Stay in the know with “The week in cybersecurity news,” a weekly report on all the industry headlines released every Friday. Sign up to get the report in your inbox every week.

Cyber criminals are spending more money on offense than businesses are on defense

Cyber criminals are spending 10x more per year than organizations do to secure themselves. These numbers speak volumes. With over one trillion dollars spent per year by cyber criminals on developing exploits and finding vulnerabilities, it is no surprise that cyber-attacks are in the news every day.

While organizations develop solutions to combat these threats, the money that is involved in cyber-crime is staggering. New tools, techniques, and vulnerabilities are released by the millions and businesses are left with the only option; counter-punch.

Attackers are becoming more sophisticated in their techniques and methodologies. If the statistics stay on-track, 2018 will be a year for the record books in successful data breaches.

Read the full story here.

Who is leading the fight when the State Department is failing at basic cyber-security standards?

Corporations are growing to adapt to changes in the threat-landscape. With the increases in credential theft and privileged account abuses, multifactor authentication is a mainstay in any organizations’ cyber-security arsenal. Solutions, such as multifactor authentication, increase the level of difficultly to compromise systems and users alike.

However, a recent inspection found that only 11% of devices, within the State Department, had this technology implemented. Just to be clear, the State Department drives the Central Intelligence Agency. The types of attackers that target such entities are not novices; but are armed with nation-state funding and tools. Read the full story here.

Defenses need to improve, across the board. This has been mandated by the Federal Cybersecurity Enhancement Act. This act included the requirement for multifactor authentication.

Another Airline Hacked: British Airways data breach included almost 400,000 bank cards.

Just last year, 75,000 flyers were left stranded when a British Airways IT system incident occurred. This year, a data breach leaves 380,000 payment cards in the hands of cyber-criminals. The breach was a direct result of their website and app being exploited by attackers.

There has been an increase in concern around companies that store full bank card information sets, due to such breaches. In this case, card numbers, CVV codes, expiration dates, email addresses, and names were all included.

As an industry, we must provide constant and consistent due-diligence in testing these types of systems that care for sensitive customer data. Identity theft has become all too common and the financial well-being of customers is at stake.

Read the full story here.

Telling the C-Suite that your organization is bound to get hacked?

Brace for impact…

Times are changing and the message to organizations is simple; it is not a matter of if, but when. Relaying this message to the board and C-Suite is a task that requires cold hard facts and a plan. It has become the new normal that organizations must be prepared to stop cyber-attacks when they happen and limit the damage if they are successful. Here are some tips to tell your board if you have a security breach.

Once organizations have accepted this hard pill to swallow, it is time to start building the defenses. Shorten time to detection, increase visibility, and limit the exposure of the critical data. Breaking it down for the board needs to happen right now.

Read the full story here.

Teaching cybersecurity to our youth – finally

A high school in Virginia is taking cybersecurity lessons to their students. With cybersecurity and technology effecting the lives of nearly every living human being, the timing is right for this type of education. Teaching our youth about cybersecurity is important for different reasons with the most important and obvious being awareness.

However, malicious cyber-threat actors are not created in a lab. It begins when they are young. If cybersecurity education and pathways can be relayed to them early, they may not choose the dark side. Once our youth has been shown the paths to succeed in the cybersecurity industry, we are reaching the root of a larger issue. Such methods may create more cybersecurity professionals than cybercriminals in the future.

Learn more about this high school’s cybersecurity mission here.

50 Billion Dollars in costs to German industry due to cyber-attacks

German engineering companies create modern marvels and that is well known. However, two-thirds of German manufacturing companies were hit with cyber-attacks. Manufacturing organizations are experiencing a wave in cyber-attacks. The sensitive data that they produce is critical to their competitors gaining the competitive edge.

Pairing this targeting with outdated and antiquated manufacturing systems, the targets are easily exploitable. The German manufacturing industry is on the front radar of cyber criminals with no signs of slowing down. Once a target has been placed on an industry and money is being raked in by criminals, it’s game-time.

Read the full story here.

Voting security with Blockchain

The benefits of Blockchain security are becoming well-known across the industry. However, could it possibly solve the complex problem of voting system security? Democracy Earth is working on that exact solution to fixing the vulnerable nature of voting systems worldwide.

Creating viable solutions to combat the threat of campaign and voter fraud is an area that was not previously thought of. The solutions needed to meet this threat must be stronger than the industry standards for cybersecurity. Blockchain just may be the answer to this paramount issue.

The potential applications for Blockchain security do not stop with voting systems. Blockchain security can be used to create strong, confidential, and private links to disrupt the traditional methods that are used to exploit systems, people, and processes alike.

Read the full article here.