyberattack that impacted the Nook and potentially exposed customer data.
source: The Global Sign
The FBI partners with cybersecurity agencies to remind everyone to do your part and #BeCyberSmart all year long.
source: FBI
Secure Your Future
Healthcare must have an effective IoT security strategy (including staff training) in order to protect: infusion and insulin pumps; wireless vital monitors; thermometers; smart pens; MRI systems; blood gas analyzers; CT scans; anesthesia machines; x-ray machines and pacemakers. It’s a lot … and it matters.
Learn More
How secure are remote work setups? How secure are our cloud environments? Learn to identify, review and prioritize strategic risks associated with your newly remote and empowered workforces.
Help your employees stay mindful of their actions. Use it as a poster or as a desktop wallpaper to reinforce awareness. We look at options to capitalize on this low-hanging fruit.
It’s good to have awareness: health awareness, financial awareness, situational awareness… awareness can significantly affect our quality of life—even our ability to survive. Optiv is about awareness. We’re also about informed, results-focused action.
Operations technology was once considered low risk, at least until the virus came along and re-arranged the threat landscape. source: DarkReading
More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds. source: Egnnyte
45% of ISSA members believe the cybersecurity skills shortage worsened over the past few years, while 48% say it remained about the same. source: ISSA
The hasty shift to online delivery of primary care services since the COVID-19 outbreak has attracted significant attacker interest. source: SecurityScorecard and DarkOwl
A look inside SOCs and the 24/7/365 threat intelligence/hunting services they provide.
This assessment helps you identify/prioritize the highest severity risks affecting your web applications and supporting infrastructure.
Look at five ways to identify and prioritize the highest severity risks affecting your web application and its supporting infrastructure.
Information security strategies often overlook these threats posed by weaknesses in its physical security posture.
To stay one step ahead of attackers, it’s important to get inside their mindset to identify exploitable, and in some cases, devastating, holes in an organization’s physical security. Take a look at three recommendations to thwart would-be attackers.
Healthcare cybersecurity needs more maturity. We look at ways to go beyond HIPAA, including SOC2, ISO and HITRUST.
Assuming someday the NPI will get funded and implemented, what should we be doing today to prepare for that inevitability? Simply put, healthcare cybersecurity needs more maturity. We should not look to HIPAA to provide technical guidance. Expecting regulations to fix data security problems is unrealistic. We look at options to capitalize on this low-hanging fruit.
State and federal officials warn about a new phone scam circulating. Callers posing as COVID-19 contact tracers are trying to pry credit card or bank account information from unsuspecting victims. source: NPR
Total cases exceed two million. source: KFF
Hackers are posing as loan specialists, health officials, and national authorities to trick you into clicking on insecure links and attachments. source: Forbes
8/5/20 A further increase in cyber attacks exploiting the Covid-19 coronavirus pandemic is highly likely in the near future, especially if there is substantial progress towards a vaccine, according to Interpol. source: Computer Weekly
Coronavirus or not, phishing emails are one of the biggest scams out there. And as time goes on, scammers are getting more and more creative with their phishing techniques.
Hear from Brian Vecci on the challenge of data access and protection in the COVID era.
View Webinar
According to an ISSA survey, organizations were only fairly prepared for the global pandemic. 39% that they were very prepared to secure WFH devices and applications while 34% were prepared. 27% were underprepared. source: Business Wire
Amidst the COVID-19 pandemic, hacks are not slowing down. On July 15, 2020, many high profile Twitter accounts were hacked, including Elon Musk, Bill Gates, Barack Obama, Apple and Uber. source: Wired
With offices re-opening, many employees are bringing their personal devices back into the office. What can you do to protect your business while allowing WFH devices on your company networks? source: DARK Reading
Steps you can take to reduce the risk of malware as employees return to the office.
Hear from Chris Tarbell on how cybersecurity companies must change with the times in order to adapt to what businesses need.
Best practices to get employees back up to speed when returning to the office.
COVID has led to some employers relaxing their BYOD security policies (but hopefully only temporarily).
Best practices to get employees back up to speed when returning to the office
NY, NJ and CT require travelers from states with high coronavirus rates to quarantine for two weeks.
Will COVID-19 be a catalyst for cybersecurity leadership? The challenge for governments' information security executives is to integrate risk-mitigating technology into core services and processes — and to play the long game. source: e.Republic
As airlines devise strategies on how to properly reopen, they must ensure the security of a large number of wireless devices installed on the plane. source: AT&T
Responding to criminal schemes seeking to exploit the COVID-19 pandemic has become the primary investigative focus for the Secret Service. source: Forbes
New Zealand’s prime minister, Jacinda Ardern, says that government will lift all COVID-19 restrictions except border controls almost immediately after report of zero cases in the country. source: The Guardian
Colorado health officials now expect a bigger second wave of coronavirus than the first. source: CBSN Denver
Navigate cybersecurity’s complexities in a world where new innovations and threats, such as pandemics, can create new normals.
