Community Edition
Total Tests:
This Week:
Today:
Cyber Law Blog
Phobos Ransomware Admin Extradited From South Korea
November 21, 2024
Dark Web Crypto Mixer Founder Sentenced to Over 12 Years for Money Laundering
November 14, 2024
Global Сybercrime Сrackdown Takes Down Over 22K Malicious IPs And Servers
November 7, 2024
REvil Gang Members Sentenced
October 31, 2024
US Cop Indicted Over Buying Stolen Data
October 24, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Research exposes cyber security industry’s vulnerabilities

ITWeb
Tuesday, September 15, 2020

Moreover, 48% of the company’s Web sites did not comply with GDPR requirements – because of vulnerable software, they had no conspicuously visible privacy policy or cookie disclaimer when cookies contain PII or traceable identifiers.

Ilia Kolochenko, CEO & founder of ImmuniWeb, said: “Today, cyber criminals endeavour to maximise their profits and minimise their risk of being apprehended by targeting trusted third parties instead of going after the ultimate victims. For instance, large financial institutions commonly have formidable technical, forensic and legal resources to timely detect, investigate and vigorously prosecute most of the intrusions, often successfully.”

On the other hand, he said their third-party partners, ranging from law firms to IT companies, usually lack internal expertise and budget required to react quickly to the growing spectrum of targeted attacks and APTs. “Eventually, they become low-hanging fruit for pragmatic attackers who also enjoy virtual impunity. In 2020, one need not spend on costly 0days but rather find several unprotected third parties with privileged access to the ‘Crown Jewels’ and swiftly crack the weakest link.”

He advises organisations to have holistic visibility and inventory of their data, IT and digital assets to maintain a strong security and compliance posture. “Modern technologies, such as machine learning and AI, can significantly simplify and accelerate a considerable number of laborious tasks spanning from anomaly detection to false positive reduction.”

However, these tools need to be supplemented by the continuous monitoring of the deep and dark Web, as well as countless resources in the surface Web, including public code repositories and paste Web sites, he ends.

“You cannot protect your organisation in isolation from the surrounding landscape that will likely become even more intricate in the near future.” Read Full Article


Previous Media Publications:

IT World Canada: Cyber Security Today – How firms plan for cyber attacks, the failings of cybersecurity companies, Artech hit by ransomware and email bomb threats return

CIO: Les prestataires de cybersécurité sont-ils des cordonniers mal chaussés?

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential