The recently published IBM X-Force Threat Intelligence Index 2020 pointed out that over 8.5 billion records were compromised in 2019, a figure that’s more than 200 percent greater than the number of records lost in 2018. It also determined that scanning and exploitation of vulnerabilities have increased from just 8 percent of attacks in 2018 to nearly

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i

Business environments are forcing organizations to rapidly evolve. Security and risk leaders are realizing that a modern security strategy requires dramatic changes to program governance, technology and execution. Yet many organizations managing their own security program can’t keep pace and lack the specialized skills and competencies needed to cost-e

I frequently receive calls from identity and access management (IAM) leads at companies that just purchased an identity governance and administration (IGA) tool. They say, “I just bought this tool so I can automate the access recertification process, but where do I start? The pressure to succeed with this project is already starting to get out of contr

What is the cost of security in your company? Regardless of size, companies must prioritize the security of their business, customers, clients and partners. According to Forbes, Bank of America’s Chairman and CEO Brian Moynihan reported that the business spent $400 million on cybersecurity in 2015. He also noted that cybersecurity was the only sector w

Many CISOs tell us one of their most difficult challenges is identifying, hiring and retaining top security talent with the skills, experience and passion to protect their organizations’ valuable brand against the dynamic cyberthreat landscape. It’s for this reason CISOs often turn to managed security services providers as a strategy to partner a

Since we last reported on a version of the ELF Linux/Mirai malware containing cryptocurrency coin-mining tools in April, the IBM X-Force has noticed a steep increase in the volume of coin central processing unit (CPU) mining tools used in cyberattacks, specifically those targeting enterprise networks. According to IBM Managed Security Services (MSS) data,

It’s hard to escape the reality that every day, cyberthreats morph and expand, escalating the need to improve and tighten security operations and response practices. While it may feel overwhelming, there are ways to help level the playing field. Cognitive computing and machine learning are new technologies that can empower security practitioners to foc

Cybercriminals and their tactics are becoming increasingly sophisticated. Given the rash of widespread, devastating attacks thus far in 2017, this trend shows no signs of slowing down. It’s no longer enough to simply implement incident response solutions. Today’s threats require a dedicated team of security experts to maximize these tools with

Not one, not two, but six of the most recent analyst reports evaluating the major Identity and Access Management-as-a-Service (IDaaS) vendors positioned IBM Cloud Identity Service as an overall market leader in cloud-based identity and access management (IAM). The market is crowded with both startups and large IDaaS vendors, making this is a big win for IBM

For the past few years, the security industry has seen a gradual move away from traditional, resource-heavy endpoint protection agents to next-generation solutions in response to the increasing sophistication of malware, cybercriminal tactics and the threat landscape at large. Traditional host intrusion detection systems (HIDS) built on signature-based det

IBM X-Force Red marked its first-year anniversary with the addition of security specialists, including Space Rogue, who increases the team’s impressive roster of talent. Hello, my name is Space Rogue. Well, actually, it’s Cris Thomas, but the security community is most likely to recognize my work over the past two decades under my pseudonym. The

John McAfee turned some heads in the security community two years ago when he declared that the virus protection software industry, which he is widely credited with creating 30 years ago, is dead. “In 1987, new applications for the Windows platform were being developed and released at a rate of about one new application per month,” he wrote. &#

We’ve all heard that when it comes to experiencing a data breach, the question is not if it will happen, but when. You may be wondering about the actual odds of it happening to your organization. Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Po

Exploits, data breaches and ransomware campaigns are succeeding despite increased public awareness about these threats. New victims are found, old targets are rediscovered and people want to know how this keeps happening. It isn’t because people don’t care. In the past three years, according to Google Trends, the subject of hacking has generated