From the front lines of incident response engagements to managed security services, IBM Security X-Force observes attack trends firsthand, yielding insights into the cyber threat landscape. Every year, X-Force collates billions of data points to assess cybersecurity threats to our customers. This report — the X-Force Threat Intelligence Index 202

With manufacturing cybersecurity threats on the rise, what should companies know about protecting their digital assets in the future?  Risks to Security in Manufacturing The number of ransomware incidents involving the manufacturing sector increased 156% between the first quarters of 2019 and 2020. Later in 2020, ransomware actors demanded $17 million

For enterprises operating in Europe, the European Commission’s December 2020 EU Cybersecurity Strategy may dictate how you go about improving cyber resilience. The 2020 EU Cybersecurity Strategy underlines the important role of cybersecurity for a growing EU economy and reinforcing user confidence in digital tools. The publication goes beyond cybersec

Starting off on the right foot in digital defense today means having good Cloud Security Posture Management (CSPM). Although it can be challenging to adopt, this set of strategies and tools manages and orchestrates cloud security in ways other tactics don’t. It shows gaps might arise between organizations’ stated cloud defense policies, their ac

The MITRE adversarial tactics, techniques and common knowledge (ATT&CK) framework brings pooled knowledge from across the cyber defense community, including revealing what threat actors are up to and how best you can defend against them. Let’s take a look at what MITRE offers and how this framework goes hand-in-hand with developing a security

Security leaders need to cut through the hype when it comes to artificial intelligence (AI) security. While AI offers promise, buzzwords and big-picture thinking aren’t enough to deliver practical, useful results. Instead, using AI security correctly starts with knowing what it looks like today and what AI will look like tomorrow. Improved curation, e

The cybersecurity skills gap continues to be a real issue, but there may finally be a light at the end of the tunnel. For the first time, the skills gap has decreased, according to (ISC)2’s annual Cybersecurity Workforce Study.  This study defines the skills gap as “the difference between the number of skilled professionals that organizatio

Humanity has been through a number of industrial revolutions since the 1760s, and is now at its fourth cycle of sweeping industrial innovation, known as Industry 4.0. It is characterized by the ongoing automation of traditional manufacturing and industrial practices using modern smart technology. As such, it inherits risks and threats that apply to connect

Cyberattacks can cause major loss of revenue for businesses and other groups of all sizes. As a result, cybersecurity insurance is being discussed more and more. The prospect of getting money back after an attack becomes increasingly appealing. But, is it right for every organization? What are the pros and cons? Who already has it? And, who needs cybersecur

In a previous post, we focused on organizations’ characteristics, such as sector, geography, risk and impact, when discussing the pillars of building a threat identification program. Now, we move deeper into the concept and expand upon the threat identification process through example scenarios, helping translate the conceptual framework into daily pr

There is a saying in sociopolitical circles: “politics is downstream from culture.” Using that same line of thinking, poses a question: Is information security downstream from data privacy? In order to tell the difference between security and privacy and how they feed in to each other to achieve both, we’ll look at the

When I was growing up, snow days (days off for inclement weather or heavy snowfall) weren’t uncommon. We’d get 24 hours or so of freedom, then mother nature would eventually step in and resolve the problem. But today’s kids are dealing with a new kind of snow day, one mother nature can’t help with — ransomware. Unlike a snow da

A nimble organization needs to be ready for growth — and cuts. Sometimes business closure or shutting down a unit is needed, either as part of the evolution of a company, as part of a company’s growth via merger and acquisition, or as the result of restructuring or for some other reason, such as a loss of business from a pandemic.  If busin

This is the fourth in a five-part blog series on managed detection and response as it drives strategic security outcomes for businesses. More and more managed detection and response (MDR) providers need to recognize their place among multicloud platforms. Today’s businesses often have data scattered among different cloud providers. Most vendors offer

The universe is getting smaller, and space cybersecurity is keeping up. On May 30, 2020, nearly a decade after the Space Shuttle program ended, people witnessed a first: a vehicle built as part of a public-private partnership (between SpaceX and NASA) took off into space. This development was transformational because it brought the world one step closer to