SpinOne Digest for Businesses, May 28 – Cybersecurity outsourcing, Myths about cybersecurity incident response planning, and more

SpinOne Digest for Businesses, May 28 – Cybersecurity outsourcing, Myths about cybersecurity incident response planning, and more

In this digest, SpinOne’s editorial team hand-picked the most relevant and insightful articles for your business about the cybersecurity landscape and data protection as of May 28, 2021. 

What Businesses Need to Know About Cybersecurity Challenges

Key takeaways:

  • Among the trends that IBM Security tracked, ransomware continued its surge to become the number one threat type, representing 23 percent of security events X-Force responded to in 2020.
  • Ransomware attackers increased the pressure to extort payment by combining data encryption with threats to leak the data on public sites.
  • Analysis by Intezer discovered 56 new families of Linux malware in 2020, far more than the level of innovation found in other threat types.
  • In 2021, a mix of old and new threats will require security teams to consider many risks simultaneously. One such risk is the likely persistence of extortion schemes; attackers publicly leaking data on name and shame sites increases threat actors’ leverage to command high prices for ransomware infections. 

Read the full article here.


See how to decrease costs on the IT/SecOps team with our security platform.

Request a Demo
 

Cybersecurity Outsourcing: Unnecessary Cost or Clever Investment?

Key takeaways:

  • As cybercrime becomes ever more complex and sophisticated, in-house SecOps teams can’t harness a high enough level of expertise to sufficiently shore up their company’s defenses. 
  • While the cyber-skills gap is shrinking, employment in this field still needs to grow by 89% globally. 
  • Outsourcing cybersecurity not only addresses any resource management issues but transforms your security strategy from reactive response to proactive mitigation. 
  • Many organizations may not survive a security breach after the financial struggles from the last 12 months.
  • An in-house SOC will put a company back £500,000 on average, and even then, it is unlikely to be monitored around the clock, which is when mistakes creep in, and hackers take advantage.

Read the full article here. 

Try These Best Practices to Counter Common Cybersecurity Risks

Key takeaways:

  • Rather than assuming everything is safe behind the corporate firewall, the zero trust model assumes breaches happen and verifies every request as if it came from an unsafe network.
  • The biggest cyber threat to any group is its employees. An IBM report found that insiders were behind 60% of cyber attacks, whether on purpose or by accident. 
  • A strong device policy is vital to ensure proper security, such as application installation control, updating the antivirus software, proper maintenance/updates of patches, data wipe procedures, and data encryption at rest and in transit.
  • Malicious attackers have shifted their focus to third-party service providers: they use them as a ladder to climb to bigger targets.

Read the full article here.

Better Cybersecurity Means Finding the “Unknown Unknowns”

Key takeaways:

  • Computing today is a complex and expansive web of hardware, software, and cloud services—so vast that many businesses don’t know what they’re running where. That’s a big problem.
  • Businesses have a tough time answering what seems like a straightforward question: namely, how many routers, servers, or assets do they have? If cybersecurity executives don’t know the answer, it’s impossible to convey an accurate level of vulnerability to the board of directors.
  • Attack service management is a better way to secure companies with a continuous process of asset discovery, including discovering all assets exposed to the public internet—what he calls “unknown unknowns.”

Quote:

“It’s pretty much impossible these days to run almost any size company where if your IT goes down, your company is still able to run.” 

Matt Kraning, chief technology officer and co-founder of Cortex Xpanse.

Read the full article here.

4 Common Myths About Cybersecurity Incident Response Planning

Key takeaways:

  • Most organizations are straining to avoid data breaches, deploying extensive cybersecurity solutions, engaging in third-party security risk assessments, and arming employees with routine anti-phishing education.
  • The number of data breaches within organizations increased by a third in the past year, according to the Verizon Business 2021 Data Breach Investigations Report. 
  • Many small businesses think their low profiles make them unlikely to be victimized. In fact, their lack of preparedness makes them tempting prey for threat actors. 
  • Most incidents involve a human actor, and that’s usually someone inside an organization’s environment, rendering traditional perimeter defenses all but useless.

Read the full article here.

For more tips and insights on cybersecurity and data protection topics, go to the SpinOne blog, or check out the related articles below!