The recently published IBM X-Force Threat Intelligence Index 2020 pointed out that over 8.5 billion records were compromised in 2019, a figure that’s more than 200 percent greater than the number of records lost in 2018. It also determined that scanning and exploitation of vulnerabilities have increased from just 8 percent of attacks in 2018 to nearly

Last week on Malwarebytes Labs, we explained how to battle online coronavirus scams with facts, discussed the persistent re-infection techniques of Android/Trojan.xHelper and how to remove it, provided cyber tips for safe online dating, and showed how Hollywood teaches us misleading cybersecurity lessons. We also released the 2020 State of Malware Report

When I was new to the security industry, I firmly believed that people got infected with malware because they didn’t know how to be safe online. I thought problems happened because computers were too complicated, or the technology was too daunting, or people were just too trusting and naive. But clearly I knew better. I saw the dangers lurking on the i

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i

Artificial intelligence (AI) excels at finding patterns like unusual human behavior or abnormal incidents. It can also reflect human flaws and inconsistencies, including 180 known types of bias. Biased AI is everywhere, and like humans, it can discriminate against gender, race, age, disability and ideology. AI bias has enormous potential to negatively affect

Organizations today have to balance the need for continuous evolution along the digital continuum with the need to protect their data and operations and keep cyber risk at an acceptable level. The chief information security officer (CISO) role is uniquely positioned to help organizations manage those dualities, but it requires a different set of leadership q

In Part 1 of the Plights of the Round Table, the executive staff of Camelot was working on the strategic plan for the following year.Morgan, the CEO, needs to decide how to spend her limited budget for the best interest of Camelot.Lana, the VP of Sales, thinks they should invest in horses for their knights.Susan, the CISO, would rather the money go to upgrad

Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled our eyes at silly people doing silly things. Other cybersecurity news: Stills and chills: A Reddit user notices their security camera is grabbing stills from other people’s devices. (Source: Reddit) Tik Tok, the clock has stopped: The US Mili

Not too long ago, there was a one-size-fits-all assumption about cybersecurity jobs. The security professional was hired to manage security systems and read logs — maybe handle audits and ensure industry compliance. Now, the job landscape for cybersecurity professionals is becoming more specialized, and even those specialized areas break down into even more

We’ve probably all seen that “perception versus fact” meme where there’s an assortment of pictures with captions like “what my family thinks I do,” “what my boss thinks I do,” “what I think I do” and “what I actually do.” People’s understanding of what cybersecurity professionals d

The global average cost of a data breach is now $3.92 million — a 12 percent increase since 2014. Fortunately, the average cybersecurity budget is also increasing alongside breach cleanup costs. How to prioritize your budget is never a simple question. However, there’s a lot of insight to be gleaned from industry studies on how chief information secur

Business environments are forcing organizations to rapidly evolve. Security and risk leaders are realizing that a modern security strategy requires dramatic changes to program governance, technology and execution. Yet many organizations managing their own security program can’t keep pace and lack the specialized skills and competencies needed to cost-e

Stress comes with the territory for chief information security officers (CISOs). As noted by Medium, the job is unpredictable, with “long periods of preparing, watching, waiting, punctuated by periods of high stress and occasional bruising.” As both vendors and cyberthreats proliferate, finding a balance between an effective cybersecurity strateg

A security awareness program is a critical part of any security strategy. It is not enough to simply hold everyone in the organization accountable. Chief information security officers (CISOs) must first train employees to practice proactive, conscientious security behaviors by convincing them that security affects them directly, not just the business. Buildi

National Cyber Security Awareness Month (NCSAM) highlights important security issues to help governments, businesses and individuals improve their online hygiene. One critical area to consider is the growing shortage of qualified security professionals, which is projected to reach 6 million unfilled positions across the globe by 2019. There are plenty of opp