The hacking economy continues to thrive. As you can see for the timeline chart below, we have seen data breach headlines in every industry verticals regardless of their size. Cyber-criminals made the most of their opportunities last year, and rest assured it’s unlikely to be any different for years to come.
“Is it secret? Is it safe?” For those who’ve never seen the 1976 film Marathon Man, that’s what the fugitive Nazi war criminal played by Sir Laurence Olivier asks Dustin Hoffman while he’s sticking a pointy dental probe into Hoffman’s exposed cavity. Ouch. Excellent movie, though. Cinema trivia notwithstanding, these are pertinent questions federal agencies need to ask when it comes to information under their control.
As I’ve spent the past few days talking with customers and fellow information security professionals at this year’s RSA Conference, it’s become crystal clear that the threat of cybercrime has changed up the way we work. As these threats morph and shapeshift into new, more sophisticated forms, we must stay one step ahead of the bad actors to protect our customers.
The exponential proliferation of mobile devices in the workplace, both employer issued and personally owned, has increased the demand on businesses to enable secure mobile access to company applications, data and resources. Often, mobile users are using the same device for both business and personal use, resulting in the intermingling of business and personal data and applications.
With the devastating rise of targeted, evasive, zero-day threats hitting IT infrastructures, computers, individuals and their devices, it is critical to have a multi-layer and revolutionary security solution. Today, at RSA Conference 2016, Feb. 29-Mar. 4 in San Francisco, we have launched the SonicWall Capture Advanced Threat Protection (ATP) Service, our multi-engine or triple layer approach, which advances sandboxing beyond detection to deliver end-to-end prevention.
A chief security officer’s (CSO) life is not easy. Typically, requests of them sound like this: “Please deploy more, do it faster, more efficiently, with less money, more securely, and – oh, by the way, be compliant and pass the audit.” Often, what’s not considered in these requests is the risk a new application, device or cloud-based tool may bring with it.
Today, we released the 2016 Security Annual Threat Report leveraging work by the SonicWall Threat Research Team. The annual report always raises questions from our customers and partners trying to understand what this means to them as they continually evolve their security posture. When it comes to a discussion around the big breaches, I always hear statements like “I am not big enough to target” or “I am in a different industry” or “my environment is not as complex.” However, targeting does not necessarily mean a single company.
Two days ago, Google published a blog revealing the latest critical vulnerability (CVE-2015-7547) that affects all versions of a standard GNU C Library (glibc), a big component of Enterprise Linux, which is used widely in operating systems, firmware, software and applications. The IT community is now racing to assess the risk, and gauge the impact to IT infrastructure.
Whenever I start to write about cybersecurity, something else comes up. I wanted to write about last week’s cybersecurity-focused Executive Orders ““ we’ll get to them shortly ““ and then I read that in an IRS hack last month, stolen social security numbers enabled attackers to get more than 100,000 E-file PINs.
A few weeks ago my eldest son was given a Chromebook by his school which he brought to the house to do his homework. Before the Chromebook, he did his homework on the PC I had set him up with in his room. The nice thing about that is I have a firewall with a content (aka URL or web) filtering policy in place so I have control over the websites he can access since he’s getting to the internet through our home network.