The holidays are approaching as quickly as a sleigh pulled by magic reindeer, and every year it seems like the shopping season starts earlier and earlier. In many places, Christmas decorations are now put up before Halloween, ensuring a long and profitable season for merchants. And while most of us have had the experience of opening a disappointing gift on Christmas morning, one thing that can ruin your holiday faster than a homemade sweater is finding out that someone has obtained your credit card number, or compromised your account on your favorite shopping website.
The security of personal information remains a top concern for consumers and retailers. There is good reason for that. The Target breach compromised approximately 70 million records. The Home Depot breach potentially impacted another 60 million consumers. The National Retail Federation reported in 2012 that service companies lost more than $11 billion due to credit card fraud. We can no longer deny that cybercrime is a real and growing threat to the retail sector. Consumers are becoming more sensitive to the security of their personal information, and they expect more from the business community in general and information technology professionals in particular.
Today’s IT is one of convergence, applications and a demand for constant availability. And when it comes to downtime, all of these elements combined with the fact that many new applications are being provisioned with SaaS providers have created the perfect storm for IT pros tasked with getting to the root of problems and keeping business running. The question, “Is it the network or the app?” has never been more critical, nor more difficult to answer.
Each year, retailers hustle and strain to get their online and in-store merchandise ready to entice shoppers for the annual Black Friday rush. Their main concern, of course, is whether this season’s merchandise will prove popular. But what might get overlooked, is whether they’ve done enough to ward off the worst kind of shopper: the Cyber Hacker — who preys on stores at peak holiday season and can cause serious financial and reputational damage.
By Michael Laurie, Silanis TechnologyElectronic signatures are a critical technology for new business process improvements in industries such as banking, insurance, real estate and healthcare. With security understandably being a top concern for those looking to implement a cloud-based e-signature solution, it is not enough to simply look for one that is ESIGN compliant. Read More >>>
By Israel Lifshitz, NuboLate last month, it was discovered that the security vulnerability Shellshock can be made wormable and grant hackers the ability to run arbitrary codes on Bash, the most widely-used command processor which serves as the default shell for Unix, Linux and Mac OS X. Read More >>>
KnowBe4 announced its support of the Payment Card Industry Council’s efforts to implement its standards through Security Awareness Training. In fact, the PCI Council thinks Security Awareness Training is so important, they just published a 25-page guidance paper that fully explains the what, why and how of these programs, making it very clear that in order for an organization to comply with PCI DSS Requirement 12.6, a formal security awareness program must be in place.
TBR is pleased to announce the addition of Enterprise Security practice to guide security vendors and managed security service providers (MSSPs) in executing successful business models as the IT security market shifts between prevention and protection solutions (detection and response) and customer-managed and Security as a Service (SECaaS) deployments.
There’s trouble abroad in cybersecurity land. A longstanding bug in a major UNIX and Linux component – known technically as CVE-2014-6271 and colloquially as ShellShock – is exposing tens of thousands of servers around the world to hackers.
Learn how to not be the next victim! Cyberheist was written for the IT team and owners / management of Small and Medium Enterprise, which includes non-profits, local and state government, churches, and any other organization with more than a few thousand dollars in their operating account in the bank.
If your business is like many organizations that need to deliver 100% data availability, manage rapid data growth; yet control costs, now is the time to discover how modernized data protection can help your organization deliver better outcomes.
The Internet Security Threat Report provides an overview and analysis of the year’s global internet threat activity. The report is based on data from the Symantec™ Global Intelligence Network, which Symantec’s analysts use to identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.
Computer viruses are yesterday’s news; automated attacks that morph rapidly, concealing themselves through encryption and deceptive packaging, are the new hotness. This paper describes how to start with improved malware reporting and gateway monitoring and how to combine this output with security intelligence from both internal and external resources.
The monthly intelligence report, provides the latest analysis of cyber security threats, trends, and insights from the Symantec intelligence team concerning malware, spam, and other potentially harmful business risks.
The workplace trend of BYOD (Bring Your Own Device) is nothing new. What remains unclear, however, is the burden of ownership, cost and security. When employees bring their own cell phones, laptops or tablets to work, there’s a fair chance they’ve personally purchased those devices—data plans and all. In fact, some employers today require a BYOD policy, with no intention of paying for any of it. As one CIO bluntly put it, “Well, we don’t buy their pants either, but they’re required for the office.”
