Ready for battle. Experts have been sounding the battle cry for years, but if this last month is any indication, enterprises face an even more diverse and persistent threat landscape as the number, type, and complexity of advanced cyber-attacks and incidents escalate.
Let’s start on the firmware front, which has been identified as an increasingly active enterprise target. According to a March 2021 Security Signals study, more than 80% of enterprises have experienced at least one firmware attack in the past two years. But here’s the kicker: Less than a third (29%) of security budgets are allocated to protecting firmware, and 21% of respondents said their firmware data is unmonitored, leaving most companies radically exposed. The survey found budgets channeled to fund security updates, vulnerability scanning, and advanced threat protection solutions—all critical investments, for sure. But firmware is getting overlooked, perhaps due to lack of awareness and automation, the survey suggested.
Firmware attacks are popular with attackers because they are a bounty for sensitive data, including credentials and encryption keys. Common detection products and general logging tools also can’t peer into firmware, and vulnerabilities allow attackers to remain on a computer even after it’s wiped, putting it further in the bull’s eye. Firmware attacks are popular with attackers because they are a bounty for sensitive data, including credentials and encryption keys. Moving on, there’s the issue of ransomware—another festering problem for the enterprise security team. Cyber criminals are making and demanding more money than ever before. The average ransomware payments spiked 171% in 2020, surging to $312,000. But get this: Th ..
Support the originator by clicking the read the rest link below.
