FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Monday, September 30, 2024

Britain teachers need Cyber security training on an urgent note

As our world increasingly embraces digitization, the importance of robust cybersecurity training cannot be overstated, especially for those responsible for managing and safeguarding digital infrastructures. Among various sectors, a pressing need has emerged for cybersecurity training specifically tailored for teachers in the United Kingdom. This concern is highlighted in a recent survey conducted by The Teacher Tapp, commissioned by the Office of Qualifications and Examinations Regulations, commonly referred to as Ofqual.

The findings of the survey are particularly alarming: approximately one in three teachers may inadvertently jeopardize their school’s IT infrastructure and overall cybersecurity posture. This heightened risk is primarily attributed to a lack of fundamental knowledge regarding cyber threats and the appropriate responses to mitigate them.

According to the survey, over 34% of educational institutions faced a cyber attack in 2023, with this figure expected to rise in the coming year. Many schools are unprepared, struggling to enhance their IT defenses due to budget constraints and a lack of motivation to prioritize cybersecurity measures. This situation underscores a critical gap that could have dire consequences for the safety and integrity of educational environments.

The survey also revealed that nearly 9% of school headmasters acknowledged their frustrating experiences with cyber incidents. Many expressed feeling ill-equipped to manage such crises, lacking both the necessary in-house expertise and the financial resources to recruit specialized personnel. This deficiency not only hampers their ability to respond effectively to attacks but also leaves their institutions vulnerable to future threats.

The implications of this vulnerability are serious. It was reported that about 4% of schools required a significant recovery period—often as long as six months—before returning to normal operations following an incident. Such delays are not only disruptive but also detrimental to the educational process and the well-being of students.

Among the various cyber threats faced by educational institutions, phishing attacks and the spread of malware, particularly ransomware, are prevalent. The North West region of England has been notably impacted, with around 40% of schools in this area reporting at least one cyber incident. This regional statistic serves as a cautionary tale about the urgent need for improved cybersecurity measures.

Looking ahead, the severity of cyber attacks is anticipated to escalate. As more devices are introduced into schools, children spend increasing amounts of time online, and a significant amount of data migrates to the cloud, the potential for cyber threats to grow becomes clear.

In light of these findings, it is crucial for policymakers, educational leaders, and stakeholders to prioritize comprehensive cybersecurity training for teachers. By equipping educators with the knowledge and skills to recognize and respond to cyber threats, we can bolster the defenses of our schools and create a safer digital environment for students and staff alike. The time for action is now; ensuring that our educators are prepared to navigate the complexities of cybersecurity is vital for the protection of our educational institutions.

The post Britain teachers need Cyber security training on an urgent note appeared first on Cybersecurity Insiders.


September 30, 2024 at 08:59PM

Google to use Gemini AI to secure Gmail from spam and malware

Google’s widely used email service, Gmail, is set to strengthen its security measures by incorporating its advanced AI tool, Gemini AI. This integration aims to provide users with a safer email experience, particularly by combating spam and malware threats effectively.

With the implementation of Gemini AI, Gmail will now introduce a slight delay in the delivery of emails containing attachments. This delay is necessary as the system scans these attachments for malicious software in secure virtual environments before they reach users’ inboxes. This precautionary step is designed to ensure that the 3.45 billion active Gmail users are protected from potential security risks associated with harmful files.

In addition to the scanning process, Gmail users will have access to customization features that enhance their email filtering capabilities. By adjusting these settings, users can fine-tune how emails are managed as they arrive in their inbox. For example, Gemini AI will automatically divert suspicious emails to the spam folder, offering an additional layer of defense against malicious attacks.

However, users should be aware that this sophisticated AI may sometimes misinterpret legitimate emails. For instance, important communications such as bank statements, ISP bills, or credit card reminders might inadvertently be flagged as spam based on their subject lines. In some cases, this could prevent these emails from reaching the inbox entirely, or require user intervention to recover them. Gmail’s spam filters work by analyzing the semantic content of emails, which means that legitimate messages can occasionally be caught in the crossfire.

Furthermore, users of Android 14 devices will notice Gemini AI’s influence beyond just email. The AI will also assist in Google Keep Notes and during message composition, enhancing the overall user experience. While some may view this as an interruption, it ultimately serves to improve the accuracy and relevance of user interactions.

This AI-driven feature was initially rolled out in March 2023 to over 10 million Google Workspace users, providing them with premium protection for sensitive data. Now, with the full-scale deployment of Gemini AI, all 3 billion Gmail users can benefit from enhanced classification and protection of their email content automatically.

By leveraging Gemini AI, Google aims to create a more secure email environment, balancing convenience with safety in an increasingly digital world. As this technology continues to evolve, users can expect ongoing improvements in how Gmail manages spam and protects against malicious threats.

The post Google to use Gemini AI to secure Gmail from spam and malware appeared first on Cybersecurity Insiders.


September 30, 2024 at 08:54PM

Saturday, September 28, 2024

Non-Human Identity Management: Addressing the Gaping Hole in the Identity Perimeter

Non-Human Identities (NHIs) such as service accounts, tokens, access keys, and API keys, are critical components of modern business operations across all sectors and industries. Take the financial services industry: NHIs play a fundamental role in technologies like blockchain and open banking, managing secure access and data integrity across increasingly decentralized environments. As organizations adopt more cloud services and automation, the number of NHIs grows exponentially. In an average enterprise environment, today, NHIs outnumber human identities by a factor of 10x-50x. 

However, NHI management is often neglected, leaving misconfigurations, unrotated secrets, and overprivileged access vulnerabilities exposed to unauthorized access, data exfiltration, and ultimately, costly cyberattacks. 

NHIs are the access points to enterprise data and applications, making them attractive targets for cybercriminals. NHIs frequently possess elevated privileges to carry out their tasks, which heightens the risk if their credentials are compromised. In fact, on average, we find that there are five times more highly privileged NHIs than humans. 

Adding to this issue, traditional Privileged Access Management (PAM), and Identity & Access Management (IAM) solutions and best practices cannot address the scale, ephemerality, and distributed nature of NHIs. Unlike human users, NHIs cannot be protected with Multi-Factor Authentication (MFA), which makes it harder to limit the impact of breaches. While password rotation for human accounts is a mature and efficient process, the same cannot be said for secrets and keys due to the lack of visibility of usage and ownership context. While solutions like secret scanners can help spot vulnerabilities such as hard-coded or shared secrets, the operational complexity of performing operations like rotations or decommissioning is often insurmountable.  

With traditional identity best practices rendered obsolete and NHIs proliferating every day, the industry needs solutions to properly secure this massive attack surface. The recent Dropbox, Okta, Slack, and Microsoft cyberattacks, which involved the exploitation of NHIs, spotlight the costly effects of improper NHI management. 

Against this backdrop, organizations must incorporate comprehensive NHI management into their security and identity programs. Key best practices for managing NHIs include: 

  • Maintain a comprehensive and up-to-date inventory of all NHIs within the organization 
  • Understand the business context and owners of each NHI  
  • Apply the principle of least privilege  
  • Monitor the environment continuously to detect and respond to suspicious activities involving NHIs  
  • Define governance policies and implement them via automation  

Secret rotation is a key NHI governance process to prioritize. All too often, NHIs leverage secrets that are infrequently rotated. Rotating secrets reduces the risk of credential compromise by minimizing the window of opportunity for attackers and mitigating exposure to insider threats. Rotating secrets should become an integral part of organizations’ mover/leaver processes to safely offboard employees. 

