Breach confirmed by Google's immigration law firm | CoreView examines security for Microsoft 365 | Forrester: Insider threats no longer hidden
October 28, 2020
ISACA SmartBrief on Cybersecurity
Advancing the best guidance and learning in cybersecuritySIGN UP ⋅   SHARE
ADVERTISEMENT
Top Story
Personal information about present and former Google employees was compromised in an incident involving US law firm Fragomen, Del Rey, Bernsen & Loewy, which handles immigration law cases. The law firm says a "limited number" of Google employees were affected.
Full Story: TechCrunch (tiered subscription model) (10/26) 
LinkedIn Twitter Facebook Email
Earn SC Media's BEST Cybersecurity Degree in the Nation
Will your degree always be in-demand? Stand out from other applicants by earning a BS, MS, TMBA, or DSc in cybersecurity from Capitol Technology University, the 2020 winner of the SC Media Award for Best Cybersecurity Higher Education Program.
ADVERTISEMENT:
Security in the News
Multifactor authentication is key to preventing data breaches, but about 78% of administrators of Microsoft 365 don't use it, says software company CoreView. The company also notes that 36% of 365 administrators have global privileges, whereas security guidelines recommend two to four per business.
Full Story: Help Net Security (10/27) 
LinkedIn Twitter Facebook Email
Market research company Forrester says it expects one-third of security breaches to have an insider component by next year, up from the current level of 25%. The main reason, states Forrester analyst Jeff Pollard, is that insider threats have evolved from "a dirty secret" into a factor disclosed to regulators and the public.
Full Story: SC Media (10/26) 
LinkedIn Twitter Facebook Email
Only about 1 in 3 cybersecurity professionals consider the threat data they receive to be both accurate and relevant, finds a survey by Neustar. Considering the pandemic and the remote working conditions it created, "actionable, contextualized, near real-time threat data" is more important than ever, says Neustar executive Rodney Joffe.
Full Story: Help Net Security (10/27) 
LinkedIn Twitter Facebook Email
Reinhart Hansen of security company Imperva says the company has noted a tenfold increase in distributed-denial-of-service attacks over the past year, with cybercriminals charging as little as $50 for a five-minute attack. "That tiny investment can have major implications when websites go down and criminals manage to tunnel into backend servers and customer data," Hansen says.
Full Story: SecurityBrief Europe (10/27) 
LinkedIn Twitter Facebook Email
Virtual private networks become a weak point in security if "access to them is handed out willy-nilly to contractors," writes Jason Soroko, Sectigo's chief technology officer. In this commentary, Soroko covers a wide variety of threats and writes that many administrators don't manage secure shell keys carefully enough.
Full Story: EE Times (10/26) 
LinkedIn Twitter Facebook Email
Data Breaches
Scalable Capital, a German financial robo-adviser backed by Blackrock, has reported a data breach involving details about individual bank accounts, investment portfolios and taxes. The company says no funds were at risk from the cyberattack, which affected 20,000 customers in the UK and Germany.
Full Story: Financial News (UK) (tiered subscription model) (10/27) 
LinkedIn Twitter Facebook Email
If you're not moving forward and you're not evolving, you're devolving, and I don't want to go backwards. I want to be better at what I do tomorrow than I am today.
Audra McDonald,
actor, singer
LinkedIn Twitter Facebook Email
LEARN MORE ABOUT ISACA:
Certifications  |    Certificates  |    Training and Events  |    Resources  |    Membership  |    Enterprise
SmartBrief publishes more than 200 free industry newsletters - Browse our portfolio
Sign Up  |    Update Profile  |    Advertise with SmartBrief
Unsubscribe  |    Privacy policy
CONTACT US: FEEDBACK  |    ADVERTISE
SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004