In this digital age, photos have become one of the most shared and stored types of content online. Whether it’s a picture shared on social media, an image saved to a cloud service, or even photos attached to an email, our personal images are all over the internet. While the convenience of online photo storage can’t be overstated, it also raises significant privacy concerns that many users might overlook. Let’s take a closer look at how photos stored online can potentially compromise your privacy and what you can do to protect your data.

1. Data Breaches and Hacks

One of the most obvious risks associated with online photo storage is the possibility of a data breach or hack. Cloud services, social media platforms, and photo storage apps all store vast amounts of personal information, and while many of these platforms have advanced security measures in place, they are still vulnerable to attacks. In fact, many high-profile hacks have resulted in the exposure of millions of personal images.

For example, in 2019, it was reported that a vulnerability in a popular cloud storage service exposed millions of photos, many of which were private and contained sensitive personal information. If hackers gain access to these platforms, your photos could be stolen, leaked, or used maliciously.

2. Facial Recognition and Tracking

As facial recognition technology becomes more sophisticated, photos you upload online can be used to track your movements and behaviors. Companies like Facebook and Google already use facial recognition technology to identify people in photos automatically. While this might seem harmless, the technology can also be exploited for surveillance purposes.

In some countries, authorities use facial recognition to monitor citizens’ activities. If your photos are stored on platforms that utilize this technology, it could make it easier for your identity to be tracked and monitored without your knowledge or consent. This poses a significant privacy risk, especially when combined with location data that may be embedded in your photos.

3. Metadata and Geolocation Risks

When you take a photo with your smartphone, metadata (such as the time, date, and GPS coordinates) is often automatically attached to the image. This metadata can be incredibly useful for photographers and app developers, but it can also be a privacy nightmare if the photo is uploaded without being stripped of this data.

For example, if you share a vacation photo on social media or cloud storage without removing the GPS coordinates, anyone who views the image can pinpoint your exact location. This can potentially expose sensitive information about where you live, work, or spend time. In some cases, geotagging can be used to track your routine or even determine when you’re away from home, increasing the risk of burglary or other malicious activity.

4. Third-Party Access

Many online platforms and services provide third-party developers with access to the images stored on their platforms. For example, when you allow apps to sync with your cloud storage or social media accounts, those apps often gain access to your photos for purposes such as automatic tagging, photo editing, or content sharing.

While some third-party apps and services may offer legitimate features, they could also have questionable privacy practices. Data could be shared without your consent, sold to marketers, or even used for unintended purposes. It’s essential to review the privacy policies of any app or service that accesses your photos and to adjust settings to limit what third parties can see or use.

5. Inadvertent Sharing

We’ve all been in a situation where we accidentally share a photo we didn’t mean to. Whether it’s a social media post, an email attachment, or an unprotected cloud folder, photos can easily be shared with a wider audience than intended. If a photo you uploaded privately to a service is mistakenly made public, it could cause significant privacy issues.

Some social media platforms and cloud services have “default” privacy settings that allow users to share content with a broader audience than they realize. For instance, many platforms automatically set new accounts to “public,” making anything you upload visible to everyone unless you adjust the settings. This puts your personal photos at risk of being viewed, downloaded, or even copied by anyone.

6. Lack of Control Over Stored Photos

When you store photos on third-party platforms, you essentially give up some degree of control over those images. Even if you delete a photo from your account, it may not actually be erased from the platform’s servers immediately or ever. Many cloud services retain copies of deleted content for a period, sometimes for backup or legal reasons, making it difficult to completely erase a photo from their systems.

Additionally, companies may change their policies or business practices over time. If a service goes bankrupt, is acquired, or undergoes a policy shift, your photos could end up in places you never intended or lose protection they once had.

How to Protect Your Photos and Privacy

Given these concerns, it’s crucial to take steps to protect your photos and privacy when storing images online:

• Use Encrypted Cloud Services: Choose cloud storage platforms that offer end-to-end encryption, ensuring that only you can access your photos.

• Regularly Review Privacy Settings: Whether on social media, cloud storage, or apps, make sure you know and adjust the privacy settings. Limit who can see your photos and who can access them.

• Remove Metadata: Before uploading photos, strip the metadata, particularly location data, from the image to prevent accidental exposure of personal information.