Adopting an enterprise platform purpose-built to secure the complete lifecycle of NHIs is a simple and effective way to avoid cyber incidents stemming from the unique challenges of managing and securing NHIs. Investing in these tools is necessary to protect against evolving threats and uphold security in a dynamic digital landscape. 

Implementing an NHI management platform can empower organizations with:

  • Complete visibility, providing a holistic view of all NHIs, and understanding their usage; dependencies; and relationships within an IT stack.
  • Proactive security posture management, continuously assessing and improving the security posture of NHIs, and taking proactive measures to mitigate risks.
  • Automated governance, automating the entire lifecycle of NHIs from discovery to decommissioning, ensuring robust security and operational efficiency.
  • Seamless integration, integrating with an existing security stack, providing a unified approach to identity management.

Until recently, identity security was synonymous with governance and access management for human identities. This is no longer the case as NHIs have massively expanded the enterprise perimeter. Notable high-profile cyber incidents have underscored how compromised NHIs can lead to significant security breaches, highlighting why a robust NHI management framework is a strategic imperative for sustaining business operations in our interconnected world. Modern NHI management solutions are pivotal in addressing these challenges and helping organizations prevent potentially devastating cyberattacks. 

 

 

The post Non-Human Identity Management: Addressing the Gaping Hole in the Identity Perimeter appeared first on Cybersecurity Insiders.


September 28, 2024 at 01:59PM

Friday, September 27, 2024

The 2024 DSPM Adoption Report

Introduction

With 90% of the world’s data being created in the last two years, and the total amount of data set to reach 181 Zettabytes in 2025, IT and security teams are under pressure to help their business leverage data to support key business initiatives, without exposing its data to risk. The challenges of identifying, monitoring, and protecting sensitive information have intensified. Many organizations struggle with fragmented tools and limited data discovery, as well as manual and weak classification accuracy that fail to scale, leading to data security blind spots that expose critical data to risks. This new reality has paved the way for a new security category to dramatically rise in popularity. Data Security Posture Management (DSPM) has become vital for providing continuous visibility, automatic classification, and security posture of sensitive data spread across growing SaaS, IaaS, PaaS, and existing on-premises environments.

This 2024 DSPM Adoption Report is based on a comprehensive survey of 637 IT and cybersecurity professionals that reveals how organizations are approaching DSPM, the challenges they face, the effectiveness of their current solutions, and their adoption plan over the next 12 months. Through this survey, we uncover the critical needs and priorities of enterprises when it comes to securing their data across various environments.

Key Survey Findings

  • DSPM Adoption on the Rise: DSPM is becoming the fastest-growing security category with 75% of organizations saying they will adopt DSPM by mid-2025. This is a faster rate of adoption than that of Security Service Edge (SSE) solutions, Extended Detection and Response (XDR), and Cloud Security Posture Management (CSPM). This rapid adoption reflects the recognition that DSPM is crucial for managing data security risks in modern, multi-environment infrastructures, especially given the vital role that data plays within the business.
  • Visibility Gaps Weaken Security Postures: An overwhelming 83% of respondents believe that a lack of visibility into data is weakening the overall security posture of their organizations. This underscores the need for tools that provide comprehensive and real-time visibility into sensitive data across all environments.
  • The Data Discovery and Data Classification Gap: A staggering 87% of enterprises find their current data discovery and classification solutions lacking, with only 13% considering them very effective. This underscores a critical deficiency in data security practices, emphasizing the urgent need for more precise and automated solutions to safeguard sensitive information.
  • Challenges in Detecting and Responding to Exposures: More than 60% of organizations do not feel confident in their ability to detect and respond to data security and privacy exposures. This highlights a critical gap that must be addressed through enhanced monitoring, automated response capabilities, and better alignment between detection tools and security strategies.
  • Core DSPM Features: Real-time data monitoring (43%), data discovery (38%), and data classification (35%) are seen as the core features that enterprises should prioritize in any DSPM proof of value engagement. These features are essential for providing the visibility and control needed to secure sensitive data effectively, as real-time monitoring and integration with discovery and classification have been historically lacking.

We would like to extend our gratitude to Cyera for their insights and valuable contributions to this report. Their expertise in the data security space has been instrumental in creating this important research.

As organizations continue to navigate the complexities of data security, we hope this report, which is generated by the responses of your peers, provides valuable insights and practical guidance for strengthening your data security posture. By addressing the challenges outlined and prioritizing the key features and strategies discussed, we are confident that your organization will be well-equipped to manage the risks associated with sensitive data in the years ahead.

Best,

Holger Schulze

Founder, Cybersecurity Insiders

Today’s Biggest Data Security Challenges

Data security remains a top priority for organizations as they navigate an increasingly complex threat landscape. Data security is top of mind for organizations due to the rapidly increasing frequency and cost of data breaches. This growing financial and business impact, along with the complex regulatory landscape and the expanding use of cloud and AI technologies, makes it essential for organizations to enhance their data security posture. The primary challenges around data security today, as reflected in the report, highlight the tension between ensuring robust data protection and managing data access and visibility within diverse environments.

The results reveal that 57% of respondents view excessive data access—often stemming from over privileged accounts—as a pressing concern. Overprivileged access to data, along with the lack of visibility into sensitive data—cited by 50% of respondents as a significant challenge—are the two greatest data security challenges today. This validates the need for a stronger correlation between identity and data access, ensuring that only the right individuals have access to the right data at the right time. Managing exceedingly large amounts of data was also cited by 46% of respondents, reflecting the growing difficulties in maintaining control over expanding data sets, particularly in hybrid and cloud environments.

Additional responses include: Data accuracy given incomplete data visibility, which can lead to incorrect conclusions 39% | Concerns over restrictive data access – overly-constrictive controls 35% | Lack of visibility or control over how SaaS services transfer and use sensitive data 33% | Other 1%

 

Given these findings, organizations should prioritize implementing solutions that enhance visibility and control over sensitive data without stifling business operations. Focusing on technologies that enable granular data discovery, coupled with automated policy enforcement, can help mitigate the risks associated with both over privileged access and poor data management. Moreover, maintaining a comprehensive and real-time view of sensitive data will allow organizations to proactively address security gaps and avoid the pitfalls of excessive or restrictive access controls.

Critical Data at Risk

Because data breaches have far-reaching consequences, understanding which types of data organizations are most concerned about is crucial for shaping effective security strategies.

The survey reveals that customer data, at 68%, and financial data, at 63%, are by far the top concerns for IT and cybersecurity professionals, reflecting the value and high stakes associated with the compromise of these types of information.

Customer data is the most valued, as it directly impacts customer trust and brand reputation. Financial data follows closely, given the potential for immediate monetary loss and regulatory repercussions. Intellectual property, cited by 37% of respondents, underscores the importance of safeguarding proprietary information which can protect a company’s competitive edge within the market. Interestingly, employee data and health records are still significant concerns at 36% and 28% respectively, highlighting the breadth of data types that organizations must protect.

