Articles of interest from the week of February 1, 2021
Board Members Aren’t Taking Cybersecurity As Seriously as They Should A recent study reveals systemic challenges with security integration into...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
2 min read
John Frasier : Mar 29, 2021 12:00:00 AM
By now most CISOs understand that focusing your cybersecurity program on regulatory compliance is no longer sufficient. Meeting those requirements will always be a crucial part of cybersecurity — but only one part. Far too many other “unregulated” risks still abound. (By Matt Kelly, Security Boulevard) Ingalls: At a time when cybersecurity is more strategic to businesses than ever before, determining one’s cybersecurity risk management strategy is crucial. Our Master Risk Control: Pick A Cybersecurity Risk Management Strategy blog post provides some valuable insight on the different options.
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas said on Wednesday that dealing with ransomware will be a top priority, highlighting the growing threat of the data-scrambling software. (By Raphael Satter, Reuters) Ingalls: The traditional strategy of firewalls, antivirus software and applying security patches is no longer enough to protect your organization against today’s threats. Ingalls Information Security understands the Ransomware threat. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks. Are you prepared to defend against ransomware?
The FBI's Internet Crime Complaint Center (IC3) has published its annual report (PDF) for 2020, and it revealed that cybercrime victims in the US reported a total loss of $4.2 billion for the year. That's $700 million more than the reported losses for 2019. As you'd expect by the increase in losses, there was also an uptick in the number of complaints the IC3 received. In 2020, the organization fielded 791,790 complaints — mostly of the phishing, vishing (video phishing), smishing (text phishing) and pharming varieties — much higher than the 467,361 complaints it received in 2019. (By M. Moon, Engadget) Ingalls: Business Email Compromise (BEC) constitutes 37% of ALL losses last year. Since "spoofing" is likely a subgroup of BEC, the total loss number is close to $2.1 billion! Email-based threats, like BEC attacks, are becoming a bigger problem for businesses. Ingalls has the ability to investigate Cloud-based BEC breaches as well as deploy tools into any on-premises environments to check for lateral movement by attackers who have access to Single Sign On (SSO) credentials such as those managed by Microsoft Active Directory and Azure Active Directory. We are able to assist in remediation of any BEC breaches by analyzing email accounts, determining what actions attackers took (such as creation of forward and delete rules for inboxes, etc.), and purging email accounts of spear phishing emails as well as unauthorized changes.
In its report, the Menlo Tabs team said it discovered a rise in credential phishing attacks over the past month. In this popular type of campaign, the attackers create fake login pages or forms to steal credentials from corporate employees who use certain apps or services such as Office 365, Amazon Prime and Adobe. (By Lance Whitney, TechRepublic)Ingalls: Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection and response guidance utilizing a defense-in-depth approach which monitors and correlates network activity with endpoints, logs and everything in between. Unlike a traditional Managed Security Service Provider (MSSP), our service is geared toward proactive prevention. We do this by utilizing the very latest in cloud, big data analytics technology, and machine learning along with the cybersecurity industry’s leading incident response team, to identify threats to your environment.
Double-extortion ransomware attacks exploded in 2020, according to a recent Attack Landscape Update report. The tactic involves threat actors stealing data from organizations in addition to encrypting files. This means that, as well as demanding a ransom to decrypt data, attackers can later threaten to leak the stolen information if an additional payment is not made.. (By James Coker, Infosecurity Magazine) Ingalls: Quickly detecting malware on your endpoints and network can give you the chance to isolate it before it executes. Ingalls' Endpoint Detection and Response lets you find and destroy malware before it executes. Our AI driven software platform enables dynamic threat detection and immediate remediation efforts.
Board Members Aren’t Taking Cybersecurity As Seriously as They Should A recent study reveals systemic challenges with security integration into...
Hacking Attacks on Hospitals for Patient Data Increase During Coronavirus Pandemic More than 80% of medical practices have been the victims of...
Why Cybersecurity Has Become a “Team Sport” At a recent online round-table event, hosted by the New Statesman and sponsored by technology company...