Insights blog.

Over recent weeks, the ongoing spread of the COVID-19 coronavirus has had a major impact on the global economy and how businesses operate as a whole. More and more organizations are moving to a mandated work from home (WFH) model to help limit the spread of the virus — introducing a variety of unique and constantly evolving challenges for security leaders when it comes to mitigating cyber risk.

As citizens adjust their daily lives to reduce the chances of catching or spreading COVID-19, the risks associated with the pandemic are extending beyond a national health and economic crisis. Cyberthreats, including phishing scams, spam, and other attacks against organizations are spiking by as much as 40% as bad actors seek to take advantage of global uncertainty and anxiety, according to new data from CNBC.

As the nation struggles to come to terms with the coronavirus and questions linger around our readiness for such a pandemic, government leaders are already grappling with the next potential catastrophe — a major cyberattack against the U.S.

ElevenPaths, Telefonica’s Cybersecurity Unit, recently released a new report that summarizes the latest cybersecurity insights from the second half of 2019 — covering everything from relevant incidents and vulnerabilities to cyber risk ratings by sector. The information presented is mostly based on the collection and synthesis of internal data that has been contrasted with public information from high-quality sources, including Bitsight Security Ratings.

For anyone in IT (and even home computer users), Microsoft’s monthly “Patch Tuesday” is an important part of their cyber hygiene routine. This month’s update proved to be a particularly critical one.

Each January, cybersecurity pundits busily fill the airwaves with their predictions for the year ahead. There’s much to think about. However one trend is particularly troubling for U.S. and European businesses – an intensification of a new cybersecurity “cold war.”

Rising tensions in the Middle East in the wake of the killing of General Qasem Soleimani, the head of Iran’s military Quds Forces, has U.S. troops on high alert.

Friday the 13th of December proved to be a cybersecurity nightmare for the city of New Orleans -- and it’s not over yet. At around 5.00 a.m., “suspicious activity”, including evidence of both ransomware and phishing, was detected on the City’s network. Activity progressed throughout the morning until 11.00 a.m., when a cybersecurity incident was confirmed.

Mimicking reality is the latest frontier of cybercrime and it’s a growing threat. Cyber criminals are increasingly deploying AI and machine learning to fool unsuspecting victims into believing that they’re seeing or hearing something that they’re not--and pulling off deepfake scams in the process. 

In today’s interconnected world, supply chains are growing exponentially. As a result, third-party risk has become a big focus for senior management. But what about the vendors that your suppliers rely on and the threat of fourth-party risk? 

Companies must build a “trust and verify” strategy when it comes to managing third party risk. Requesting documentation about a supplier’s security performance is good – but how can you verify it? How can you continuously review performance?

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to dream about. But does your security performance management strategy match the functionality of today’s technology? 

In recognition of our groundbreaking innovation and true differentiation in serving the IT channel, we’re proud to announce that the Bitsight Peer Analytics solution has been selected as a winner in the CRN 2019 Tech Innovator Awards.

On October 20th, 2019, authorities in India confirmed that one of its nuclear power plants had been hacked. The malware attack on the Kudankulam Nuclear Power Plant (KKNPP), first noticed on September 4th, has since been attributed to the North Korean state-sponsored threat group known as Lazarus.

Schools and colleges are facing an alarming increase in cybersecurity incidents. Some hackers seek ransoms while others see value in scooping up personally identifiable information to sell to identity thieves.