The survey reveals that almost half (48%) of organizations with a cyber insurance policy had to enhance their security posture to meet the insurer’s requirements. Among those, 30% made changes simply to be eligible for the policy compared to 22% a year ago. 18% of respondents say they implemented additional security measures in order to reduce the cost of a policy, down from 28% in 2023. What’s more, almost 1 in 5 (19%) insured organizations used their cyber insurance policy within the last 12 months.

The most common security measure required by insurers in 2024 is multi-factor authentication, named by 75% of respondents (up from 65% in 2023), followed by patch management (55%) and regular cybersecurity training for employees (49%). Moreover, insurance companies are now more likely to require advanced security solutions. Indeed, in 2024, 45% of respondents named IAM among the requested security measures in place, up from 38% in 2023, and 42% said the same about PAM compared to 36% in 2023.

“One thing insurance providers understand well is risk management. They know that, sooner or later, adversaries with enough motivation and resources will infiltrate an IT environment,” says Ilia Sotnikov, Security Strategist at Netwrix. “PAM makes it harder for attackers to move laterally through the environment and escalate their privileges, and it ensures they will create more noise along the way. All this gives the security team the opportunity to detect and respond to attacks in time to prevent significant losses. And minimizing the loss (e.g., the payout request) is exactly what insurance providers are looking for.”

Learn how a logistics firm secured a cyber insurance renewal by implementing a PAM solution in just two months here.

Related News:

Netwrix Solutions Expanded Its Global Partnership Network by 36%

2024 Cybersecurity Trends to Expect Released by Netwrix

The post Organizations with Cyber Insurance had to Improve Security to Meet Requirements appeared first on Digital IT News.

“Growing security awareness at the executive level means a better understanding that the risks of security gaps extend far beyond downtime and data loss. As a result, more organizations are investing resources into audits to investigate the root cause of security incidents to prevent similar events in the future,” explains Ilia Sotnikov, Security Strategist at Netwrix.

1 in 6 (17%) organizations estimated their financial damage from cyber security incidents to be at least $50,000. In addition, the share of those who faced no financial consequences dropped from 47% to 38% compared to last year. To mitigate the risk of financial loss from data breach, organizations often opt to purchase cyber insurance. Indeed, 62% of respondents confirmed having a cyber insurance policy or planning to purchase one within 12 months. Almost 1 in 5 (19%) insured organizations used their policy last year.

“Considering the high chances of a payout request, it’s no wonder the requirements for obtaining a policy have become stricter. The survey shows that insurers are now more likely to require identity and access management as well as privileged access management,” says Dirk Schrader, VP of Security Research at Netwrix. “These solutions significantly complicate the privilege escalation for the attacker and their lateral movement. As a result, the security team has more time to spot suspicious activity and respond to the attack before any serious damage occurs.”

Other notable survey findings include:

• Phishing is still the most common attack vector both on premises and in the cloud: 74% of respondents suffered this type of cyberattack.
• Account compromise attacks in the cloud spiked, with 55% of respondents reporting them in 2024, compared to 39% in 2023, 31% in 2022, and just 16% in 2020.
• Targeted attacks on premises continue to intensify: the share of those who suffered this type of attack increased by 42%, from 19% to 27%.
• Interest in implementing AI tools surged: This year, 28% of respondents named it among their top IT priorities compared to only 9% in 2023.

“The interest in AI is surging across enterprises – both within the security department and outside. The introduction of AI tools like Copilot to assist with regular business processes raises a new scope of associated security gaps. Since Copilot relies on native access controls within Microsoft 365, it can access all data a user can. If the user has been granted inappropriate access to content, then sensitive information can quickly spiral out of control,” warns Ilia Sotnikov. “Implementing and maintaining a strict least-privilege model is a good start to address the risks associated with Copilot and similar AI-powered business tools.”

Download the 2024 Hybrid Security Trends Report to learn about IT architecture, Security challenges, and security incidents and more here.

