SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2024-05-14 06:00:46	Arrêt de cybersécurité du mois: les attaques d'identité qui ciblent la chaîne d'approvisionnement Cybersecurity Stop of the Month: Impersonation Attacks that Target the Supply Chain (lien direct)	This blog post is part of a monthly series, Cybersecurity Stop of the Month, which explores the ever-evolving tactics of today\'s cybercriminals. It focuses on the critical first three steps in the attack chain in the context of email threats. The goal of this series is to help you understand how to fortify your defenses to protect people and defend data against emerging threats in today\'s dynamic threat landscape. The critical first three steps of the attack chain-reconnaissance, initial compromise and persistence. So far in this series, we have examined these types of attacks:  Supplier compromise  EvilProxy   SocGholish   eSignature phishing  QR code phishing  Telephone-oriented attack delivery (TOAD)    Payroll diversion  MFA manipulation Supply chain compromise Multilayered malicious QR code attack In this post, we will look at how adversaries use impersonation via BEC to target the manufacturing supply chain. Background BEC attacks are sophisticated schemes that exploit human vulnerabilities and technological weaknesses. A bad actor will take the time to meticulously craft an email that appears to come from a trusted source, like a supervisor or a supplier. They aim to manipulate the email recipient into doing something that serves the attacker\'s interests. It\'s an effective tactic, too. The latest FBI Internet Crime Report notes that losses from BEC attacks exceeded $2.9 billion in 2023. Manufacturers are prime targets for cybercriminals for these reasons: Valuable intellectual property. The theft of patents, trade secrets and proprietary processes can be lucrative. Complex supply chains. Attackers who impersonate suppliers can easily exploit the interconnected nature of supply chains. Operational disruption. Disruption can cause a lot of damage. Attackers can use it for ransom demands, too. Financial fraud. Threat actors will try to manipulate these transactions so that they can commit financial fraud. They may attempt to alter bank routing information as part of their scheme, for example. The scenario Proofpoint recently caught a threat actor impersonating a legitimate supplier of a leading manufacturer of sustainable fiber-based packaging products. Having compromised the supplier\'s account, the imposter sent an email providing the manufacturer with new banking details, asking that payment for an invoice be sent to a different bank account. If the manufacturer had complied with the request, the funds would have been stolen. The threat: How did the attack happen? Here is a closer look at how the attack unfolded:  1. The initial message. A legitimate supplier sent an initial outreach email from their account to the manufacturing company using an email address from their official account. The message included details about a real invoice that was pending payment. The initial email sent from the supplier. 2. The deceptive message. Unfortunately, subsequent messages were not sent from the supplier, but from a threat actor who was pretending to work there. While this next message also came from the supplier\'s account, the account had been compromised by an attacker. This deceptive email included an attachment that included new bank payment routing information. Proofpoint detected and blocked this impersonation email. In an attempt to get a response, the threat actor sent a follow-up email using a lookalike domain that ended in “.cam” instead of “.com.” Proofpoint also condemned this message. An email the attacker sent to mimic the supplier used a lookalike domain. Detection: How did Proofpoint prevent this attack? Proofpoint has a multilayered detection stack that uses a sophisticated blend of artificial intelligence (AI) and machine learning (ML) detection	Ransomware Data Breach Tool Vulnerability Threat	ChatGPT
	2024-05-06 07:54:03	Genai alimente la dernière vague des menaces de messagerie modernes GenAI Is Powering the Latest Surge in Modern Email Threats (lien direct)	Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it\'s already happening. Not long after the launch of ChatGPT, business email compromise (BEC) attacks, which are language-based, increased across the globe. According to the 2024 State of the Phish report from Proofpoint, BEC emails are now more personalized and convincing in multiple countries. In Japan, there was a 35% increase year-over-year for BEC attacks. Meanwhile, in Korea they jumped 31% and in the UAE 29%. It turns out that GenAI boosts productivity for cybercriminals, too. Bad actors are always on the lookout for low-effort, high-return modes of attack. And GenAI checks those boxes. Its speed and scalability enhance social engineering, making it faster and easier for attackers to mine large datasets of actionable data. As malicious email threats increase in sophistication and frequency, Proofpoint is innovating to stop these attacks before they reach users\' inboxes. In this blog, we\'ll take a closer look at GenAI email threats and how Proofpoint semantic analysis can help you stop them. Why GenAI email threats are so dangerous Verizon\'s 2023 Data Breach Investigations Report notes that three-quarters of data breaches (74%) involve the human element. If you were to analyze the root causes behind online scams, ransomware attacks, credential theft, MFA bypass, and other malicious activities, that number would probably be a lot higher. Cybercriminals also cost organizations over $50 billion in total losses between October 2013 and December 2022 using BEC scams. That represents only a tiny fraction of the social engineering fraud that\'s happening. Email is the number one threat vector, and these findings underscore why. Attackers find great success in using email to target people. As they expand their use of GenAI to power the next generation of email threats, they will no doubt become even better at it. We\'re all used to seeing suspicious messages that have obvious red flags like spelling errors, grammatical mistakes and generic salutations. But with GenAI, the game has changed. Bad actors can ask GenAI to write grammatically perfect messages that mimic someone\'s writing style-and do it in multiple languages. That\'s why businesses around the globe now see credible malicious email threats coming at their users on a massive scale. How can these threats be stopped? It all comes down to understanding a message\'s intent. Stop threats before they\'re delivered with semantic analysis Proofpoint has the industry\'s first predelivery threat detection engine that uses semantic analysis to understand message intent. Semantic analysis is a process that is used to understand the meaning of words, phrases and sentences within a given context. It aims to extract the underlying meaning and intent from text data. Proofpoint semantic analysis is powered by a large language model (LLM) engine to stop advanced email threats before they\'re delivered to users\' inboxes in both Microsoft 365 and Google Workspace. It doesn\'t matter what words are used or what language the email is written in. And the weaponized payload that\'s included in the email (e.g., URL, QR code, attached file or something else) doesn\'t matter, either. With Proofpoint semantic analysis, our threat detection engines can understand what a message means and what attackers are trying to achieve. An overview of how Proofpoint uses semantic analysis. How it works Proofpoint Threat Protection now includes semantic analysis as an extra layer of threat detection. Emails must pass through an ML-based threat detection engine, which analyzes them at a deeper level. And it does	Ransomware Data Breach Tool Vulnerability Threat	ChatGPT	★★★