Additional responses include: Operational data 22% | Partner data 19%

 

Organizations should ensure that their security posture is tailored to protect these critical data types, with an emphasis on technologies that offer robust encryption, access controls, and continuous monitoring. As customer and financial data are the top priorities, implementing data-centric security measures that focus on these areas can help prevent breaches and mitigate the impact should they occur. Additionally, aligning data security measures with the specific risks associated with each type of data—such as intellectual property or employee information—will create a more resilient and adaptive security framework.

Insider and Third-Party Risk

Understanding which entities pose the greatest data security risks is crucial for organizations as they seek to protect sensitive information from both internal and external threats.

The survey results reveal that employees, at 45%, are seen as the most significant concern, highlighting the ongoing challenge of insider threats. This is particularly critical as employees often have extensive access to sensitive data as part of their daily job and often switch roles throughout their tenure at an organization, making them a potential weak point in an organization’s security posture.

Third parties, including partners, contractors, and auditors, follow at 31%, underscoring the risks associated with external relationships. As organizations increasingly rely on third-party services, the potential for data exposure grows, making it essential to manage and monitor these interactions carefully. The risk grows exponentially as “Nth party” users, the third parties of third parties, will often require access to company data as well. The rising concerns around AI copilots (14%) and other non-human identities (10%), such as IoT devices, combining for 24%, point to the new challenges posed by emerging technologies, which can introduce vulnerabilities if not properly secured.

To address these concerns, organizations should adopt a comprehensive data security strategy that includes visibility into what sensitive data is accessible by insiders, rigorous third-party data access visibility and control, and proactive measures to secure AI and IoT technologies’ access to data. By doing so, they can reduce the likelihood of data incidents from both existing and emerging threats, ensuring that sensitive information remains protected.

Data Discovery Roadblocks

Discovering and managing sensitive data is the foundation of any successful data security program or strategy because it directly impacts an organization’s ability to protect its most critical digital assets. Without effective data discovery, organizations face significant risks, including high exposure to data security risks, noncompliance with regulations centered around data, and the inability to mitigate the impact of data incidents in a timely manner.

The report reveals that organizations face numerous challenges in this area, which can impede their ability to protect sensitive information and respond to emerging threats. The most significant challenge, cited by 56% of respondents, is the difficulty in maintaining up-to-date data. Lack of continuous data discovery exacerbates this issue, making it difficult for teams to stay current with the ever-changing data landscape. Additionally, 52% of participants report challenges in consolidating and analyzing data from multiple sources, a problem that is often compounded by the lack of support across heterogeneous environments—cloud, SaaS, DBaaS, and on premises. This creates significant barriers to obtaining a unified view of data across these diverse platforms.

Time-consuming processes and the lack of real-time visibility into data, noted by 44% and 38% of respondents respectively, further emphasize the inefficiencies that hinder effective data security. These issues not only slow down response times but also increase the risk of missing critical security events. Moreover, the lack of scalability (32%) and the high potential for human error (31%) indicate that many organizations are struggling to keep pace with the growing volume of data and the intricacies involved in managing it securely.

To overcome these challenges, organizations should invest in advanced data discovery capabilities that offer automation, real-time visibility, and scalability across heterogeneous environments. These solutions must also support a mix of structured, unstructured, and semi-structured data. By doing so, they can reduce the manual effort involved, minimize the risk of errors, and ensure that their data security posture remains strong as data environments grow and evolve.

Data Classification Hurdles: Automation Is Key

Following data discovery, the next critical step in a robust data security strategy is data classification, enabling organizations to identify and prioritize the protection of their most sensitive information. However, the report reveals significant challenges organizations face with their current data classification methods, which can severely undermine the effectiveness of their overall data security strategy.

The most pressing issue, identified by 49% of respondents, is the time-consuming nature of data classification processes. This challenge is largely due to the lack of automation and a continued reliance on manual methods, which slows down the process and increases the risk of leaving sensitive data exposed for longer than necessary. Similarly, 46% of participants report difficulties in consolidating and analyzing data from multiple sources, reflecting the complexities of managing classification across diverse environments, such as cloud, SaaS, DBaaS, and on-premises systems.

A lack of real-time visibility into data classes, cited by 42% of respondents, further exacerbates these challenges, making it difficult for organizations to maintain an up-to-date understanding of their data landscape. The inability to automatically learn new classifications, noted by 41%, highlights a significant gap in adaptability, which is crucial in dynamic data environments. False positives due to regular expressions (32%) and a lack of customizability (30%) also present barriers, potentially leading to misclassified data and inefficient protection measures.

To address these challenges, organizations should consider adopting advanced data classification tools that offer automation, real-time visibility, and adaptive learning capabilities. These capabilities can be found within DSPM solutions that use Large Language Models (LLMs) to classify data that is unique to the organization or a particular industry. By integrating these features, companies can streamline the classification process, reduce the reliance on manual efforts, and ensure that their data is accurately classified and protected according to its sensitivity. Additionally, enhancing customizability and reducing reliance on rigid regular expressions will allow for more precise and context-aware classifications, ultimately strengthening the organization’s data security posture.

Impact of Data Visibility on Security Posture

Data visibility is a cornerstone of a strong security posture, as organizations must know what data they have, where it resides, and how it is being accessed in order to protect it effectively.

The survey results underscore the critical nature of data visibility, with 83% of respondents acknowledging that a lack of visibility into data is weakening the overall security posture of enterprises. This reflects widespread concern about the risks associated with blind spots in data management.

Specifically, 39% of participants believe that insufficient data visibility significantly raises their security risk. This finding aligns with earlier concerns about over privileged access and the difficulty in managing large amounts of data, emphasizing how these gaps in visibility can lead to vulnerabilities that are easily exploited by malicious actors. Only a small percentage (8%) believe that data visibility does not impact risk, suggesting that most organizations recognize the importance of having a clear and comprehensive view of their data.

For organizations, it’s essential to prioritize tools and processes that enhance their ability to locate, monitor, and manage sensitive data. Implementing continuous data discovery, combined with real-time monitoring, can help close the visibility gaps that currently expose organizations to unnecessary risk. By improving visibility, companies can strengthen their security posture and reduce the likelihood of data breaches or unauthorized access.

Current Methods for Data Inventory and Discovery

Effective data inventory and discovery are essential for maintaining a robust security posture, yet the survey results reveal that organizations are still relying on a diverse array of tools, many of which do not integrate seamlessly with one another. This fragmented approach can hinder the ability to stay up-to-date with changes in data and complicate efforts to analyze data across the environment, ultimately impacting overall data security.

The most commonly used methods include Data Backup and Recovery (46%) and Data Loss Prevention (DLP) solutions (45%). While these tools play crucial roles in protecting and recovering data, they often function independently, leading to silos that limit visibility and coordination across the organization. Data Detection and Response (DDR) is also widely used (41%), further confirming that teams are employing multiple specialized tools to address various aspects of data security.

