One week after Equifax announced the settlement terms of its recent breach, two new breaches are making headlines. First, various outlets reported this week that Capital One, among the top 10 banks by asset size in the US, was victimized by a hacker that gained access to more than 100 million customer accounts and credit card applications in early 2019. The hack is one of the largest data breaches to ever hit a financial services firm. What got compromised? The stolen data includes 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers and an undisclosed number of names, addresses, credit scores, credit limits, balances and other personally identifiable information.
“Deception systems can service many different buyer types and needs, from simply being the only detection system a smaller company owns, to augmenting a more robust detection practice at more mature firms, to highly targeted vertical specialization needs, such as IoT and medical devices.”
As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike.
It's no secret that SOCs are overwhelmed. Many organizations are under constant attack, but SOC teams are so barraged by alerts that they can’t discern real from noise. If you missed our webinar with Forrester, Improving SOC Efficiency with Deception, watch it here. Learn how a deception technology approach can end the nonstop "hamster wheel" reaction cycle—and significantly boost both incident response (IR) capabilities and the overall productivity of security operations teams.
The CyberEdge Group recently released its 2019 Cyberthreat Defense Report (CDR), capturing the current perceptions of IT security professionals from 17 countries, 6 continents, and 19 industries. The report, co-sponsored by Illusive, delivers unique insight into their views of cyberthreats, current defenses, and planned security investments.