	2024-04-02 09:34:09	ProofPoint en tête de KuppingerCole Leadership Compass pour la sécurité des e-mails Proofpoint Tops KuppingerCole Leadership Compass for Email Security (lien direct)	Email is the primary threat vector for cybersecurity threats. And these days, many malware, phishing and social engineering schemes target your people. The 2023 Verizon Data Breach Investigations Report notes that 74% of all data breaches include a human element. Threats are constantly evolving, too. It doesn\'t matter how sophisticated or complex your business is, it is a daunting task to protect your people from modern threats. At Proofpoint, we understand how critical it is for any business to protect its people from today\'s email threats. That\'s why we innovate every day. Recently, the industry has once again recognized our efforts to help our customers protect their people and their businesses. This time, our email security was recognized by major industry analyst firm KuppingerCole. Here is what they said about Proofpoint Threat Protection-and what makes it stand out from the competition. Proofpoint named an Overall Leader KuppingerCole just named Proofpoint an Overall Leader in the KuppingerCole Leadership Compass for Email Security Report, 2023. This is the third time in the past year that our email security has been named a leader by a major industry analyst firm. This recognition “triple crown” is the direct result of our commitment to helping businesses protect their people from modern email threats and change user behavior for the better. It keeps us innovating year after year. In the report from KuppingerCole, Proofpoint Threat Protection received the highest “strong positive” rating in all categories, including: Security Functionality Deployment Interoperability Usability With its ratings, KuppingerCole positioned Proofpoint as a leader in all evaluation categories, including product, technology, innovation and market. KuppingerCole named Proofpoint a leader in the product, technology, innovation and market categories. What makes Proofpoint stand out Here is a closer look at how we can help you protect your people from advanced email threats. Stop the widest variety of threats with accuracy Proofpoint uses a multilayered detection stack to identify a wide array of email threats with accuracy. Because we have a broad set of detection technology, we can apply the right technique to the right threat. For example, we have robust sandbox technology to detect URL-based threats, like quick response codes (QR Codes) and behavioral analysis for business email compromise (BEC) and telephone-oriented attack delivery (TOAD) threats.  Our machine learning (ML) and artificial intelligence (AI) models are trained by our experts using one of the richest sets of data in the industry. This ensures we provide superior accuracy. Every year, we analyze more than 3 trillion messages across our 230,000+ customer, global ecosystem. Our modular detection stack enables agility and speed to adapt to changes in the threat landscape. It allows us to quickly deploy new models to address new threats like BEC, TOAD and QR Codes. And it enables us to tune our existing detection models more frequently. Prevent email threats before they reach your people\'s inboxes  Predelivery detection from Proofpoint stops known and emerging threats at the front door of your business-not after they are delivered. Proofpoint threat intelligence and research found that nearly 1 in 7 malicious URL clicks happen within one minute of an email\'s arrival. That\'s why predelivery protection is so critical. If a threat ends up in your users\' inboxes, it increases your risk of a cyberattack or data breach. We analyze all messages, links and attachments with our robust detection stack before they can reach an inbox. This analysis, combined with our predelivery sandboxing and behavioral analysis of suspicious QR codes, allows us to stop malicious messages before they become a risk to your business. Gain actionable insights into your human risks Proofpoint quantifies your people\'s risk so that you can prioritize budget and resources to focus o	Data Breach Malware Threat Mobile Commercial		★★★
	2024-02-26 05:03:36	Les tenants et aboutissants de la confidentialité des données, partie 2: confidentialité par conception en protection de l'information The Ins and Outs of Data Privacy, Part 2: Privacy by Design in Information Protection (lien direct)	This is the second blog in a two-part series about data privacy. In our previous post, we discussed how data privacy has become increasingly important. And we covered why data loss protection (DLP) and insider threat management (ITM) tools are critical to ensuring data privacy. The shift to “work from anywhere” and the increase in cloud adoption have caused a rise in data loss and insider threats. To defend data from careless, malicious and compromised insiders-and the harm that they cause-security teams must implement data security tools like data loss prevention (DLP) and insider threat management (ITM) platforms. These tools monitor and control how employees interact with data. At the same time, companies are collecting more and more data about employees themselves, like protected health information (PHI). The abundance of all this data-which is being collected and processed in the cloud-creates a critical challenge for security teams. They must protect employee privacy without impeding productivity. In this post, we\'ll explore the topic of privacy by design, which aims to strike a balance between these two challenges. We\'ll cover why it\'s so important. And we\'ll discuss how Proofpoint Information Protection can help you build a modern DLP program and comply with data privacy laws. Why privacy by design matters for DLP and ITM Privacy by design is a framework that embeds privacy into the design of IT systems, infrastructure and business processes. Privacy is not an afterthought. It is considered right from the start-in the initial design phase. What\'s more, it\'s a core component that integrates visibility, transparency and user-centricity into its design. In short, privacy by design ensures that everything is built with the user in mind. Privacy by design is important to DLP and ITM because it helps to: Protect employee rights. Personal data is sacred. Employees expect their personal data to be safe and their rights protected. When a company takes a proactive, transparent approach to data privacy, it helps maintain trust with employees. Comply with privacy laws. Data privacy laws protect people by requiring businesses to keep their data safe and avoid sharing it unethically with third parties. These laws often require companies to tell users exactly how their data is used and collected, and to notify them in the event of a data breach. Failure to comply can lead to hefty fines and penalties, which can damage a firm\'s finances and brand image. Prevent bias in investigations. When user data is kept secure and private, it ensures insider threat investigations maintain their integrity and objectivity. If a user is identified, it could influence a security analyst\'s response to an incident. User privacy helps take emotion and subjectivity out of the picture. Ensure data privacy with Proofpoint DLP and ITM Proofpoint Information Protection includes administration and access controls. These controls can help your business keep data private and meet compliance requirements. Data residency and storage Proofpoint uses regional data centers in the U.S., Europe, Australia and Japan to meet data privacy and data residency requirements. You can control exactly where your data is stored at all of these data centers. For example, you can group your endpoints and map each group to a regional data center. This ensures that data on all those endpoints are stored in that regional center. So, a U.S. realm can manage U.S. endpoint data, which is sent to the U.S. data center. Attribute-based access controls Attribute-based access controls give you a flexible and easy way to manage access to data. You can use these controls to ensure that security analysts have visibility into data on a need-to-know basis only. For instance, you can write granular policies and assign access so that a U.S.-based security analyst can only see U.S. data. They cannot see data in Europe or the Asia-Pacific region. And when an analyst needs to access a specific user\'s data for an	Data Breach Tool Threat Cloud		★★
