Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology and strategies for combatting targeted attacks

Capital One & Sephora Breaches Evince Usual Defense Limits

One week after Equifax announced the settlement terms of its recent breach, two new breaches are making headlines. First, various outlets reported this week that Capital One, among the top 10 banks by asset size in the US, was victimized by a hacker that gained access to more than 100 million customer accounts and credit card applications in early 2019. The hack is one of the largest data breaches to ever hit a financial services firm. What got compromised? The stolen data includes 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers and an undisclosed number of names, addresses, credit scores, credit limits, balances and other personally identifiable information. Read More

LockerGoga Attack Underscore The Need for Cyber Hygiene

Spring is here, and with it comes news of a new and vicious ransomware attack, known as LockerGoga. Read More

Increase Security: Go Beyond HIPAA Compliance Requirements

 

HIPAA Compliance—Cyberattackers Aren’t Fazed

In spite of longstanding HIPAA compliance requirements, and the billions of dollars being invested to ensure HIPAA compliance, it seems that cyberthreats and attackers aren't fazed. Healthcare suffered from some of the largest breaches ever reported in 2015. The breach at Anthem compromised 78.8 million records, and two additional breaches exposed more than 10 million records each1. The following year, 2016, saw the highest number of breaches with 327 reported. The number of breaches in 2017 surpassed 2016, with more than 342 reported. While the number of breaches grew, the number of compromised records dropped from 112 million in 2016 to a little more than 14 million in 2017. Read More

4 Quick Thoughts On The Marriott Breach: Not A Usual Crime

My phone’s been ringing this morning from people wanting to talk about the massive Marriott breach — the revelation that private data associated with up to 500 million people may have been compromised. I’m sure there’s a lot more to learn from the details, but in the meantime, I’ll take a quick minute to jot down some initial thoughts: Read More

Ponemon Reports on How Security Teams Defend After a Breach

Moody's Cyber Risk Group: “Cyber becomes more and more important.” On November 12, Moody’s announced its intent to start incorporating in its credit rating method the degree to which an organization faces risk of major impact from a cyberattack. This follows the news, back in February 2018, that the Securities and Exchange Commission issued additional guidance on its requirement that public companies must “inform investors about material cybersecurity risks and incidents,” even if they have not yet been the target of a cyberattack.   Read More

Increase Cybersecurity During Mergers And Acquisitions

More than $2.5 trillion in mergers were announced in the first half of 2018[1]a new record. Ranked by value of the deal, energy and power deals led, followed by media and entertainment, with healthcare and industrials close behind. Industries are converging and organizations are using acquisitions, divestitures, and other forms of asset remix to reposition their businesses. For example, there are numerous mergers among pharmaceutical, life sciences, and biotech companies as they seek to gain traction in a highly fragmented market. EY predicts that the total value of life sciences M&A will surpass $200 billion in 2018. According to Deloitte, technology acquisition is the primary driver of M&A pursuits, ahead of expanding customer bases in existing markets, and adding products or services[3]. Read More

How to Lower the Cost of Data Breaches? Prioritize Detection

By annually tracking the cost of data breaches, Ponemon Institute has helped instill broad awareness that these costs continue to increase. As noted in our report earlier this year, Ponemon also offers some insight on steps companies can take to minimize these costs, citing the positive impact of investment in pre-established incident response teams, employee training, and enhanced encryption. Read More

16 Key Facts From the 2016 Verizon Data Breach Report

For 9 straight years now, Verizon has released the Data Breach Investigations Report to give cybersecurity professionals a detailed look into the threat landscape. The report is meant to help security teams keep up with increasingly sophisticated attackers. 

Read More

Cyberattackers in An Endless Maze of Deception Technology

Cyber attackers only need one small crack in a security plan to invade and jeopardize an entire organization. As IBM and Ponemon Institute reported in their 2015 Cost of Data Breach Study: Global Analysis, this is becoming a costly problem for today’s businesses. Read More

Kaspersky’s 2015 IT Security Risks Survey | 5 Key Takeaways

International software security group Kaspersky Lab recently published their findings from the 2015 Global IT Security Risks Survey, which included responses from 5564 IT professionals across 38 countries. Read More