Who is Change Healthcare and What Happened?

Change Healthcare, owned by UnitedHealth Group (UHG), is the United States’ largest processor of medical claims and payment cycle management.  In short, they connect payers, providers, and patients with the U.S. healthcare system, handling one in every third patient record. This company processes 15 billion dollars in healthcare transactions annually making it a clear target for outside threats.

On February 21, Change Healthcare discovered an unauthorized party had gained access to multiple of their IT systems. According to their public filing with The Securities and Exchange Commission, the company immediately took action, isolating the impacted systems.

That said, major damage was already done. Hackers had accessed patient data including social security numbers and encrypted company files. The group demanded a hefty ransom to decrypt these sensitive files and threatened to release the data if payment was not received. Since then, Change Healthcare has been offline, causing payment disruptions for tens of thousands of hospitals, physician groups, and other organizations.

The Fallout

Initial reports focused on pharmacies’ inability to fill medications, but three weeks later, the public saw the severity of the issue. The attack has impacted payments to hospitals, physicians, pharmacists, and other healthcare providers across the country. These providers have been left concerned about their ability to care for patients due to the cash flow and coverage uncertainty. However, this has not stopped them. Hospital systems have found workarounds, seeming to take a step back to the stone age of paper documentation. While this has allowed for essential patient care, likely, a significant amount of money won’t be paid out due to form misplacement and the lack of formal authorizations.

“Assuming that between 5% and 10% of U.S. health care claims are affected by the attack, providers are losing between $500 million and $1 billion in daily revenue.” Compass Point analyst Max Reale estimated the impact, “Cash-constrained operators will begin to feel the full brunt of the slowdown in payments for services between late March and early April, assuming it takes about 30 to 45 days to process a claim and receive payment.”

Update: The Response

After the attack on March 1, Optum, the compromised program of Change Healthcare, stepped in to help. They established temporary funding assistance for short-term cash flow needs.

The notice read, “We understand the urgency of resuming payment operations and continuing the flow of payments through the healthcare ecosystem. While we are working to resume standard payment operations, we recognize that some providers who receive payments from payers that were processed by Change Healthcare may need more immediate access to funding.”

Three weeks post-attack, The U.S. Department of Health and Human Services stepped in. They stated, “In a situation such as this, the government and private sector must work together to help providers make payroll and deliver timely care to the American people.”

Further government action ensued, The White House is moving to remove challenges for healthcare providers and address cybersecurity issues. They plan to distribute emergency funds to providers and suppliers facing cash flow issues. In their statement, they called on UnitedHealth and private sector leaders to do the same.

In addition, The Center for Medicare and Medicaid Services(CMS) has taken steps to reduce disruptions by expediting payments for Medicare providers and suppliers.  Specifically, the attack has resulted in a streamlined process for providers to change clearinghouses to ensure payments and insurance plans while preparing the necessary parties for paper claims and submissions. 

These efforts are aimed at supporting all providers, but specifically smaller systems that face existential concerns such as making payroll and supporting their most vulnerable patients.

As for the six terabytes of stolen data, the hackers held it hostage for a staggering price of 22 million dollars. Due to the sensitive nature of the data, the White House urged UnitedHealth Group to quickly give in to the hackers’ demands. While only time will reveal the true cost of this breach, it is clear it will alter the way the United States Medical associations manage their cyber resilience.

Update: The Hackers

Many have reported their suspicions about the hackers’ identity. UnitedHealth suspects the attack was nation-state-associated. The media supports this claim, pointing a finger at ALPHV, also known as BlackCat. This well-known ransomware group has had many names over the years claiming responsibility for other major attacks globally including universities, government agencies and companies in the energy, technology, manufacturing, and transportation sectors. A recent notable attack was the Colonial Pipeline shutdown in 2022. Their hack and rebrand practice has made them the target of law enforcement agencies worldwide. 

Since payment was posted, BlackCat has shut down all of its servers and ransomware sites. In fact, on March 4, when payment was processed, the group uploaded a fake law enforcement seizure banner.

Security researcher Fabian Wosar commented, “BlackCat did not get seized. They are ‘exit scamming’ their affiliates.” And exit scamming they were.

Assumed BlackCat actors claimed their associates screwed them over, and as a response, they intend to sell the ransomware’s source code for 5 million dollars. 

