The Roundup – February

 According to the 2019 Verizon Data Breach Investigations Report (DBIR), the click rate in phishing simulations is around 3%. Importantly, the DBIR analyzes data across the entire cybersecurity landscape and produces aggregated metrics. Aggregated analysis can provide unique insight into the overall trends of an industry. However, metrics at such a large scale may not be exactly what they seem.

At the end of January 2020, the U.S. Department of Defense (DoD) approved the Cybersecurity Maturity Model Certification (CMMC) with plans to apply this new standard to up to 3,000 subcontractors by the end of 2020. How does this apply to your organization?

As usual‭, ‬January was full of security news‭, ‬breach reports‭, ‬and new information‭. ‬To start‭, ‬a report was leaked revealing that several months ago administrator accounts were breached on the United Nations’s domain‭. ‬42‭ ‬core servers were compromised‭, ‬and it happened because of an unpatched vulnerability on a SharePoint server‭. ‬Patch‭ ‬your stuff‭! On January 27th‭, ‬stolen credit cards from the breach that Wawa recognized in December were posted for sale online‭. Not good. On the other hand, ‬on January 30th prosecutors dropped criminal charges against the two men that were previously held on‭ $‬100,000‭ ‬bail for breaking into‭ ‬a courthouse during a contracted penetration test‭. Thats good! Have anything you’d like to include for this month‭? ‬Contact us‭! ‬Happy February‭!‬