	2024-02-16 06:00:45	Les tenants et aboutissants de la confidentialité des données, partie 1: la complexité importante et croissante d'assurer la confidentialité des données The Ins and Outs of Data Privacy, Part 1: The Importance-and Growing Complexity-of Ensuring Data Privacy (lien direct)	This blog is the first in a series where we explore data privacy. In these two blogs, we\'ll cover why data privacy is increasingly important as well as some tips for keeping data safe. We\'ll also discuss how data loss protection (DLP) and insider threat management tools (ITM) are critical to ensuring data privacy. Data Privacy Week in January 2024 highlighted the increasing importance and challenges of data privacy. Trends like digital transformation, remote work and the proliferation of cloud applications have made the task of protecting sensitive data harder than ever. As the volume and perceived value of data grows, so does the risk of data loss and theft, including by insiders. Despite these challenges, businesses can\'t afford missteps when it comes to keeping sensitive data safe. Companies everywhere are under pressure to meet strict data privacy laws that promote data security and data privacy. Noncompliance can be costly. Hefty fines and market loss are common. Research from our 2023 Voice of the CISO report underscores the risk. One-third of the CISOs who told us that their company suffered a material loss of sensitive data within the past 12 months also reported their business was hit with regulatory sanctions as a result. In this blog post, we take a closer look at data privacy and how it relates to data security. We also discuss how laws around data privacy are evolving. And we cover how data loss prevention (DLP) and insider threat management (ITM) tools can help you stay on top of your data compliance challenges. What is data privacy? Data privacy is about protecting sensitive data that belongs to individuals or entities. This includes personally identifiable information (PII), which can be used to identify an individual or a corporate customer. Examples of PII include names, addresses, Social Security or tax ID numbers, credit card data and dates of birth. A business that stores or manages this type of information must follow data privacy laws. These laws ensure that data is kept confidential and secure and that it is only used for authorized purposes. They are intended to help a business: Protect personal information Safeguard critical business data Preserve users\' autonomy Maintain trust with customers and employees Data privacy is also about trust. The misuse or theft of sensitive data can lead to email fraud, insurance fraud, identity theft and more. So, customers need to trust that the companies they share their private data with will guard it carefully. An evolving regulatory landscape Data privacy laws are designed to compel businesses to keep sensitive data safe. Data compliance mandates often require businesses to tell users exactly how their data is used and collected. They may also require companies to notify users when a data breach happens. As noted earlier, not following these laws can result in stiff penalties. Multiple data privacy laws around the globe govern regulations based on their type, the user\'s location and other criteria. Some examples include the: GDPR in the European Union CCPA in the U.S. HIPAA in the U.S. LGPD in Brazil Several state governments in the United States are stepping up efforts to enact data privacy laws. California, Colorado, Connecticut, Utah and Virginia enacted comprehensive consumer privacy laws before 2023. Those laws became enforceable last year. In 2023, these states enacted privacy laws: Delaware Florida Indiana Iowa Montana Oregon Tennessee Texas As data privacy laws emerge or evolve, the definition of sensitive data may change. For example, GDPR expanded the definition of PII to include data elements like email and IP addresses. That is why it is so important for companies to stay attuned to this ever-changing landscape. The rise of generative AI sites has also sparked new concerns about data privacy. New laws are likely to be developed soon. The Biden Administration\'s new executive order will also have an impact on data use in the year ahead. Why	Data Breach Malware Tool Threat Cloud		★★
	2024-02-12 08:02:39	4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain (lien direct)	Supply chains have become a focal point for cyberattacks in a world where business ecosystems are increasingly connected. Email threats are a significant risk factor, as threat actors are keen to use compromised email accounts to their advantage. Every month, a staggering 80% of Proofpoint customers face attacks that originate from compromised vendor, third-party or supplier email accounts. Known as supplier account compromise, or vendor email compromise, these attacks involve threat actors infiltrating business communications between trusted partners so that they can launch internal and external attacks. Their ultimate goal might be to steal money, steal data, distribute malware or simply cause havoc. In this blog post, we\'ll explain how vendor emails are compromised and how you can stop these attacks. Finally, we\'ll tell you how Proofpoint can help. What\'s at stake Supply chain compromise attacks can be costly for businesses. IBM, in its latest Cost of a Data Breach Report, says that the average total cost of a cyberattack that involves supply chain compromise is $4.76 million. That is almost 12% higher than the cost of an incident that doesn\'t involve the supply chain. In addition to the financial implications, compromised accounts can lead to: Phishing scams that result in even more compromised accounts Reputational and brand damage Complex legal liabilities between business partners How does vendor email compromise occur? Supply chain compromise attacks are highly targeted. They can stretch out over several months. And typically, they are structured as a multistep process. The bad actor initiates the assault by gaining access to the email account of a vendor or supplier through various means. Phishing attacks are one example. Once the attacker gains access, they will lay low for an extended period to observe the vendor\'s email communications. During this time, the adversary will study the language and context of messages so that they can blend in well and avoid detection. Attackers might also use this observation period to establish persistence. They will create mail rules and infrastructure so that they can continue to receive and send messages even after the vendor has regained control of the account. Once they establish access and persistence, the attackers will begin to insert themselves into conversations within the supplier\'s company as well as with external partners and customers. By posing as the sender, the attacker takes advantage of established trust between parties to increase their chances of success. Overview of a vendor email compromise attack. Proofpoint has observed a growing trend of attackers targeting accounts within smaller businesses and using them to gain entry into larger companies. Threat actors often assume that small businesses have less protection than large companies. They see them as targets that can help them achieve a bigger payday. How to stop vendor email compromise If you want to defend against these attacks, it\'s critical to understand the methods behind them. Such a formidable problem requires a strategic and multilayered solution. The four broad steps below can help. Step 1: Know your suppliers Your first line of defense against these email attacks sounds simple, but it\'s challenging. It is the ability to intimately “know your supplier” and understand their security strategy. This requires more than a one-time vendor assessment. Your security teams will need to prioritize continuous monitoring of your company\'s business partnerships. On top of that knowledge, you need a thorough understanding of the access and privileges that your business grants to each vendor. Compromised accounts that have uncontrolled access may be able to exfiltrate sensitive data or upload malware like ransomware. So, when you know what your suppliers can (and can\'t) access, you can identify a data breach faster. Other steps, like requiring multifactor authentication (MFA) for vendor accounts, can	Ransomware Data Breach Malware Tool Threat Studies Prediction Cloud		★★★