Governance, Risk, and Compliance (GRC) at 38% and Data Privacy Software at 37% reflect the growing emphasis on regulatory compliance and privacy concerns, yet these tools also may not fully integrate with other discovery methods. Security Information and Event Management (SIEM) systems, used by 36% of respondents, provide valuable insights, but often lack the comprehensive data visibility needed for effective discovery across hybrid environments. The use of newer approaches like SaaS Security Posture Management (SSPM) and Cloud Security Posture Management (CSPM), at 29% and 23% respectively, indicates a move toward cloud-focused solutions. Even so, it’s important to note that unlike DSPM, SSPM and CSPM are not focused on data security, but rather the infrastructure or applications posture itself.

Additional responses include: Data Access Governance (DAG) 24% | Cloud Security Posture Management (CSPM) 23% | Data Security Posture Management (DSPM) 19% | Other 3%

 

For organizations to overcome the challenges of tool fragmentation, it is critical to adopt solutions that integrate data inventory and discovery across environments. By focusing on platforms that offer comprehensive and unified data visibility, companies can streamline their discovery processes, reduce data silos, and ensure that they are fully equipped to manage and protect their data effectively in an increasingly complex landscape.

Methods for Gaining Visibility into Sensitive Data

Achieving comprehensive visibility into sensitive data across diverse environments is a growing challenge for organizations, especially as they manage data in cloud, on-premises, and hybrid settings. The survey results highlight the varied approaches that companies are taking to address this challenge, yet they also reveal significant gaps that undermine data security efforts.

Over half of the respondents (53%) indicate that they rely on different security services for each of their environment types, such as SaaS, IaaS, PaaS, and on-premises. This fragmented approach complicates data visibility and increases the likelihood of blind spots across the enterprise. While 49% of organizations have adopted at least some form of integration across security solutions, which offer a more unified view of data, it’s clear that many companies still struggle to consolidate their security efforts across diverse platforms.

Additionally, a concerning 36% of respondents continue to rely on manual data cataloging and classification processes. This reliance on manual methods not only increases the risk of human error but also slows down the ability to respond to security threats quickly. Compounding this issue, 27% of organizations report that they do not currently have a solution that supports visibility across all environments, further exposing them to risk.

For organizations to strengthen their data security posture, it’s critical to move away from siloed and manual approaches. Adopting integrated solutions that provide comprehensive visibility across all environments will help reduce gaps and improve the efficiency of data protection efforts. By streamlining data discovery and classification, companies can ensure they have a clear and real-time view of their sensitive information, regardless of where it resides.

Effectiveness of Data Discovery and Classification

Understanding the effectiveness of data discovery and classification tools is essential for organizations aiming to protect their most critical sensitive data. The survey results reveal a mixed picture, highlighting both progress and ongoing challenges in these key areas.

When it comes to data discovery solutions, only 14% of respondents believe their discovery tools are very effective, meaning that 86% of organizations do not have complete confidence in their discovery capabilities. In comparison, data classification methods receive similarly low favorable ratings. Only 13% of respondents consider their classification tools to be very effective. This means that 87% of enterprises do not believe their classification methods are at the highest level of effectiveness, highlighting a need for better data classification solutions.

The fact that only a fraction of enterprises consider their existing discovery and classification solutions to be very effective underscores a critical gap in data security. Even when organizations can discover their critical data, they may struggle to classify it effectively, which undermines broader data protection efforts. This widespread lack of confidence suggests that many companies need to rethink and upgrade their data security repertoire.

Additional responses include: We do not discover data today 2% | We do not classify data today 3%

 

To address these gaps, organizations should focus on integrating their data discovery and classification services, ensuring that once data is discovered it can be accurately and efficiently classified. The key should be to prioritize DSPM solutions that can provide data discovery at scale and within an appropriate time frame (days, not months or years), and combine this with classification that has high precision and automation for continued posture assessment. Investing in tools that enhance automation and reduce manual efforts will help shift more organizations from neutral or ineffective ratings to positive ones. By improving both discovery and classification, companies can better safeguard their most sensitive data and strengthen their overall security posture.

Location of Sensitive Data

In today’s corporate environments, sensitive data is not confined to a single location but is scattered across a complex mix of on-premises systems, SaaS platforms, and cloud infrastructures. This dispersion makes it increasingly difficult for organizations to maintain comprehensive visibility and control over their most critical data, intensifying the need for robust security solutions that can operate seamlessly across all environments.

Nearly 40% of respondents report that the majority of their sensitive data remains on-premises, highlighting the continued need for strong on-premises data security. Next, 30% of organizations indicate that their sensitive data primarily resides within SaaS environments, reflecting the growing dependence on cloud-based applications. However, this shift also introduces new challenges in managing and securing data across multiple SaaS providers.

Alarmingly, 15% of organizations admit they have no way of knowing where their sensitive data is located, significantly increasing their exposure to potential breaches. An additional 13% report that the majority of their data resides in IaaS environments, further complicating the data management landscape.

This broad distribution of data across corporate systems underscores the necessity for comprehensive data security solutions that offer unified visibility and control across the entire data landscape. Without such tools, organizations risk leaving critical data undiscovered and unprotected, especially when they lack a clear understanding of where that data exists. Implementing integrated and scalable solutions will be key to overcoming these challenges and ensuring data security across all environments.

Critical Activities to Monitor for Data Security

Maintaining a strong data security posture requires vigilant monitoring of key activities that could indicate potential threats or vulnerabilities. The survey results reveal a clear prioritization of what professionals consider the most critical activities to keep under surveillance, with unauthorized and over privileged access events emerging as top concerns.

Unauthorized access attempts are viewed as the most critical activity to monitor, with 58% of respondents highlighting this as a priority. This focus on unauthorized access aligns with the broader concern about protecting sensitive data from breaches, whether due to external attacks or insider threats. Closely related, 55% of participants emphasize the importance of monitoring over privileged access for humans, reflecting the risks associated with granting excessive permissions that can lead to unintended data exposure or misuse.

Interestingly, overprivileged access for non-human identities—such as automated processes, bots, or IoT devices— is also seen as crucial, with 42% of respondents prioritizing it. This concern surpasses the need to monitor traditional activities like data removal (40%), usage patterns related to sensitive data (36%), and even industry compliance violations (31%). The emphasis on non-human identities underscores the evolving threat landscape where automation and connected devices are introducing new security risks if not properly managed.

Data exfiltration attempts are another high-priority activity, cited by 56% of respondents. Additionally, changes in data access permissions (49%) and data transfer and sharing activities (41%) are recognized as critical areas to monitor, as they can signal potential security breaches or policy violations.

Additional responses include: Industry compliance violations 31% | Configuration changes in data stores 22%

 

Given these findings, organizations should prioritize DSPM solutions that offer data detection and monitoring capabilities that provide comprehensive visibility into both human and non-human access events. Implementing tools that can detect unauthorized access, flag over privileged accounts, and track changes in data permissions will be essential in maintaining a strong security posture. Moreover, the focus on nonhuman identities indicates a growing need for security measures that can address the unique risks posed by automation and connected devices in today’s data environments.

