Microsoft announced it is buying cybersecurity firm RiskIQ to help companies as cyber threats increase.
RiskIQ's software allows organizations to monitor their entire networks — including operations running on various cloud providers — and its threat intelligence research helps businesses understand and mitigate potential risks.
Cybersecurity is an ongoing conversation in organizations especially after the major ransomware attacks on critical infrastructure. It's no doubt companies having cybersecurity at the top of mind.
Microsoft has also had its own cybersecurity challenges this year: breach of the company's Exchange email service in March, potentially giving the group access to data from tens of thousands of organizations, including state and local governments, academic institutions, infectious disease researchers and businesses.
Prior to the acquisition, RiskIQ had raised more than $80 million from investors. Most recently, it raised a $15 million Series D round announced last June aimed at helping integrate the company's software into critical infrastructure, including to protect against nation-state adversaries. At the time, RiskIQ said it served 30% of the Fortune 500 and 6,000 organizations globally.
A new McAfee report shows that Canada is among the countries where hackers are trying a new tactic for bypassing protections from macro-based malware in Microsoft Office.
The hacker will send a phishing email with a Microsoft Word document attached. If the document is opened, a password-protected Microsoft Excel file is downloaded.
Microsoft Office has macros turned off, however, the phishing message says the document was created in a previous version of Word, and asks the victim to click on the ‘Enable editing’ and Enable content’ buttons which then enables macros to run.
“Malicious documents have been an entry point for most malware families,” the blog notes, “and these attacks have been evolving their infection techniques and obfuscation, not just limiting to direct downloads of payload from VBA, but creating agents dynamically to download payload as we discussed in this blog. Usage of such agents in the infection chain is not only limited to Word or Excel, but further threats may use other living off the land tools to download its payloads.”
People should not open emails or click on any attachments without ensuring it is a verified sender.
Cybersecurity is crucial in healthcare settings considering the plethora of confidential information that is held in healthcare databases.
How to set processes to ensure patient data is safe:
1. Conduct a risk analysis
A full risk analysis will show what systems need protection. Not all systems contain sensitive information, and they might not need the same safeguards. With a risk analysis, you can start looking into what processes should be implemented and system safeguards that need to be put in place for each system.
2. Implement EMR Access Auditing
Electronic Medical Record system (EMR) audits can be done by utilizing a patient privacy monitoring system that does the work for you can help streamline this process and ensure any suspicious accesses to patient information are flagged and reviewed in a timely manner.
3. Ensure appropriate access for third parties/business associates
By making sure third parties or business associates only have access to patient data that they need and nothing more than that can help keep healthcare organizations safe. Here are some ways you can maintain visibility and control:
4. Educate staff on protecting patient information
Ongoing education and support is just as important as the other points listed. Staff should receive opportunities to learn about cybersecurity and get training so they are aware of the risks, and how to mitigate them.