General Petraeus goes through his four step process for dealing with crises amid COVID-19.
Pre-Recorded Webinar: Relive the May 7 virtual conference and learn how to reduce enterprise risk and realize stronger, simpler cybersecurity programs.
Email is the delivery mechanism for 96% of phishing attacks.
Demand for cybersecurity professsionals is on the rise in the wake of COVID-19, and Optiv is no exception.
The Global Cybersecurity Market Assessment for 2020 predicts growth deviations due to COVID-19 and places the market at $230 Billion in 2021. source: Business Insider
Fraudsters use COVID-19 to target younger generations source: Security Magazine
The gap between cybersecurity risk and defensive effectiveness is as wide as it’s ever been for most companies. source: Forbes
United States and United Kingdom security agencies identify hacking campaigns by advanced persistent threats targeting healthcare and medical researchers fighting the coronavirus. source: CISA
Macy's announces they will reopen 68 stores in states which have lifted restrictions. With state and local approval and improvement in COVID-19 rates, they plan to reopen the rest of their 775 stores by mid-June. source: USA Today
Protecting your data in a time of massive digital disruption.
Massive shifts in enterprise and consumer preferences present ample opportunities for cybersecurity innovation.
Apply lessons learned during COVID-19 to your long-term cybersecurity strategy.
How COVID-19 is driving cloud consumption to new levels.
Several phishing campaigns were discovered in the last week of April, leveraging the Family and Medical Leave Act, small business disaster relief funds and parcel delivery services to deliver malware. source: Securityintelligence.com
Google blocks 18 million COVID-related malware and phishing emails per day over the previous week. source: Talos Intelligence
CFOs plan to permanently shift significant numbers of employees to work remotely. source: Forbes
Microsoft warns hospitals about the risks of ransomware attacks due to insecure VPN devices and gateways. source: Microsoft
Read One must give a thorough look to avoid the hook. Review One must look beyond the lines and see the signs. Recognize One must be aware to avoid the snare. React One must slow phishing traction with the appropriate action. Report One must share to clear the air. source: https://www.optiv.com/blog/five-rs-phishing
Train staff on current lures, disable downloads/redirects contained in emails and use multi-factor authentication on accounts.
Take the time to set up a good working environment. These are the key components you should make sure you have.
Work from home numbers skyrocket. What to think about to protect your network.
Address your short-term surge needs while building long-term expertise.
FBI Internet Crime Complaint Center warns of a rise in fraud due to COVID-19, including fake CDC emails, phishing attempts and counterfeit treatments and equipment. source: IC3
WHO declares COVID-19 a Pandemic. source: WHO Timeline - COVID-19
Reason Labs researcher identifies a malicious "Coronavirus map" app using AZORult to steal information and download additional malware. source: Reason Security
Protect your accounts by using multi-factor authentication. Use security software on all computers in the organization. Institute a mandatory update policy on mobile devices that access your network.
Optiv and Momentum Cyber have partnered for an on-demand webinar that shines light on COVID's impact to cybersecurity.
A VPN rationing schedule can be established where employees are either directed or restricted to access the VPN during known windows based on their job function.
First recorded COVID-19 death in the US. source: CDC
RSA conference proceeds as planned despite some large companies (including IBM, AT&T and Verizon) pulling out at the last moment.
WHO Director General calls on the international community to stand together at the Munich Security Conference. source: WHO, Rolling updates on coronavirus disease (COVID-19)
Nation-state actors reported to use COVID-themed lures source: ZDNet
Suspicious email messages appearing to be from WHO attempt to take advantage of the COVID-19 emergency. source: WHO
"...CEOs, corporate board members, CISOs, and other executives have to make cybersecurity 'C-suite business' in order to ensure their companies secure what they have, while enabling continuous business and operational change and keeping pace with ever-changing threats in order to identify and thwart would-be hackers and respond rapidly to malicious activity.
COVID-19 outbreak is declared a public health emergency of international concern. source: WHO Timeline - COVID-19
MUMMY SPIDER distributes Emotet malware via Japanese-language spam mimicking a public health center.
First reported case in the US. source: The New England Journal of Medicine
Chinese researchers identify a novel coronavirus, later named COVID-19. source: World Health Organization
Curious about pre-COVID predictions? See what experts in 2019 anticipated for 2020.
Organizations are rushing to enable remote access for their staff as many cities, counties and states move towards a shelter-in-place mandate.
A pneumonia case of unknown cause in Wuhan, China is reported to the WHO. source: WHO Timeline - COVID-19
Download A Visual History of Cybersecurity, 50+ years of viral outbreaks and the innovators that stopped them.