Challenges in Managing Data Security Posture

Managing data security posture across complex environments is increasingly challenging for organizations, especially as they navigate multi-cloud and hybrid architectures.

A majority of respondents (51%) report that managing data security posture across multi-cloud and hybrid environments is a top challenge. This complexity often stems from the need to coordinate security efforts across various platforms, each with its own unique risks and requirements. Closely following this, 48% of participants cite a lack of visibility into data within their SaaS environments, highlighting how difficult it can be to maintain control over data that resides outside of traditional on-premises systems.

Integration issues with existing security infrastructure is another critical concern, affecting 43% of respondents. These integration challenges can create friction between new and legacy systems, further complicating the already intricate task of managing data security. This lack of cohesion adds unnecessary complexity, which can stall or even derail data security projects if not addressed effectively.

Understanding which human and non-human identities have access to sensitive data is also a significant challenge, with 31% of respondents identifying it as an area of concern. As organizations adopt more automated processes and connect to IoT devices, keeping track of who—or what—has access to sensitive data becomes increasingly difficult.

Additional responses include: Limited automation for data incident remediation processes 25% | Lack of visibility into data that exists within my onpremises environment 23% | Lack of monitoring into data events that matter 22%

 

This reality—where understanding data security posture across hybrid cloud and SaaS environments is fraught with challenges—can lead to stalled or failed data security initiatives if not carefully managed. Organizations must prioritize solutions that provide comprehensive visibility and seamless integration across all environments. By doing so, they can reduce complexity, enhance control, and ensure the success of their data security efforts in a rapidly evolving landscape.

Effectiveness of Data Security Posture Management

As organizations increasingly turn to Data Security Posture Management (DSPM) tools to protect their sensitive data, the survey results reveal promising insights into the effectiveness of these solutions.

Among those who have adopted DSPM, the majority—63%—report that these tools have been either effective or very effective in identifying and mitigating security risks associated with data. This positive feedback highlights the value that DSPM brings to an organization’s overall security strategy.

However, 28% of respondents remain neutral, likely reflecting experiences with early DSPM solutions, or “DSPM 1.0” tools, that may lack comprehensive support across multiple environments or struggle with scalability and precision. These limitations can prevent organizations from fully realizing the benefits of DSPM, leading to less confidence in the solution’s effectiveness.

To maximize the effectiveness of DSPM, organizations should focus on solutions that not only scale across diverse environments—such as SaaS, IaaS/PaaS, and on-premises—but also provide precise, actionable insights into data security risks. By advancing beyond early iterations of DSPM and adopting modern, more robust and scalable tools, companies can manage and mitigate data security threats more effectively.

Future Investment in Data Security Posture Management

As the importance of securing sensitive data continues to rise, the survey results indicate a strong trend toward the adoption of Data Security Posture Management (DSPM) solutions.

Currently, 19% of enterprises have already implemented DSPM, and by mid-2025, 75% of organizations are expected to have adopted this technology. This positions DSPM as the fastest-growing security category globally.

When looking at future investment plans, 56% of respondents are either likely or very likely to invest in a DSPM solution within the next 12 months. This enthusiasm underscores the recognition that DSPM is becoming a critical component of modern data security strategies.

Only a small fraction of respondents are unlikely (7%) or very unlikely (5%) to invest in DSPM, which suggests that the majority of organizations understand the value DSPM provides, even if they have not yet taken the steps to adopt it.

As DSPM continues to evolve and address the challenges of data security across various environments, more enterprises are likely to make it a cornerstone of their data security program.

Expected and Observed Benefits of DSPM

As organizations increasingly adopt Data Security Posture Management (DSPM) solutions, the anticipated benefits reflect the growing need for more effective and accurate data security practices. The survey results reveal that security professionals are most excited about DSPM’s ability to enhance data discovery and improve precision in data classification—two areas where previous solutions have often fallen short.

Nearly half of the respondents (48%) expect or have already observed an improved ability to discover sensitive data within their environments. This benefit is particularly valuable given that many earlier discovery solutions lacked comprehensive support across all environments, leading to significant blind spots. By addressing these gaps, DSPM tools enable organizations to gain a more complete understanding of their data landscape, and with higher levels of confidence and automation.

Additionally, 43% of respondents are enthusiastic about DSPM’s potential to boost accuracy in data classification, reducing the occurrence of false positives. In the past, high rates of false positives have been a major pain point for data security leaders, creating unnecessary noise and making it difficult to focus on genuine threats. DSPM’s enhanced precision in classification offers a solution to this frustration, allowing for more efficient and effective data protection.

Beyond discovery and classification, other significant DSPM benefits include better compliance with data protection regulations (36%) and a more comprehensive view of data exposures and vulnerabilities (35%). The ability to reduce the risk of privacy exposures (34%) and enable the confident use of data for AI purposes (33%) also highlight DSPM’s evolving role in addressing modern security challenges, such as ensuring that data fed to AI models is secure and compliant.

Additional responses include: None – I do not plan to adopt a DSPM solution 11% | Other 2%

 

Core DSPM Features: What Matters Most

When it comes to Data Security Posture Management (DSPM), organizations are clear about what they need most: near real-time data monitoring, data discovery, and data classification. These three features emerged as the top priorities in the survey, highlighting their critical role in strengthening data security and forming the foundation of any DSPM solution.

Real-time data monitoring and alerting of data events, prioritized by 43% of respondents, is seen as the most crucial feature. This focus reflects the need for immediate visibility into data activities, allowing organizations to detect and respond to threats as they happen. However, the true value of real-time monitoring is fully realized only when it’s paired with robust data discovery (38%) and data classification (35%) capabilities. The integration of these features is essential, as monitoring alone is insufficient without a clear understanding of what sensitive data exists and how it should be classified.

This gap—where real-time data monitoring often operates in isolation from discovery and classification—highlights why these three features should be the primary focus in any DSPM proof of value engagement. Without the ability to correlate real-time events with accurate discovery and classification, organizations risk missing critical insights that could prevent data breaches.

Other important features include integration with existing security tools (32%) and automated remediation capabilities (31%). These functionalities ensure that DSPM can seamlessly fit into the broader security infrastructure and take proactive steps to address vulnerabilities. Continuous risk assessment (30%) and comprehensive reporting (28%) are also valued, offering ongoing visibility into security posture and detailed insights for decision-making.

Additional responses include: Continuous risk assessment and vulnerability detection 30% | Comprehensive reporting and analytics 28% | Policy management and enforcement 14% | Other 4%

 

Ultimately, real-time monitoring, data discovery, and classification stand out as the core needs that organizations should prioritize when evaluating DSPM solutions. Ensuring that these features work in sync will empower security teams to maintain a more effective and resilient data security posture.

Evaluation Considerations When Choosing a DSPM Solution

Selecting the right Data Security Posture Management (DSPM) solution is crucial for organizations aiming to safeguard their sensitive data effectively. The decision-making process is complex, as it directly impacts the organization’s ability to discover, classify, protect, and manage data across diverse environments. Given the rapidly evolving threat landscape, choosing a DSPM solution that aligns with an organization’s unique security needs is of paramount importance.