Update: On the Lookout

There is no real way to know if any of the stolen data was leaked or if the ransomware’s source code will be used again. This makes it vital to increase all organizations’ cyber resilience and keep on the lookout for ALPHV/BlackCat’s rebranded comeback.

Since the hack, the company has been working diligently to safely return online. On March 7, the company restored 99% of Change Healthcare pharmacy network services and on March 15, Change Healthcare’s electronic payments platform began proceeding with payer implementations. The company has scheduled further network testing and software checks starting on March 18.

Protecting Your Organization

This hack reminds all of us how volatile our systems can be, and how important it is to remain proactive with security. Digital IT News received commentary from Netwrix’s VP of Security Research, Dirk Schrader regarding the best way to protect your organization from threat actors such as BlackCat.

“High dependency of our day-to-day living on proper functioning supply chains is our reality. High-profile attacks affect hundreds of thousands of individuals. Colonial Pipeline or MoveIT stories, attacks on IT service providers like Kaseya and Materna, to name a few, might vary in scale and vertical, but all of them prove the need for a coordinated approach to increase the cyber resiliency of vital services like healthcare, energy, water, transportation, etc. “The domino effect of an infiltration of the supply chain can be devastating. Cyber resilience is defined as the ability to deliver the intended outcome despite adverse cyber events, and critical infrastructure is not limited to internal security incidents.

He later outlined precautions, “Organizations that are part of a critical infrastructure should pay special attention to ensuring they might effectively operate under the ongoing attack and regularly assess the risks associated with their supply chain.” He recommended all third-party dependencies should implement, or reexamine a response plan to cover scenarios such as these. 

This hack has reminded the world how imperative strong cyber security truly is. Looking forward, we have sneaking suspicions this breach will permanently alter how healthcare needs will be processed and secured.

The post Status Update: Change Healthcare Cyber Attack appeared first on Digital IT News.

According to the findings, the top three reasons consumers shop online or on mobile apps are for convenience (79%), followed by shopping for the best deal (66%), and for the number of options available to them (54%). As brands head into a highly profitable time of year, starting with Black Friday and Cyber Monday, it’s imperative development teams prepare for peak traffic, optimal channel performance, and seamless user experiences to retain and attract shoppers.

Significant findings from the report include:

Consumers’ expectations for user experience are incredible high, and brands must understand what shoppers want to deliver better experiences and gain their wallet share. Over a quarter of consumers (78%) have thought about taking their business elsewhere if a shopping app crashes on them or is slow to load when navigating; and only six percent will stay loyal to a brand after a crash occurs. Further, 31% believe these channels should never crash, 15% expect crashes to be fixed within seconds, and 28% expect fixes within minutes to keep them shopping on the same app or site. The survey also found that 68% of consumers have even wanted to throw their phone against the wall when a shopping app crashes. With holiday season traffic reaching peak numbers, it’s critical to test load capacity and improve the backend to endure high visitor traffic.

“Our survey reinforced what we already knew—when shopping digitally, we’re finding people have less patience for bad experiences,” said Stephen Feloney, VP of Products, Application Quality at Perforce. “Brands must do a better job of adopting continuous testing strategies to capture performance and functional issues early, as well as to fix security, accessibility, and user experience bugs before they reach the consumer. This is something we’ve built entire testing strategies around for leading global companies to ensure they capture all the potential revenue they can during the holiday season and beyond.”

When asked about the top features consumers expect when shopping online or via a mobile app, respondents focused on several areas that impact the user experience:

1. 59%: Safe and secure checkouts.
2. 58%: Accurate stock and having cart items remain in stock.
3. 47%: Accurate coupon codes—a functional feature that could also impact a brand’s bottom line if it’s incorrectly higher than intended.
4. 47%: Page and image load time.
5. 45%: Consistency across devices, browsers and platforms.

“The last few years have accelerated brand digital transformation efforts and expectations—and now, the cost of failure is much higher when delivering web and mobile experiences,” said Eran Kinsbruner, Chief Evangelist at Perforce. “Brands no longer have excuses to be unprepared for high traffic seasons like holiday shopping. It’s up to DevOps teams to evolve their testing strategies and lay a stronger foundation for web and mobile success; carefully planning and appropriately allocating the people, processes, and technology (in that order) to collaborate and become more agile.”

For the full findings of the research and to learn more about how Perfecto and BlazeMeter can get you Black Friday ready, please visit our website.

Perforce surveyed 1,000 people 18+ in the U.S. with Dynata, a Data and Survey Insights Platform.

