Sunday , December 22 2024

A third of organizations admit to covering up data breaches

In a world where cybercrime is becoming more difficult to prevent, many security leaders are putting pressure on IT professionals to bury the truth.

New research released by cybersecurity vendor Bitdefender today surveyed over 400 IT and security professionals who work in companies with 1,000 or more employees. Bitdefender found that 42% of IT and security professionals surveyed had been told to keep breaches confidential — i.e., to cover them up — when they should have been reported.

Eight New ICS Advisories released by CISA

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...
Read More
Eight New ICS Advisories released by CISA

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...
Read More
Authority Denies  Hacker claim ransomware attack on Indonesia’s state bank BRI

London-based company “Builder.ai” reportedly exposed 1.2 TB data

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...
Read More
London-based company “Builder.ai” reportedly exposed 1.2 TB data

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...
Read More
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)  Sophos resolved 3 critical vulnerabilities in Firewall

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...
Read More
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability

Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...
Read More
CVE-2023-48788  Kaspersky reveals active exploitation of Fortinet Vulnerability

U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...
Read More
U.S. Weighs Ban on Chinese-Made Router TP-Link:  WSJ reports

Daily Security Update Dated: 18.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated: 18.12.2024

CISA released best practices to secure Microsoft 365 Cloud environments

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365...
Read More
CISA released best practices to secure Microsoft 365 Cloud environments

Data breach! Ireland fines Meta $264 million, Australia $50m

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach...
Read More
Data breach! Ireland fines Meta $264 million, Australia $50m

Perhaps even more shockingly, 29.9% of respondents admitted to actually keeping a breach confidential instead of reporting it.

This research highlights that an alarming number of organizations are willing to ignore their obligations to report data breaches to regulators and customers, in an attempt to avoid legal and financial penalties.

Cracking under pressure

The research comes less than a year after the FTC convicted former Uber CSO Joseph Sullivan for attempting to cover up a hack of Uber in 2016. The case highlighted that lying about data breaches is a serious criminal offense in many jurisdictions.

So why are so many tech leaders pressuring their staff to bury data breaches? The answer is that the cyberthreat landscape is becoming more and more demanding, with 52% of organizations experiencing a data breach within the past 12 months.

The five threats that respondents reported they are most concerned about are software vulnerabilities and zero-days (53.9%), phishing and social engineering (52.2%), supply chain attacks (49%), ransomware (48.5%) and insider threats (36.5%).

“Worldwide, organizations [are] under tremendous pressure to contend with evolving threats such as ransomware, zero-day vulnerabilities and espionage, while struggling with [the] complexities of extending security coverage across environments and an ongoing skills shortage,” said Andrei Florescu, deputy general manager and senior vice president of products at Bitdefender business solutions group.

While it’s difficult to guarantee that an organization will address cyber-incidents responsibly, proactive security leaders can look to decrease the chance of deceit by decreasing the burden on human security teams.

This includes investing in threat prevention, detection and response solutions that enable users to address and resolve security incidents faster, so that there is less impact on the organization and less exposure to legal and financial risk.

”The results of this survey demonstrate, more than ever, the importance of layered security that delivers advanced threat prevention, detection and response across the entire business while improving efficiencies that allow security teams to do more with less,” Florescu said.

Check Also

HSBC

HSBC sued by ASIC: customers allegedly scammed of $23 million

HSBC Bank Australia Limited did not sufficiently safeguard customers from scams that resulted in millions …

Leave a Reply

Your email address will not be published. Required fields are marked *