To more effectively reduce risk and capitalize on the capabilities, intelligence and experience of both the corporate application security team and the product security team, John Scimone, Dell Technologies Chief Security Officer, recommends converging these programs. Once converged, the security organization will see immediate benefits. Here, Scimone explores why organizations should converge these teams and the benefits.
You seem to be interested in what's here, but haven't registered for an account yet or perhaps haven't logged in.
When you create an account, we will be able to remember what you've already read, so you can pick up exactly where you left off when you come back.
Oh, and it'll also get rid of this really annoying box.....
Only 1 in 5 say critical infrastructure organizations should pay ransom if attacked
Cerberus last edited by
In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84% of respondents believe ransomware attacks will become more prevalent in the second half of 2021. The Colonial Pipeline attack caused massive disruptions to gasoline distribution in parts of the US this month, resurfacing preparedness for ransomware attacks as a front-burner topic for enterprises around the world. Colonial reportedly authorized a ransom payment of US $4.4 million. In the ISACA survey, four out of five survey respondents say they do not think their organization would pay the ransom if a ransomware attack hit their organization. Only 22% say a critical infrastructure organization should pay the ransom if attacked.
It's hard to disagree with these findings. If you pay a ransom once, you'll
- Land up on a "suckers list" meaning that you've paid once, and are likely to do it again. These details are shared amongst illegal and underground communities, so beware
- If you suddenly have budget to pay cyber criminals to get access to your own data, then by definition, you have budget available for backups, disaster recovery, and BCP.