Week in review: Verifiable credentials, API security, how to develop a skilled cybersecurity team

Here’s an overview of some of last week’s most interesting news, interviews and articles:

Ransomware can penetrate quickly, significantly damaging an organization
Cloudian issued its 2021 Ransomware Victims Report, based on an independent survey of 200 IT decision makers whose organizations experienced a ransomware attack between 2019 and 2021.

How to develop a skilled cybersecurity team
What skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations employ to develop a well-staffed cybersecurity team? Where should they look for talent? What advice do those already working in the field have for those who want to enter it?

How can secure KVM technology help eliminate security risks?
John Minasyan leads Belkin’s cybersecurity business unit focused on solutions to mitigate advanced threats at an operator’s desk. In this conversation with Help Net Security, he explains how secure KVM technology works, as well as how and where it can be used.

Engaging with governments is a data security priority
Protecting the sensitive data contained within B2G transactions and interactions is mission critical for businesses and governments alike. And with tax authorities increasingly abandoning paper-based invoices and introducing electronic invoicing and real-time reporting to create a digital audit trail, prevent fraud, and streamline their countries’ economies, there is a clear need for more enhanced security measures to support these changes.

How security leaders can build emotionally intelligent cybersecurity teams
How a leader motivates their team, gathers, and uses information, makes decisions, manages change initiatives, and handles crises is referred to as “leadership style”, and is known to be a key influencing factor in team dynamics.

Ignore API security at your peril
API security and performance are critical for engaging customers and increasing revenue, but recent news stories about security vulnerabilities that expose private data has brought the issue of API management into sharp focus.

What should IT leaders look for in an SD-WAN solution?
SD-WAN has opened a whole new world of network speed, agility, and security for such businesses, which so many fast-paced and/or growing firms need right now.

Where does the SME fit into a supply chain attack?
Every company has a duty to protect its customers from supply chain attacks while simultaneously taking action to prevent being a supply chain victim of its own suppliers.

CISOs operating blind, with limited visibility and control
An overwhelming percentage (75%) of CISOs consider their organization to be at greater risk of a cybersecurity attack due to the transition to home working, with a third admitting they’ve taken their eye off the ball during these past 12 months losing track of leavers and devices.

How to prevent corporate credentials ending up on the dark web
With a rising incidence rate of advanced persistent threats that can move laterally within infected networks, a single employee’s credentials can be enough for a threat actor to wreak havoc across an entire organization.

Verifiable credentials are key to the future of online privacy
Verifiable credentials provide a tamper-secure way for users to prove their identity online, without sacrificing their safety, privacy, or security during the process. Let’s look at how these data objects function, and the benefits they offer.

Critical infrastructure pain points: The toughest challenges
Accenture Federal Services recently hired cybersecurity expert and former CISA executive, Rick Driggers. He brings more than 30 years of federal government and military experience to AFS and will play a key role in developing cybersecurity solutions designed to protect critical infrastructure. This was the perfect time to sit down with Rick and learn more about critical infrastructure security as well as his future plans.

Microsoft adds Safe Links phishing protection to Microsoft Teams
In April 2021, Microsoft boasted about 145 million daily active Teams users. That’s a massive user base that needs to be protected, and Microsoft is stepping up to the plate.

36% of organizations suffered a serious cloud security data leak or a breach in the past year
As cloud adoption accelerates and the scale of cloud environments grows, engineering and security teams say that risks—and the costs of addressing them—are increasing.

Why isn’t cloud backup part of common security practices?
It’s difficult to keep hackers consistently out of an organization’s network. IT directors must assume that attackers are going to be able to penetrate their defenses and deploy ransomware.

Turning the tide on surging account takeovers in the media industry
The media industry recorded significant growth in bots making payment transactions year over year. This likely stems from fraudsters testing stolen credit card data before using validated cards in a more lucrative attack elsewhere, like in e-commerce or with financial services.

Average total cost of a data breach increased by nearly 10% year over year
Data breaches now cost companies a total of $4.24 million per incident on average, according to the Cost of a Data Breach Report, conducted by Ponemon Institute and analyzed by IBM Security.

Confidence redefined: The cybersecurity industry needs a reboot
With Navigate ’21 less than a month away, Mark McClain, CEO of SailPoint, wanted to provide a sneak peek of what this year’s conference is all about.

Product showcase: ManageEngine Vulnerability Manager Plus
Vulnerability Manager Plus is an enterprise security program that can be used as a stand-alone tool as well as a security add-on for the much larger Unified Endpoint Management solution ‘Desktop Central’.

New infosec products of the week: July 30, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from Ivanti, Stellar Cyber, SpecterOps, Aqua Security, Infinipoint, Acronis, and Neustar.

More about

Don't miss