BLOGS

INSIGHTS

BLOGS

Filter By:
E.g., 2021-11-28
E.g., 2021-11-28
November 19, 2021
With workforces and organizational data assets scattered globally and corporate networks being accessed remotely, the financial services (FS) industry is increasingly susceptible to cybersecurity breaches. In this dispersed environment, attackers target remote workers and unsecure personal devices by compromising identities to circumvent traditional network security policies. These cyberattacks...
Read Full Post
November 8, 2021
With the rise of the hybrid, work-from-home workforce and increasing global distribution of corporate information and network assets, financial services (FS) and banking organizations are rethinking how they can effectively protect data. FS chief information security officers (CISOs) are prioritizing implementation of zero-trust architecture (ZTA) because the traditional information security...
Read Full Post
August 10, 2021
At Aite-Novarica Group we have covered the evolution and complexity of data privacy requirements. In January 2020 one of our top 10 trends in cybersecurity for 2020 was “additional complexity is associated with data and privacy requirements.” In that report, I wrote about the EU General Data Protection Regulation (GDPR) and noted that “… the individual EU country data supervisory authorities...
Read Full Post
December 28, 2020
A vulnerability in the SolarWinds Orion product paved the way for immense cybersecurity attacks in 2020. Attackers slipped into corporate and government agency networks using compromised user credentials and then used powerful exploits to gain elevated administrative privileges. Central to the attacker’s strategy was security assertion markup language (SAML). It is a standard that guides networks...
Read Full Post
Steve Hunt
December 24, 2020
Hundreds of articles have already been written about the recent sophisticated campaign to penetrate government agencies and enterprises using a doctored software update to SolarWinds Orion, SolarWinds’ network management product. Up to 18,000 SolarWinds customers may have been affected. It’s likely that the cybersecurity community will learn more in the coming weeks, but what we know now points...
Read Full Post
August 18, 2020
We’re less than three months from the U.S. presidential election, and the Democratic and Republican conventions will take place over the next week. The COVID-19 pandemic forced significant changes in these conventions, and a raging debate continues regarding voting by mail. Let’s leave the vote by mail issue aside for now and focus on election cybersecurity. Substantial outrage stemmed from...
Read Full Post
April 6, 2020
I use Zoom video conferencing and will continue to use it despite the negative press reporting. Here's the situation. Zoom was a niche application a few short months ago, and it was never designed for today’s 200 million concurrent users. There were some amateurish flaws in the code, but there wasn't enough scrutiny to make a difference. Then we saw a huge spike in popularity, and suddenly...
Read Full Post
January 23, 2020
In 2019, attackers continued to target third parties, service providers, and supply chain partners with the intention of broadening the scale and impact of their attacks. Notable instances in 2019 included the following: In November 2019, a cyberattack against Milwaukee-based technology provider Virtual Care Provider Inc. kept more than 100 senior living facilities from accessing patient...
Read Full Post
December 16, 2019
In 2020, we will see substantial increases in wireless data speeds as well as new applications and business models that will leverage fifth-generation (5G) wireless and Wi-Fi 6 (802.11ax). Both technologies will give enterprise users, consumers, and, yes, attackers the ability to rapidly transfer an enormous amount of data using new devices that will become available in 2020. The potential impact...
Read Full Post
November 25, 2019
I recently had the opportunity to take a public tour of an Amazon fulfillment center in Texas. It was an amazing experience and left me with a clear impression that loss of availability can have a colossal and devastating cyber impact on any organization with complex supply chains or time-sensitive customer services. We all focus on confidentiality of data, but in this case, availability took...
Read Full Post

HOW CAN WE HELP?

If you have a question specific to your industry, speak with our experts.  Call us today to learn about the benefits of becoming a client.

Receive email updates relevant to you. Subscribe to entire practices or to selected topics within practices.