Companies are expected to spend up to $55 billion dollars on efforts to comply with the California Consumer Privacy Act (CCPA), which is still working out its final rules after going into effect this month.
While it’s true that having a SIEM is better than forgoing network monitoring all together, a standalone SIEM solution is simply insufficient in today’s cybersecurity landscape. Hackers and other bad actors have become more sophisticated — many of today’s cybercriminals can easily outsmart a standard SIEM setup.
The reality is that most companies and entities are entrusted with sensitive data. As regulations tighten and consumer expectations rise, it is more important than ever to protect data, whenever it is gathered, accessed, shared, or stored. Let’s take a look at a few of the newsworthy data breaches that happened in 2019. Often, studying these cases can inform SecOps teams about what not to do.
In October, 2019 a MixMode customer experienced an incident where an external entity attacked a web server located in their DMZ, compromised it, and then pivoted internally through the DMZ to attempt access of a customer database. While the attacker was successful in penetrating the customer’s network, MixMode was able to detect the event before they were successful in penetrating the customer database.
Web applications are a necessary part of doing business in 2019. Walk into any department in any company — large or small — and employees likely have several web app browsers on their screen that are making their job function easier. We are talking the sites that modern day businesses depend on: Google Cloud, Slack, WordPress, DropBox, PayPal, Shopify, Salesforce…and the list goes …