•Enable Two-Factor Authentication (2FA): Use 2FA to add an extra layer of security to your online accounts, making it harder for hackers to access your data.

• Be Cautious with Third-Party Apps: Only grant trusted apps access to your photos and always check what permissions they require before granting access.

• Backup and Delete: If you don’t need a photo, delete it. And for photos that are important but not immediately necessary, consider storing them on a private offline backup device.

Conclusion

While storing photos online offers incredible convenience, it also comes with privacy risks that should not be ignored. From potential data breaches to unwanted facial recognition, the digital footprint your photos leave can expose much more about you than you might realize. By taking proactive steps to secure your photos and control who can access them, you can mitigate many of the privacy concerns associated with online storage. Always remember, with great convenience comes great responsibility when it comes to safeguarding your personal information.

The post Can Your Photos Stored Online Cause Privacy Concerns first appeared on Cybersecurity Insiders.

The post Can Your Photos Stored Online Cause Privacy Concerns appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/6Y0CdtZ
via IFTTT

Healthcare leaders are facing a mounting security crisis: More than two-thirds of healthcare organizations experienced ransomware attacks in 2024. Five of the top 10 ransomware attacks last year involved healthcare, and recovery costs averaged more than $2.5 million per incident. 

This resurgence of ransomware attacks on the industry is partly thanks to the spread of ransomware-as-a-service (RaaS), eliminating the need for advanced technical expertise to carry out attacks. Healthcare continues to be an attractive target due to its critical nature: when patient lives are at stake, health systems are more likely to pay the ransom to restore operations as quickly as possible.

Cybercriminals value patient data, such as medical histories, Social Security numbers, insurance details, and financial records. Often sold on the dark web, this data is more valuable than standard credit card information because of its usefulness in a wide range of fraudulent activities, such as identity theft, insurance fraud, and even blackmail.

While the increasing digitization of healthcare supports obvious benefits like efficiency and improved care, it unfortunately also creates more opportunities for cybercriminals. Many organizations still use legacy systems with significant security risks. Connected devices such as MRI machines, ventilators, and heart monitors often lack standard security controls or have critical software vulnerabilities that make them attractive entry points. Third-party vendors offering services related to billing, data storage, or other operations may also have cybersecurity gaps that ransomware attackers can exploit to gain access to healthcare systems.

Beyond the cost and the threat to data, ransomware attacks severely compromise healthcare systems’ ability to treat patients. Downtime and loss of access to critical information have profound and far-reaching effects on patient care and safety. The impact of a ransomware attack can include:

• Delayed or canceled treatments. When systems are unavailable, hospitals may struggle to access patient records, schedule procedures, or conduct diagnostic tests, leading to delays in urgent care. An attack on Lurie Children’s Hospital in Chicago affected a wide range of operations, from prescription refills to scheduling, causing significant backlogs.
• Diverted emergency services. Manchester Memorial Hospital in Connecticut was forced to send emergency care patients to other hospitals for more than two weeks after an attack rendered its systems inoperable.
• Ripple effects across the healthcare ecosystem. The impact of ransomware extends beyond the affected facility to nearby hospitals and providers, overwhelming resources and negatively affecting patient care. One study found stroke code activations doubled, cardiac arrests increased by 81%, and EMS arrivals increased by 35.2% at nearby hospitals after a ransomware attack.
• Financial impacts. An outage caused by ransomware at Change Healthcare, which provides revenue and payment cycle management services, prevented healthcare organizations from receiving insurance reimbursements. Unable to pay for operational expenses, many smaller practices faced potential closure — affecting not only the healthcare professionals and staff, but their patients and communities as well.

Given these devastating outcomes, you would think healthcare systems would waste no time bolstering their defenses. Yet the industry still lags behind others when it comes to implementing robust cybersecurity measures that can proactively fend off attacks or mitigate damage from ransomware. More than half of healthcare organizations report allocating less than 10% of their IT budget to cybersecurity.

Bolstering healthcare cybersecurity for evolving threats

 It’s time for healthcare leaders to start treating ransomware like what it is: a threat to patient safety and public health. Here are five strategic recommendations for proactively strengthening organizational resilience, securing data, and reducing disruptions caused by ransomware attacks.