	2024-02-05 11:41:18	7 conseils pour développer une approche proactive pour éviter le vol de données 7 Tips to Develop a Proactive Approach to Prevent Data Theft (lien direct)	Data is one of the most valuable assets for a modern enterprise. So, of course, it is a target for theft. Data theft is the unauthorized acquisition, copying or exfiltration of sensitive information that is typically stored in a digital format. To get it, bad actors either abuse privileges they already have or use various other means to gain access to computer systems, networks or digital storage devices. The data can range from user credentials to personal financial records and intellectual property. Companies of all sizes are targets of data theft. In September 2023, the personal data of 2,214 employees of the multinational confectionary firm The Hershey Company was stolen after a phishing attack. And in January 2024, the accounting firm of Framework Computer fell victim to an attack. A threat actor posed as the Framework\'s CEO and convinced the target to share a spreadsheet with the company\'s customer data. Data thieves aim to profit financially, disrupt business activities or do both by stealing high-value information. The fallout from a data breach can be very costly for a business-and the cost is going up. IBM reports that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years. Other data suggests that the average cost of a breach is more than double for U.S. businesses-nearly $9.5 million. Not all data breaches involve data theft, but stealing data is a top aim for many attackers. Even ransomware gangs have been shifting away from data encryption in their attacks, opting instead to steal massive amounts of data and use its value as a means to compel businesses to pay ransom. So, what can businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. This blog post can help jump-start your thinking about how to improve data security. We explore how data theft happens and describe some common threats that lead to it. We also outline seven strategies that can help reduce your company\'s risk of exposure to data theft and highlight how Proofpoint can bolster your defenses. Understanding data theft-and who commits it Data theft is a serious security and privacy breach. Data thieves typically aim to steal information like: Personally identifiable information (PII) Financial records Intellectual property (IP) Trade secrets Login credentials Once they have it, bad actors can use stolen data for fraudulent activities or, in the case of credential theft, to gain unlawful access to accounts or systems. They can also sell high-value data on the dark web. The consequences of data theft for businesses can be significant, if not devastating. They include hefty compliance penalties, reputational damage, and financial and operational losses. Take the manufacturing industry as an example. According to one source, a staggering 478 companies in this industry have experienced a ransomware attack in the past five years. The costs in associated downtime are approximately $46.2 billion. To prevent data theft, it\'s important to recognize that bad actors from the outside aren\'t the only threat. Insiders, like malicious employees, contractors and vendors, can also steal data from secured file servers, database servers, cloud applications and other sources. And if they have the right privileges, stealing that data can be a breeze. An insider\'s goals for data theft may include fraud, the disclosure of trade secrets to a competitor for financial gain, or even corporate sabotage. As for how they can exfiltrate data, insiders can use various means, from removable media to personal email to physical printouts. How does data theft happen? Now, let\'s look at some common methods that attackers working from the outside might employ to breach a company\'s defenses and steal data. Phishing. Cybercriminals use phishing to target users through email, text messages, phone calls and other forms of communication. The core objective of this approach is to trick users into doing what	Ransomware Data Breach Malware Tool Vulnerability Threat Cloud		★★★
	2024-01-02 08:41:00	6 Exigences d'assurance cybersécurité Votre entreprise doit être prête à répondre 6 Cybersecurity Insurance Requirements Your Business Should Be Ready To Meet (lien direct)	Every year, more companies are finding out firsthand how damaging a cyberattack can be. Research for the 2023 State of the Phish report from Proofpoint found that 30% of companies that were successfully attacked experienced a direct monetary loss. That\'s an increase of 76% year over year. And costs for these attacks are rising. IBM reports that the global average cost of a data breach went up by 15% over the last three years, hitting $4.45 million in 2023.  Concerns about costs and risks mean that more companies than ever are buying cyber insurance. A World Economic Forum survey found that 71% of organizations have cyber insurance. And Allied Market Research projects that the global cyber insurance market, which is currently valued at $12.5 billion, will reach $116.7 billion by 2032. Investing in cyber insurance for your business can be a wise strategy. For one, it helps you to transfer some of the financial risks of a cybersecurity event to your insurance provider. But the cyber insurance landscape is changing. You should know that getting the coverage you want might be a challenge, and you will need to meet an array of cybersecurity insurance requirements. In this blog post, we\'ll cover six of the most common requirements you\'ll likely need to fulfill. What is cyber insurance-and what does it cover? But first, let\'s take a closer look at what cyber insurance is and why it is important. Also known as cyber liability insurance, this relatively new type of insurance helps to protect businesses and individuals from the negative impacts of cybersecurity events. It generally covers: Loss of data and the associated recovery Loss of revenue due to business interruption Loss of transferred funds from cyberattacks, like business email compromise (BEC) and phishing Loss of funds from ransomware and extortion Many policies also cover the aftermath and follow-up events associated with a data breach. This includes the costs associated with identifying and notifying victims, credit monitoring for victims and forensics expertise, to name a few. Why is cyber insurance important? For many companies, cyber insurance is an essential part of their risk management strategy. It covers many costs related to cyber events, such as legal expenses and fees for compliance violations. Depending on the policy, it might also cover: Ransomware attacks. If your business is hit with a ransomware attack, you may face demands for payment to unlock your systems. Or you may need to pay a ransom to prevent the release of sensitive data. In certain cases, cyber insurance can help cover ransom payments. Incident response and recovery. Cybersecurity insurance can help with the cost of investments you may need to make after an attack. For example, you may need to hire experts, conduct forensic investigations, and implement tools and measures to prevent future attacks. Business disruption. This may include lost revenue during downtime. This coverage can help your business stay afloat financially and continue operating in the wake of a cyber event. Want more details on the benefits of cyber insurance? Download the Proofpoint presentation, “Cyber Insurance: Facts, Figures and Policy Fundamentals.” Examples of common cyber insurance requirements As noted earlier, getting coverage is more complicated than it used to be. Because security breaches are so costly and cybercrime is so common, many insurers have become more stringent in their underwriting processes. Some have lowered caps for payouts and narrowed their coverage offerings as well. This means that the requirements your business may be expected to meet will be fairly complex. Every provider will likely conduct a risk assessment to determine if you qualify for cyber insurance. The process will help them to determine how much coverage they can offer you, and what you\'ll need to pay for it. The risk assessment might be as quick and simple as a questionnaire or as complex and time-consuming as a third-party audit. Here are six examples	Ransomware Data Breach Tool Threat		★★★
