2019, Security and Vulnerability - Continuity Professionals Pulse

Guidance for reducing HTTP protocol RCE security vulnerability risk with Citrix Web App Firewall (CVE-2022-21907)

Citrix

MAY 9, 2022

The HTTP protocol stack remote code execution vulnerability (CVE-2022-21907) lies in the management of HTTP Trailers by the kernel mode driver http.sys.

Vulnerability

Vulnerability Security Authentication Management

Counting Costs: The Impact of a Government Shutdown on the Security Industry

Security Industry Association

SEPTEMBER 20, 2023

Also, in contrast to the most recent government shutdown, which lasted for 35 days in December 2018 and January 2019 and was only partial, as appropriations had already been agreed to for the U.S. How does a government shutdown impact the security industry? 30 – looming large.

Government

Government Security Vulnerability Authorization

8 Cybersecurity Risks That May Impact Organizations in 2019

Behavior Group

MARCH 4, 2019

Aon’s 2019 Cyber Security Risk Report features eight risks that may impact organizations in the next 12 months, no matter where they are on their digital journey. Aon’s 2019 Cyber Security Risk Report features eight risks that may impact organizations in the next 12 months, no matter where they are on their digital journey.

Cybersecurity

Cybersecurity Vulnerability Security Risk Management

Four Ways to Achieve a Zero Trust Security Model

Behavior Group

JANUARY 24, 2020

Put 2019 in the record books — for cybercrime, that is. Zero Trust Security Model,cybercrime, ransomware, security According to Risk Based Security, a global leader in vulnerability intelligence, breach data and risk ratings, 2019 was on track to be “the worst year on record” for cybercrime.

Security

Security Vulnerability

5 Reasons You Need a Backup and Disaster Recovery Plan

Zerto

DECEMBER 12, 2023

In 2023, organizations will generate nearly 3 times the volume of data generated in 2019. Data is a valuable component of running a business, and it is vulnerable to a number of threats that can lead to data leaks and data loss. Data is growing faster than ever, and protecting it is becoming increasingly complex.

Disaster Recovery

Disaster Recovery Backup Vulnerability Application

Getting Ahead of Cybercriminals: 5 Essential Cybersecurity Practices

NexusTek

FEBRUARY 9, 2022

Although you might assume this would make SMBs less attractive targets for cybercrime, consider the following 2 : SMBs often have less sophisticated security practices, making them easier targets for cybercriminals. The first step in cultivating a security strategy is to understand your sources of risk. Vulnerability Scanning.

Cybersecurity

Cybersecurity Vulnerability Response Plan Malware

Flaws in Cybersecurity Software Expose Hundreds of Networks to Cyberattacks

Behavior Group

MAY 15, 2020

Cybersecurity flaws have been exposed in cybersecurity provider Cyberoam’s security products. Flaws in Cybersecurity Software, Cyberattacks According to a vpnMentor report, the first vulnerability was reported in late 2019, while the second was shared with vpnMentor by an anonymous ethical hacker at the beginning of 2020.

Cybersecurity

Cybersecurity Vulnerability Security

Why Hostile Vehicle Incidents Can’t Be Ignored

Security Industry Association

NOVEMBER 23, 2021

The Security Industry Association (SIA) has been educating the industry about and advocating for greater protection of public spaces since 2016, particularly through in-person events and through the work of the SIA Perimeter Security Subcommittee – and as evidenced at incidents like Waukesha, our work is far from done.

Entertainment

Entertainment Marketing Vulnerability Retail

Are BYOD Practices Putting Your Business at Risk?

NexusTek

JUNE 1, 2022

As BYOD creates distinct cyber security risks, it is important to understand the nature of those risks and how to contain them. Given these clear benefits, it’s easy to see why BYOD has caught on so widely; however, with these benefits come distinct cyber security risks. How Does BYOD Create Cyber Security Risks?

Malware

Malware Vulnerability Authentication Security

The Pros and Cons of Outsourced Vs In-House IT Disaster Recovery

Erwood Group

MAY 17, 2024

Security and Compliance Risks: Data Privacy Concerns: Entrusting sensitive data to an external provider raises concerns about data privacy and security. Businesses need to ensure that the provider adheres to stringent security measures. This objective analysis leads to more robust and effective recovery plans.