Precision stands out as the top priority for security professionals, with 51% of respondents identifying the accuracy of data classification as their primary consideration. This focus on precision is critical, as accurate classification forms the foundation of any effective data security strategy. Without it, organizations cannot properly identify and protect their most sensitive information, leaving critical gaps in their security posture and making it difficult to focus existing security personnel on the data that matters most.

Following closely, 47% of respondents prioritize the ability to support all environments. With data scattered across on-premises systems, cloud platforms, and SaaS applications, comprehensive coverage is essential. Security leaders understand that a DSPM solution must seamlessly handle data across all environments to provide the visibility and control necessary to mitigate risks. Integration capabilities with existing tools are also highly valued, with 45% of respondents citing this as a key evaluation. In an increasingly complex security ecosystem, the ability for DSPM to send signals and work in tandem with other security technologies is of paramount importance. This ensures that data security is not siloed but rather integrated into the broader security framework, enhancing overall effectiveness.

Other important factors include automated and continuous scanning capabilities (36%), which help maintain up to-date data security in real time, and the speed and ease of deployment (30%), which can significantly impact the success and adoption of a DSPM solution. Cost and return on investment (23%) and compliance mapping (19%) are also important, though they take a backseat to the more pressing concerns of accuracy, coverage, and integration.

Additional responses include: Cost and return on investment 23% | Compliance mapping and support 19% | Other 3%

 

Ultimately, when data security leaders are considering a DSPM vendor, precision in classification, support across all environments, and strong integration capabilities should be at the top of their evaluation criteria to ensure that a DSPM solution can effectively manage sensitive data and align with the broader security strategy of the organization.

Effectiveness in Detecting and Responding to Data Security Exposures

The ability to detect and respond to security and privacy exposures of sensitive data is a critical aspect of maintaining a strong data security posture.

Given the increasing frequency and sophistication of cyber threats, organizations must be confident in their ability to protect their most valuable assets. However, only 13% of respondents believe their organization is very effective at detecting and responding to data security and privacy exposures, with an additional 26% considering themselves effective. This means that 61% of organizations do not feel they have a strong ability to manage these crucial tasks.

This lack of confidence is concerning, as it suggests that a significant number of organizations may be leaving sensitive data vulnerable to breaches and other security or privacy incidents.

For organizations to improve their effectiveness, it’s essential to invest in solutions that provide comprehensive data visibility, automated issue identification, and ongoing risk monitoring.

Data Security Budgets: A Priority for the Year Ahead

As organizations continue to face a dynamic and challenging threat landscape, the allocation of resources toward data security remains a critical priority. The survey results reflect this focus, with a significant portion of respondents expecting their data security budgets to either increase or remain stable over the next 12 months.

Specifically, 22% of respondents anticipate a significant increase in their data security budget, while an additional 31% expect a more moderate increase. This indicates that over half of organizations recognize the need for continued investment in data protection, reinforcing the importance of maintaining and enhancing their security posture.

Meanwhile, 33% of respondents expect their budget to remain the same, further highlighting that data security continues to be a priority, even in organizations where spending levels are not expected to rise. Notably, only 14% believe their data security budget will decrease, underscoring the widespread understanding that cutting back on security investments could leave organizations vulnerable to escalating threats.

Overall, these findings demonstrate that data security remains at the forefront of business priorities. As companies allocate their budgets for the coming year, it is clear that most will continue to invest in safeguarding their sensitive information, ensuring they are well-prepared to defend against evolving risks.

Essential DSPM Best Practices for Elevating Data Security

To get the most out of your Data Security Posture Management (DSPM) efforts, it’s crucial to adopt proven best practices that enhance data protection and streamline operations. By focusing on continuous discovery, automatic classification, and integration across diverse IT environments, these practices ensure a comprehensive data security posture management.

1.Ensure Continuous Data Discovery: With 83% of respondents identifying visibility gaps as a security weakness, continuous data discovery across all environments is crucial. This minimizes blind spots and helps identify and protect sensitive data more effectively.

2.Prioritize Classification: 87% of enterprises do not believe their classification methods are at the highest level of effectiveness. Automating this process improves speed and reduces manual errors. Selecting a solution with unsupervised AI-powered classification can address the need for learned classifications missed by RegEx, enhancing precision and reducing false positives.

3.Implement Real-Time Monitoring: Real-time monitoring is critical for quick threat detection. As 43% of respondents prioritize this feature, ensure your DSPM solution includes robust alerting to mitigate risks as they arise.

4.Integrate with Existing Security Tools: Integration across existing IT security platforms is key for cohesive security strategies. With 45% of organizations prioritizing this, ensure your DSPM solution seamlessly connects with your current tools to enhance overall security.

5.Focus on Scalability Across Environments: Managing data security across multi-cloud and hybrid environments is challenging, with 51% citing it as a concern. Choose a DSPM solution that scales effectively across all environments to maintain consistent protection.

6.Develop a Budget Line Item for DSPM Budget: 53% of IT and security organizations will be increasing their data security budget. Given that DSPM is new, you may not be able to fund the solution by using an existing line item. Prioritize setting aside a DSPM budget when meeting with your business stakeholders (which should include the data team, security team, privacy team, and IT team) to ensure that you can implement DSPM within your security plans.

7.Identity Data Access: Managing who has access to what data is a fundamental aspect of DSPM. Implementing strict data access controls, with a focus on least privilege and zero trust principles, ensures that only authorized users can access sensitive data, reducing the risk of insider threats and unauthorized access.

Methodology & Demographics

The 2024 DSPM Adoption Report is based on an extensive survey of 637 cybersecurity professionals conducted in August 2024. The study explored how organizations are approaching DSPM, the challenges they face, the effectiveness of their current solutions, and their adoption plan over the next 12 months. The respondents encompass technical executives and IT security practitioners, providing a balanced representation of organizations of diverse sizes across a wide range of industries.

About Cyera

Data is the fastest-growing attack surface in the world. Founded in 2021, Cyera, which has raised $460M in total funding and is valued at $1.4bn, is a pioneer in the data security space. Cyera empowers security leaders at Paramount Pictures, Mercury Financial, and others to quickly discover their data attack surface, classify data with high precision, comply with data regulations and privacy standards, and monitor, detect, and quickly remediate data risk.

What makes Cyera unique is its agentless design that deploys in just five minutes across any environment – and its unsupervised, AI-powered classification engine that auto-learns unique classifications and delivers 95% classification precision. These insights are then combined with the data security company’s Identity capabilities. Cyera can discover human and non-human identities (i.e., AI copilots), assign trust levels to them, assess their level of access to sensitive data, and determine the context in which the identities can access that data. These platform capabilities are complemented by Cyera’s proactive data risk assessment, 24x7x365 data monitoring, and Data Incident Response services. These services make Cyera’s data security experts readily available to Cyera’s customers.

With Cyera, security leaders can focus on enabling their businesses to safely use

About Cybersecurity Insiders

Cybersecurity Insiders brings together 600,000+ IT security professionals and world-class technology vendors to facilitate smart problem-solving and collaboration in tackling today’s most critical cybersecurity challenges.

