2018 marks the 15^th year of the National Cybersecurity Awareness Month, a government/industry effort – observed every October – that works to ensure every American has the resources they need to “be safer and more secure online” and educating everyone about the roles they play in helping to safeguard the internet.

As hackers get more sophisticated, endpoint protection (EP) systems have grown more sophisticated. While no one claims to catch everything, endpoint protection matures each year. Let’s see what modern EP products have to do these days.

Each year, the cyber security community puts out new statistics on data breaches. While certain sectors face a different mix of threats, many of them evolving year-after-year, once constant remains – the deficit between the time a system is compromised and the time that breach is discovered.

Government agencies are moving to the cloud. It’s been a recurring message for a number of years, but in 2018 new statistics from Gartner give us concrete data on cloud spend: local governments spend 20.6% of their IT budget on cloud, while national governments spend 22%.

In a year in which we’ve witnessed the carnage of the Atlanta ransomware attack and U.S. government agencies remain on high alert about possible Russian cyber-attacks against U.S. critical infrastructure and electoral systems, new research shows that the cybersecurity landscape is evolving quicker than agencies can respond.

On Tax Day, 2018, the unthinkable (but not unexpected) happened. The IRS’ IT system crashed after a hardware issue took down a number of apps including those that interface with third-party tax preparation software as well as the IRS Direct Pay application.

IRS IT Systems are Decades Old

Shortly after the federal government suffered it’s largest and costliest data breach ever at the Office of Personnel Management (OPM), a post-mortem analysis found that the breach was entirely preventable, and the exfiltration of security clearance files of government employees and contractors could have been prevented through the implementation of two-factor authentication for remote log-ons.

Movies and TV would have us believe that data breaches are long, hard-fought battles between the good guy and the bad guy—and the bad guy wins. That could not be further from reality. Hackers are opportunistic. They want to spend as little time as possible getting into the system, getting what they need, getting out, and exploiting it as fast as possible.

Symantec’s 2018 Internet Security Threat Report is here. Based on data collected by Symantec’s massive security infrastructure (the largest civilian threat collection network in the world), the report has become the de facto standard for giving enterprises and public organizations essential information to help secure their systems effectively.

By the nature of the topic, the report isn’t an easy read. Expect to be perturbed. However, the insights provided into today’s rapidly evolving threat landscape are invaluable.

Another day, another government ransomware victim. On March 22^nd, 2018, the city of Atlanta found itself locked out of computers across government offices and facing a ransom demand of $51,000 or $6,800 per computer, GCN reported.