Outsourcing

Outsourcing Disaster Recovery Business Continuity Consulting

4 Unknown Cyber Threats Enterprises Need to Watch Out For

Assurance IT

JUNE 3, 2021

This term, AI Fuzzing is a tool that integrates AI with regular fuzzing techniques which capture software vulnerabilities. Although, this can help your enterprise, fix and capture dangerous vulnerabilities, cybercriminals can use this to start and automate zero-day attacks. Machine Learning Poisoning. Don’t Let Them In.

Vulnerability

Vulnerability Disaster Recovery Insurance Insurance

Moving Video Security to the Cloud: How Cloud Technology Can Offer Functionality and Flexibility

Security Industry Association

JULY 27, 2021

The growth of cloud-based business functions allows for security-as-a-service (SaaS) options that had previously been unavailable, especially for small to medium-sized businesses. percent from 2019 to 2026. However, there are still some uncertainties about cloud-based security. Data Security. Scalability and Flexibility.

Technology

Technology Security Evaluation Marketing

3 Ways to Prep Your Business IT for the Holiday Shopping Season

NexusTek

NOVEMBER 3, 2021

billion—32% more than in 2019, according to Adobe Analytics. Massive, simultaneous traffic can lead to website crashes, shipping errors, and security breaches that impact the business and its customers. In 2019, J. Prev Previous Cybersecurity as a Matter of National Security. Last year, U.S. CONTACT US. Share On Social.

Cybersecurity

Cybersecurity Backup Cyber Resilience Disaster Recovery

Towards a Taxonomy of Disasters

Emergency Planning

JUNE 9, 2019

While not independent of the magnitude of physical forces involved, it is not linearly related to them because it depends on the nature and size of the vulnerabilities that the physical forces act upon. Necci 2019. NATO Science for Peace and Security, Series E: Human and Societal Dynamics Vol. UNDRR 2019. Krausmann, E.,

Risk Reduction

Risk Reduction Natural Hazard All-Hazards Hazard

Ransom Threats and Higher Education

everbridge

MAY 11, 2022

With ransomware attacks doubling since 2019 and showing no signs of slowing, higher education institutions have been left scrambling to thwart these digital threats. The Impact of Ransomware on Higher Education. While ransomware is not a new threat, attacks have risen by 105% across the globe since 2020, and its effects have been devastating.

Education

Education Data Recovery Vulnerability Security

Microsoft Exchange Emergency Mitigation (EM) Service

LAN Infotech

OCTOBER 1, 2021

The Emergency Mitigation service helps reduce the risks associated with Exchange Server, ensuring security patches are installed promptly and guarding against cyberattacks. Automated Protection for Vulnerable Exchange Servers. Mitigation is an action or set of actions used to secure an Exchange server from a known threat.

Mitigation

Mitigation Internet Vulnerability Fashion

Duty of Care for Business Travelers

everbridge

FEBRUARY 23, 2022

While we are seeing an increase in air travel once more, domestic air travel is still down 19% from January 2019, and international travel remains down 13% from pre-COVID levels. As the gaps in state security become chasms, business travelers also face an increase in terror-related threats.

Travel

Travel Risk Management Airlines Vulnerability

Why Crisis Management Preparedness Matters

everbridge

JUNE 16, 2022

Almost 70 percent of leaders have dealt with a corporate crisis in the last five years, PricewaterhouseCoopers (PwC) found in its 2019 Global Crisis Survey. Preparedness is key because it helps you identify vulnerabilities and coordinate how you might best protect your colleagues, customers, partners, and organization in a crisis.

Crisis Management

Crisis Management Management BCP Communications

Backup and DR – The Last Line of Ransomware Defense

OffsiteDataSync

FEBRUARY 25, 2022

And the problem is growing… According to Group-IB , a Singapore-based security firm, ransomware attacks surged by 150% from 2019 to 2020. Freedom from malware and/or ransomware : Backup systems are just as vulnerable to compromise as anything else, so they be kept clean. Multi-Faceted Threat.

Backup

Backup Failover Disaster Recovery Malware

The evolution of cyber crime

SRM

JUNE 21, 2019

We know that the main advantage hackers have is their ability to respond with agility to the changing face of data security. A recent example of this was the spyware injected into a vulnerability within WhatsApp. And moving into the second half of 2019, it has become very evident that the most dangerous thing is to do nothing.