Ransomware attacks cause downtime, data loss, possible intellectual property theft, and in certain industries a ransomware attack is considered a data breach. Multiple ransomware strains are now attacking your end-users. Since September 2013, CryptoLocker has become vicious, and the first strain of second-gen ransomware CryptoWall V2.0 has reared its ugly head. But how did it get this far?
Tampa Bay, FL (October 15, 2014) KnowBe4 issued an alert to IT Managers that a new version of the world’s most widespread ransomware CryptoWall has migrated to the TOR network. It has been upgraded to version 2.0, and continues to encrypt files so that a ransom can be extracted if there are no backups or if the backup process fails, often a common occurrence.
by Rob Vandenberg, Lingotekf your smartphone can’t read your mind yet, it will soon. Innovators and early adopters are sprinting towards the dream of a connected world, connecting everything from cars to toasters. Their exuberance is contagious. Read More >>>
by Lisa Grady, Radiant LogicWhen customers, employees, or partners log in—from any device—they expect a seamless experience and secure access to your resources. Organizations are trying to meet a number of benchmarks, not just in terms of security but also productivity and simplicity for your users. Read More >>>
Recent months have seen a run of high-profile security breaches: social media sites losing phone numbers, retail stores skimming credit cards, healthcare organizations leaking patient records, and even celebrity voicemails and photo streams being hacked.
by Ken Berryman, BMC Software, Inc.The Federal Reserve estimates that in 2012 one in six checks were deposited as a digital image rather than in physical form. For consumers, almost 50 percent of these image-based deposits were through mobile devices. Read More >>>
by Bill Ho, BiscomData center annual budgets today are often devoted to securing an organization’s IT networks. One of the most important security considerations IT personnel face is the need to protect sensitive information, such as data exchanged within the healthcare, financial, and legal sectors. Read More >>>
Symantec Endpoint Protection 12.1 was, once again, positioned as a Leader in Gartner’s Magic Quadrant and rated highest in the ability to execute. Read the report to learn about the Endpoint Protection landscape, growth drivers and challenges, and where vendors are positioned.
In this sophisticated threat environment, traditional security tactics are failing. Symantec encourages organizations to revisit their security posture to build a more cyber resilient enterprise. Resilience is not defined by a series of checklists, but through evaluations based on the current threat environment and the acceptable risk level for the organization. This whitepaper presents best practice-based approaches recommended for minimizing cyber risk. These are arranged across five pillars and provide specific actions for each pillar to be performed by identifiable IT jobs.
This August intelligence report from Symantec provides the latest analysis of cyber security threats, trends, and insights from the Symantec intelligence team concerning malware, spam, and other potentially harmful business risks.
In the U.S., encryption was first used by the federal government to secure the data of U.S. agencies and companies from foreign spies. As the Internet connected and therefore endangered many corporations’ and consumers’ computers, encryption really took off and now enjoys widespread use. In an ironic twist, one of the main driver’s of encryption’s recent uptick in interest and use is worry over government surveillance.
IT is evolving at an accelerated pace today, thanks in large part to virtualization, cloud computing and big data. While these trends can lower costs and increase efficiency, they are too often delivered via point products that offer only marginal improvements to the traditional approach.
by Ken Donoghue, Peak 10We often hear the three concepts expressed in the title above used interchangeably. For example, it’s not uncommon for someone to say, “I have a disaster recovery (DR) plan. We back up our files once a day.” Or, “We replicate our data to tape and store it offsite.” Read More >>>
Tampa Bay, FL. A growing number of high profile breaches may be causing breach fatigue, according to Security company KnowBe4. A study conducted by the Ponemon Institute and reported last week by USA Today, noted a staggering 43% of companies have experienced a data breach in the past year, up by 10% over the year prior.
Over the last year, data breaches in businesses have been big news: Target, Home Depot, eBay, LinkedIn. What most don’t know is that the Target breach actually occurred when an employee of a small HVAC company opened a malware-laced email, allowing the HVAC company’s system to be hacked. It just so happened that this particular company was contracted with one of the Target stores and had remote access for maintenance purposes.