Enterprise, Internet Security

How do companies protect against a security breach?

It is no secret that any criminal will have his eyes on the biggest piece of cake he can acquire….

It is no secret that any criminal will have his eyes on the biggest piece of cake he can acquire. It is no different when it comes to cybercriminals. And for them, their favorite desserts are the big tech companies. That is why it is so important for every company to do what they can to protect against a security breach.

With huge amounts of sensitive/customer data around, exploiting just one company can give access to information worth millions of dollars!

No matter how protected business databases tend to be, hackers have very often been able to effectively slip through corporate security defense systems.

One recent example is the Petya Ransomware, a cyber attack predominantly targeted on Ukraine that caused havoc all across Europe and various other parts of the world with an estimated damage of more than $300 million to businesses – most of them being government organizations.

While large tech-companies invest millions of dollars on advanced defense systems, they are often defeated by stronger players in the wilds of the internet. It’s events like these that have pushed tech companies in stepping up their cybersecurity game like never before.

 

So, what do companies do to protect against a security breach?

 

Identity and access management (IAM) systems

Traditionally, identity management has been broadly defined as the set of policies, processes, and technologies used for managing access to information systems through the right individuals. It is the core network responsible for safeguarding digital data while effectively tracking system activities.

Even though the system itself is quite complex, the concept is simple – enhancing the privacy of data by limiting the various associated attributes to certain interactions.

 

Restricting use of unnecessary hardware and software

The higher the number of software or hardware connected to the network- the higher the number of possible exploits. Even though, software companies that sell their products to various IT firms make sure they are immune to cyber attacks, using a redundant program just isn’t worth taking the risk.

More often than not, giant tech firms make sure that different departments of their organization have devices connected to different servers, so that, even if one gets breached, the rest stay secured.

 

Background checks and constant monitoring

While IT firms carefully monitor for possible malware trying to attack their systems, there have been a good number of instances of intrusion from inside the network. No matter how high-caliber cybersecurity a company has, nothing can stop sensitive data from being stolen if it is operated by someone having a different purpose.

Lately, tech-firms have started resorting to serious background checks and screenings before giving access to important information to their employees.

 

IT training

Tech-firms and hackers, both, are well aware of each others’ goals! What that means is hackers know that their potential targets have taken the mandatory measures to try to keep them at bay from attacking their servers. Cyber culprits, however, have more than a dozen ways of sneaking into systems which they successfully achieve by capitalizing on human error.

Tech-firms have paid significant attention on developing a corporate culture focusing on security training programs aimed at teaching their employees the risks of negligent use of networks, phishing content, careless password management and improper disposal of information.

 

Encrypting Data

While having sensitive data stolen is a nightmare itself, things get a lot worse when this stolen data can be used for the wrong purposes. One way to keep data safer is by converting it into a code which can be decoded only by the entity with the decryption key. This doesn’t mean hackers might not have a solution of converting encoded information into a readable form. However, it certainly makes things harder for someone trying to obtain unauthorized access.

 

Strong Passwords and Password Managers

Using strong usernames and passwords should be a no-brainer. However, what is more important is properly storing them and that is where a password manager comes to play.

Password managers are software that saves usernames/passwords and keeps them encrypted. However, the risk here is the software itself as it is the master program containing all the passkeys. A security issue with it is enough to create a potential security risk.

 

Having information stolen is the last thing any organization would want to happen, especially if it is that of their clients. Not only it is a matter of reputation, a company might face serious legal issues for not being able to protect their customer’s information.

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet Security

Oregon passes bill to establish legal control standards for digital assets

Key Takeaways Oregon passed Senate Bill 167 to update commercial laws and include digital assets in the UCC. The new law allows digital assets to be used as collateral and recognizes electronic records and signatures. Share this article Oregon has enacted Senate Bill 167, updating the state’s commercial laws to incorporate digital assets into the

Key Takeaways

  • Oregon passed Senate Bill 167 to update commercial laws and include digital assets in the UCC.
  • The new law allows digital assets to be used as collateral and recognizes electronic records and signatures.

Share this article

Oregon has enacted Senate Bill 167, updating the state’s commercial laws to incorporate digital assets into the Uniform Commercial Code (UCC).

The legislation, signed by Governor Tina Kotek on May 7, introduces UCC Article 12, which creates a legal framework for digital assets including crypto assets, tokenized records, and electronic money.

The bill amends Article 9 to allow digital assets to be used as collateral in secured transactions. It also updates several UCC articles to recognize electronic records, signatures, and hybrid transactions to support digital commerce.

The new law includes transitional provisions that maintain the validity of transactions made before the act’s effective date and provides a one-year period for existing security interests to comply with the new regulations.

Before these changes, there was legal uncertainty about how digital assets fit into existing commercial laws, especially when used as collateral or transferred between parties. The UCC amendments clarify how rights in these assets can be legally controlled, perfected, and enforced.

