It’s been two weeks since the IT world was rocked by the news of the CPU vulnerabilities known as Meltdown and Spectre. It’s making headline news due to how far the vulnerabilities extend—to nearly every processor manufactured over the past 20 years—as well as the potential impacts in mitigating these vulnerabilities. Every server, computer, tablet, phone or any other computing device with a modern CPU is potentially affected. (See WEI’s Customer Advisory about Meltdown and Spectre in this blog post.)
Happy New Year! As we say hello to 2018, we can reflect on the massive progress technology made throughout 2017. The cloud came to a new level of maturity, cybersecurity incidents rocked the world and organizations embraced hyperconverged infrastructure as the future of data center modernization. But what lies ahead? Read on for a look at cybersecurity predictions for the coming year.
WEI is aware of the new vulnerabilities related to Intel and other CPUs which could potentially allow an attacker to gather privileged information from CPU cache and system memory, putting enterprise security at risk. The vulnerabilities are code named “Meltdown” and “Spectre." The “Meltdown” issue is reported to only affect Intel CPUs while “Spectre” is reported to affect Intel, AMD, and ARM. The impact of these vulnerabilities could extend back to CPUs from as early as 1995 (in the case of Intel).
Did you catch our previous advice for avoiding and containing ransomware? Today’s digital businesses are facing this pervasive threat like never before, and there are a wide variety of security tactics that can improve your security strategy. Keep reading for five more tips that will help you avoid a destructive ransomware attack.
If organizations weren’t serious about tightening their cybersecurity strategy to combat ransomware within the past sixteen months, the mammoth WannaCry attack launched against the world on Friday, May 12, 2017 has certainly induced them to do so. Like most enterprise security threats, there are multiple ways to combat ransomware. Some methods are more intrusive than others though.
Remember the destruction WannaCry caused? The casualties included up to 300,000 encrypted computers in over 150 countries, not to mention the damage or loss of data entirely. The newest ransomware cyber-attack threat is far worse than WannaCry, and it's going by the name “Petya.”
The news is buzzing with instances of companies being taken for a ride by cyber thieves. Their new tactic? Injecting dangerous software into the organization and locking their data up until a ransom is paid. While the FBI still recommends not paying the ransom, enterprises are taking varying approaches to combatting ransomware. In this post we dive into some recent ransomware attacks and takeaways your organization can learn from them.
Nearly every day, there is a new cybersecurity breach to announce; businesses should be more alert than ever before. In 2015, the Ponemon Institute and Symantec discovered that a whopping 47 percent of U.S. data breaches were the result of a malicious insider or criminal cyberattack. Read on for an illuminating look into recent high-profile cases, and what you can learn from them.
With the wide range of reported cybersecurity incidents and hackers getting more creative than ever before, there is no shortage of threats to the modern enterprise. IT managers must not only secure current data and systems, but preemptively protect against ongoing future threats, which are constantly evolving. While there are well-known versions of malware, “Tellingly, WatchGuard’s inaugural Internet Security Report found that some 30 percent of malware in Q4 was new, or ‘zero day.’ (Not to be confused with zero-day exploits.) In other words, one-third of malware identified wouldn’t be caught by legacy antivirus solutions,” according to PYMNTS.
Unsecured printing and imaging leads to security breaches, putting organizations at risk of costly lawsuits and public relations nightmares.
Today’s printers can connect to wireless networks, scan and send documents, store data on hard drives, and even produce 3D materials. They have many of the same capabilities—and the same vulnerabilities—as computers. As their features increase, so do the opportunities for security breaches in the printing process.
We recently shared five smart moves for IT leaders to focus on when creating an effective cybersecurity strategy. They included basic care like updating an employee security policy and avoiding physical theft, but they also covered monitoring digital footprints in order to thwart malicious insider threats. In this blog post we dive into some additional risks your organization may be facing, and what you can do to stop them.
In a complex technological world that faces an ever changing threat landscape, the team in charge of managing cybersecurity may find it difficult to know where to focus their often limited resources. Some areas, such as firewalls and operating system updates, are obvious priorities. But what else deserves your attention?
The job of an IT professional is challenging, especially since strengthening cybersecurity is constantly a moving target. With attackers trying new approaches and getting stronger with their tactics every day, protecting an enterprise’s data and information is more crucial than ever before. How can you ensure you’re covering all of your security bases? Start with managing the most common security risks, which are described in this article.
If you have had the chance to read any of the latest analyst predictions for 2017, then you will have noticed that security remains at the top of the list. So what will you do differently this year than in year's past? As you review your security strategies and revisit best practices this New Year, it’s important to reflect upon the past. We examined the top security threats last year in our white paper, Effectively Managing Cyber Security: Top 5 Enterprise Threats. Now read on to learn about the top five enterprise security threats to the confidential and proprietary information on your network -- that you must consider for this year.
