This ISMG Security Report analyzes the decline in the number of organizations hit by ransomware who choose to pay a ransom to the attackers. It also examines how to better protect digital identities in the healthcare sector and how security decision-makers can use metrics to achieve better outcomes.
Two signs that the tide may finally, if slowly, be turning on ransomware: The number of victims who choose to pay continues to decline, while the amount they pay - when they choose to do so - recently dropped by one-third, reports ransomware incident response firm Coveware.
Does it ever feel like you can't fight that REvil/Sodinokibi ransomware feeling anymore? Victims might be all out of love with attacks launched under the banner of the group, which is tied to more than $200 million in losses, but despite repeated disruptions, REvil keep returns - at least in name.
The U.S. Securities and Exchange Commission has allocated 20 new positions to the unit responsible for protecting investors in cryptocurrency markets from cyber-related threats. The SEC says that the Crypto Assets and Cyber Unit in the Division of Enforcement will grow to 50 dedicated positions.
New industry guidance provides a detailed road map to help healthcare sector entities respond to and recover from cyberattacks involving extended IT outages, say Lisa Bisterfeldt and Kirsten Nunez, who are members of the Health Sector Coordinating Council task force that developed the resource.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
A federal jury has ordered NortonLifeLock to pay Columbia University $185.1 million after finding the company infringed on two patents. Jurors decided Monday that NortonLifeLock's use of emulators to monitor programs for malicious behavior intentionally infringes upon Columbia's patents.
John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
A recent study shows that 85% of customers would avoid using a brand after losing trust. There is also an emotional impact to identify theft. As a security leader, you do not want that pain associated with your brand.
From login to purchase, it’s critical to know who the person is behind the OTP and know if they...
Account takeovers (ATO) and financial fraud demonstrate that losing trust in a brand can come anywhere along the customer journey. A study found that 28% of customers would stop using a site or service if they experienced a
n ATO. Conversely, when consumers trust your brand, they are 7 times more likely more to buy...
In 2021 alone, fraudulent accounts increased by 70% and synthetic identity fraud losses grew to $20B.
From onboarding and answering product questions to providing ongoing support, customers expect and deserve safe and secure communications. Every communication carries the potential for building trust and...
Even powerful brands are not immune from fake users; in fact, they are often the most prominent targets. In Q4 of 2021 alone, Facebook removed 1.3 billion fake accounts.
Today, most ecosystems are littered with fake accounts set up to steal confidential information, post fake product reviews, spam legitimate...
Today’s sophisticated cyberattacks combine multiple tactics that include social engineering, zero-day malware and 3rd party OAuth app abuse. Threat actors employ tactics across email, cloud and web that target specific people in your organization to breach your environment and access sensitive data. Hybrid work...