Our approach focuses on creating and curating unique content that educates and informs cybersecurity professionals about the latest cybersecurity trends, solutions, and best practices. From comprehensive research studies and unbiased product reviews to practical e-guides, engaging webinars, and educational articles – we are committed to providing resources that provide evidence-based answers to today’s complex cybersecurity challenges.

Contact us today to learn how Cybersecurity Insiders can help you stand out in a crowded market and boost demand, brand visibility, and thought leadership presence.

Email us at info@cybersecurity-insiders.com or visit cybersecurity-insiders.com

The post The 2024 DSPM Adoption Report appeared first on Cybersecurity Insiders.


September 27, 2024 at 08:39PM

G2 Names INE 2024 Enterprise and Small Business Leader

Cary, North Carolina, September 27th, 2024, CyberNewsWire

INE, a global leader in networking and cybersecurity training and certifications, is proud to announce they have earned 14 awards in G2’s Fall 2024 Report, including “Fastest Implementation” and “Most Implementable,” which highlight INE’s superior performance relative to competitors. 

“Best hands-on and real world scenario based curriculum,” raves small business user Satvik V. in a recent 5-star review. ”Their dedication towards improving the curriculum and providing the best learning experience is the best thing and I would rate 10/10.”

G2 calculates rankings using a proprietary algorithm sourced from verified reviews of actual product users and is a trusted review source for thousands of organizations around the world. Its recognition of INE’s strong performance in enterprise, small business, and global impact for technical training showcases the depth and breadth of INE’s online learning library

At INE, we are driven not just by our achievements, but by our mission to equip professionals and enterprises with the skills necessary to navigate the evolving cybersecurity landscape,” said Dara Warn, CEO of INE. “Our commitment goes beyond winning awards; it’s about forging a pathway that prepares our clients to face future challenges head-on. By consistently updating and expanding our training modules, we ensure that every course reflects the latest in technology and security practices. This approach helps us empower organizations across the globe to build a resilient, well-prepared workforce capable of turning potential threats into opportunities for growth and innovation.”

INE’s G2 Fall 2024 Report highlights include:

  • Fastest Implementation: Online Course Providers
  • Most Implementable: Online Course Providers
  • Leader: Europe, Asia, and Asia Pacific Online Course Providers
  • High Performer: India, Asia Technical Skills Development
  • Small Business High Performer: Asia Pacific Online Course Providers
  • Small Business Leader: Online Course Providers
  • Enterprise Leader: Online Course Providers
  • Momentum Leader: Online Course Providers
  • Leader: Online Course Providers
  • Small Business High Performer: Technical Skills Development
  • High Performer: Technical Skills Development

“The flexibility to learn at one’s own pace, coupled with the ability to access a vast library of resources anytime, anywhere, makes INE an ideal platform for both students and professionals looking to advance their skills or transition into new tech roles,” writes Oussama E., another small business user. 

This fall, the prestigious SC Awards recognized INE Security, INE’s cybersecurity-specific training, as the Best IT Security-Related Training Program. This designation further underscores INE Security’s role as a frontrunner in cybersecurity training for businesses, providing the tools and knowledge essential for tackling today’s complex cyber threats.

Earlier this year, the Global InfoSec Awards presented INE Security with 4 awards at RSAC 2024, including: 

  • Best Product – Cybersecurity Education for Enterprises
  • Most Innovative – Cybersecurity Education for SMBs
  • Publisher’s Choice – Cybersecurity Training
  • Cutting Edge – Cybersecurity Training Videos

Combined, these accolades highlight INE’s leadership in delivering innovative and effective networking and cybersecurity education across various market segments, including enterprises and small to medium-sized businesses.

About INE: 

INE is the premier provider of online technical training for the IT industry. Harnessing the world’s most powerful hands-on lab platform, cutting-edge technology, global video distribution network, and world-class instructors, INE is the top training choice for Fortune 500 companies worldwide, and for IT professionals looking to advance their careers. INE’s suite of learning paths offers an incomparable depth of expertise across cybersecurity, cloud, networking, and data science. INE is committed to delivering the most advanced technical training on the planet, while also lowering the barriers worldwide for those looking to enter and excel in an IT career. 

Contact

Director of Global Strategic Communications and Events
Kathryn Brown
INE Security
kbrown@ine.com

The post G2 Names INE 2024 Enterprise and Small Business Leader appeared first on Cybersecurity Insiders.


September 27, 2024 at 04:00PM

Cyber Attack news headlines trending on Google

Rising Mobile Phishing Threats in Healthcare

A recent report by Zimperium’s zLabs Global Mobile Threat has revealed a significant increase in mobile phishing attacks in 2024, with the healthcare sector emerging as a primary target. The report highlights that many attacks are directed at employees’ mobile devices, as staff often use their phones for both professional and personal activities, including browsing, shopping, and dating.

Crypto Drainer Malware Discovered on Google Play

Research from Check Point has uncovered the presence of crypto-draining malware on the Google Play Store, affecting users for the past four to five months. Various apps, including WalletConnect, have been masquerading as legitimate platforms for storing digital currencies, while actually siphoning off assets like Bitcoin and Monero. So far, approximately $70,000 in cryptocurrency has been stolen from unsuspecting victims, and the number continues to rise. Despite efforts from Google to combat this malware, these fraudulent apps are posing as legitimate products linked to actual companies, orchestrated by malicious hacking groups.

Data Breach Exposes Millions of Records in France

An unsecured Elasticsearch server containing sensitive information of over 97 million French citizens has been discovered for sale on the dark web. Security researchers suggest that this leak may stem from data gathered through at least 17 separate breaches. The exposed data includes phone numbers, email addresses, payment information, full names, physical addresses, and IP addresses, which could facilitate phishing scams and identity theft.

AI-Powered Malware Development Identified by HP Threat Intelligence

Researchers at HP Threat Intelligence have found that cybercriminals are leveraging artificial intelligence to create malware. This approach not only saves time and resources but also enables the development of sophisticated malicious software capable of evading antivirus detection. Such AI-driven malware can be easily customized for various attacks, including ransomware and data deletion.

US Treasury Bans Two Russian Cryptocurrency Exchanges

The US Treasury Department’s Office of Foreign Assets Control has imposed sanctions on two Russian cryptocurrency exchanges, Cryptex and PM2BTC, for their roles in laundering ransom payments. Evidence suggests these exchanges were involved in laundering over $720 million in funds associated with online fraud, malware distribution, mixing services, and vishing scams.

Microsoft Reports Ransomware Threats in Hybrid Clouds

Microsoft has released a report detailing how the threat actor known as Storm-0501 is exploiting hybrid cloud environments to deploy ransomware. This includes the migration of data and applications between on-premises and cloud systems, leading to risks such as credential theft, data exfiltration, manipulation, persistent backdoor access, and double extortion.

The post Cyber Attack news headlines trending on Google appeared first on Cybersecurity Insiders.


September 27, 2024 at 12:04PM

Thursday, September 26, 2024

Cyber Attack on Wi-Fi networks of London Rail Network

Multiple rail stations across the UK have recently fallen victim to a cyberattack that has severely disrupted public Wi-Fi connectivity. Notable stations affected include Manchester Piccadilly, Birmingham New Street, and London Euston. Reports indicate that the attack began on Wednesday evening and continued into Thursday afternoon, with some stations still experiencing connectivity issues at the time of writing.