Vulnerability

Vulnerability Banking Insurance Insurance

What is Cyber Resilience and Why It Matters

Castellan

AUGUST 24, 2021

Instead, it draws on seven key areas when defining cyber resilience: national security, critical infrastructure, critical infrastructure security and resilience, Department of Defense (DoD) cybersecurity, network engineering, resilience engineering, and Homeland Security. What Are the Main Components of Cyber Resilience?

Cyber Resilience

Cyber Resilience Resilience Cybersecurity Disaster Recovery

Stay Out of Ransomware Jail with Rapid Recovery

Pure Storage

JULY 7, 2021

That’s a 311% increase from 2019. One major contributor is the massive shift to remote work last year and employees subsequently not connecting securely to company networks. Ransomware, like most cyber threats, targets and exploits vulnerabilities and other security gaps in legacy, complex IT. demand their ransom.

Backup

Backup Cybersecurity Vulnerability Hospitality

Windows 11: What’s In It and What It Means for Your Business

LAN Infotech

JULY 21, 2021

And while Microsoft Teams found purchase among many businesses for its capacity and security, it was not as seamlessly integrated into Microsoft’s environment as, say, FaceTime is to Apple’s. Greater Security. The OS will be based on Zero-Trust principles to help you ensure the security of your network and devices.

Malware

Malware Application Security Capacity

Coronavirus and China’s Decision-Making in a Crisis

Marketpoint Recall

FEBRUARY 10, 2020

2019 was not a particularly pretty year for the Chinese Communist Party (CCP). These contrary views reflect China’s long-held neuralgia that foreign states are prepared to take advantage of China’s vulnerability, and that traditional powers seek to obstruct China’s inevitable path to greatness.

Media

Media Government Authorization Travel

Using Budget Principles to Prepare for Future Pandemics and Other Disasters

National Center for Disaster Prepardness

JANUARY 19, 2022

At the same time, we see widening inequalities in who has access to recovery resources, and disparities in vulnerability that are too often predictable by socioeconomic status, race and ethnicity. We have a cacophony of roughly 90 assistance programs that can come from as many as 20 different agencies, with different triggers and rules.

Pandemic

Pandemic Disaster Preparedness All-Hazards Government

20/20 Vision: Comments on Exercise Cygnus (UK’s pandemic exercise in 2016)

Plan B Consulting

MAY 25, 2020

The UK government has had a lot of criticism in the press about them being unprepared to respond to COVID-19, despite the 2019 Global Health Security Index Report in which we were rated as one of the ‘most prepared countries’. UK the “most prepared country”?

Pandemic

Pandemic Vulnerability Government Capacity

20/20 Vision: Comments on Exercise Cygnus (UK’s pandemic exercise in 2016)

Plan B Consulting

MAY 25, 2020

The UK government has had a lot of criticism in the press about them being unprepared to respond to COVID-19, despite the 2019 Global Health Security Index Report in which we were rated as one of the ‘most prepared countries’. UK the “most prepared country”? Lack of a plan.

Pandemic

Pandemic Vulnerability Government Capacity

Managing the Perils of Data Exfiltration

Pure Storage

MARCH 21, 2024

An Allianz report found that large industry cyberattacks resulting in data exfiltration increased from 40% in 2019 to 77% in 2022, and 2023 has probably surpassed 2022’s total. Technical vulnerabilities, phishing campaigns, and social engineering are well-known methods of gaining access. What Is Data Exfiltration?

Management

Management Malware Authentication Healthcare

Managing the Perils of Data Exfiltration

Pure Storage

MARCH 21, 2024

An Allianz report found that large industry cyberattacks resulting in data exfiltration increased from 40% in 2019 to 77% in 2022, and 2023 has probably surpassed 2022’s total. Technical vulnerabilities, phishing campaigns, and social engineering are well-known methods of gaining access. What Is Data Exfiltration?

Management

Management Malware Authentication Healthcare

Tips for Managing Third-Party Risk in Health Care

Reciprocity

SEPTEMBER 30, 2022

Third parties generate, manage, or hold this data, resulting in even more severe threats to healthcare organizations and their information security. This is why third-party risk management and healthcare data security are critical. What is Healthcare Vendor Risk Management? In healthcare, outdated software is a severe problem.

