Comments
Its Time to Change the Cybersecurity Conversation
Newest First  |  Oldest First  |  Threaded View
cdansbee
50%
50%
cdansbee,
User Rank: Apprentice
11/2/2017 | 11:43:28 AM
How do small businesses factor in?
I would be surprised if many small business owners factor into the statistics of spending where cyber security is concerned. Because these small business owners tend to be up to their eyeballs running their business, I doubt they take the time to respond to many surveys. They certainly don't have CISO, CIO, CTO, and all the other buzzword bingo titled employees in their offices.

I also doubt that small business owners are spending more money on cybersecurity and innovation when compared to larger companies. 

Given that small businesses make up a significant proportion of US-based businesses, I suspect they are breached on a regular basis and mined for useful data without business owners even knowing it is happening.

I agree completely that it is time to change the cybersecurity conversation and would challenge you to find ways to involve small business owners in the conversation.

 


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15473
PUBLISHED: 2018-08-17
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-15471
PUBLISHED: 2018-08-17
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or c...
CVE-2018-6622
PUBLISHED: 2018-08-17
An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can...
CVE-2018-14057
PUBLISHED: 2018-08-17
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
CVE-2018-14058
PUBLISHED: 2018-08-17
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.