Author: Bill Bosen

27 Apr Employees Falling for New Microsoft Word Malware

There’s been a lot of news recently about cybercriminals exploiting a security weakness found in every version of Microsoft Word. This attack is particularly menacing because it does not require macros to be enabled—and it’s very easy for employees to become infected. In this new attack against Microsoft Word, a malicious object is embedded within an OLE2Link. When unsuspecting users open...

Read More
SWIFT bank heist money

10 Aug Cost of a Data Breach Hits $4 Million Dollars

New study shows the cost of a data breach to be $4 million dollars on average, increasing 29 percent during the last 2 years. IBM Security’s recent report on the cost of a data breach shows that costs continue to rise. Getting hacked has always been expensive, but this report shows the average price is now around $4 million dollars for...

Read More

21 Jun 201 Days to Identify Data Breach

New study finds that on average it takes 201 days to detect a data breach and 70 additional days to contain it. But advanced technologies can significantly reduce these times. During recent years, numerous reports have shown that in general, it takes an enterprise a number of months to detect that they’ve had a data breach. That’s if they detect it...

Read More
User Behavior Analytics real keys

14 Jun The Real Key To User Behavior Analytics

User Behavior Analytics (UBA) uses and benefits from a number of different technologies. But knowing which technologies and data need to be analyzed for any given situation and context, and applying the correct weight for the many variables is the real key. User Behavior Analytics Of necessity UBA utilizes a large number of highly sophisticated technologies, including managing and interoperating with numerous...

Read More
securing cyberspace on NATO agenda

13 Jun Formal Recognition by NATO In Securing Cyberspace

Securing cyberspace becomes official – and it’s taking place in our own companies and homes. Early this month, Major General Ludwig Leinhos, a former director at NATO Headquarters Consultation, Command and Control Staff, said that cyberspace will likely be officially declared an operational warzone at the upcoming NATO summit in Poland this July. Wow! According to General Leinhos, all 28 NATO member...

Read More
Information security goals often do not align with IT executive ideals

08 Jun Reality vs Information Security Goals of IT Execs

I just read a new and interesting report from LTM Research that highlights the big gap between information security goals of IT executives and what is really happening in their organizations. IT executives want to detect serious cyber security incidents within a single day, but data shows traditional security solutions don’t usually detect a breach for months – if at all. The...

Read More
login credentials were easy for this celebrity hacker

07 Jun Celebrity Hacker Proves It’s Easy to Get Login Credentials

The Romanian cyber criminal known as the “Celebrity Hacker” revealed how easy it is to obtain login credentials –and his long list of successful hacks proves that his simple methods work. Login Credentials are Easy Guesses Marcel Lehel Lazar, who broke into the accounts of numerous celebrities, politicians, and government officials recently plead guilty in a U.S. District Court to charges of...

Read More
insider spy

06 Jun How to detect an Insider Spy

An insider spy is perhaps the most significant threat to enterprise security. Monitoring their behavior is a critical component in detecting and deterring their activities. Some years ago the Chinese government sent Chi Mak to the United States to obtain employment in the defense industry with the goal of stealing US defense secrets, which he did for over 20 years. Among...

Read More
security training

03 Jun Security Training Helps, But it’s Not Enough

Industry experts agree that the actions of employees and other insiders are major contributors to data security incidents. Security training helps, but studies show it’s not very effective. Ponemon Institute recently released a report on “Managing Insider Risk through Training & Culture." The study examined enterprises that already have security and data protection training in place, and measured the effectiveness of those programs. Security training...

Read More
LinkedIn breach

01 Jun LinkedIn Breach Surges by 110 Million Records

Like millions of others, last week I received a notice from LinkedIn that my personal data may have been stolen during a data breach in 2012. What prompted the notice four years after the LinkedIn breach was that a few days ago the company “became aware that data stolen from LinkedIn in 2012 was being made available online." LinkedIn posted a...

Read More