Articles of interest from the week of August 31, 2020

CEOs, CISOs Fear Becoming the Next Big Breach Target

The global survey of CEO and CISO respondents was conducted in industries including healthcare, finance, and retail, and uncovered prominent cybersecurity stressors and areas of disconnect for business and security leaders. They include a lack of an ongoing cybersecurity strategy for less than half of all CEO respondents. (By Esther Shein, TechRepublic) Ingalls: At a time when cybersecurity is more strategic to business growth than ever before, determining one's cybersecurity risk management strategy is crucial. Our Master Risk Control: Pick A Cybersecurity Risk Management Strategy blog post provides some valuable insight into the different options.

Ransomware Attacks Continue to Dominate the Threat Landscape

Ransomware attacks often rely on trojans to infect computers and steal information. Such commodity trojans as Emotet and Trickbot are two of the top players in the game as cybercriminals try to exfiltrate sensitive data that can be held hostage. But as ransomware continues to dominate as a cyberthreat, criminals are increasingly carrying out attacks using Cobalt Strike, an otherwise ethical testing framework. (By Lance Whitney, TechRepublic) Ingalls: Ransomware remains a serious threat to all industries and accounts for nearly a quarter of all malware based attacks. Ransomware has become so widespread and commonplace that a normal attack garners neither the shock of security professionals nor the attention of the media. Are You Prepared To Defend Against Ransomware?

Most Security Leaders Feel Their Programs Are Mature, but Data Reveals Otherwise

84% of security and IT leaders feel their enterprise programs are mature, but a deeper dive reveals a major disconnect between perception and reality. (By Help Net Security) Ingalls: We can help secure your company's information in a personalized and efficient way with our cybersecurity and Managed Detection and Response services.

The Pandemic of Credential-based Cyberattacks

The first half of 2020 is barely in the history books, and it is safe to assume that most business leaders are eager to close this chapter. Globally, there remains plenty of concern about the overall health crisis, as well as the economic impact from the COVID-19 pandemic. Within this broader backdrop, cybersecurity leaders will need to step forward with conviction to protect one of the most essential elements of information security—the username and password (“credentials” for most InfoSec practitioners). (By Grant McCormick, Security Boulevard) Ingalls: If bad actors are able to break into just one privileged account, it unlocks a treasure trove of sensitive data and allows lateral movements around the enterprise network. In this time of heightened activity, we know that IT teams are struggling to keep pace with the volume of security alerts and responses needed to keep environments protected. Our cybersecurity expert can help reduce stress and risk.

COVID-19’s Impact on the Data Breach Landscape

Criminals are focusing on the tried and tested amidst the confusion. Before COVID-19, cyber-criminals were successfully using tried and tested methods to obtain data. It goes without saying that if these tactics worked in a stable business environment, they have been working even better in an era of unprecedented disruption. (By teiss) Ingalls: The current data breach landscape speaks to the critical need for businesses to take a proactive approach to cybersecurity in order to be positioned for early detection and fast response. To help fight cyberattacks, Ingalls’ offers Managed Detection and Response (MDR), our MDR offers advanced anomaly detection, threat hunting and sophisticated response guidance utilizing a defense-in-depth approach.