Related News:

Netwrix Solutions Expanded Its Global Partnership Network by 36%

Olympic Games Traveling Tips from Netwrix to Avoid Being Scammed

The post Security Incidents Spotted by Organizations in the Past Year, Up 68% appeared first on Digital IT News.

One such mathematical problem happens to be at the core of all current encryption standards. These standards have been a cornerstone of IT security worldwide for decades because, without the decryption key, decrypting data takes so long that the process is rendered pointless. However, quantum computers will not have this limitation, which will make current encryption standards useless.

Although quantum technology is not likely to reach this milestone for 5–10 years, malicious actors are already harvesting encrypted data from both public and private organizations, in anticipation of being able to decrypt and leverage it later. This article identifies the organizations most at risk and provides recommendations on how to mitigate the threat.

Who is at risk?

Harvest now, decrypt later (HNDL) attacks focus on data that will retain its value until quantum-powered decryption becomes available to unlock it, such as sensitive business information, research data and intellectual property. HNDL attacks do not target transactional data or payment card information, which lose value relatively quickly due to expiration or obsolescence.

Consequently, top targets for HNDL attacks include government bodies, especially those associated with the military. For example, back in 2015, the US Office of Personnel Management suffered a breach of approximately 21.5 million records. Some of this data is so sensitive, that its future decryption can impact lives and national security even decades after adversaries obtain it. 

Hospitals and other healthcare organizations are also at high risk for HDNL attacks. Medical records are already valued higher than, for example, credit cards or PII on the dark web. Personal healthcare information like medical conditions, histories, or genetic information is of enduring value. Breaches of health data often have a direct impact on the data subjects, which can be used to extort the victim organization and serve as a foundation for a wider attack.

Commercial organizations with long research and development cycles, such as those in the manufacturing and pharmaceutical sectors, are also in danger of having their data harvested. The nature of their business means that research can last over a decade and therefore stolen data is likely to be valuable for years.

Five Steps to Mitigate the Risk of HNDL Data Breaches

1. Identify the types of data being stored.

Technical and business teams should work together to assess the types of data that the organization possesses, along with the value and shelf life of each data type. This initial business risk assessment will drive the technical mitigation strategy. Executive buy-in is essential because project urgency, depth and costs will vary greatly depending on the results of the assessment.

2. Discover the data.

Once the organization knows which data is useful to adversaries, it needs to concentrate its security efforts on what really matters. Data discovery and classification will provide a clear understanding of the scope of the project, and visibility into data access rights will offer insight into data exposure.

3. Mitigate data risks.

Next, the organization should ensure that all data likely to be targeted in HNDL attacks is difficult to access by implementing additional security controls around it. Start with network security basics like VPN-only access to the most critical data and network segmentation. Then, rigorously enforce the least privilege principle by eliminating unnecessary permissions. Consider implementing just-in-time (JiT) access so that access privileges exist for only as long as needed.

4. Stay alert.

HNDL attacks are more likely to go undetected than other types of attacks. For example, ransomware infections become obvious as soon as the cybercriminals freeze business operations and demand a ransom. But HNDL attackers work hard to stay unnoticed so they can continue to silently harvest data for as long as possible.

To spot HDNL attacks, organizations should establish ongoing monitoring and threat detection. They should also consider implementing threat hunting, either in-house or through a third-party vendor. Security analysts will regularly examine logs for suspicious activity that could indicate adversaries lurking in the environment or signs of data exfiltration, enabling further investigation. Understanding the motivation of HNDL threat actors and which data is most attractive to them results in more tailored threat hunting.

5. Stay informed.

Quantum computing is a very expensive technology, so it is likely to appear not in someone’s basement but rather as a dedicated state-level project. Nevertheless, the threat is real and efforts to combat it have been underway for several years. In 2022, the US National Institute of Standards and Technology (NIST) announced the first 4 quantum-resistant cryptographic algorithms. In 2023, US President Biden issued a declaration that threats resulting from advancements in quantum computing constitute a national emergency.