There’s a new technology threat your organization should be cautious of in 2017 – it’s called whaling. Just like the practice of hunting a whale, cyber criminals use this technique to reel in a big catch by targeting top decision-making executives at enterprise organizations—and it works. If that doesn’t sound scary enough, many companies have experienced this threat in a very real way. Read on for a look into some high-profile, real-life whaling cases and their consequences.
We recently discussed an emerging cyber threat called whaling, a new highly-targeted phishing tactic that’s threatening enterprises’ most valuable employees: the C-Suite. While whaling is similar to any other phishing or spam email scam, it’s a tactical approach that takes its time by targeting high-level executives by leveraging what seems to be legitimate business correspondence. How can you recognize a whaling attack before it infiltrates your organization? Read this post to get to know the common security risks.
There’s a new kind of threat to your enterprise, under the phishing and spam umbrella, and that danger is referred to as whaling. Specifically designed attacks target your most valuable team members, the boardroom executives, and infiltrate your enterprise to a scary extent. How can you avoid whaling? Read on for our cyber security threat briefing.
The news is filled with examples of companies being exploited by cybercriminals’ ransomware attacks, left with their information held hostage unless they pay a hefty fine. While you may think that ransomware can’t happen to your organization, or isn’t as widespread as it may seem, think again.
Surely you’ve seen rampant news reports of malware breaches and incidents of cyber hacking at enterprises around the world. From hospital hackings to financial services heists, digital criminal activity is a very real threat in today’s business climate. Read on for the details your enterprise needs to know about malware, in addition to three tips to protect your organization.
At WEI we are always looking for new and comprehensive solutions to meet our customers’ changing security needs. According to Symantec’s 2015 Internet Threat Report, the number of ransomware attacks by cyber criminals more than doubled between 2013 and 2014. What can businesses do to avoid this? One piece of your comprehensive security puzzle should be to focus on network segmentation.
There are several different ways your current employees can knowingly or inadvertently bypass your security; while all can wreak havoc with your systems and cause irrevocable damage, those with malicious intent in mind are by far the worst. Understanding the different levels of threat and what may motivate these insiders can help you create strategies that truly mitigate your risk.
Once upon a time, it was safe to turn your computer on. Nowadays, a month, week, or even day doesn’t go by where you hear about the latest system attack and zero-day exploit used to install malware and expose data from somewhere across the globe. Some news reports even say the NSA is buying these exploits to take advantage of them before they’re patched to gain access and potentially disrupt computer systems. If the US government is doing it to attack their enemy, you can be sure other governments and organized crime are doing the same to potentially get into your systems. A chain is only as strong as its weakest link and the least protected computer system will be found and exploited.
IT leaders have worked hard to keep their networks safe. With the right systems, solutions and policies in place, the concern about data security should diminish, right? Not exactly. Plenty of companies have gone above and beyond to secure their networks, although it seems that a breach is inevitable given that so many major corporations and brands have been compromised in the past few years. Hackers continue to evolve and so must a company’s security strategy.
Newscasters seemed rattled by the news last week that Hollywood Presbyterian Medical Center paid hackers $17,000 in Bitcoin to regain access to a key system.
This is no surprise for security insiders. Ransomware for enterprises is a top trending threat. In fact, the center’s ransom pales in comparison to the $123,000 in Bitcoin demanded from a New Jersey school district in 2015; the district decided instead to rebuild systems from backups.
Security analysts say that anywhere from 3 to 40 percent of ransomware victims pay up. The FBI, the agency responsible for investigating ransomware, has no way to help. Instead, the FBI recommends paying the ransom if the victim has no unaffected backup from which to restore files. Several police departments have paid ransoms.
If your organization is attacked by malware, can you afford it? The repercussions are huge – money, reputation, productivity and the confidence in moving forward are all compromised. There may also be legal implications, and losses that cannot be monetized. How does an organization protect itself from malware and the growing efforts of cybercriminals?
Protecting infrastructure and data for an organization is an unceasing job, and it can become easy to fall into the silo trap. Whether you’ve concentrated on one threat so long you can’t easily see others or you work in a certain IT division and don’t have reason to consider other areas often, silos can create weaknesses in overall security. The best strategy for network and data security takes a holistic approach – considering all of the access points, hardware, software, people, requirements, and activities in an organization.
Making sure you protect your data is essential in making sure your protocols are effective. With technology continuously evolving, data breaches are becoming more common, exposing confidential information to the masses. It is important to have a defense system in place that can counteract these breaches, but the challenges that face IT security personnel keep growing.
Although there are many solutions on the market that assist in defending servers and data, there are a number of elements that could potentially suffer, such as performance and user experience. This creates a barrier between security and performance, where there should be cohesion. The challenge remains in keeping data safe, reducing risk, and keeping the level of performance high.