Shortly after the federal government suffered it’s largest and costliest data breach ever at the Office of Personnel Management (OPM), a post-mortem analysis found that the breach was entirely preventable, and the exfiltration of security clearance files of government employees and contractors could have been prevented through the implementation of two-factor authentication for remote log-ons.

Movies and TV would have us believe that data breaches are long, hard-fought battles between the good guy and the bad guy—and the bad guy wins. That could not be further from reality. Hackers are opportunistic. They want to spend as little time as possible getting into the system, getting what they need, getting out, and exploiting it as fast as possible.

Symantec’s 2018 Internet Security Threat Report is here. Based on data collected by Symantec’s massive security infrastructure (the largest civilian threat collection network in the world), the report has become the de facto standard for giving enterprises and public organizations essential information to help secure their systems effectively.

By the nature of the topic, the report isn’t an easy read. Expect to be perturbed. However, the insights provided into today’s rapidly evolving threat landscape are invaluable.

Another day, another government ransomware victim. On March 22^nd, 2018, the city of Atlanta found itself locked out of computers across government offices and facing a ransom demand of $51,000 or $6,800 per computer, GCN reported.

Ransomware is quickly becoming the favored means for criminals to extract a profit from unsuspecting villains – most notably in the public sector. Throughout 2017 ransomware grabbed the headlines – WannaCry, Petya, etc. – both of which targeted government agencies. When they succeed the implications can be serious.

Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.

The Threats

Microsoft Active Directory is a critical tool that helps system administrators manage user privileges and secure their IT infrastructure, yet Active Directory presents several security challenges. Most problematic is that Active Directory’s attack surface is huge. Targets for attack include every domain name user account, admin and security group, domain controller, backup, admin workstation, and admin delegations and privileges. If any one of these targets is compromised, your entire Active Directory can be compromised too.

The Threats

Ransomware tops today’s list of security concerns for governments, and no agency is immune. Just look at the statistics:

• Cook County, Chicago was a victim of last year’s WannaCry ransomware attack.
• St. Louis Public Library was hit with ransomware, demanding $35,000 in Bitcoin.
• Bingham County, Idaho paid out #3,000 in ransomware to restore its servers.

Cybersecurity skills shortages are nothing new. But new research shows that they are creating recruiting chaos.

How secure is your user access to AWS infrastructure and workloads? Security to protect every user’s access to apps, endpoints and infrastructure when moving to the cloud is a hot topic. AWS’ shared responsibility model means that security and compliance is just that, shared between AWS and the customer.