Image licensed by 8photo on Freepik.com

Related News:

Flutter Support from Perfecto by Perforce for Native Mobile Applications

5 Ways AI Is Powering ReCommerce

The post Consumers Shopping Online Feel Like Throwing their Phone per Perforce appeared first on Digital IT News.

The post O-RAN Adoption Bolstered by P.I. Works and VMware appeared first on Digital IT News.

The report found the majority of apps (63%) contained open source components with known security vulnerabilities and highlighted other pervasive security concerns including sensitive data exposed in the application code and the use of excessive mobile device permissions.

The research, which was conducted using Synopsys Black Duck Binary Analysis, focused on 18 popular mobile app categories, many of which have seen explosive growth during the pandemic, including business, education, and health & fitness. The apps ranked among the most downloaded or top grossing on the Google Play Store. While the security analysis results vary by app category, at least one-third of the apps in all 18 categories contained known security vulnerabilities.

“Like any other software, mobile apps are not immune to security weaknesses and vulnerabilities that can put consumers and businesses at risk,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “Today, mobile app security is especially important when you consider how the pandemic has forced many of us—including children, students, and large portions of the workforce—to adapt to increasingly mobile-dependent, remote lifestyles. Against the backdrop of these changes, this report underscores the critical need for the mobile app ecosystem to collectively raise the bar for developing and maintaining secure software.”

Open source vulnerabilities in mobile apps are pervasive. Out of the 3,335 apps analyzed, 63% contained open source components with at least one known security vulnerability. Vulnerable apps contained an average of 39 vulnerabilities. In total, CyRC identified more than 3,000 unique vulnerabilities, and they appeared more than 82,000 times.

Known vulnerabilities are a solvable problem. While the number of vulnerabilities uncovered in this research is daunting, it is perhaps more surprising that 94% of the vulnerabilities detected have publicly documented fixes, meaning there are security patches or newer, more secure versions of the open source component available. Furthermore, 73% of the vulnerabilities detected were first disclosed to the public more than two years ago, indicating that app developers simply aren’t considering the security of the components used to build their apps.

In-depth analysis of high-risk vulnerabilities. A more thorough analysis revealed that nearly half (43%) of the vulnerabilities are considered by CyRC to be high risk because they either have been actively exploited or are associated with documented proof-of-concept (PoC) exploits. Just under five percent of the vulnerabilities are associated with an exploit or PoC exploit and have no fix available. One percent of the vulnerabilities are classified as remote code execution (RCE) vulnerabilities—which is recognized by many as the most severe class of vulnerability. 0.64% are classified as RCE vulnerabilities and are associated with an active exploit or PoC exploit.

Information leakage. When developers unintentionally expose sensitive or personal data in the source code or configuration files of an application, it can potentially be used by malicious attackers to mount subsequent attacks. CyRC found tens of thousands of instances of information leakage, where potentially sensitive information was exposed, ranging from private keys and tokens to email and IP addresses.

Excessive use of mobile device permissions. Mobile apps often require access to certain features or data from your mobile device to function effectively. However, some apps recklessly or surreptitiously require far more access than necessary. The mobile apps analyzed by CyRC require an average of 18 device permissions. That includes an average of 4.5 sensitive permissions, or those that require the most access to personal data, and an average of 3 permissions that Google classifies as “not intended for third-party use.” One app with over 1 million downloads required 11 permissions that Google classifies as “Protection Level: Dangerous.” Another app with over 5 million downloads required a total of 56 permissions, 31 of which Google classifies as “Protection Level: Dangerous” or as signature permissions that are not to be used by third-party apps.

Comparing app categories. At least 80% of the apps in six of the 18 categories contained known vulnerabilities, including games, banking, budgeting, and payment apps. The lifestyle and health & fitness categories tied for the lowest percentage of vulnerable apps at 36%. The banking, payment, and budgeting categories also ranked in the top three for highest average number of mobile device permissions required, well above the overall average of 18. Games, tools for teachers, education, and lifestyle apps required the lowest average number of permissions.

To learn more, download the report, Peril in a Pandemic: The State of Mobile Application Security Testing.

Image licensed by: Unsplash.com

Related News:

Remote Workers In The Crosshairs: Mimecast Publishes New Report Detailing Threat Actor Attacks During “The Year Of Social Distancing”

BeyondTrust Finds 56 Percent of Critical Microsoft Vulnerabilities can be Mitigated by Removing Admin Rights

The post Synopsys Research Reveals Significant Security Concerns in Popular Mobile Apps Amid Pandemic appeared first on Digital IT News.

