Cyber security roundup.
Acronis has released their Cyber Protection Week Survey. According to the data, while 80% of organizations are simultaneously running up to 10 different protection and cybersecurity solutions, more than 50% still experienced downtime from data loss last year. Additionally, 43% of IT users don’t know if their anti-malware is equipped to tackle zero-day threats. That means they haven’t been seen those before and don’t match any known malware signatures. Why? Their solution doesn’t make that information easily available.
On top of this, a 10% of IT professionals have no idea whether their organization is subject to data privacy regulations.
In that context, Ubitquity Networks has disclosed a breach. Their statement says it was “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name the third party.” An independent researcher speaking to Krebs On Security, who has filed with European data protection authorities, says it was much worse – “catastrophic”. The company isn’t explicitly denying the reports.
And as we go broader, US Cyber Command and the Department of Homeland Security should be publishing their analysis of the SolarWinds espionage attacks. It was due to come out this week, but so far, it hasn’t.
Why do we care?
10% of pros don’t even know if their organization is subject to data privacy regulations? Yeah, that’s scary. I said earlier this is a core competency. That needs to be zero.
This lack of knowledge about both regulations and technology is just generally scary. Now layer on lack of disclosure requirements, which is clear in Ubiquti’s case… you can see where this is going for sure. Sure, it’s a big market opportunity, but it’s also a giant bullseye target.