Our last post, discussed the risk posed by data tampering. While data theft gets headlines, data modification is an insidious threat that could cripple a business. File integrity monitoring (FIM) is a security control designed to detect the modification of critical data by regularly comparing files to a known, good baseline.

Most businesses are aware of the risks associated with data theft or exposure. The recent Equifax breach, which compromised the sensitive information of nearly half the U.S. population, is only the most recent in a series of cybercrimes in which massive amounts of data were exfiltrated.

Many people learned about encryption due to the rise of ransomware attacks. Hackers use encryption to effectively “scramble” a user’s files so that they cannot be read without the correct encryption key. The hackers then demand a payment, usually in Bitcoin, in exchange for the key needed to unlock the files.

In our last post, we talked about the rise of file-less malware that leaves little evidence of a cyberattack. It’s difficult enough to defend against known security threats, and virtually impossible to prevent these sneak attacks. That’s why organizations need an incident response plan for detecting security events and taking steps to minimize the damage.

“Clueless.” That’s the name of a 1995 teen comedy that became a surprise box-office hit and a cultural touchstone for an entire generation of Americans. It’s also a pretty good description of an insidious new malware threat that possesses none of the customary indicators of a network intrusion.

The IRS recently issued yet another warning about yet another scheme targeting taxpayers. Hackers send emails that appear to be official notifications from the FBI and urge users to click a link and download a questionnaire related to tax law changes and compliance.

In the previous post, we discussed the recent uptick in adoption of security information and event management (SIEM) solutions, and why SIEM will continue to be a primary focus of IT investments for the next few years. SIEM provides visibility into all sources of security data across the network and integrates this data in a single solution.

As more security managers embrace a proactive approach to security and prioritize real-time threat analysis, detection and response, spending on security information and event management (SIEM) solutions continues to increase. While Gartner has predicted 5 percent to 10 percent annual growth in the overall IT security market through 2020, sales of SIEM software rose by 15.8 percent in 2016.

SIEM combines security information management (SIM) and security event management (SEM) into a single solution, enabling organizations to take a more holistic, integrated approach to security.

Cybersecurity is a cat-and-mouse game in which IT professionals and cybercriminals continually refine their tactics in an attempt to stay one step ahead of one another. The evolution of web traffic encryption provides a good case study of this process.

Studies show that more than half of all web traffic is now encrypted, largely due to increased usage of HTTPS, the secure version of the Hypertext Transfer Protocol.

What’s the weakest link in your network security chain? It probably doesn’t involve hardware or software. Numerous industry and government reports find that more than 90 percent of all security incidents are the direct result of human error.

The recent WannaCry ransomware outbreak was a jarring reminder that even the most advanced security technology can be undone by mistakes and miscalculations.