Organizations whose assessments reveal that they are at high risk from HNDL attacks are more likely to participate in the NIST workgroups and be early adopters of new quantum-resistant encryption algorithms. The rest of us need to stay aware and learn from these early implementations.

The power of action

If organizations follow encryption best practices, the sensitive data harvested in HNDL attacks will not be immediately useful to cybercriminals. However, the rapid advancement of quantum computing technology makes it likely that they will be able to decrypt the stolen data in the near future. At that point, the victim organization could suffer serious consequences, from damaging its reputation to jeopardizing its very existence. Accordingly, it is crucial that all public and private businesses that hold evergreen sensitive data acknowledge the risks associated with data harvesting and take steps to prevent data breaches.

Related News:

Netwrix Solutions Expanded Its Global Partnership Network by 36%

Olympic Games Traveling Tips from Netwrix to Avoid Being Scammed

The post Harvest Now, Decrypt Later: Data Stolen Today Is at Risk in the Future appeared first on Digital IT News.

Over the last two years, the Netwrix team has successfully integrated partners from four acquired companies in North America and Europe, enabling them to take full advantage of the complete Netwrix portfolio. In addition, Netwrix expanded its presence in the Asia-Pacific (APAC) region. The recent partnership agreement with Nihon Cyber Defence, headquartered in Japan, aims to accelerate the delivery of Netwrix solutions to the world’s fastest-growing cybersecurity market.

“The increasing complexity of the IT infrastructure that organizations are working in requires a comprehensive approach to cybersecurity. We are thrilled to provide our customers with Netwrix solutions that safeguard sensitive data both on-premises and in the cloud. Together, we will help organizations reduce both the risk and the impact of a breach,” said Cartan McLaughlin, Founder and CEO of Nihon Cyber Defence.

“We stay committed to our channel-first strategy. We aim to provide our partners with easy access to deal registration, training, and marketing materials for our solutions that enable organizations to secure their Active Directory, govern access to sensitive data, manage privileged accounts, secure passwords, and many more. By growing our businesses together with the partners, we ensure a brighter digital future for organizations around the globe,” says Steven Hollins, Chief Revenue Officer at Netwrix.

For more information about Netwrix solutions for its growing global channel Partner Program, visit the website here.

Related News: 

Key Enhancements Made to Netwrix Products and DLP Capabilities

2024 Cybersecurity Trends to Expect Released by Netwrix

The post Netwrix Solutions Expanded Its Global Partnership Network by 36% appeared first on Digital IT News.

The post Olympic Games Traveling Tips from Netwrix to Avoid Being Scammed appeared first on Digital IT News.

Solutions with notable key enhancements include the following:

Endpoint security solution:

• Netwrix Endpoint Protector, the most recent addition to the Netwrix portfolio, protects data stored on employee workstations and laptops from accidental loss, unauthorized sharing, and malicious exfiltration. Continuous DLP across Windows, macOS, and Linux endpoints reduces the attack surface and mitigates the risk of a breach.
  
  
• Netwrix PolicyPak now enables organizations to solve endpoint management and protection challenges for workstations and laptops with ARM processors without affecting end-user productivity.

Identity and access management (IAM) solution:

• Netwrix GroupID now empowers customers to remediate security risks while reducing manual effort from the IT team by streamlining user and group management in Google Workspace in addition to Active Directory, Entra ID (former Azure AD), and Microsoft 365.

Privileged access management (PAM) solution:

• Netwrix Privilege Secure now ensures consistent control over privileges across both Microsoft SQL Server and Postgres and provides seamless database migration.

Password security solution:

• Netwrix Password Secure further reduces vulnerability to brute-force attacks by significantly increasing the iteration count for key derivation functions, improving client and server authentication hashes, and strengthening personal user key encryption.

Active Directory (AD) security solution:

• Netwrix Enterprise Auditor (formerly Netwrix StealthAUDIT) now reduces the risk of data breaches by identifying sensitive data and detecting suspicious activity around this data on Qumulo and Nutanix servers. 
  
  
• Netwrix Change Tracker facilitates compliance with a broad selection of new CIS Benchmarks and Compliance Reports templates.