	2023-12-15 06:00:41	Comment empêcher les attaques basées sur l'identité avec ITDR How to Prevent Identity-Based Attacks with ITDR (lien direct)	Identity-based attacks are on the rise. Research from the Identity Defined Security Alliance found that 84% of businesses experienced an identity-related breach in the past year. While that\'s a huge percentage, it\'s not all that surprising. Just consider how focused attackers have been in recent years on gaining access to your user\'s identities. In the latest Verizon 2023 Data Breach Investigations Report, Verizon found that 40% of all data breaches in 2022 involved the theft of credentials which is up from 31% in 2021. With access to just one privileged account an attacker can move around undetected on a company\'s network and cause havoc. When they look like the right employee, they have the freedom to do almost anything, from stealing sensitive data to launching ransomware attacks. What\'s worse, attackers usually have tools that make it fast and easy to exploit stolen credentials, escalate privilege and move laterally. That makes this type of attack all the more appealing. There are a bevy of cybersecurity tools that are supposed to protect companies from these attacks. So why do they fall short? The simple answer is that it\'s not their job-at least not completely. Take tools used for identity access management (IAM) as an example. Their role is to administer identities and manage their access to applications and resources. They don\'t detect malicious activity after a “legitimate” user has been authenticated and authorized. And tools for anomaly detection, like security information and event management (SIEM) systems, alert on abnormal or malicious user activity. But they are even less capable of flagging attempts at lateral movement and privilege escalation. As a result, these tools tend to generate high levels of false positives, which overwhelm security teams. However, there is a way to address the security gaps these solutions aren\'t well equipped to cover. It\'s called identity threat detection and response, or ITDR for short. What is ITDR? ITDR is an umbrella term coined by Gartner to describe a new category of security tools and best practices that companies can use to detect and respond more effectively to identity-based attacks. ITDR protects the middle of the attack chain-the point where enterprise defenses are usually the weakest. ITDR tools offer robust analytics, integrations and visibility that can help you to: Detect, investigate and respond to active threats Stop privilege escalations Identify and halt lateral movement by attackers Reduce the identity-centric attack surface before the threat actor even arrives When you use ITDR, you\'re not replacing existing tools or systems for IAM and threat detection and response like privileged access management (PAM) or endpoint detection and response (EDR). Instead, you\'re complementing them. Those tools can continue to do what they do best while ITDR addresses the identity security gaps they\'re not designed to cover. How ITDR solutions work-and help to prevent identity-based attacks ITDR tools are designed to continuously monitor user behavior patterns across systems. They scan every endpoint-clients and servers, PAM systems and identity repositories-to look for unmanaged, misconfigured and exposed identities. With a holistic view of identity risks, your security team can remove key attack pathways through Active Directory (AD) that threat actors use to install ransomware and steal data. ITDR tools can help defenders stop identity attacks and proactively get rid of risks. They allow defenders to see exactly how attackers can access and use identities to compromise the business. Essentially, ITDR provides answers to these three critical questions: Whose identity provides an attack path? What is the identity threat blast radius, and the impact to my business? Are there any identity-based attacks in progress? Leading ITDR tools can help you catch adversaries in the act by planting deceptive content, or trip wires, throughout your environment that only attackers would in	Ransomware Data Breach Tool Vulnerability Threat		★★
	2023-12-14 09:44:32	Atténuation des menaces d'initié: 5 meilleures pratiques pour réduire le risque Insider Threat Mitigation: 5 Best Practices to Reduce Risk (lien direct)	(This is an updated version of a blog that was originally published on 1/28/21.) Most security teams focus on detecting and preventing external threats. But not all threats come from the outside. The shift to hybrid work, accelerated cloud adoption and high rates of employee turnover have created a perfect storm for data loss and insider threats over the past several years. Today, insider threats rank amongst the top concerns for security leaders-30% of chief information security officers report that insider threats are their biggest cybersecurity threat over the next 12 months. It\'s easy to understand why. Insider threats have increased 44% since 2020 due to current market dynamics-and security teams are struggling to keep pace. According to the Verizon 2023 Data Breach Investigations Report, 74% of all breaches involve the human element. In short, data doesn\'t lose itself. People lose it. When the cybersecurity risk to your company\'s vital systems and data comes from the inside, finding ways to mitigate it can be daunting. Unlike with tools that combat external threats, security controls for data loss and insider threats can impact users\' daily jobs. However, with the right approach and insider threat management tools, that doesn\'t have to be the case. In this blog post, we\'ll share best practices for insider threat mitigation to help your business reduce risk and overcome common challenges you might face along the way. What is an insider threat? But first, let\'s define what we mean by an insider threat. In the cybersecurity world, the term “insider” describes anyone with authorized access to a company\'s network, systems or data. In other words, it is someone in a position of trust. Current employees, business partners and third-party contractors can all be defined as insiders. As part of their day-to-day jobs, insiders have access to valuable data and systems like: Computers and networks Intellectual property (IP) Personal data Company strategy Financial information Customer and partner lists All insiders pose a risk given their position of trust-but not all insiders are threats. An insider threat occurs when someone with authorized access to critical data or systems misuses that access-either on purpose or by making a mistake. The fallout from an insider threat can be dire for a business, including IP loss, legal liability, financial consequences and reputational damage. The challenge for security firms is to determine which insiders are threats, and what type of threats they are, so they know how to respond. There are three insider threat types: Careless. This type of risky insider is best described as a user with good intentions who makes bad decisions that can lead to data loss. The 2022 Cost of Insider Threats Global Report from Ponemon Institute notes that careless users account for more than half (56%) of all insider-led incidents. Malicious. Some employees-or third parties, like contractors or business partners-are motivated by personal gain. Or they might be intent on harming the business. In either case, these risky users might want to exfiltrate trade secrets or take IP when they leave the company. Industrial espionage and sabotage are examples of malicious insider activity. Ponemon research shows malicious insiders account for 26% of insiders. Compromised. Sometimes, external threat actors steal user login information or other credentials. They then use those credentials to access applications and systems. Ponemon reports that compromised users account for 18% of insiders. Insider threat mitigation best practices Companies can minimize brand and financial damage by detecting and stopping insider threats. How each security team approaches insider threats will vary depending on the industry, maturity and business culture. However, every organization can use the five best practices we\'ve outlined below to improve their insider threat prevention. 1. Identify your risky users Most insiders fall into the “care	Data Breach Tool Threat Industrial Cloud Technical		★★