Healthcare

Healthcare Management Risk Management Vulnerability

Ransomware: Cybersecurity’s Biggest Threat Yet

LAN Infotech

APRIL 9, 2021

Don’t get lulled into a false sense of security…. In the first half of 2019 alone, 56% of MSPs report attacks against clients. Malvertising: Hackers have found vulnerabilities in many popular, modern browsers like Google Chrome and Mozilla Firefox. According to Beasley Breach Response’s 2019 noncompliance report ….

Malware

Malware Backup Cybersecurity Vulnerability

The Positives and Negatives of AI in the Cyberspace

Plan B Consulting

FEBRUARY 19, 2024

I have wrote on this subject before in 2019; click here to read. Automated Response: AI-powered systems can respond to threats instantaneously, patching vulnerabilities, blocking malicious traffic, and quarantining infected systems. Predictive Security: AI algorithms can learn from past attack patterns and predict future threats.

Malware

Malware Vulnerability Security Mitigation

A Presto Data Pipeline with S3

Pure Storage

JUNE 27, 2022

For brevity, I do not include here critical pipeline components like monitoring, alerting, and security. Managing large filesystems requires visibility for many purposes: tracking space usage trends to quantifying vulnerability radius after a security incident. 2019–10–05 | 417905229 | 44354.

Alert

Alert Application Management Authorization

Preparation for Protest

Plan B Consulting

SEPTEMBER 13, 2021

They know how to avoid police surveillance and how to keep operational security in the dark, revealing their targets at the very last moment. The operational level should include; security staff, receptionists, those that control who can access your sites, and those who are working on-site in liveried uniforms and vehicles.

Alert

Alert Response Plan Security Strategic

Preparation for Protest

Plan B Consulting

SEPTEMBER 13, 2021

They know how to avoid police surveillance and how to keep operational security in the dark, revealing their targets at the very last moment. The operational level should include; security staff, receptionists, those that control who can access your sites, and those who are working on-site in liveried uniforms and vehicles.

Alert

Alert Response Plan Security Strategic

Integrating Risk Disciplines: Business Continuity and Cyber Response

Castellan

NOVEMBER 2, 2021

RiskBased Security’s 2020 Year End Report Data Breach QuickView points to almost 700 publicly reported breaches that included ransomware as an attack vector. That’s a 100% increase compared to 2019. And not only are there more ransomware breaches, breach severity of all cyber breach types is increasing.

Business Continuity

Business Continuity Cyber Resilience Cybersecurity Resilience

Preparation for Protest

Plan B Consulting

SEPTEMBER 13, 2021

They know how to avoid police surveillance and how to keep operational security in the dark, revealing their targets at the very last moment. The operational level should include; security staff, receptionists, those that control who can access your sites, and those who are working on-site in liveried uniforms and vehicles.

Alert

Alert Response Plan Business Continuity Security

Beware of the self-wiggling mouse – Water industry & Cyber

Plan B Consulting

MARCH 21, 2021

This week I look at the risk of a cyber-attack and the importance of reviewing your vulnerability to water, wastewater and electricity loss. This week I thought I would talk about the vulnerability of water systems to cyber-attacks and some ideas of what, as business continuity professionals, we can do about this.

Vulnerability

Vulnerability Internet Malware Emergency Planning

Beware of the self-wiggling mouse – Water industry & Cyber

Plan B Consulting

MARCH 21, 2021

This week I look at the risk of a cyber-attack and the importance of reviewing your vulnerability to water, wastewater and electricity loss. This week I thought I would talk about the vulnerability of water systems to cyber-attacks and some ideas of what, as business continuity professionals, we can do about this. Water industry 1995.

Vulnerability

Vulnerability Internet Business Continuity Malware

IRM, ERM, and GRC: Is There a Difference?

Reciprocity

AUGUST 24, 2022

2013-2018): Using GRC solutions for enterprise-wide management in various areas such as risk management, compliance, legal, finance, audit, security, and health and safety. In 2020, Gartner informed vendors evaluated in the 2019 Magic Quadrant that it had retired the IRM market category “in favor of more targeted marketing segments.”

Risk Management

Risk Management Audit Insurance Insurance

Haiti: has there been progress in disaster reduction since the last big earthquake?