1. Undertake regular risk assessments. Organizations should conduct comprehensive investigations at least annually to identify and address weaknesses in their technology infrastructure and procedures. These should include penetration testing and other real-world exercises to uncover opportunities that automated tools might miss. 
2. Strengthen defenses. Advanced cybersecurity tools and services can identify ransomware attacks via real-time monitoring and AI-based intelligence, which can quickly recognize unusual activities or behaviors. They can also automatically take action to contain or address threats, preventing significant damage before IT teams can step in.
3. Train staff. Some of the most common entry points in security incidents are employees, who are targeted via phishing attempts or ploys to gain access to their credentials. In a fast-paced, high-pressure environment like a hospital, workers are even more vulnerable to phishing. Regular cybersecurity training helps them recognize up-to-date social engineering tactics and reinforces security awareness as a part of their job.
4. Ensure backups are secure. Your system could be hit with ransomware at any time, so take steps to back up systems and data. 95% of healthcare organizations hit by ransomware in 2023 said that the attackers also attempted to compromise their backups, so follow the 3-2-1 rule: keep at least three copies of data on two types of media, with one copy stored offsite or in a secure cloud environment. Offline or air-gapped backups ensure there is always a clean copy for recovery. It’s also essential to regularly test backups and restoration processes to ensure data hasn’t been compromised, minimize downtime, and facilitate rapid recovery in a crisis.
5. Implement access controls. Limiting remote access to systems, unless multi-factor authentication (MFA) is in place, helps prevent incursions from unauthorized users. Role-based access controls (RBAC) ensure users can only access systems and functions that are necessary for their job functions, so even if ransomware attackers gain access with employee credentials, the damage they can do is limited. Overall, healthcare organizations should implement a zero trust approach that continuously verifies all requests.

The ever-increasing sophistication of ransomware groups, and their relentless focus on exploiting vulnerabilities in healthcare systems, adds to the urgency of this issue. In the interconnected environment of modern healthcare, a single cyber incident can cascade to affect not just one healthcare system but organizations in an entire region.

Cybersecurity has become as critical to patient outcomes as medical equipment. Investing in solutions that proactively defend healthcare networks from intrusion, minimize potential damage, and ensure clean backups for operational continuity can help ensure healthcare organizations stay online and functional even in the face of accelerating cyber threats.

__

Tamra Durfee, vCISO, Fortified Health Security, is an experienced CISO with over 25 years in information security, compliance, regulatory risk, strategy, innovation, and technology transformation. For the past 8 years, she has specialized in healthcare cybersecurity and building risk-based medical device information security programs. She is a presenter at HIMSS, CHIME, CHA, and a healthcare security contributor to Healthcare IT News. Tamra holds certifications as a Certified Healthcare CIO (CHCIO), Certified Digital Healthcare Executive (CDH-E), GIAC Security Leadership Certification, Certified Professional in Healthcare Information Management Systems (CPHIMS), and IBM Certified Solutions Architect. 

The post Ransomware Resurgence: 5 Lessons from Healthcare’s Cyber Frontlines first appeared on Cybersecurity Insiders.

The post Ransomware Resurgence: 5 Lessons from Healthcare’s Cyber Frontlines appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/ezsBrYC
via IFTTT

In our hyperconnected world, mobile devices are no longer a convenience but central to how businesses operate and communicate. As organizations increasingly embrace mobility and bring-your-own-device (BYOD) policies, a hidden risk is quietly growing within the apps we rely on every day: mobile data leaks.

While many assume that breaches occur from malicious hacking attempts, a far more overlooked threat is the unintentional exposure of sensitive data due to misconfigured cloud services or weak cryptographic practices. This is not a hypothetical concern. In 2024 alone, over 1.7 billion individuals were impacted by personal data compromises, marking a 312% increase from the previous year. The financial toll? An estimated $280 billion.

Zimperium’s zLabs research team analyzed over 54,000 work-related mobile apps used by enterprise device fleets. Their findings reveal a disturbing reality that cloud misconfigurations and cryptographic flaws are widespread and, more importantly, preventable.

What Is a Mobile Data Leak?

A data leak occurs when sensitive information becomes unintentionally accessible to unauthorized individuals, often due to poor design, misconfiguration, or oversight in app development. Data breaches usually stem from deliberate, external attacks, and one of the main vehicles for these types of threats is attackers exploiting vulnerabilities that produce data leaks. 

