Cloud and mobile deployments are the weakest links
April 2019, Cyber Security
Check Point Software has published the third instalment of its 2019 Security Report. It highlights how threat actors are increasingly targeting the weakest, least protected points in an organisation’s IT infrastructure – their public cloud and mobile deployments.
The third instalment of the 2019 Security Report reveals the key cyberattack trends used by criminals to target enterprise cloud and mobile estates during 2018. It also reveals enterprise IT and security teams’ key security concerns about these deployments. Highlights of the third instalment include:
• 18% of organisations globally had a cloud security incident in the past year: the most common incident types were data leaks / breaches, account hijacks, and malware infections.
• The top four public cloud security threats: IT professionals rated misconfiguration of cloud platforms, leading to data loss or breaches as the biggest threat, cited by 62%; followed by unauthorised access to cloud resources (55%); insecure interfaces and APIs (50%); hijacking of accounts or data traffic (47%).
• 30% of IT professionals still consider security is the responsibility of the cloud service provider: this worrying finding negates recommendations that cloud security should follow the mutual responsibility model, in which security is shared by both the cloud provider and the customer.
• 59% of IT professionals do not use mobile threat defences: a majority of organisations have not deployed mobile security solutions capable of detecting leading threats including mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities.
• Only 9% of IT professionals consider threats on mobile a significant security risk: yet malware can propagate from unprotected mobile devices to organisations’ cloud- or on-premise networks, exploiting this weak link in enterprise security defences.
“The third instalment of our 2019 Security Report shows just how vulnerable organisations are to attacks targeting their cloud and mobile estates, because there is a lack of awareness of the threats they face and how to mitigate them. Nearly 20% of organisations have experienced a cloud incident in the past year, it’s clear that
criminals are looking to exploit these security gaps,” said Zohar Alon, head of cloud product line, Check Point Software Technologies. “By reviewing and highlighting these developments in the report, organisations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”
For full report go to: https://research.checkpoint.com/vol-3-2019-security-report/
- When cybercrime affects health and safety
April 2019, This Week's Editor's Pick, Cyber Security
The threat of a category-one cyber-attack is that everything could seem right – the readings on the meter could be fine, checklists would be followed, and equipment would work – yet danger could still unfold.
- New service to fight cybersecurity threats to African banks
April 2019, Cyber Security
Foregenix is launching a service to combat the new and growing breed of cyber-attacks on African banks.
- Cyber/physical perils in hospitality
April 2019, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security, Entertainment and Hospitality (Industry)
How can we prepare for our holidays and avoid becoming the victim of a scam or data breach?
- Rethink security priorities
April 2019, News, Cyber Security
Cryptocurrency mining is up 237%, phishing attacks increase by 269%, business email compromise attacks have gone up by 28%.
- New supply chain attack
April 2019, Kaspersky Lab, Cyber Security
Kaspersky Lab has uncovered a new advanced persistent threat (APT) campaign that has affected a large number of users through what is known as a supply chain attack.
- Overcoming the 2019 cyberthreat
April 2019, IT infrastructure, Cyber Security
The flexibility of remote working is good, however, the wider a network perimeter has to stretch, the more scope exists for security breaches.
- Halt, who goes there?
March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
- IoT is convergence in action
March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
- Stop hacking of access control systems
March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
- New cybersecurity pavilion for Securex 2019
March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
- Security by design
March 2019, Johnson Controls, Cyber Security, Integrated Solutions
The security of the platforms on which physical security products are built will increasingly impact purchase decisions and market positions.
- A logical solution for cyber solutions
March 2019, Suprema, Cyber Security, Access Control & Identity Management, Products
BioMini Slim 2 is a thin, FBI PIV and FBI Mobile ID certified FAP20 optical scanner with a large platen for easy capturing of fingerprints.