“With 73% of organizations having a hybrid IT infrastructure and 69% of those who are currently on premises only planning to start cloud adoption soon, the complexity of IT architecture becomes a major challenge for data security,” says Michael Tweddle, Chief Product Officer at Netwrix. “Netwrix keeps focusing on delivering strong, consistent security measures across the whole on-premises and cloud infrastructure to empower our customers to face digital threats with confidence.”

For more information and to learn more about key enhancements, visit the website.

Related News:

2024 Cybersecurity Trends to Expect Released by Netwrix

Enhancements to Netwrix Data Security On-Premises and in the Cloud

The post Key Enhancements Made to Netwrix Products and DLP Capabilities appeared first on Digital IT News.

According to the survey, 64% of companies in the manufacturing sector suffered a cyberattack during the preceding 12 months, which is similar to the finding among organizations overall (68%). However, it turned out that the manufacturing sector experiences more cloud infrastructure attacks than any other industry surveyed. Among manufacturing companies that detected an attack, 85% spotted phishing in the cloud compared to only 58% across all verticals; 43% faced user account compromise in the cloud as opposed to 27% among all industries; and 25% dealt with data theft by hackers in the cloud compared to 15% for organizations overall.

“The manufacturing sector relies heavily on the cloud to work with their supply chain in real time. This makes their cloud infrastructure a lucrative target for attackers — infiltrating it enables them to move laterally and potentially compromise other linked organizations, as happened to one the world’s top meat processing companies. Credential compromise or malware deployed via a phishing email is just the beginning of the attack,” says Dirk Schrader, VP of Security Research at Netwrix.

“The attack surface in the cloud is always expanding, so it’s critical for manufacturing companies to adopt a defense-in-depth approach,” adds Ilia Sotnikov, Security Strategist at Netwrix. “First, they must rigorously enforce the principle of least privilege to limit access to sensitive data, which ideally includes just-in-time access to eliminate unnecessary entry points for adversaries. They also need to gain deep visibility into when and how critical data in the cloud is being used so that IT teams can promptly spot potential threats. Finally, they need to be prepared to minimize the damage from incidents by having a comprehensive response strategy that is regularly exercised and updated.”

To learn more about security trends across the manufacturing sector, check out the report.

Related News:

2024 Cybersecurity Trends to Expect Released by Netwrix

Enhancements to Netwrix Data Security On-Premises and in the Cloud

The post Manufacturing Sector Encounter More Attacks than Any Other Industry appeared first on Digital IT News.

According to the report, within the last 12 months, 77% of financial organizations detected a cyberattack, compared to 68% among other industries. Phishing and ransomware were the most common types of attacks across all sectors.

“Financial organizations are highly targeted by cybercriminals for several reasons. First, these organizations store large volumes of valuable information, which adversaries are naturally eager to steal. Moreover, they manage access to funds, which means any operational disruption is highly problematic. Accordingly, ransomware gangs may believe that financial institutions are more likely to pay a hefty ransom than other potential victims,” says Dirk Schrader, VP of Security Research at Netwrix.

The financial sector also experiences more targeted attacks on their IT infrastructure than other sectors. Indeed, 39% of financial organizations reported targeted attacks on their cloud infrastructure and 26% suffered targeted attacks on their on-premises footprint, higher than the 30% and 19%, respectively, reported among organizations overall.

“Because finance is a high-risk and highly regulated sector, financial organizations tend to have a more mature IT team, better security controls and more vigilant employees. As a result, attackers must leverage targeted attacks with more sophisticated techniques to infiltrate their IT environments,” says Ilia Sotnikov, Security Strategist at Netwrix.

The financial sector also reports higher expenses as a result of cyberattacks than other industries. In fact, 24% of financial organizations estimated their damage from incidents to be at least $50,000, compared to just 16% among organizations overall. To mitigate this risk, 73% of respondents in the financial sector either have a cyber insurance policy or plan to acquire one within the next 12 months, compared to just 59% of organizations in other industries. However, given the sector’s risk profile, insurance companies impose stricter security requirements on financial organizations: 49% of them needed to improve identity and access management (IAM) and 48% had to comply with privileged access management (PAM) requirements, compared to 38% and 36%, respectively, in other sectors.