	2023-11-21 08:35:02	Prévenir les attaques de fatigue du MFA: sauvegarder votre organisation Preventing MFA Fatigue Attacks: Safeguarding Your Organization (lien direct)	Gaining access to critical systems and stealing sensitive data are top objectives for most cybercriminals. Social engineering and phishing are powerful tools to help them achieve both. That\'s why multifactor authentication (MFA) has become such an important security measure for businesses and users. Without MFA as part of the user authentication process, it is much less challenging for an attacker with stolen credentials to authenticate a user\'s account. The primary goal of MFA is to reduce the risk of unauthorized access, especially in situations where passwords alone may not provide enough protection. Even if an attacker steals a user\'s password, with MFA they still need the second factor (and maybe others) to gain access to an account. Examples of MFA factors include biometrics, like fingerprints, and signals from user devices, like GPS location. MFA isn\'t a perfect solution, though-it can be bypassed. Adversaries are relentless in their efforts to undermine any security defenses standing in the way of their success. (The evolution of phish kits for stealing MFA tokens is evidence of that.) But sometimes, attackers will choose to take an in-your-face approach that is not very creative or technical. MFA fatigue attacks fall into that category. What are MFA fatigue attacks-and how do they work? MFA fatigue attacks, also known as MFA bombing or MFA spamming, are a form of social engineering. They are designed to wear down a user\'s patience so that they will accept an MFA request out of frustration or annoyance-and thus enable an attacker to access their account or device. Many people encounter MFA requests daily, or even multiple times per day, as they sign-in to various apps, sites, systems and platforms. Receiving MFA requests via email, phone or other devices as part of that process is a routine occurrence. So, it is logical for a user to assume that if they receive a push notification from an account that they know requires MFA, it is a legitimate request. And if they are very busy at the time that they receive several push notifications in quick succession to authenticate an account, they may be even more inclined to accept a request without scrutinizing it. Here\'s an overview of how an MFA attack works: A malicious actor obtains the username and password of their target. They can achieve this in various ways, from password-cracking tactics like brute-force attacks to targeted phishing attacks to purchasing stolen credentials on the dark web. The attacker then starts to send MFA notifications to the user continuously, usually via automation, until that individual feels overwhelmed and approves the login attempt just to make the requests stop. (Usually, the push notifications from MFA solutions require the user to simply click a “yes” button to authenticate from the registered device or email account.) Once the attacker has unauthorized access to the account, they can steal sensitive data, install malware and do other mischief, including impersonating the user they have compromised-taking their actions as far as they can or want to go. 3 examples of successful MFA fatigue attacks To help your users understand the risk of these attacks, you may want to include some real-world examples in your security awareness program on this topic. Here are three notable incidents, which are all associated with the same threat actor: Uber. In September 2022, Uber reported that an attacker affiliated with the threat actor group Lapsus$ had compromised a contractor\'s account. The attacker may have purchased corporate account credentials on the dark web, Uber said in a security update. The contractor received several MFA notifications as the attacker tried to access the account-and eventually accepted one. After the attacker logged in to the account, they proceeded to access other accounts, achieving privilege escalation. One action the attacker took was to reconfigure Uber\'s OpenDNS to display a graphic image on some of the company\'s internal sites. Cisco. Cisco suffer	Ransomware Data Breach Malware Tool Threat Technical	Uber	★★★
	2023-10-10 07:16:32	Au-delà du statu quo, partie 1: le rôle vital des menaces de renseignement dans la sensibilisation à la sécurité Beyond the Status Quo, Part 1: The Vital Role Threat Intelligence Plays in Security Awareness Education (lien direct)	Welcome to the first installment of a three-part blog series that is focused on how to inspire engagement in security awareness for both users and practitioners. It will also explore creative techniques you can use to build a security culture that go beyond traditional security awareness training. Cybersecurity Awareness Month is an excellent time to rejuvenate your security awareness program. But how can you sustain the momentum of Cybersecurity Awareness Month beyond October? Try adding threat intelligence to your program. It can personalize and invigorate your curriculum for your users. Integrating threat intelligence into security awareness seems intuitive-and many practitioners claim to do it. But data suggests otherwise. Research Proofpoint conducted for our 2023 State of the Phish report found that while 75% of businesses faced business email compromise (BEC) attacks, a mere 31% trained their users about this threat. This indicates that while many businesses are aware of emerging threats, they struggle to weave this information into their training modules. This blog post delves into best practices for using threat intelligence to raise security awareness with users. It includes insights from a customer session we held during Proofpoint Wisdom 2023 entitled “Utilizing Threat Intel to Design a Program that Works.” During that session, I spoke with Andrew Munson, senior manager of information risk management and governance at McDonald\'s Corporation, and Shaun Holmberg, IT security analyst at Commercial Metals Corporation. Both provided insights into how they infuse threat intelligence into their global security awareness initiatives. Understanding threat intelligence Threat intelligence is the knowledge and analysis of cyber threats and vulnerabilities that can pose a risk to a business. This information includes details about the attack lifecycle, network architecture vulnerabilities and which users are being targeted. The intel should also provide details of the risk level or the consequential impact that a successful cyber attack may have on a business. This information can be gathered from various sources. According to Shaun and Andrew, examples of optimal sources for intelligence are: Research reports. These resources include, but are not limited to: State of the Phish from Proofpoint Verizon\'s Data Breach Investigations Report (DBIR) FBI Internet Crime Report (Internet Crime Complaint Center) Coalition\'s Cyber Claims Report Security feeds. Proofpoint threat intelligence services, Rapid7 and Cyber Reasons are examples of providers of these feeds. Incident reports from products. These reports include Proofpoint Targeted Attack Protection reports, Proofpoint Closed Loop Email Analysis (CLEAR) and other reports related to the penetration testing of a company\'s infrastructure. Why is threat intelligence crucial for a security awareness program? Let\'s dive deeper into this subject using insights from the recent discussion with Andrew and Shaun. Making threat intelligence actionable At McDonald\'s, Andrew works with departments across the globe. Each region has its own requirements and is targeted with threats specific to an office. This is where working with a resource like the Proofpoint threat intelligence service team can create significant benefits for security teams. Andrew described how working with our team gives him an advantage. He said the Proofpoint threat intelligence service team can analyze data across the globe to correlate attacks that may be affecting a single region. For example, they can recognize a targeted attack specific to Germany, which differs from an active attack they\'ve identified targeting Austria. Andrew said he uses this data to build separate simulations that mimic the active attack for each region and launches an auto-enrollment training session tuned to recognizing the attack indicators. He can also provide resources like notifications or informative newsletters, all within the region\'s native l	Ransomware Data Breach Vulnerability Threat Studies		★★
