The masses geared up for the event of the decade! Solar eclipse sunglasses sold out in stores across the country, and the price for simple cardboard throwaways skyrocketed. Spectators emerged from their homes and work on Monday, August 21 in North America for a full eclipse and some parts of South America, Africa, and Europe will see a partial eclipse.

Debunked Mythology describes a solar eclipse as the sun being devoured by a giant bear or sun-eating demons.  Others say the sun and the moon will quarrel and believe that an eclipse is a sign that peace is needed.  Others say that they are dangerous for pregnant women, that food cooked during an eclipse is poisonous, or they’re invitations for spirits to walk among us.

What actually happens is that the local atmosphere cools, winds slow down and change direction, birds stop singing, crickets start chirping.  If you’re in an area that allows you to see 360 degrees of the horizon, you’ll notice that in every direction at the horizon’s edge it’s the color of dawn or dusk.  “Shadow Bands” appear on some surfaces of solid color, the cause of which is unknown.

What’s the reality vs. the mythology of your information security strategy? Where do you need to shed light on your security posture in 2017?

Take a look at these three eclipsed places in your information security posture:

1. Ransomware

Ransomware for 2016 and 2017 has become the biggest eclipse for organizations globally. The attacks on businesses are becoming more frequent than ever and are turning the scam itself into a reliable business for cybercriminals. An average of 4,000 ransomware attacks occurred per day in 2016.

Ransomware attack strategies are evolving and preparing for new, ever-evolving digital landscape of individuals and organizations. Ransomware is not only infecting computers, servers, and mobile devices but also smartphones, tablets, and IoT devices.

2. Phishing

As we move into the end of 2017, phishing attempts are nastier than ever. Phishing remains as the number one attack vector according to recent studies. According to DarkReading, 91% of cyberattacks start with a phishing email.

It’s not always easy to distinguish between a phishing message and legitimate contact. Cybercriminals use a variety of methods to set malicious traps for entry. As a recipient, you can always check the actual email address of the sender and be wary of links.

3. Vulnerabilities

With hundreds and even thousands of hardware and software assets in your network and physical infrastructure, you may have underlying vulnerabilities that need to be addressed. These vulnerabilities could leave your environment open to malware and other viruses if not regularly patched.

A vulnerability and compliance management tool or a vulnerability assessment will help you identify the holes within your network and physical environment. The VCM tool will give you a high-level dashboard with all vulnerabilities within your assets including unpatched software, insecure configurations, malicious plug-ins, outdated programs, insecure registry entries and many other vulnerabilities. This could be your greatest opportunity to shed light on the darkness within your IT assets.

What’s even more troubling is the estimated average global breach cost for companies is $3.62M in the next 24 months according to the Ponemon Institute. Globally, there’s a 28% chance – greater than 1 in 4 – that a company will suffer a data breach. Don’t let the information security eclipses mentioned above increase your likelihood of a data breach as we move into the next year.