Many business owners - and the IT professionals they rely on - focus on protecting their companies from external threats – the lone hacker out for a large ransom, the industry competitor pilfering secrets, or organized cyber-criminals with sophisticate phishing schemes, etc. But what about internal threats? Organizations sometimes fail to consider the true risks that insiders pose to their cybersecurity. Yet, internal risks are every bit as dangerous and damaging as the external ones, even if there is not malicious intent. The 2019 IBM Cost of Data Breach survey revealed that 24 percent of all data breaches in the past five years were the result of negligent employees or contractors.1 Another report, Insider Data Breach Survey, found that 60 percent of executives felt employees who made mistakes while rushing to complete tasks were the primary cause of internal breaches. Another 44 percent pointed to a lack of general awareness as the second most common reason, and 36 percent cited inadequate training for their organization’s security tools as a close third.2 To drive home the full harm of insider threats, we’ve compiled five actual case studies of internal actors who’ve wreaked financial and reputational damage when they got careless, or abused their knowledge and positions for personal gain.
“If you don’t know where you’ve come from. You don’t know where you’re going.” This quote by Maya Angelou was not explicitly quoted regarding technology, although the relevancy is powerful. Technology progresses exponentially, and so to understand how far we have come, we need to understand where we began. This week, in 1956, the very first commercial hard drive was released. It was the IBM 350 Disk Storage Unit Model 1, and it was the size of two refrigerators. This ground-breaking technology weighed around a ton and could store about 4-5 megabytes of data. Today, a device the size of an old compact disk case can hold over 10 Terabytes of data. That is over 1,000,000 times the storage of the originally released hard drive. Although hard drives aren’t as vital as they used to be now that we have cloud storage, it is an essential piece of history to learn where we came from and where we are today.
Business Email Compromise and Education
This month at Pendello we have been focusing on Business Email Compromise as the risk is definitely on the rise. If you remember, Business Email Compromise (BEC) is when an organized crime group gains access to your email through deception with the use of spear-phishing, identity theft, email spoofing, malware, and social engineering. In the past two weeks’ blogs, we introduced BECs and the different types of attack attempts. This week we are delving into how to recognize attack attempts. As 93% of all investigated data breaches can be traced back to a specific employee, we at Pendello Solutions know that end-user education is your best defense. So this month Pendello is bringing you some guidelines to look for when dealing with your day to day communications.
Ransomware is another hot topic when it comes to Cyber-crimes. It is on the news (WannaCry, NotPetya), on the movies, and on security experts’ minds! What is ransomware and how does it infect computers. These topics are important ones if you strive to understand the safety and security of your business, data, and finances.
Watson...is it one of the robots from Mystery Science Theater or the Smartest Golden Retriever ever?
Watson is Artificial Intelligence. A computer that thinks like you and me but light-years faster and doesn't have the brain-fog from last night's carb-loaded meal. To understand the basis of this, first, take how our search process has worked in the past. Previously, we could do a keyword search that would return a list of content listed in order of relevancy. Watson is different, it is based on Question-Answering technology. Instead of traditional search capabilities relying on computer-based "coding" language, Watson understands actual human languages. According to IBM, more than 100 different techniques are used to understand and analyze natural language, identify sources, find and generate hypotheses, find and score evidence and merge and track predictions. So instead of returning a list of content, it honestly answers your questions.