With the promise of unprecedented potential, artificial intelligence (AI) and predictive analytics have permeated into every field of business. Due to their ability to help retail staff serve customers better, personalize video recommendations based on users’ preferences, reduce employee churn, and detect fraud and security threats, AI and predictive analysis are rapidly being adapted across industry verticals.
From credential theft to network vulnerability exploitation and ransomware incidents on highly secure organizations, the year 2020 has been surprisingly rough on IT security. In the wake of the COVID-19 pandemic, companies around the world are reporting more cyberattacks than ever before, and although the techniques used or the method of attack may be new, the vectors of attack over the years remain unchanged.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cyberattacks in the distributed workforce, this week we explore the concept of cybersecurity incident response during a pandemic.
A highly functional IT network is the basis of any successful modern business, and for effective operations, organizations must monitor the health and availability of all their IT infrastructure components and ensure they’re up and running 24×7. Uptime is the duration during which a network component is reachable and capable of operating efficiently. Typical networks use ICMP or TCP to communicate with devices and identify idle or inactive ones.
Remember when native commands like ping and ipconfig were adequate for network inspection? With networks becoming more dynamic, these generic tools don’t seem to make the cut anymore. IT admins are in a constant quest for ad hoc network tools and utilities that could aid specific network management needs. Using individual network diagnostic tools, on the other hand, requires constant tab switching, and comparing data pulled by independent network tools to pinpoint your network issue.
Most of us can think of a time when we received a phishing email. In fact, most phishing emails are easy to identify, and automatically go to spam. However, in this ongoing pandemic, hackers are adopting advanced tactics that cleverly conceal their malicious intentions, and fly under the radar by leveraging the victim’s fear, anxiety, or plain negligence.
Common Vulnerability Scoring System (CVSS) scores have been viewed as the de facto measure to prioritize vulnerabilities. Vulnerabilities are assigned CVSS scores ranging from one to 10, with 10 being the most severe. However, they were never intended as a means of risk prioritization. If you’ve relied on CVSS scores alone to safeguard your organization, here’s why you’re probably using them incorrectly.
As file storage grows rapidly year after year, new challenges arise around keeping data safe and maintaining control over data storage systems. Who owns which files? Whose files take up what volume of enterprise storage? Which files have become obsolete? How many copies of a file exist, and where? Are there any stale files that contain sensitive data? These questions require up-to-date answers to ensure that business, compliance, and data security needs are easily and effectively met.
A critical Active Directory vulnerability (CVE-2020-1472) has been making headlines for being the most notorious elevation of privilege bug because it can affect all computers and domain controllers in an organization. This high-risk vulnerability, dubbed Zerologon, gives threat actors easy, instant access to domain controllers without requiring any additional privileges. This attack does not even require a user to be authenticated; the user just needs to be connected to the internal network.
ServiceDesk Plus, ManageEngine’s flagship IT service management (ITSM) solution, has been named a Niche Player in this year’s Gartner Magic Quadrant for IT Service Management Tools. The Magic Quadrant offers insights for organizations shopping for an ITSM tool for their business needs. The research names some vendors based on strict inclusion criteria that includes vision, capability, size of operations, number of large customers, and more.
