Tag Archive for: isn’t

Why Anti-Phishing Training Isn’t Enough

/in


Not only is relying on employees’ awareness insufficient to prevent sophisticated social engineering attacks, some training methods can create other problems.

It’s time we take a hard look at why we rely so much on end users to catch phishing scams that can jeopardize an entire company. As hackers continue to advance their social engineering techniques, phishing attacks are becoming harder to detect and are missed 39% of the time. While you might think your anti-phishing training program is up to date, your organization will continue to be at risk as long as email is necessary for business operations.

Because we all engage with email daily, we have a degree of blind trust despite continuous, sophisticated anti-phishing training. On many occasions, hackers scheme to elicit emotional responses from their target — for example, by sending urgent messages “from” human resources or the CEO. These are more likely to result in improper downloads or email responses that can damage the entire organization.

File sharing over email is another necessary business function that puts the organization at significant risk for a breach. According to Proofpoint’s “2021 State of the Phish Report,” attachment-based attacks are becoming more common, and employees often cannot differentiate malicious emails from those with files they need to collaborate, especially when remote work is so common. Currently, the average failure rate in attachment-based attacks is 20%, far higher than for URL-based attacks, at 12%.

Why Anti-Phishing Training Isn’t Succeeding
If you think this is solely a pandemic-related problem, think again, as it predates COVID-19. In 2019, 68% of organizations focused on raising awareness of link-based attacks compared with just 10% of organizations that put their efforts on attachment-based attacks. And 65% of the phishing tests with the highest failure rates were attachment-based, with most emails looking like they came from a recognizable internal account such as a supervisor or someone from the HR department. 

Notably, the HR department is at increased risk for falling victim to an attachment-based attack because of the resumes and other files from outside sources it engages with…

Source…

A Successful Cybersecurity Company Isn’t About Fancy Technology

/in



6 min read

Opinions expressed by Entrepreneur contributors are their own.


We’re living in an information age where data is the new currency. As the world explores new digital frontiers, the importance of data security is growing exponentially. Digital transformation is helping to make the world a better place, but cyberattacks are an unfortunate part of this reality. These days, the success of any modern business, large or small, depends on the effectiveness of the data security systems it has in place.

The need for robust data security has created gigantic and ever-expanding opportunities for those who can offer much-needed protection against possible cyberattacks.        

Why is it a good time to start a cybersecurity business?

Cyber-risk is on the rise, and every possible data point suggests the trend is likely to continue in the future, given the increasing need for multilayered data-sharing across all business types and verticals.

According to Cybersecurity Ventures estimates, the cost of global cybercrime is expected to grow 15% annually over the next five years and reach $10.5 trillion annually by 2025, up from $3 trillion in 2015.

Governments around the world are passing legislation to ensure maximum protection and, in most cases, the liability to protect data remains with the owner. Failure to comply with data-protection rules can result in fines for negligence or theft. European Union administrations have tightened legislation regarding data processing and imposed fines of up to 4% of annual turnover, with a ceiling of 20 million euros.

However you look at it – whether it’s for a network, internet, cloud, web gateway, or end-point security – cybersecurity compliance is an absolute must for every enterprise. It’s not just to avoid penalties. You need to make your system cyber-attack proof to earn and retain the trust of clients and customers. The arrival of disruptive technologies like artificial intelligence (AI), machine learning (ML), the internet of things (IoT), blockchain, and others have opened vast opportunities for…

Source…

Opinion: Biden’s multilateralism isn’t enough to defend America

/in


Over the past four years, international conditions have changed radically and returning to the multilateralism of the Bush-Obama years won’t offer Joe Biden the leverage needed to deal with China and Russia.

The freedom for swift action that authoritarian regimes enjoy permitted China to quickly suppress COVID-19 and register economic growth in 2020, while Europe and North America suffered greatly from the pandemic and a recession.

China advancing everywhere

Confident in the belief that its system is superior, Beijing is pushing out in all directions—repressing Hong Kong, forcibly assimilating ethnic minorities, continuing a naval buildup that threatens U.S. interests and allies in the Pacific, and co-opting the European Union.

Despite China’s human-rights transgressions, the EU recently signed an investment and trade agreement with Beijing. European leaders point to market-opening opportunities, leverage on Beijing’s climate change policies, and commitments to support labor rights.

However, Beijing has broken numerous commitments on trade and investment in the past, is violating its promise to maintain a two-system one-nation policy in Hong Kong, and appears reticent about commitments on climate change.

Globally, China is the largest source of new greenhouse gases, and no possible solution to the planet heating up is possible without curbing its fossil- fuel use. Last September, Beijing pledged to reach peak CO2 emissions by 2030 and net zero emissions by 2060 but China continues to build coal-fired plants. At the December Climate Ambition Summit, Beijing did not table any meaningful initiatives to reverse those plans.

China shows no remorse for failing to warn the world about COVID-19 and has sought to subvert the World Health Organization to avoid culpability. Now it is pressuring Australia and others who support a WHO investigation—and to refrain from taking issue with its treatment of Hong Kong and repression of Muslims in western provinces.

Europe recognizes threat, but does little

Trade and foreign investment are the cudgels Beijing uses to weaken Western resistance and punish critics. It is investing heavily in…

Source…

Android 12 will make using third-party apps easier while ensuring phone’s security isn’t compromised – Firstpost

/in

Android 12 will make using third-party apps easier while ensuring phone’s security isn’t compromised  Firstpost
“android security news” – read more