Moving Target Defense Blog

Make 2019 the year you focus on the ROI of your cyber security initiatives.

By now you’ve heard all the 2019 predictions from cybersecurity vendors and practitioners. As every year, many are insightful and thought-provoking, some meant to invoke self-serving fear and doubt about the next big threat, others just repeats from the year prior.

Data Shows Careless Employee Behavior Make the Holidays the Most Challenging Time of Year for Enterprise Security Teams

The holiday season is fraught with consumer fraud. Holiday shoppers - both in-store and online - open themselves up to substantially higher risk without even knowing it.

Cybersecurity is an enormous investment with even more enormous consequences for mistakes. To build an optimal security stack you need to balance residual risks with total cost of ownership of the cyber security stack and with minimal disruption to operations.

So far, 2018 has turned out to be anything but business as usual, at least on the cybersecurity front. The revelation about CPU vulnerabilities Meltdown and Spectre (and all the offshoots); the explosion in cryptojacking – which is likely even more widespread than current estimates; the lightning speed at which the newest sophisticated attack technology is adopted by mass market criminals.

We all wish we were smarter. And I believe that the vast majority of people, in some way, strive to GET smarter.

As someone who has been involved in the cybersecurity industry for years, and watched it evolve, I see countless companies in this market using the aspect of intelligence to position themselves as being smarter than others. But if you have to proclaim your intelligence, are you actually smart? Or even smarter than me? Or than the next company?

If you’ve stayed at any large hotel chain in the past year, there’s a good chance your personal details have been compromised. According to Verizon’s 2018 Data Breach Investigations Report, the accommodation industry had one of the highest number of breaches, second only to healthcare. 

Morphisec is honored to have received awards in three out of six categories at this year's Midmarket CIO Spring Forum. The annual Vendor Excellence and Midmarket CIO Awards recognize leaders in technology collaboration. 

Over 77% of all cyber crimes target small and midsize enterprises. According to the 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) report by the Ponemon Institute, cyberattacks cost small and medium-sized businesses an average of $2,235,000.

Last month I discussed cybersecurity effectiveness, particularly in regards to the growing threat of fileless attacks. But effectiveness is only one piece of the equation.

First and foremost businesses still need to go about their business. Unfortunately, it has long been the case that the more effective a cybersecurity tool is, the slower and more intrusive it is and the more effort it takes to manage it. The complexity and pain of managing – not buying, managing! – security tools often forces companies to reconcile themselves to unacceptable exposure, for example to security-related business disruption, for want of resources to manage cumbersome defensive technology.

Modern manufacturing technology brings improved quality and efficiency at lower costs. It also brings greatly increased cyber risk. Deloitte and MAPI’s (Manufacturers Alliance for Productivity and Innovation) recently published a report which takes a hard look at the effect of current manufacturing trends on cyber risk. The study found that, while manufacturers are beginning to prioritize cybersecurity, they have a long way to go. Read the report, “Cyber Risk in Advanced Manufacturing,” to see their findings and recommendations to be “secure, vigilant and resilient.”

Hedge funds are coming under increasingly heavy fire from attackers and regulators alike. A 2015 report issued by the SEC that examined more than 100 financial companies found that 88 per cent of broker-dealers and 74 per cent of investment advisers have experienced a cyberattack directly or through one or more of their vendors.