Admin - RH-ISAC - Page 11 of 11 Blog

The last few years have been challenging for cybersecurity departments who were forced to adapt quickly to rapid digitalization in the face of the COVID-19 pandemic. An expanded attack surface has presented new opportunities for cyber criminals, but developing technology holds possibilities for more efficient protection. Here are just a few of the cybersecurity predictions…

The last few years have seen a dramatic rise in high-profile ransomware cases, leading CISOs to bump ransomware planning to the top of their list of initiatives. However, just as companies have adapted to guard against this threat, ransomware gangs have adapted in turn, employing additional layers of extortion focused on exposing customer data. A…

Any company operating a modern information technology environment can fall victim to system-encrypting ransomware. But not every company has fallen victim. Do companies that experience an operations-impacting ransomware event have poor cybersecurity hygiene? Or is the quality of cybersecurity hygiene not a factor in the frequency of ransomware events? To answer these questions, RiskRecon analyzed…

As the retail and hospitality industry moves into 2022, what were once unprecedented times have become the new normal, and though many businesses face lingering challenges, the results of this year’s CISO Benchmark Survey also reveal a desire to invest in the digital future. A majority of respondents across all sized companies, from small to…

As RH-ISAC welcomes 2022, we would like to take a moment to reflect on the accomplishments of 2021, made possible only by the dedication and resilience our member community has shown. Despite the challenges thrown at the industry, from the pandemic to major security events like the Log4j vulnerability, our members have continued to come…

RH-ISAC recently partnered with Associate Member SecurityScorecard to produce a report that details the most common vulnerabilities, critical severity issues, and malware strains observed among RH-ISAC member companies. SecurityScorecard is the global leader in cybersecurity ratings, which are used for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. SecurityScorecard provides companies with an…

On Thursday, December 9, Apache published a zero-day vulnerability (CVE-2021-44228). Known as “Log4Shell”, this vulnerability is a critical remote code execution vulnerability in Apache’s Log4j software library, which is of extreme concern to the security community due to its widespread usage and potential for exploitation. This flaw impacts Apache Log4J, versions 2.0 to 2.14.1, a…

According to the Cyber Readiness Institute, 63% of data breaches result from weak or stolen passwords. Putting a strong password policy in place is one of those first lines of defense that sounds so easy, but can realistically be hard to implement, as it depends on the cooperation of all the employees in your organization….

RH-ISAC held its first-ever Security Awareness Symposium in October. The event was designed to help professionals in the retail and hospitality industries hone their security skills and gain clarity on the biggest cybersecurity issues their companies face. The morning began with remarks from Suzie Squier, RH-ISAC president, and Ed Adams, president and CEO of Security…