Mobile apps that store data in the cloud or perform cryptographic operations are particularly opportunistic for such leaks. With mobile devices acting as both personal and business tools, the line between consumer and corporate data is increasingly blurred. This makes the implications of a mobile data leak even more severe, especially when it comes to personally identifiable information (PII), financial data, intellectual property, and corporate credentials.

Cloud Misconfigurations: Convenience With a Cost

Cloud services are widely adopted in mobile app development for their scalability and ease of use, but this convenience comes with a cost. Of the apps analyzed, 62% leveraged some form of cloud integration. Alarmingly, dozens of these were found to use cloud storage services without proper protection.

For example, over 100 Android apps were discovered with unprotected or misconfigured cloud storage. In several cases, entire file directories were accessible without authentication, some even ranked among the top 1,000 most downloaded apps. This means a malicious actor wouldn’t need sophisticated tools or insider knowledge, just a web browser and patience, to access sensitive enterprise data.

Additionally, 10 apps had exposed hardcoded AWS credentials, effectively handing attackers the keys to access or even manipulate data. These types of exposures not only compromise confidentiality but could also enable attackers to delete or encrypt data for ransom, simulating the impact of a ransomware attack without deploying malware.

Even major corporations are not immune. A recent case involving one of the world’s largest automotive manufacturers saw over 260,000 customer records exposed due to a simple cloud misconfiguration. It is evident that mobile security must be embedded from the ground up, not implemented after the fact.

Cryptography: A False Sense of Security (if done wrong)

Encryption is often viewed as a silver bullet for data protection, but not all encryption is implemented equal. zLabs’ research revealed that 88% of all analyzed apps, and nearly half of the top 100, use cryptographic methods that fail to meet industry best practices.

Common pitfalls include:

• Hardcoded cryptographic keys
• Outdated algorithms like MD2
• Predictable random number generators
• Reuse of the same encryption keys across multiple operations

These flaws could render encryption useless because if attackers can guess, retrieve, or reverse-engineer cryptographic keys, the data becomes exposed regardless of how well it is stored or transmitted. In some cases, cryptographic weaknesses open the door to deeper attacks on enterprise infrastructure, such as man in the middle attacks.

The Organizational Cost

The repercussions of mobile data leaks extend far beyond technical headaches as enterprises can face legal liability, reputational damage, and significant financial loss. Regulatory frameworks like GDPR, HIPAA, and others demand stringent data protection measures, and failing to comply can lead to detrimental penalties.The average cost of a data breach has risen to nearly $5 million per incident, with cloud misconfigurations and compromised credentials ranking among the most frequent root causes. These issues are not just IT problems, they are inherent business risks.

What Can Organizations Do?

Mobile data security begins with visibility, so it’s critical that organizations first understand the behavior of the apps operating within their environments. While they may not control third-party code, they can certainly control which apps are allowed on employee devices and under what conditions.

A proactive strategy includes cloud security checks to identify misconfigured or public-facing cloud storage, monitor for exposed credentials and API keys, and assess the security of integrated cloud services. This helps reduce the risk of unauthorized data access or leaks through cloud platforms.

Implementing cryptographic best practices is also essential. Organizations should validate that apps use modern, strong encryption algorithms and ensure proper key management by avoiding hardcoded keys. Additionally, it’s important to watch for weak or predictable random number generation that could compromise security.

Finally, third-party component vetting plays a crucial role. This involves evaluating the security of embedded SDKs and libraries, as well as tracking and responding to known vulnerabilities in third-party code. By staying vigilant and selective with the software components used, organizations can strengthen their mobile security posture.

Ultimately, security teams must adopt a mindset of continuous monitoring and risk assessment. Mobile threat defense solutions and app vetting tools are essential for ensuring that employees’ devices don’t become backdoors into enterprise systems.

Mobile devices and apps are here to stay since they are powerful, portable, and indispensable to modern business. But with their ubiquity comes responsibility as data doesn’t leak on its own with poor security practices letting it slip through the cracks. As organizations embrace the flexibility of mobile work, they must also adopt rigorous standards for app security.

 

The post Your Apps Are Leaking: Understanding and Preventing Mobile Data Exposure first appeared on Cybersecurity Insiders.

