EXCLUSIVE

Intelligence & Analytics October 27, 2021

The Weaponization of Operational Technology

Contributed to this research: Adam Laurie and Sameer Koranne. Given the accelerating rise in operational technology (OT) threats, this blog will address some of the most common threats IBM Security X-Force is observing against organizations with OT networks, including ransomware…

Why Containers in the Cloud Can Be An Attacker’s Paradise

Containers — which are lightweight software packages that include entire runtime environments — have solved the issues of portability, compatibility and rapid, controlled deployment. Containers include an application; all its dependencies, libraries and other binaries; and configuration files needed to…

Data Protection October 27, 2021

Cost of a Data Breach: Retail Costs, Risks and More To Know

E-commerce sales grew by nearly one-third in 2020, in large part due to the pandemic. Meanwhile, retail data breaches grew even more prevalent and costly. Retailers need to know not just the cost of a data breach, but the risks…

Data Protection October 26, 2021

Data Security: How Data Activity Monitoring Protects Against Ransomware

Ransomware is an attack on your data. Can you say that your approach to preventing ransomware is focused on data? Organizations are becoming more aware of the chaos that ransomware can create — to the tune of $4.62 million in…

CISO October 26, 2021

Facing Tech Burnout? Here’s How Employers Can Help

Cybersecurity demands skill and experience. But it also calls for an engaged, motivated and energetic team. And that’s why tech burnout among staff is not only a mental health problem for the employees, it’s also a cybersecurity vulnerability for their…

CISO October 26, 2021

Your Liberal Arts Degree Gives You the Skills for a Cybersecurity Career

Many people don’t realize a liberal arts degree opens the doors for a wide range of careers. That includes careers in cybersecurity. And with the skills gap and the number of available jobs, there is clearly a demand out there.…

Timeline

State and Local Government Cyberattacks Timeline

State and local governments face malicious actors who target personal information and key services, endangering both citizens and critical infrastructure. Explore this timeline for a sense of the evolving landscape, attack patterns and prevention best practices.

EXPLORE THE TIMELINE

Nobelium Espionage Campaign Persists, Service Providers in Crosshairs

In an advisory released on October 24, Microsoft announced ongoing campaigns it has attributed to the Nobelium state-sponsored threat group. IBM X-Force tracks this group as Hive099. If the name sounds familiar, that’s because it is the same group that…

Incident Response October 25, 2021

A Journey in Organizational Resilience: Privacy

Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is a…

Data Protection October 25, 2021

Cybersecurity First: Becoming GOAT

As we close off Cybersecurity Awareness Month, let us examine how we can become the cyber GOAT: ‘greatest of all time’. Sure, there will be plenty this week on cybersecurity training, making security a priority, more investments into products and…

Incident Response October 22, 2021

How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade

The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust…

Mobile Security October 22, 2021

Cybersecurity Training: Why You Should Train Employees on Social Media Discretion

A few years ago, I was invited on a behind-the-scenes tour of the security operations of a well-known Las Vegas casino. Before we could enter, however, we had to turn off our phones and put them away. No pictures, we…

Web Stories

Data breach costs hit record highs

Ransomware: What you don’t know

Getting started with zero trust

Cybersecurity in the age of COVID

Ransomware rules

Latest Podcast

Season 1 |Episode 4

Developing a Cloud Security Strategy

Playlist 3 |Episode 19

Training with Chaos Engineering

Playlist 3 |Episode 18

Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report

Playlist 3 |Episode 17

Contextualizing Zero Trust

Playlist 3 |Episode 16

Recent Activity from ITG16, a North Korean Threat Group

Playlist 3 |Episode 15

Consumer Identity and Access Management (CIAM): Reducing Friction Without Reducing Security

Playlist 3 |Episode 14

Exploring the Impact of the ITG08 Threat Group

Playlist 3 |Episode 13

Creating AI Without Bias

Playlist 3 |Episode 12

Current Trends in the Threat Intelligence Landscape

Playlist 3 |Episode 11

Verify to Simplify: Demystifying Zero Trust