Verizon’s 2016 Data Breach Investigations Report finds cybercriminals are exploiting human nature

Cybercriminals are continuing to exploit human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, finds the Verizon 2016 Data Breach Investigations Report.

This year’s report highlights repeating themes from prior year’s findings and storylines that continue to play off of human nature, including:

  • Eighty-nine (89) percent of all attacks involve financial or espionage motivations.
  • Most attacks exploit known vulnerabilities that have never been patched despite patches being available for months, or even years. In fact, the top 10 known vulnerabilities accounted for 85 percent of successful exploits.
  • Sixty-three (63) percent of confirmed data breaches involve using weak, default or stolen passwords.
  • 95 percent of breaches and 86 percent of security incidents fall into nine patterns
  • Ransomware attacks increased by 16 percent over 2015 findings.
  • Basic defenses continue to be sorely lacking in many organizations.

Read more…

Top Cybersecurity Risks for Healthcare Industry

Despite the cyber threats facing healthcare organizations, 95 percent of IT specialists working at medical organizations around the world report that their organizations do not use any software for information security governance or risk management, according to the results of a 2017 IT Risks Survey.

Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, released the results of its Netwrix 2017 IT Risks report, which provides a look into IT security practices, pains, successful experiences and plans in the healthcare industry. The IT risks are divided into three areas: security, compliance and operations.

Read the netwrix.com blog here

Gartner: Top trends in IT security technology

National Harbor, MD. — Gartner kicked off its annual Gartner Security and Risk Management Summit 2014 by pointing to the top threat challenges heading into next year — and added that in the future, the term IT security will give way to “digital security” to encompass newer challenges, such as the Internet of Things. Please read the full article here.