The rising adoption of digital processes in manufacturing has fundamentally changed how this sector does business. The increased reliance on digitization and network connectivity has sharpened the risks of company data exfiltration, intellectual property damages, and more, especially those stemming from insiders. Insider threat actors operate from a position of trust that allows them to circumvent security and evade detection for months, if not years. Manufacturing ranks among the top five industries with the highest reported insider breaches and privilege misuse. In Verizon's Data Breach Investigations Report, nearly 40% of the cybersecurity incidents in manufacturing traced to insiders, including partners and third-party vendors. The same report outlined 57% of database breaches to an insider within the organization. According to a CISA report, the manufacturing sector reported the highest number of insider attacks among companies in the critical infrastructure sector. These incidents can be perpetrated by employees of all ranks, contractors, third-party vendors, and partners resulting in severe damages to businesses of all sizes. IBM's annual Insider Threat report estimates the average cost of insider attacks rose by 31% in 2020 to $11.45 million from the previous two years, and the number of insider incidents climbed by 47%. Insider security breaches in manufacturing are now an impending reality requiring companies to safeguard themselves. This article dives deeper into the dynamics and challenges leading to the rise of insider incidents in manufacturing and ways to mitigate those.

Research data shows insider threat is a dominant risk in the healthcare industry. According to the 2019 Verizon Insider Threat Report, insider threats affected 46% of healthcare organizations. Healthcare is the only industry where insiders were responsible for a higher percentage of breaches than external threat actors (Figure 1). In addition to healthcare staff, contractors, executives, and former employees collectively contribute to the problem.

Social engineering is an insidious way of getting "insider access" into an organization's network and data. Threat actors use it to gain sweeping access to carry out sophisticated attacks while evading detection. This "insider" leeway of social engineering makes it an alarming threat that cybercriminals are routinely exploiting now more than ever.

Remote learning is now an inevitable reality for academic institutions. Even before the pandemic, remote learning was on the rise. The pandemic has only made that trend more pervasive and dominant across institutions, most notably among the public schools. The Multi-State Information Sharing and Analysis Center (MS-ISAC), a federally funded threat intelligence and cybersecurity advisory organization, recorded a 19% increase in cyberattacks targeting K-12 schools in the 2019-2020 school year. Based on the rising trends of alerts from the academic sector, MS-ISAC projects the number of cybersecurity incidents targeting institutions to jump by 86% in the upcoming academic year.

Nowadays, financial institutions are the custodians of more than just money. They are also keepers of sensitive personal and financial data. As the financial sector leans more towards the cloud and other digital technologies, this data is exposed to cybersecurity threats

October is a month that generates much buzz amongst the cybersecurity community. It’s National Cybersecurity Awareness Month (NCSAM) – a time when security professionals work around the clock to raise awareness of growing cyber risks amongst general user communities.

Ransomware has become an annual event for many organizations, costing them millions in lost productivity and revenue. While there have been some notable successes in fighting off this threat, the industry as a whole must continue strengthening its resolve in order to safeguard against future attacks. Part of this can come down to recognizing the role that users and employees play in fighting off these attacks and providing them with info and tools they need to help reduce risks.

This podcast is brought to you by Veriato.com. Today, Michael Owens, the Business Information Security Officer at Equifax, joins Dr. Christine Izuakor to discuss the risk that ransom attacks on a service providers such as Kaseya can have on their downstream client organizations.   The Kaseya ransomware attack is an eye-opener of sorts. The rising success of ransomware attacks lies in bringing business operations to a grinding halt. In attacks similar to Kaseya, several downstream organizations are forced to stop their operations. The recovery period runs into several days, if not weeks.  Whatever be the size of your company, today, every organization has to rely on third-party solutions and personnel. As supply-chain exploits keep rising, the question that looms large for security leaders is "how to keep organizations safe in an era of Kaseya and Solarwinds attacks"?

In 2020, ransomware attacks increased by 150% from the previous year, and ransom payments grew by 200%. That trend is up in 2021. Within the first six months of this year, many high-profile ransomware attacks targeting critical infrastructure, municipalities, financial institutions, healthcare, and other businesses have hit the headlines. The impact of these attacks spans beyond the victim enterprise, affecting their ecosystem of partners, supply-chain, customers, and even the government.

The escalation in cybersecurity breaches as seen in 2020 has continued well into 2021. According to Verizon’s 2021 DBIR, so far they have looked into 29,207 incidents worldwide. These incidents boiled down to 5,258 confirmed data breaches. An analysis of these breaches shows: 85% of breaches involved a human element. 61% of breaches involved credential data. 10% of breaches involved ransomware, double the previous year. Cloud-hosted assets were compromised more than on-premises assets. Many of these breaches were financially motivated, targeting sensitive data that can be easily monetized and lucratively too. Human negligence, consistent with previous years, was the biggest threat to security. Cybercriminals are heavily exploiting social engineering tactics to gain a foothold in enterprise infrastructure. The human factor, intentional and otherwise insider threats, needs serious attention.