Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the accelerated-mobile-pages domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $options declared before required parameter $ad is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/advanced-ads/classes/display-conditions.php on line 208

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the easy-digital-downloads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd_cfm domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edds domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Deprecated: Optional parameter $params declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutReturn.php on line 6

Deprecated: Optional parameter $insMessage declared before required parameter $secretWord is implicitly treated as a required parameter in /www/cisomagcom_810/public/wp-content/plugins/edd-2checkout/sdk/lib/Twocheckout/TwocheckoutNotification.php on line 6

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the Newsmag domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-content/themes/Newsmag/functions.php on line 616

Warning: Cannot modify header information - headers already sent by (output started at /www/cisomagcom_810/public/wp-includes/functions.php:6121) in /www/cisomagcom_810/public/wp-includes/feed-rss2.php on line 8
CPOC Archives - CISO MAG | Cyber Security Magazine Beyond Cyber Security Thu, 28 Jan 2021 10:29:18 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.1 On Data Privacy Day, Acronis Forecasts Critical Privacy Risks for 2021 https://staging-cisomagcom.kinsta.cloud/data-privacy-risks-in-2021/ Thu, 28 Jan 2021 10:29:18 +0000 https://staging-cisomagcom.kinsta.cloud/?p=9633 Ahead of International Data Privacy Day 2021, Acronis, a cybersecurity solutions provider, issued a warning that organizations around the globe will face even more critical data privacy and security threats in 2021. Based on the research of recent cyberattack trends and existing business practices, the company’s researchers have alerted organizations to take immediate action to […]

The post On Data Privacy Day, Acronis Forecasts Critical Privacy Risks for 2021 appeared first on CISO MAG | Cyber Security Magazine.

]]> Ahead of International Data Privacy Day 2021, Acronis, a cybersecurity solutions provider, issued a warning that organizations around the globe will face even more critical data privacy and security threats in 2021. Based on the research of recent cyberattack trends and existing business practices, the company’s researchers have alerted organizations to take immediate action to avoid costlier attacks and severe repercussions.

The Findings

Researchers from the Acronis Cyber Protection Operations Centers (CPOCs) found a glaring fact that 80% of companies do not have an established password policy. Additionally, their analysis also uncovered that 15-20% of the passwords used in a business environment include the name of the company itself, making it easier to crack.

Two recent high-profile breaches illustrate this problem. Before its Orion IT Management software’s compromise, SolarWinds was warned that one of its update servers had a publicly known password of “solarwinds123,” while former President Donald Trump’s Twitter account was hacked because the password was alleged “maga2020!”.

Of the organizations that do have a password policy in place, the researchers found that many rely on default passwords, and up to 50% of those are categorized as weak. With the ongoing COVID-19 pandemic and employees are working remotely, attackers are targeting these weak password practices.

Related News:

CISO MAG Market Trends Report on Data Security – 2020

Concurrently, researchers also observed a dramatic increase in the number of brute force attacks during 2020, and found that password stuffing was the second most used cyberattack last year, just behind phishing.

Candid Wüest, VP of Cyber Protection Research at Acronis, explained, “The sudden rush to remote work during the pandemic accelerated the adoption of cloud-based solutions. In making that transition, however, many companies did not keep their cybersecurity and data protection requirements properly in focus. Now, those companies are realizing that ensuring data privacy is a crucial part of a holistic cyber protection strategy – one that incorporates cybersecurity and data protection – and they need to enact stronger safeguards for remote workers.”

Financial and Reputational Risks

While the businesses are realizing the need to ensure the privacy of their own and their customers’ data, a lag in awareness among digital users remains. A recent report stated that 48% of employees admit they are less likely to follow safe data practices when working from home.

Experts believe that poor password hygiene and lax cybersecurity habits of remote workers could lead data exfiltration to soar in 2021. Threat actors will primarily be interested in accessing and stealing valuable company data. The trend is like the one seen among ransomware attackers, who are stealing proprietary or embarrassing data and then threatening to publish it if the victim does not pay. Last year, Acronis identified more than 1,000 companies around the world that experienced a data leak following a ransomware attack.

Implementing Stricter Authentication

To avoid costly downtime, significant reputational damage in the marketplace, and steep regulatory fines caused by a data breach, organizations must strengthen the authentication requirements needed to access company data.

Acronis and other cybersecurity experts recommend the following practices for better security:

  • Multi-factor authentication (MFA), which requires users to complete two or more verification methods to access a company network, system, or VPN, should be the standard for all organizations. By combining passwords with an additional verification method, such as a fingerprint scan or randomized PIN from a mobile app, the organization is still protected if an attacker guesses or breaks a user’s password.
  • A Zero Trust model must be adopted to ensure data security and privacy. All users, whether they are working remotely or operating inside the corporate network, must be required to authenticate themselves, prove their authorization, and continuously validate their security to access and use company data and systems.
  • User and entity behavior analytics, or UEBA, helps automate an organization’s protection. By monitoring the normal activity of users with AI and statistical analysis, the system can recognize behavior that deviates from normal patterns – particularly those that indicate a breach has occurred and data theft is underway.

On Data Privacy Day 2021, Acronis has released the Acronis Cyberthreats Report. Refer to the report for detailed information on other threats and trends to look out for in 2021.

Related News:

Federated Learning Can Solve Security and Data Privacy Challenges: Intel Labs

The post On Data Privacy Day, Acronis Forecasts Critical Privacy Risks for 2021 appeared first on CISO MAG | Cyber Security Magazine.

]]>