In this week’s cyber news review, we are going to delve deeper into the recent CDW research findings and the Epsilon case updates. 

CDW Corporation released their 2024 Cybersecurity Research report. According to it, the main challenges shared by companies across different sectors are budget constraints and poor employee training.

As 27% of respondents said, a lacking aspect of their organization's security strategy is monetary resources. More than three-fourths (76%) stated that demonstrating the cost of a data breach in terms of lost sales and productivity was a useful strategy for justifying investments in cybersecurity.

Another serious problem that companies across the country face is insufficient or ineffective employee training. It becomes even more acute in the situation when the number of security solutions used by companies increases. The research showed that 68% of organizations utilize 10 to 40 products or platforms.

Also, 88% of respondents stated they have enough visibility into their cybersecurity landscape and are either fairly confident (50%) or very confident (38%).
Despite the vast majority of security professionals believing that their security system is visible enough and that they are able to clearly see all the digital footprints within the organization, the number of insider incidents is not decreasing.

Take, for example, the latest news on the Epsilon case. On May 31, the U.S. Department of Justice announced that a former senior executive and a former sales manager of Epsilon Data Management LLC (a data brokerage and marketing company collecting, analyzing, and selling consumer information to companies for marketing purposes) were found guilty of selling the personal data of millions of Americans to fraudsters.

Over the course of 10 years, Robert Reger and David Lyte were key players in a scheme that involved selling to perpetrators of fraud schemes lists with the following consumer information:

• Full names
• Age
• Home and email addresses
• Consumer preferences
• Purchase histories

The data was used to send false mails to elderly and vulnerable individuals, deceiving them into paying the scammers through such tricky lures as promising prizes. A sentencing hearing is scheduled for September 30. Reger and Lytle face a maximum penalty of 20 years in prison for each count of mail and wire fraud.

If you are keen to avoid such catastrophic incidents and protect your business from internal risks but are faced with limited resources, then you might like the idea of implementing a robust managed security service, which will act as a protective shield to ensure that malicious or unintentional insiders do not get past and cause any harm. Start your free MSS trial by clicking here, and take advantage of a secure work environment.