The post Your Apps Are Leaking: Understanding and Preventing Mobile Data Exposure appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/QbxRUCD
via IFTTT

Leading cybersecurity provider CISO Global (NASDAQ: CISO) is entering a new phase of growth, pivoting toward high-margin, recurring-revenue software offerings that complement its managed and professional services. According to a recent Zacks report, the company has launched multiple proprietary software platforms, including its AI-driven Argo Security Management platform, and expects significant revenue growth driven by recurring software sales. After restructuring its go-to-market strategy and consolidating 20+ acquisitions, CISO Global projects improved margins and a more scalable revenue model in 2025.

Strategic Pivot: From Services to Software-Led Security

At the core of CISO Global’s recent announcements is a fundamental business model shift. For years, the company grew rapidly through more than 25 acquisitions, assembling a diversified portfolio of managed services, incident response, and consulting capabilities. But services alone are notoriously hard to scale. The move to develop proprietary platforms like Argo signals a deliberate step toward SaaS-driven margins and recurring revenue stability.

Argo, CISO’s flagship security management platform, appears to be central to this transition. It leverages AI to streamline threat detection and response workflows, likely integrating telemetry from customers’ existing security stacks. While details are limited, the platform’s focus on centralized visibility and orchestration suggests it may function similarly to extended detection and response (XDR) models—but tailored for mid-market clients without large SecOps teams.

Notably, CISO Global reported $57.4 million in revenue in 2023, with over 50% tied to managed and recurring offerings. This is important. The company isn’t just launching software; it’s converting existing service relationships into subscription-based platform engagements. That gives it a built-in upsell path, reducing customer acquisition costs and deepening account stickiness—both critical for margin expansion.

The report also signals a clear shift in leadership focus. CEO David Jemmett has stepped into a new role as Chief Strategy Officer, making room for new executives better suited to scale this next chapter. Strategic realignments like this often hint at a company preparing to be measured not just on top-line growth, but on operational metrics like gross margin, customer retention, and ARR growth rate.

Zooming Out: Industry Trends and Competitive Pressure

CISO Global’s evolution is part of a larger movement across the cybersecurity landscape: MSSPs and consulting-heavy vendors are increasingly building or acquiring software IP to escape the margin squeeze of labor-intensive services. We’ve seen this before—Palo Alto Networks transitioned from appliances to cloud-delivered security, and Mandiant (pre- and post-Google) has flirted with similar hybrid models mixing IR with platform technology.

The recurring revenue model CISO is targeting is more than just a financial goal—it’s a response to customer demand. In the wake of SaaS sprawl, security leaders are looking for fewer vendors who can offer toolchain consolidation, streamlined dashboards, and built-in threat intelligence. Platforms like Argo potentially offer mid-sized enterprises a way to get “just enough” of an XDR/SIEM/SOAR experience without hiring a squad of engineers to manage it.

The timing is also aligned with significant external pressures. The SEC’s cybersecurity disclosure rules, effective as of late 2023, are pushing boards and executives to demand more continuous, auditable visibility into their risk posture. That visibility can’t be delivered through consulting alone—it needs centralized, always-on platforms. Regulatory scrutiny has effectively created a commercial tailwind for vendors with dashboardable, metrics-driven solutions.

Also worth noting: CISO Global’s increased investment in recurring software comes at a time when investor expectations are shifting. The report highlights that gross margins on software sales can reach 70–80%, compared to services margins that often cap out around 30–40%. As cybersecurity valuations compress across public markets, investors are rewarding companies that prioritize durable, high-margin revenue streams over raw top-line growth.

A Strategic Move with Tactical Consequences

For cybersecurity leaders watching this space, the lesson isn’t just about following CISO Global’s trajectory—it’s about understanding the broader shift in what buyers are asking for and what vendors are trying to become. As more providers launch hybrid models—bundling consulting with proprietary platforms—CISOs need to sharpen their scrutiny. Are you buying expert hands, or just renting access to another dashboard?

Security buyers should also ask tough questions about integration, data portability, and lock-in. A platform like Argo may offer real value in visibility and orchestration, but only if it plays well with your existing stack and doesn’t become another silo. And for vendors, the takeaway is clear: if you’re services-heavy today, the pressure is on to deliver software that not only generates revenue, but demonstrably reduces customer risk.

The post CISO Global Shifts to SaaS Cybersecurity Platform first appeared on Cybersecurity Insiders.

The post CISO Global Shifts to SaaS Cybersecurity Platform appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/2g35Urk
via IFTTT