Apart from SB 167, House Bill 2071 is another crypto-related bill introduced in Oregon.

This proposed legislation focuses on blockchain and digital asset rights. It is aimed at protecting and promoting the use of Bitcoin and other digital assets in the state by limiting regulatory barriers and clarifying the legal framework for blockchain-based activities.

Some of the highlights of the bill include a prohibition on state and local governments from restricting or impairing a person’s ability to accept digital assets as payment for lawful goods and services, as well as the right to conduct peer-to-peer transactions via blockchain or digital asset networks.

The bill is still in the early stages of the legislative process and has not yet advanced to a vote in either the House or the Senate.

Unlike most US states, Oregon lawmakers have not proposed any bill to create a state Bitcoin reserve as of now.

Share this article

?xml>
Read More

Continue Reading
Internet Security

White House rejects parts of Trump advisers’ sovereign wealth fund proposal

Key Takeaways The White House has rejected parts of a sovereign wealth fund proposal created by Trump’s advisers. The details of the sovereign wealth fund are still under debate with no final decisions announced yet. Share this article The White House has opposed certain elements of a sovereign wealth fund proposal developed by Treasury Secretary

Key Takeaways

  • The White House has rejected parts of a sovereign wealth fund proposal created by Trump’s advisers.
  • The details of the sovereign wealth fund are still under debate with no final decisions announced yet.

Share this article

The White House has opposed certain elements of a sovereign wealth fund proposal developed by Treasury Secretary Scott Bessent and Commerce Secretary Howard Lutnick at President Trump’s request, according to a new report from CBS News.

The plan, reportedly delivered by early May, follows Trump’s February executive order directing the Treasury and Commerce departments to develop a framework for a US sovereign wealth fund within 90 days.

The order fueled speculation that the fund might be used to acquire Bitcoin on behalf of the US government.

However, at the time, Bessent and Lutnick said that the fund would indeed focus on warrants, equity, and other non-crypto investments. Still, David Sacks, Trump’s crypto czar, indicated that Bitcoin could be included in the fund’s portfolio.

That no longer appears to be the case after Trump signed a separate executive order establishing a strategic Bitcoin reserve and a digital asset stockpile on March 6, which suggests a standalone approach to crypto holdings.

There were also rumors that the fund might be financed through tariffs and other revenue sources despite ongoing budget deficits. But Lutnick later clarified that tariffs would not be used to support the sovereign wealth fund.

According to the CBS News report, White House spokesperson Kush Desai said the Treasury and Commerce Departments have developed plans in response to Trump’s directive, but no final decisions have been made.

The administration, Desai added, continues to view the initiative as part of its broader effort to safeguard national and economic security.

Details of the fund’s structure and purpose remain under discussion, with no formal announcement expected in the near term.

Sources say Trump has not yet decided how the fund’s proceeds would be used, though he has previously floated the idea of it taking a stake in TikTok, which faces a potential US ban unless ByteDance divests.

Regarding the US Strategic Bitcoin Reserve and the Digital Asset Stockpile, Bessent and Lutnick are also tasked with outlining operational guidelines, custody frameworks, and acquisition strategies. These plans are expected to remain separate from the sovereign wealth fund initiative and are designed to be budget-neutral.

Share this article

?xml>?xml>?xml>
Read More

Continue Reading
Internet Security

Crypto Security Breach at Lido DAO Triggers Governance Response

TLDR Lido DAO started an emergency vote to rotate a compromised Chorus One oracle The exploit drained ETH balance and likely resulted from a hot wallet private key leak The issue is restricted to one oracle and is not system-wide Cybersecurity remains a critical issue for cryptocurrency and DeFi Over $2 billion in crypto was

TLDR Lido DAO started an emergency vote to rotate a compromised Chorus One oracle The exploit drained ETH balance and likely resulted from a hot wallet private key leak The issue is restricted to one oracle and is not system-wide Cybersecurity remains a critical issue for cryptocurrency and DeFi Over $2 billion in crypto was […]
The post Crypto Security Breach at Lido DAO Triggers Governance Response appeared first on Blockonomi…
Read More

Continue Reading
Internet Security

CZ Shares Security Warning After Ledger Discord Hack Exposes User Data

Changpeng Zhao (CZ), founder and former CEO of Binance, shared a security warning after receiving a message regarding a hack of Ledger’s Discord admin account, where a scammer falsely claimed a security flaw and urged users to enter their recovery phrases on a phishing site. Zhao highlighted two critical lessons: the necessity of never sharing

Changpeng Zhao (CZ), founder and former CEO of Binance, shared a security warning after receiving a message regarding a hack of Ledger’s Discord admin account, where a scammer falsely claimed a security flaw and urged users to enter their recovery phrases on a phishing site. Zhao highlighted two critical lessons: the necessity of never sharing [……
Read More

Continue Reading