Top Design Firms surveyed small business owners and managers to learn about the cost of developing a mobile app. The data reveals that it is less expensive to develop for Android than iOS and to outsource app development than perform it in-house.

The exact cost of app development, however, varies significantly based on each small business’s specific needs and location.

Dawei Li, outsourcing strategist for Aloa.co, an outsourcing consultancy, says that in Android’s favor is reduced cost, while native iOS apps allow for inclusion on the App Store.

Overall, he expects that many small businesses will decide to develop for both iOS and Android operating systems.

“Recent advancement in software development has allowed developers to build both iOS and Android apps using one code base instead of two, saving development hours and cost,” Li said.

Android apps have traditionally been more expensive for businesses, but frameworks such as React Native and Flutter are increasingly allowing businesses to cost-efficiently develop for both iOS and Android.

Outsourcing App Development Less Expensive Than In-House Development

• About half of small businesses (49%) that outsourced to an app development company spent $30,000 or less to develop their app. Only 33% of small businesses that build a mobile app in-house matched that price.

John Ross, chief executive of Test Prep Insight, an online education company, says there are two reasons to outsource app development:

1. Expertise: App developers are highly specialized and outsourcing offers efficiencies you can’t get in-house
2. Cost: When you outsource an app development project, you can often get a fixed price proposal, capping your project costs and limiting your financial risk

• For Ross’s company and many other small businesses, outsourcing app development serves to avoid the cost of hiring new employees and managing their work.
• Still, some small businesses are willing to bear the cost of in-house app development in order to ensure quality.

“Having people who understand your business model and can easily work with the rest of your team is important,” said Daivat Dholakia, director of operations at Force by Mojio, a GPS fleet tracking service. “[An in-house team] can ensure your app will be of good quality.”

• Overall, app development costs depend on a company’s unique specifications and preferences.

Read the full report here: https://topdesignfirms.com/app-development/blog/how-much-does-it-cost-to-develop-an-app

Image licensed by: Upsplash.com

Related News: 

The New Abnormal: Nearly Half of American Employees Feel Burnt Out After a Year Working During a Pandemic

Hyundai Brings Complimentary, Fast Charging to Kona and Ioniq with Electrify America Network

The post Android vs. iOS App Development: Android is Cheaper for Small Businesses, But iOS Has Benefits appeared first on Digital IT News.

Rakuten Mobile’s network is fully virtualized, meaning hardware and software can be managed as a single entity. Such an approach enables network operators to minimize the cost of building, maintaining and operating large-scale infrastructure, helping increase the competitiveness of their service.

In a bid to reinvent how the network is built and operated, Rakuten Mobile enlisted the help of Accenture to design a new organization and business model to support the launch of its fully virtualized mobile network. In addition to providing overall project management, Accenture also developed new operations engineering capabilities to help Rakuten Mobile better monitor and manage the performance and architectural integrity of the network.

Since its full-scale commercial launch in Japan in April, Rakuten Mobile’s cloud-native mobile network has handled a 2.5 times higher level of data traffic consumed by its subscribers when compared with a typical operator, despite the impact of COVID-19. Rakuten Mobile’s network operating costs are now 30% lower than those of other mobile network operators, and the company can develop and launch software more quickly than most operators can.

“I want to thank the Accenture team for working with us on this courageous journey,” said Tareq Amin, Rakuten group executive vice president and Rakuten Mobile chief technology officer. “With Accenture’s support, we have been able to transform how we operate — harnessing new network engineering principles, automation and emerging technologies — to make the world’s first fully virtualized cloud-native network a reality.”

Accenture also helped design Rakuten Mobile’s Service Experience Center, a customer-centric variation of the traditional network operations center. The Service Experience Center team is managing operations and acquiring new capabilities as Rakuten Mobile’s network evolves.

In addition, Accenture supported the development and integration of Rakuten Mobile’s Network Operating System (RNOS), which enables near real-time monitoring and control of the network. Leveraging machine learning based on real-time data reports from across the platform, the RNOS enables proactive fault detection and prevention and enhances network performance and reliability. Through the development of the RNOS platform, Accenture is helping Rakuten Mobile increase the efficiency of its operations workforce, enabling the company to pass operational savings directly to customers across Japan.

