Enterprises Worry End Users Will be the Cause of Next Major Breach

The sheer volume of data breaches and cyberattacks means these incidents are now more visible than ever.
Long gone are those days when affected organizations would wait till late Friday afternoons to disclose incidents in hopes of burying the news.
The heightened focus is driving security professionals to rethink their enterprise security strategy and investments in tools and services.
Despite deploying a wide range of security tools to address cyber threats against their organizations, the IT and security decision makers in Dark Reading's Strategic Security Survey don't seem confident in the organization's ability to withstand attacks.
A high percentage believe that the processes they have implemented, such as multi-factor authentication, malware analysis capabilities and end-user security awareness training programs are effective.
Sixty-three percent are confident in their ability to respond effectively to a ransomware attack.
55% say their organizations are more vulnerable to data breaches than a year ago because attackers have more ways to target and break into their networks, and 58% say their organizations were more concerned about ransomware than it was a year ago.
The future doesn't look any more optimistic: 78% say adversaries will target cloud service providers more in the coming year.
Twenty-five percent of respondents expect that if a major breach were to happen at their organization in the next 12 months, an automated malware tool will likely be the primary cause for it.
From a future breach standpoint, end users remain the biggest concern, though.
Over a third believe that the primary cause of their organization's next major data breach in the coming year would be a negligent end user or end user who breaks security policy.
Almost a quarter expect it will be some kind of super elusive social engineering scam, and 15% worried about the organization's heavy reliance on remote systems and homeworkers.
10% felt end-user security awareness programs were ineffective.
Policy enforcement and the complexity associated with managing a security strategy remain big challenges.
A slew of issues appears to be hampering their ability to harness the full benefits of these processes and technologies.
Thirty-one percent of organizations-or about the same as last year's 30%-struggled to enforce security policies at their organizations and an identical proportion were hard pressed to manage the complexity associated with modern security threats.


This Cyber News was published on www.darkreading.com. Publication date: Fri, 16 Feb 2024 22:00:13 +0000


Cyber News related to Enterprises Worry End Users Will be the Cause of Next Major Breach

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
10 months ago Securityboulevard.com
Enterprises Worry End Users Will be the Cause of Next Major Breach - The sheer volume of data breaches and cyberattacks means these incidents are now more visible than ever. Long gone are those days when affected organizations would wait till late Friday afternoons to disclose incidents in hopes of burying the news. ...
9 months ago Darkreading.com
Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
11 months ago Scmagazine.com
Omdia: Standalone Security Products Outsell Cybersecurity Platforms - In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms. Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of ...
11 months ago Darkreading.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
11 months ago Securityboulevard.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
11 months ago Bleepingcomputer.com
PayPal Data Breach – Check If You’re Affected - PayPal recently reported a data breach to its users. The breach exposed customers’ personal information, including email addresses, phone numbers, and physical addresses. This data breach has sent shockwaves through the online payments industry, as ...
1 year ago Hackread.com
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
11 months ago Jdsupra.com
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
11 months ago Jdsupra.com
Ex-Uber CSO: Lessons Learned from the Breach and Legal Case - BLACK HAT EUROPE 2023 - London - Former Uber CISO Joe Sullivan last week shared new details about the 2016 data breach at the company that led to his firing from Uber and, later, felony charges. The Uber Breach Sullivan was in his second year as CISO ...
11 months ago Darkreading.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
10 months ago Securityboulevard.com
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
4 months ago Jdsupra.com
Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
4 months ago Securityaffairs.com
Prudential Financial data breach impacted over 2.5M individuals - Prudential Financial data breach impacted over 2.5 million individuals. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
4 months ago Securityaffairs.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
4 months ago Securityaffairs.com
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
10 months ago Bleepingcomputer.com
CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules - About six months ago, CISO Steve Cobb noticed that the contract language proposed by public companies had some notable additions. In the case of a breach, publicly traded companies wanted more control over how their third-party providers responded to ...
6 months ago Darkreading.com
23andMe failed to detect mega-breach attackers for 5 months The Register - Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection ...
9 months ago Go.theregister.com
Mr. Cooper breach affects more than 14.6M - Mr. Cooper, a major U.S. mortgage servicer, says an October data breach affected nearly 14.7 million people, including all its current and former customers. Mr. Cooper provided a data breach notification to the Office of the Maine Attorney General ...
11 months ago Packetstormsecurity.com
Ticketmaster sends notifications about recent massive data breach - Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. Last month, a threat actor known as ShinyHunters began selling stolen ...
4 months ago Bleepingcomputer.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
11 months ago Jdsupra.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
11 months ago Jdsupra.com
Longhorn Imaging Center Files Notice of Data Breach Affecting Patients' Sensitive Medical Information - On October 25, 2023, South Austin Health Imaging LLC dba Longhorn Imaging Center filed a notice of data breach with the Attorney General of Texas after discovering that confidential information in the company's possession was subject to unauthorized ...
11 months ago Jdsupra.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)