A new report from Juniper Research found that the cost of data breaches will rise from $3 trillion each year to over $5 trillion in 2024, an average annual growth of 11%.

This will primarily be driven by increasing fines for data breaches as regulation tightens, as well as a greater proportion of business lost as enterprises become more dependent on the digital realm.

The research noted that while the cost per breach will steadily rise in the future, the levels of data disclosed will make headlines but not impact breach costs directly, as most fines and lost business are not directly related to breach sizes.

Cybercrime is increasingly sophisticated; the report anticipates that cybercriminals will use AI which will learn the behavior of security systems in a similar way to how cybersecurity firms currently employ the technology to detect abnormal behavior.

The research also highlights that the evolution of deep fakes and other AI-based techniques is also likely to play a part in social media cybercrime in the future.

In spite of cybersecurity becoming increasingly part of corporate culture, it is not necessarily gaining traction with system users. As a result, Juniper Research expects that security awareness training will become an increasingly important part of enterprise cybersecurity practice.

The gains that can be made by increasing human awareness of cybersecurity can make more efficient use of cybersecurity spending, which Juniper Research expects to rise by only 8% per annum in the forecast period.

from Help Net Security https://ift.tt/2Hv1Tl3

According to a survey of 476 IT security professionals at Black Hat USA 2019, nearly one in four (24%) said they would take company information to help apply for a position at a competitor.

The Gurucul study also found that managed service providers or MSPs (34%) and developers (30%) pose the leading sources of third party risk, and that if someone was to commit fraud it would most likely occur in the finance department (32%).

“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” said Craig Cooper, COO from Gurucul.

“Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organizations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”

Report highlights

• Nearly one in four people (24%) would take company information to help apply for a role at a competitor
• Nearly one third (32%) of IT security pros think that finance is the department most at risk for fraud
• Almost three fourths (74%) of respondents tightened up third-party access because of third-party breaches
• The third parties that most concern respondents are MSPs, followed by developers
• 44% of respondents spend at least one hour a day on non-work related web sites (including 32% of those in retail)
• The larger the organization, the more likely it is that workers will surf the web for fun while at work
• Browsing social media sites is the most popular non-work related online activity.

from Help Net Security https://ift.tt/2LcjxuL

Actian, a leader in hybrid data management, cloud data warehouse, and data integration technology, announced the availability of the new Actian Zen embedded database for mobile and IoT.

Actian Zen is designed to support edge applications and analytics with a single, secure, modular and scalable platform. As data proliferates at the edge, Zen offers the ideal solution for software developers who want dedicated application data management to deliver business-critical services across a wide range of operating environments, from Android and iOS phones to medical sensors and surveillance drones.

“Mobile and IoT applications are generating massive amounts of data that need to be managed all the way from the edge to the cloud,” said Lewis Carr, Senior Director of Product Marketing at Actian. “We recognized a market need for an embedded, nano-footprint, NoSQL and SQL, multi-platform database to support a wide range of mobile and IoT applications. Zen fills that gap and enables developers to fully harness data at the edge.”

Actian Zen connects mobile and IoT devices to gateways, the cloud and traditional on-premise databases and integrates with a broad spectrum of programming languages, offering common APIs and a single database across a wide range of data types, deployment targets and projects to reduce risk and streamline operations. With Zen, enterprises never have to compromise when it comes to performance and security at the edge, on-premise, in the cloud or in hybrid environments.

Actian Zen offers new features for mobile and IoT applications including:

• EXIF data structure
• JSON and BLOB support
• Time-series data support
• 64TB single file size
• Quadrupled block size for faster data transfer between devices, gateways and cloud environments
• AES 256-bit, military-grade encryption.

Actian Zen offers best-in-class performance compared with NoSQL and SQL alternatives to help developers, data scientists, IT analysts and product managers support distributed analytics, data management and integration at the edge.

Actian Zen is a zero-DBA, zero-ETL architecture that supports Microsoft Windows, Linux/embedded Linux, iOS, and Android platforms, bringing enterprise-grade database capabilities and performance to the edge on any 32/64-bit Intel or ARM platform.

“When configuring Actian Zen for mobile and IoT, we knew IoT security was the crux of data management among edge applications,” said Desmond Tan, Senior Director, Zen Engineering at Actian. “Adopting a highly secure and zero-ETL architecture is key to compliance and reducing risk. Actian Zen delivers superior encryption and security in a single, scalable, modular platform with a host of added features, providing performance and functionality not found across Edge and IoT environments yet architecturally compatible with Cloud and Data center implementation.”

from Help Net Security https://ift.tt/2MGy84H