Another capability Accenture powers for Rakuten Mobile is its Continuous Integration / Continuous Deployment platform, which provides automated build, test, security and deployment functionality for Rakuten Mobile’s engineering teams, enabling the teams to innovate rapidly and consistently. All capabilities are orchestrated to work together seamlessly.

Following the launch of Rakuten Mobile’s 4G network in Japan this year, Accenture helped the company design and build a proof-of-concept that has become the Rakuten Communications Platform. This cloud-native, 5G telecommunications-as-a-service offering — enabled by Rakuten Mobile’s world-class automation practices — draws on the company’s engineering pedigree and Accenture’s cloud architecture and implementation experience to usher in a new era of computing and telecommunications convergence.

“Rakuten’s heritage of disruption, software development and delivery excellence enabled it to bring a totally new, radical vision for its Rakuten Mobile network,” said Francesco Venturini, a senior managing director at Accenture who leads its global Communications & Media industry group. “Our approach to this bold project has been to share and amplify Rakuten’s sense of discovery by helping to explore the unknown, making investments in the development of 5G and edge cloud, and bringing together the people, capabilities and assets from across Accenture’s global network to help Rakuten Mobile forge the path forward.”

Today’s announcement comes as the edge cloud is emerging as an interchangeable cloud ecosystem encompassing storage and compute assets located at the edge and interconnected by a scalable, application-aware network that can sense and adapt to changing needs, securely and in real-time. Companies need to innovate even faster with emerging technologies to become leaders of their industries.

Related News:

Arista Develops Networking Services for AWS Customers

Sorted is Now Available Free on macOS

The post Accenture Helps Rakuten Mobile Launch Fully Virtualized Cloud-Native Mobile Network appeared first on Digital IT News.

Bixby, Samsung Electronics’ intelligent voice assistant, is available in nine languages and on more than 160 million devices globally. Earlier this year, Samsung Electronics developed a new end-to-end (E2E) automatic speech recognition (ASR) engine for Bixby. The new ASR engine, based on the Transformer neural network architecture, simplified the training process, but also required more training data. Rapid training for the machine learning model became critical to maintaining Bixby as more languages were introduced to the service. To address this, Samsung Electronics chose to adopt Cloud TPUs to meet and exceed performance requirements for Bixby.

Cloud TPU systems are built around custom-designed, machine learning application-specific integrated circuits (ASICs) designed to run cutting-edge machine learning models with AI services on Google Cloud. By adopting Cloud TPUs, which are optimized for deep learning, Samsung Electronics could rapidly process an influx of voice recognition data which has surged as the company has expanded Bixby’s language services. After deploying Bixby on Cloud TPUs, Samsung Electronics experienced an 18x improvement in model training speed. Google Cloud machine learning experts also closely supported and cooperated with Samsung Electronics to help them respond to the increase in data.

“We are pleased to offer Google Cloud services to assist in the advancement of Samsung Electronics’ artificial intelligence service, Bixby,” said Choi Ki-young, president of Google Cloud Korea. “Google Cloud will continue to provide industry-leading infrastructure, solutions, and expertise to help our customers accelerate their digital transformation.”

“At Samsung Electronics, we benefit from Google Cloud Premium Support—in local languages—and regional Technical Account Managers. Working hand in hand with both Support and the TAMs, we were able to evolve our technologies while reducing processing times to just half a day” said KG Kyoung-Gu Woo, VP of AI Development Group, Mobile Communications Business, Samsung Electronics. “We believe collaboration is key to offering consumers new mobile experiences they will love.”

Companies interested in a technical deep dive on how Samsung Electronics deployed Cloud TPUs can visit the Google Cloud blog to learn more.

Imaged Licensed by Pixabay.com

Related Image: 

Sorted is Now Available Free on macOS

IGEL Offers New Cutting-Edge Solutions with Lenovo

The post Google’s Cloud TPUs Increase Samsung Electronics’ Bixby’s AI Model Training Speed by 18x appeared first on Digital IT News.

“U.S. 5G bandwidth availability has expanded and accelerated considerably in recent months, offering competitive advantages technologically, financially and otherwise to early adopters,” said Wendy Frank, Deloitte Risk & Financial Advisory Cyber 5G leader and principal, Deloitte & Touche LLP.  “Of course, with all the technological advancement 5G enables, the cyber threat landscape and attack surface areas expand considerably.  Working proactively to mitigate cybersecurity risks posed by 5G adoption is the hallmark of a well-designed program.”