	2023-09-20 05:00:47	Toutes les vulnérabilités ne sont pas créées égales: les risques d'identité et les menaces sont la nouvelle vulnérabilité Not All Vulnerabilities Are Created Equal: Identity Risks and Threats Are the New Vulnerability (lien direct)	If the history of cyber threats has taught us anything, it\'s that the game is always changing. The bad actors show us a move. We counter the move. Then, the bad actors show us a new one. Today, that “new move” is the vulnerable state of identities. Attackers realize that even if the network and every endpoint and device are secured, they can still compromise an enterprise\'s resources by gaining access to one privileged account. There is a lot of opportunity to do that, too. Within companies, one in six endpoints has an exploitable identity risk, as research for the Analyzing Identity Risks (AIR) Research Report from Proofpoint found. “Well, that escalated quickly.” The latest Data Breach Investigations Report from Verizon highlights the risks of complex attacks that involve system intrusion. It also underscores the need to disrupt the attacker once they are inside your environment. Once they have that access, they will look for ways to escalate privileges and maintain persistence. And they will search for paths that will allow them to move across the business so that they can achieve their goals, whatever they may be.hey may be. This problem is getting worse because managing enterprise identities and the systems to secure them is complex. Another complication is the constant changes to accounts and their configurations. Attackers are becoming more focused on privileged identity account takeover (ATO) attacks, which allow them to compromise businesses with ease and speed. At least, as compared with the time, effort and cost that may be required to exploit a software vulnerability (a common vulnerability and exposure or CVE). We should expect this trend to continue, given that ATOs have reduced attacker dwell times from months to days. And there is little risk that attackers will be detected before they are able to complete their crimes. How can IT and security leaders and their teams respond? A “back to the basics” approach can help. Shifting the focus to identity protection Security teams work to protect their networks, systems and endpoints in their infrastructure, and they have continued moving up the stack to secure applications. Now, we need to focus more on ways to improve how we protect identities. That is why an identity threat detection and response (ITDR) strategy is so essential today. We tend to think of security in battle terms; as such, identity is the next “hill” we need to defend. As we have done with the network, endpoint and application hills in the past, we should apply basic cyber hygiene and security posture practices to help prevent identity risk. There is value in using preventative and detective controls in this effort, but the former type of control is preferred. (It can cost less to deploy, too.) In other words, as we take this next hill to secure identity threats, we should keep in mind that an ounce of prevention is worth a pound of cure. Identity as a vulnerability management asset type Businesses should consider managing remediation of the identity vulnerabilities that are most often attacked in the same or a similar way to how they manage the millions of other vulnerabilities across their other asset types (network, host, application, etc.). We need to treat identity risk as an asset type. Its vulnerability management should be included in the process for prioritizing vulnerabilities that need remediation. A requirement for doing this is the ability to scan the environment on a continuous basis to discover identities that are vulnerable now-and learn why are at risk. Proofpoint SpotlightTM provides a solution. It enables: The continuous discovery of identity threats and vulnerability management Their automated prioritization based on the risk they pose Visibility into the context of each vulnerability And Spotlight enables fully automated remediation of vulnerabilities where the remediation creates no risk of business interruption. Prioritizing remediation efforts across asset types Most enterprises have millions of vulnerabilities across their	Data Breach Vulnerability Threat Prediction		★★
	2023-09-19 05:00:12	Pourquoi les données sur les soins de santé sont difficiles à protéger et quoi faire à ce sujet Why Healthcare Data Is Difficult to Protect-and What to Do About It (lien direct)	Hospitals, clinics, health insurance providers and biotech firms have long been targets for cyber criminals. They handle data like protected health information (PHI), intellectual property (IP), clinical trial data and payment card data, giving attackers many options to cash in. And as healthcare institutions embrace the cloud, remote work and telehealth, the risks of attacks on this data only increase. Besides outside attackers, insider risk is another concern in an industry where employees face high and sustained levels of stress. And then there\'s the increasing risk of ransomware. In the 2022 Internet Crime Report from the FBI\'s Internet Crime Complaint Center, healthcare was called out as the critical infrastructure industry hardest hit by ransomware attacks. In this blog, we\'ll take a look at some of the information protection challenges faced by the healthcare industry today. And we\'ll look at some solutions. Healthcare data breach costs Not only are data breaches in healthcare on the rise, but the costs for these breaches are high for this industry, too. IBM\'s Cost of a Data Breach Report 2023 says that the average cost of a healthcare data breach in the past year was $11 million. These costs can include: Ransoms paid Systems remediation Noncompliance fines Litigation Brand degradation There\'s a high cost in terms of disruptions to patient care as well. System downtime or compromised data integrity due to cyber attacks can put patients at risk. For example, when Prospect Medical Holdings faced a recent cyber attack, its hospitals had to shut down their IT networks to prevent the attack\'s spread. They also needed to revert to paper charts. The Rhysida ransomware gang claimed responsibility for that attack, where a wealth of data, including 500,000 Social Security numbers, patient files, and legal documents, was stolen. Information protection challenges in healthcare Healthcare firms face many challenges in protecting sensitive data. They include: Insider threats and electronic health record (EHR) snooping What are some insider threats that can lead to data breaches in healthcare? Here\'s a short list of examples: Employees might sneak a peek at the medical records of a famous patient and share the details with the media. Careless workers could click on phishing emails and open the door to data theft. Malicious insiders can sell patient data on the dark web. Departing employees can take valuable research data with them to help along own careers. A growing attack surface due to cloud adoption Most healthcare businesses are increasing their use of cloud services. This move is helping them to improve patient care by making information more accessible. But broad sharing of files in cloud-based collaboration platforms increases the risk of a healthcare data breach. It is a significant risk, too. Proofpoint threat intelligence shows that in 2022, 62% of all businesses were compromised via cloud account takeover. Data at risk across multiple data loss channels When EHRs are housed on-premises, patient records can still be accessed, shared and stored on remote endpoint and cloud-based collaboration and email systems. And as healthcare data travels across larger geographies, protecting it becomes much more of a challenge. How Proofpoint can help Our information protection platform, Proofpoint Sigma, provides unmatched visibility and control over sensitive data across email, cloud, web and endpoints. This unified platform allows healthcare businesses to manage data risk, while saving time and reducing operational costs. We can help protect your data from accidental disclosure, malicious attacks and insider risk. As the healthcare industry continues to adopt remote work and telehealth, there is one particular Proofpoint solution that stands out for its ability to help safeguard data. That\'s Proofpoint Insider Threat Management (ITM). It monitors user and data activity on endpoints. And it allows security teams to detect, investigate and respond to potential data l	Ransomware Data Breach Threat Medical Cloud		★★