To learn more about security trends, check out the complete 2023 Hybrid Security Trends Report or the financial organizations findings read Additional Findings for the Finance & Banking Sector from Netwrix.

Related News:

2024 Cybersecurity Trends to Expect Released by Netwrix

Enhancements to Netwrix Data Security On-Premises and in the Cloud

The post Financial Organizations Experience More Cyberattacks and are Costlier appeared first on Digital IT News.

Dirk Schrader, VP of Security Research, and Ilia Sotnikov, Security Strategist, share five trends expected in the 2024 coming year:

1. Cyber insurance requirements will tighten. With successful cyberattacks leading to increasing payouts, insurers will require more organizations to have strong security measures in place to qualify for a policy or to reduce premiums. Common requirements today include multifactor authentication (MFA), patch management and regular security training for business users. In 2024, identity and access management (IAM) is likely to join that list, especially for the enterprise sector. What’s more, we expect insurers to partner with managed service providers (MSPs) to help ensure a minimum level of security at small and midsize companies.
   
   
2. Attackers will increasingly harvest encrypted data, even if they cannot yet unlock it. Quantum computing is advancing rapidly, so forward-thinking cybercriminals will be stealing encrypted data that they cannot unlock with today’s technology but that they might soon be able to decrypt. The top targets will be organizations with large volumes of sensitive data, such as government and defense agencies, financial and legal firms, and large corporations with valuable intellectual property. To reduce risk, organizations should not treat encryption as a panacea but instead build a multi-layered strategy that includes data classification, risk assessment and mitigation, and incident detection and response. In addition, they should remember that data harvesting can go unnoticed when there is no immediate ransom demand or other visible consequences, and improve monitoring of activity around their sensitive data, including encrypted content.
   
   
3. AI tools will make it easy for cybercriminals to glean the details they need. AI will enable threat actors to swiftly locate personal details required for convincing phishing emails and to mine databases of stolen credentials to launch effective password-based attacks. To reduce risk, organizations must require strong, unique passwords, tightly control privileged access, and invest in identity threat detection and response (ITDR) solutions. 
   
   
4. Phishing emails will be harder to spot and expand in non-English-speaking countries. In the past, phishing emails were riddled with grammatical errors and typos, and were usually in English. In 2024, however, AI tools will make it much easier for attackers to craft convincing emails in any language. To fight back, organizations need to update their phishing training and make it easy for users to report suspicious messages. IT teams in non-English speaking regions also need to warn users about the growing likelihood of getting malicious emails in their native language. 
   
   
5. Everyone will be at risk from security fatigue. User identities are a key target of adversaries because compromising just a single account gets them into the IT ecosystem. But inundating users with warnings from tools like mail agents and requiring them to attend frequent awareness training can backfire, resulting in security exhaustion that can lead to the errors and negligence that the organization was trying to prevent. A more effective strategy is to adopt a Zero Trust model based on least privilege. In addition, tailor awareness training to the needs of specific groups of employees to make it easier to absorb.

“Criminals will be taking advantage of AI and machine learning — but so should the security community,” says Ilia Sotnikov. “These technologies can help quickly connect the dots across multiple data sets, giving them the broader context required to spot even sophisticated cyberattacks in their early stages. Plus, they can respond faster and more effectively because they can see exactly what happened and which accounts, data and other assets were involved.”

Learn how Netwrix is preparing for the 2024 expected cybersecurity trends.

Related News:

Enhancements to Netwrix Data Security On-Premises and in the Cloud

2023 Gartner Magic Quadrant Has Recognized Netwrix a Visionary

The post 2024 Cybersecurity Trends to Expect Released by Netwrix appeared first on Digital IT News.

The post Enhancements to Netwrix Data Security On-Premises and in the Cloud appeared first on Digital IT News.