The biggest cybersecurity concerns for 5G adoption differed by group. For professionals at organizations currently using 5G, talent posed the biggest cyber challenge to 5G adoption (30.1%), as appropriately skilled security professionals will be needed for implementation, maintenance and operations. For respondents from organizations planning to adopt 5G in the year ahead, top cyber challenges were data (26.8%) – due to an increase in the volume and diversity of data created from 5G-enabled segments (e.g., IoT, ERP and sensitive data) as well as data mismanagement risks – and third parties (24.3%).

“For organizations leveraging 5G, cyber risk will mount quickly if challenges — like a lack sophisticated encryption, decentralized operations or security monitoring functioning to the detriment of performance speeds – are not resolved,” Frank said. “Securing the vastly expanded threat landscape resulting from 5G adoption will demand two equally important efforts:  getting the right talent in place or upskilled; and, leveraging artificial intelligence and machine learning to automate areas like security policy configuration, compliance monitoring and threat and vulnerability detection.”

Pandemic impacts 5G adoption speeds
COVID-19 disruption had mixed impacts on respondents’ organizational plans to adopt 5G.  For those at organizations currently using 5G, 32.2% increased adoption speed.  Inversely, adoption speed decreased as a result of pandemic-driven disruption for 21.8% of those at organizations planning to adopt 5G in the year ahead.

Frank concluded, “The faster movement of data, the creation of new types of data and the ability to develop countless new IoT devices through 5G networks will disrupt most industries.  But, just as with pandemic disruption, leading programs are working to keep security at the fore of 5G adoption.”

Image licensed by Upsplash.com

Related News:

AWS Announces Amazon DevOps Guru

IEEE Computer Society Grades Its 2020 Technology Predictions, Gets a B-

The post With 5G Adoption, Come New Cybersecurity Risks to Mitigate appeared first on Digital IT News.

The post Verizon and Newlab Unveil Results of 5G Studio appeared first on Digital IT News.

The data shows Millennial workers are 6.5 times more likely to always reuse work passwords than Baby Boomers, who demonstrate safer password practices.

Brad Bussie, vice president of Entisys360’s Advyz Cyber Risk Services, feels Millennials’ comfort with technology encourages poor password behavior.

“Millennials tend to trust that large services have their best interests in mind and that security is built-in,” Bussie said. “They are the first generation that had easy access to global information.”

Workers enjoy the convenience of duplicate passwords. Cybersecurity experts recommend companies integrate a two-factor authentication system or a password manager. Neither requires employees to recall complex strings of characters, and both better protect data.

Most Employees Comfortable Using Work Devices for Personal Activities

Currently, 63% of employees aren’t concerned about storing personal information on work devices.

More than one-fourth of Baby Boomers (27%) are very comfortable with keeping personal information on work devices, despite associated cyber risks. However, only 17% of Millennials felt this way.

Using work devices for personal activities can make work data more vulnerable. Some experts feel Baby Boomers may not understand the importance of separating work and personal data.

However, senior associate at data breach claims company Hayes Connor Christine Sabino, thinks Millennials are better suited to separate their web activity across multiple devices.

“[Millennials] have more technological devices, like a personal laptop, tablet, mobile phone, and games console,” Sabino said. “They are less likely to require the use of their work laptop for these [personal]activities.”

Employees Think Companies Hold Primary Responsibility for Cybersecurity

The majority of workers (91%) believe companies are at least slightly responsible for cybersecurity.

Experts agree companies are responsible for determining security protocols, but employees are in charge of execution.

Olga Gutenko is a business development manager for security at Vaimo and feels employees share much of the responsibility for cybersecurity.

“Even in this remote work period, employers need to develop a security-focused culture that has buy-in from all employees, [where]employees share the responsibility for security,” Gutenko said.

Visual Objects surveyed 500 full-time U.S. employees to learn about how employees affect cybersecurity at their companies.

Full report: https://visualobjects.com/app-development/cybersecurity-topics-cyber-defense

Related News:

Deloitte Survey: New Data Reveals AI is Enhancing R&D

Security Champions Programs Can Improve Relationship Between Security and DevOps Teams, Says Survey

Image licensed by Pixabay.com

The post 63% of Employees Reuse Work Passwords, Millennials are Biggest Offenders appeared first on Digital IT News.