Emergency Planning

AUGUST 20, 2021

In Haiti, a third of the population lacks secure access to food. A changing situation The eminent anthropologist Anthony Oliver-Smith argued [vi] that in Haiti colonialism has left an enduring legacy of vulnerability to disasters. Nowhere more than in Haiti has disaster been made inevitable by the nexus of poverty and vulnerability.

Vulnerability

Vulnerability All-Hazards Risk Reduction Government

Deadly extreme weather is the new normal

National Center for Disaster Prepardness

AUGUST 8, 2019

This piece was originally published on May 23, 2019 in The Hill. . Irwin Redlener points out that that terms like “tornado alley” may lead people in other areas to think that they are outside of the danger zone , creating a false sense of security for communities not accustomed to seeing these intense storms. We just need to do it.

Disaster Preparedness

Disaster Preparedness Vulnerability Insurance Insurance

Business Continuity Guide for Smaller Organizations

Stratogrid Advisory

JUNE 3, 2020

In addition, there are other standards such as the International Organization for Standardization - I S O 22301:2019 Societal Security – Business Continuity Management Systems, or the National Institute of Standards and Technology - NIST 800-34 , which provide similar implementation guidelines.

Business Continuity

Business Continuity BCM Impact Analysis BCP

Business Continuity Guide for Smaller Organizations

Stratogrid Advisory

JUNE 3, 2020

Technological disruptions (loss of data centers, data breaches or other IT security-related incidents). Talent related disruptions (pandemic planning, emergency management and physical security-related events). Regardless of the industry (non-profit organizations, professional services companies, manufacturing, public sector, etc.),

Business Continuity

Business Continuity BCM Impact Analysis BCP

Guidance for reducing HTTP protocol RCE security vulnerability risk with Citrix Web App Firewall (CVE-2022-21907)

Counting Costs: The Impact of a Government Shutdown on the Security Industry

Trending Sources

8 Cybersecurity Risks That May Impact Organizations in 2019

Four Ways to Achieve a Zero Trust Security Model

5 Reasons You Need a Backup and Disaster Recovery Plan

Getting Ahead of Cybercriminals: 5 Essential Cybersecurity Practices

Flaws in Cybersecurity Software Expose Hundreds of Networks to Cyberattacks

Why Hostile Vehicle Incidents Can’t Be Ignored

Are BYOD Practices Putting Your Business at Risk?

The Pros and Cons of Outsourced Vs In-House IT Disaster Recovery

4 Unknown Cyber Threats Enterprises Need to Watch Out For

Moving Video Security to the Cloud: How Cloud Technology Can Offer Functionality and Flexibility

3 Ways to Prep Your Business IT for the Holiday Shopping Season

Towards a Taxonomy of Disasters

Ransom Threats and Higher Education

Microsoft Exchange Emergency Mitigation (EM) Service

Duty of Care for Business Travelers

Why Crisis Management Preparedness Matters

Backup and DR – The Last Line of Ransomware Defense

The evolution of cyber crime

What is Cyber Resilience and Why It Matters

Stay Out of Ransomware Jail with Rapid Recovery

Windows 11: What’s In It and What It Means for Your Business

Coronavirus and China’s Decision-Making in a Crisis

Using Budget Principles to Prepare for Future Pandemics and Other Disasters

20/20 Vision: Comments on Exercise Cygnus (UK’s pandemic exercise in 2016)

20/20 Vision: Comments on Exercise Cygnus (UK’s pandemic exercise in 2016)

Managing the Perils of Data Exfiltration

Managing the Perils of Data Exfiltration

Tips for Managing Third-Party Risk in Health Care

Ransomware: Cybersecurity’s Biggest Threat Yet

The Positives and Negatives of AI in the Cyberspace

A Presto Data Pipeline with S3

Preparation for Protest

Preparation for Protest

Integrating Risk Disciplines: Business Continuity and Cyber Response

Preparation for Protest

Beware of the self-wiggling mouse – Water industry & Cyber

Beware of the self-wiggling mouse – Water industry & Cyber

IRM, ERM, and GRC: Is There a Difference?

Haiti: has there been progress in disaster reduction since the last big earthquake?

Deadly extreme weather is the new normal

Business Continuity Guide for Smaller Organizations

Business Continuity Guide for Smaller Organizations

Stay Connected