According to the Manchester Evening News, users attempting to connect to the compromised network were redirected to a peculiar webpage that displayed messages such as “We Love You, Europe,” alongside statements referencing terrorist attacks that have occurred in the UK and Europe. This alarming content suggests the attack had both a disruptive and propagandistic motive. Notably, this incident follows a recent ransomware attack on Transport for London (TfL) by the CLOP ransomware gang, which is still in the recovery phase from that breach.

Further investigation revealed that the networks managed by Network Rail, specifically the technology services provider Telent, were infiltrated by what is believed to be a state-sponsored threat actor. Telent is responsible for providing digital infrastructure and Wi-Fi services to various rail stations across Britain. As a result of the attack, approximately 19 major railway stations experienced significant disruptions, inconveniencing thousands of commuters and travelers who depend on reliable internet access for work or to stay connected with family and friends during their journeys.

The impacted stations include:

    a.) Bristol Temple Meads
   b.)  Birmingham New Street
  c.)   Clapham Junction
    d.) Edinburgh Waverley
    e.) Glasgow Central
    f.) Guildford
   g.)  Leeds City
    h.) Liverpool Lime Street
   i.)  London Bridge
    j.) London Cannon Street
   K.) London Charing Cross
   L.) London Euston
    M.) London King’s Cross
    N.) London Liverpool Street
   o.)  London Paddington
    P.) London Victoria
   Q.)  London Waterloo
    R.) Manchester Piccadilly
    S.) Reading

In response to this troubling situation, the British Transport Police, in collaboration with the National Cyber Security Centre (NCSC)—the cybersecurity arm of GCHQ—has initiated a comprehensive investigation to identify the perpetrators behind this attack. A forensic team has been deployed to assess the breach and implement measures to mitigate any potential risks stemming from the incident.

As the investigation unfolds, it underscores the pressing need for enhanced cybersecurity measures in critical infrastructure sectors, particularly as cyber threats continue to evolve and pose significant risks to public services.

The post Cyber Attack on Wi-Fi networks of London Rail Network appeared first on Cybersecurity Insiders.


September 26, 2024 at 09:12PM

Microsoft claims China is spying on US ISPs and Users

In today’s digital age, it’s become increasingly apparent that many individuals share details of their lives online, whether intentionally or inadvertently. This has created an opportunity for various entities, particularly state actors, to engage in surveillance of internet activity. One such actor is China, which has reportedly intensified its efforts to monitor the online behaviors of users, especially in major metropolitan areas, through sophisticated spyware tactics.

According to insights from Microsoft’s Threat Intelligence teams, China has successfully infiltrated several Internet Service Providers (ISPs) to conduct extensive surveillance. This malicious entity, identified as Salt Typhoon—also known by monikers such as Ghost Emperor, Sparkling Cockroach, or Famous Sparrow—has become a significant focus of cybersecurity concerns.

The origins of Salt Typhoon’s operations trace back to an initial breach of Cisco routers, which served as a gateway for monitoring internet activities occurring through these devices. Once access was gained, the threat actor expanded its reach into additional routing networks, as reported by sources close to the investigation.

In October 2021, the Russian cybersecurity firm Kaspersky unveiled that the group known as Famous Sparrow had been targeting businesses across Southeast Asia, utilizing a sophisticated toolkit named Demodex. This campaign marked the beginning of a broader operational footprint that has since extended to countries such as Vietnam, Indonesia, Thailand, Malaysia, Egypt, Ethiopia, and Afghanistan.

While the full scope of Salt Typhoon’s capabilities remains uncertain, there are concerns regarding its potential to develop a network of botnets capable of launching Distributed Denial of Service (DDoS) attacks. Recently, South African tech service provider Sygnia identified a dormant network of botnets lurking on the dark web, believed to be aligned with Chinese intelligence efforts.

The geopolitical landscape between North America and China has notably deteriorated in recent years, particularly following the election of former President Donald Trump in 2016. In this tense environment, monitoring the internet activities of U.S. citizens could provide valuable insights into various facets of American life—economic, political, and financial—that would be of strategic interest to China.

Consequently, Salt Typhoon may represent one of China’s cyber weapons, strategically crafted to fulfill its intelligence-gathering objectives and enhance its influence on the global stage.

The post Microsoft claims China is spying on US ISPs and Users appeared first on Cybersecurity Insiders.


September 26, 2024 at 09:08PM

Wednesday, September 25, 2024

Nominations Now Open for the 2025 Cybersecurity Excellence Awards

The highly anticipated 2025 Cybersecurity Excellence Awards are now open for nominations, honoring achievements and celebrating innovation, leadership, and excellence in the global cybersecurity industry. Marking 10 years of recognizing excellence since 2016, these prestigious awards honor outstanding contributions from companies, professionals, and the innovative solutions shaping the future of cybersecurity.

As the cyber threat landscape continues to evolve, and expanding attack surfaces expose new vulnerabilities, the Cybersecurity Excellence Awards provide a proven platform for organizations and leaders to gain global recognition for their efforts in advancing cybersecurity practices and driving the industry forward.

“As cybersecurity threats grow more sophisticated, it’s the innovators and leaders who truly make an impact,” says Holger Schulze, CEO of Cybersecurity Insiders and founder of the 600,000-member Information Security Community on LinkedIn, which organizes the annual Cybersecurity Excellence Awards. “The 2025 awards will highlight those pushing the boundaries—whether it’s through pioneering AI advancements, reimagining threat detection, or developing solutions that redefine how we safeguard critical data and infrastructure in an increasingly complex digital landscape.”

Why Participate in the 2025 Cybersecurity Excellence Awards?

The 2025 Cybersecurity Excellence Awards offer robust recognition, marketing, and third-party validation opportunities within the global cybersecurity community:

Global Publicity and Industry Validation: Winners and participants gain visibility through personalized nomination profiles on the awards site. They are featured in press releases, on the Cybersecurity Insiders news site, and across social media, reaching cybersecurity professionals, clients, and industry influencers across the world.
Elevate Your Brand: Winning an award boosts credibility, differentiating your brand in marketing, investor relations, and product launches. It enhances both your organization’s and your personal reputation, positioning you as a thought leader in cybersecurity and raising your profile in professional networks.
Recognition Across Comprehensive Categories: The awards span multiple categories including products and services, professionals, company, and industry solutions, ensuring that all critical areas of cybersecurity are acknowledged. Participants can also request custom award categories to reflect their unique contributions to cybersecurity.

Nomination Process and Key Dates

Submit your nominations via a user-friendly online platform. Early submissions are encouraged to maximize visibility and voting opportunities (and benefit from early-bird specials):

• Nominations close January 31, 2025 (midnight PST)
• Awards announcements start the week of February 24, 2025

Visit the 2025 Cybersecurity Excellence Awards [https://cybersecurity-excellence-awards.com/] to start your nomination today.

The post Nominations Now Open for the 2025 Cybersecurity Excellence Awards appeared first on Cybersecurity Insiders.


September 26, 2024 at 12:24AM