Authentic8 Blog Category: News

2019 in Review: Data Breach Statistics and Trends

What were the most significant data breaches in 2019? Will ransomware still be a threat in 2020? (Spoiler alert: It’s forecast to be worse than ever.) Which industries were attacked most?

*

We have put together a shortlist of overview articles, surveys, and posts worth returning to for use as a quick reference to consult in 2020.

2019 Data Breach Hall of Shame

Cnet’s Rae Hodge revisits the biggest data breaches of the past year, and she has two words for readers: “unsecured database.” Two years after we posted this, security researchers report more unintentional leakage than ever in 2019.

According to Risk Based Security, (reported) breaches were up 33% over 2018, with a total of 7.9 billion exposed records. As early as in November, the research firm labeled 2019 the "worst year on record."

Illustration: 2019 in Review: Data Breach Statistics and Trends (Authentic8 Blog)

ABA Tech Report 2019: Cybersecurity

The American Bar Association conducts an annual Legal Technology Survey, which culminates in a report on attorney’s use of

Authentic8 Completes FedRAMP ‘In Process’ Authorization Milestone

Authentic8, the maker of Silo, the leading web isolation platform for commercial and government organizations, announced today that it has completed all requisite steps and is formally “In Process” for FedRAMP authorization.

What Is FedRAMP?

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide certification program that standardizes the security, reliability, and integrity of cloud products and services. FedRAMP certification aims to ensure consistent compliance across all federal agencies and streamlines approval and procurement processes.

Authentic8 began working with government organizations in 2015. With more than 160 federal, state, and local agencies relying on Silo cloud browsing and web investigation solutions to execute their most important missions, Authentic8 is the largest provider of isolation technology to US government organizations.

“Something as simple as going online presents significant risk to any organization, and government data is a particularly sweet target for cybercriminals and nation states,” said Justin Cleveland, Head of Authentic8’s government business. “Achieving FedRAMP authorization will help us expand

2019 - the Year of Fake Security

Record data breaches and a new survey published in December indicate that cybersecurity snake oil peddlers had a ball last year. Their customers, not so much.

*

Remember Francis ("Frankie") Archibald Keyes, Esquire from RSA 2018 and 2019? According to survey results from last year's RSA Conference in San Francisco, the fictitious cybersecurity figure enjoyed significantly higher trust among IT professionals than most real-life vendors or experts.

Of those surveyed in our Cybersecurity Approval Poll at RSA, a total of 88% stated that they trusted Mr. Keyes "much more," "slightly more" or "about the same" as "other cybersecurity vendors and experts."

Frankie was completely made up by Authentic8, and for a short while, his meteoric rise to notoriety had our sales team worried. Would he become more famous than Silo, our pioneering Silo cloud browser and web isolation platform?


Francis ("Frankie") Archibald Keyes, the face of Fake Security in 2019

Those fears were put to rest quickly (sorry, Frankie). At the same time,

Ideas That Become Obvious In Hindsight

Interview: Authentic8 Co-founder and CEO Scott Petry on Leo Laporte's TWiT.tv

Were you excited when Apple presented the Newton mobile device to the world, a glimpse into a future starring the iPhone? Or perhaps relieved when the email Spam Wars were won by Postini, a Silicon Valley startup later bought by Google, where it became the core of Gmail?

The ideas and concepts that drove both breakthrough innovations initially faced ridicule (in the case of Newton) and skepticism. What they have in common is that today, they are obvious in hindsight.

What they also share is a name: Scott Petry. His career took him from Apple's Newton team to founding and later selling Postini - which solved the email spam problem - to Google and from there to his current role as Co-founder and CEO of Authentic8, which pioneered remote browser isolation in the cloud.

Do we have a theme here? Leo Laporte thinks so. The award-winning tech journalist and founder

October Is Malvertising Awareness Month

Large-scale malvertising campaigns have pushed more than a billion malware and spam-laden ads through online advertising networks onto "secure" web browsers. Ad-blocking software fails to stem the tide.

*

In case you were wondering - yes, you're right: October's official designation still is Cybersecurity Awareness Month. For bystanders, web publishers, and the victims of malicious ads, though, it turned into unofficial "Malvertising Awareness Month" rather quickly.

That's because news broke that cyber criminals had hit major browsers (Chromium/Chrome, Safari, Opera, Edge) with a broadscale malvertising campaign. Dubbed eGobbler by threat hunters, it generated more than a billion malicious advertising ad impressions over the past months.

The Mechanics: How Does Malvertising Work?

The not-so-secret sauce of malvertising campaigns is that they piggyback on legitimate online advertising networks and popular websites to push malware, such as ransomware exploit kits, onto millions of unsuspecting targets at once.

The malicious code then gets downloaded and executed by the web browser on the victim's computer. Game over.