	2023-09-18 05:00:09	Comment mieux sécuriser et protéger votre environnement Microsoft 365 How to Better Secure and Protect Your Microsoft 365 Environment (lien direct)	Microsoft 365 has become the de facto standard for email and collaboration for most global businesses. At the same time, email continues to be the most common attack vector for threat actors. And spam, phishing, malware, ransomware and business email compromise (BEC) attacks keep increasing in both their sophistication and impact. Verizon\'s 2023 Data Breach Investigations Report highlights the upward trend BEC attacks, noting that they have doubled over the past year and comprise 60% of social engineering incidents. While Microsoft 365 includes basic email hygiene capabilities with Exchange Online Protection (EOP), you need more capabilities to protect your business against these attacks. Microsoft offers Defender for Office 365 (MDO) as part of its security tool set to bolster security. And it\'s a good place to start, but it simply can\'t stop today\'s most sophisticated email threats. That\'s why analysts suggest you augment native Microsoft 365 security to protect against advanced threats, like BEC and payload-less attacks such as TOAD (telephone-oriented attack delivery). “Supplement the native capabilities of your existing cloud email solutions with third-party security solutions to provide phishing protection for collaboration tools and to address both mobile- and BEC-type phishing scenarios.” Source: 2023 Gartner Market Guide for Email Security The rise of cloud-based email security solutions Email threats are nothing new. For years now, secure email gateways (SEG) have been the go-to solution to stop them. They filter spam, phishing emails and malware before they can get to users\' inboxes. But with more businesses adopting cloud-based email platforms-particularly Microsoft 365-alternative email security solutions have appeared on the market. Gartner calls them integrated cloud email security (ICES); Forrester refers to them as cloud-native API-enabled email security (CAPES). These solutions leave the basic email hygiene and handling of email traffic to Microsoft. Then, they examine the emails that are allowed through. Essentially, they identify threats that have slipped past Microsoft\'s defenses. The main advantage of ICES and CAPES is their ease of deployment and evaluation. They simply require a set of permissions to the Microsoft 365 installation, and they can start detecting threats right away. It\'s easy to remove these solutions, too, making it simple and straightforward to evaluate them. Two deployment models: the good and the bad When you\'re augmenting Microsoft 365 email security, you have several options for deployment. There\'s the post-delivery, API-based approach, which is used by ICES and CAPEs. And there\'s the pre-delivery, MX-based approach used by SEGs. Post-delivery deployment (API-based model) In this scenario, Microsoft provides an API to allow third-party vendors to receive a notification when a new email is delivered to a user\'s mailbox. Then, they process the message with their platform. If a threat is found, it can be deleted or moved to a different folder, like quarantine or junk. However, this approach presents a risk. Because a message is initially delivered to the mailbox, a user still has a chance to click on it until the threat is retracted. Emails must be processed fast or hidden altogether while the solution scans the message for threats. Analyzing attachments for malware or running them through a sandbox is time-consuming, especially for large or complex attachments. There are also limits on how many alerts from Microsoft 365 that cloud-based email security solutions can receive. Pre-delivery deployment (MX-based model) This approach is useful for businesses that want to detect and prevent email threats before they reach their users\' inboxes. As the name suggests, email is processed before it is delivered to a user\'s inbox. To enable this model, an organization\'s DNS email exchange (MX) record must be configured to a mail server. The MX record indicates how email messages should be routed in	Ransomware Data Breach Malware Tool Threat Prediction Cloud		★★★
	2023-09-14 05:00:42	Maximiser les soins aux patients: sécuriser le cheval de travail des e-mails des portails de santé, des plateformes et des applications Maximizing Patient Care: Securing the Email Workhorse of Healthcare Portals, Platforms and Applications (lien direct)	In the modern healthcare industry, healthcare portals, platforms and applications serve as tireless workers. They operate around the clock, making sure that crucial information reaches patients and providers. At the heart of it all is email-an unsung hero that delivers appointment reminders, test results, progress updates and more. Healthcare portals, platforms and applications and many of the emails they send contain sensitive data. That means they are a top target for cyber criminals. And data breaches can be expensive for healthcare businesses. Research from IBM shows that the average cost of a healthcare data breach-$10.93 million-is the highest of any industry. In addition, IBM reports that since 2020 data breach costs have increased 53.3% for the industry. In this post, we explore how a Proofpoint solution-Secure Email Relay-can help healthcare institutions to safeguard patient information that is transmitted via these channels. Healthcare technology in use today First, let\'s look at some of the main types of healthcare portals, platforms and applications that are in use today. Patient portals. Patient portals have transformed the patient and provider relationship by placing medical information at patients\' fingertips. They are a gateway to access medical records, view test results and schedule appointments. And they offer patients a direct line to communicate with their healthcare team. The automated emails that patient portals send to patients help to streamline engagement. They provide useful information and updates that help people stay informed and feel more empowered. Electronic health record (EHR) systems. EHR applications have revolutionized how healthcare providers manage and share patient information with each other. These apps are digital repositories that hold detailed records of patients\' medical journeys-data that is used to make medical decisions. EHR apps send automated emails to enhance how providers collaborate on patient care. Providers receive appointment reminders, critical test results and other vital notifications through these systems. Health and wellness apps. For many people, health and wellness apps are trusted companions. These apps can help them track fitness goals, monitor their nutrition and access mental health support, to name a few services. Automated emails from these apps can act as virtual cheerleaders, too. They provide users with reminders, progress updates and the motivation to stick with their goals. Telemedicine platforms. Telemedicine platforms offer patients access to virtual medical consultations. They rely on seamless communication-and emails are key to that experience. Patients receive emails to remind them about appointments, get instructions on how to join virtual consultations, and more. The unseen protector: security in healthcare emails Healthcare providers need to safeguard patient information, and that includes when they rely on healthcare portals, platforms and applications to send emails to their patients. Proofpoint Secure Email Relay (SER) is a tool that can help them protect that data. SER is more than an email relay. It is a security-centric solution that can ensure sensitive data is only exchanged within a healthcare ecosystem. The solution is designed to consolidate and secure transactional emails that originate from various clinical and business apps. SER acts as a guardian. It helps to ensure that compromised third-party entities cannot exploit domains to send malicious emails-which is a go-to tactic for many attackers. Key features and benefits of Proofpoint SER Here are more details about what the SER solution includes. Closed system architecture Proofpoint SER features a closed-system approach. That means it permits only verified and trusted entities to use the email relay service. This stringent measure can lead to a drastic reduction in the risk associated with vulnerable or compromised email service providers. No more worrying about unauthorized users sending emails in your business\'s name. Enhanced security contro	Data Breach Tool Medical Cloud		★★

Last update at: 2024-05-14 15:08:19
See our sources.

To see everything: Our RSS (filtrered)