LADING

Cyber risk – speaking the language of the CFO

CFOs and FDs in particular have the best view of the entire threat landscape of their organisation, so must train their security leadership team to converse with them in the way they want to provide effective defence against cyber threats. [...] This may require involving the CISO in strategy or business development meetings for example, as well as board meetings, so they are aware of recent initiatives and can express their security concerns from a business viewpoint.

FULL STORY

The nasty future of ransomware: Four ways the nightmare is about to get even worse

This could mean the ransomware infection could being the least of your problems. Trojan malware or stolen credentials could give attackers outright access to the network, even after the 'ransomware' infection has been dealt with, so organisations could potentially give in and pay a ransom to criminals who then remain able to exploit vulnerabilities in the network.

FULL STORY

EU to Declare Cyber-Attacks “Act of War”

The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances." The framework on a joint EU diplomatic response to malicious cyber activities would seem to raise the stakes significantly on state-sponsored attacks, especially those focused on critical infrastructure.

FULL STORY

Cyber-Attack: What's at Stake

Spoofing, jamming, phishing, malware and ransom ware are not terms that were associated with the maritime and shipping sector until recently. But reality has changed and so has the game. Physical attacks are passé and it’s the day and age of cyber criminals who are targeting critical infrastructure sectors like maritime and shipping to cause maximum damage.

FULL STORY

Restoration costs of ransomware attacks triples since 2016

Ransomware has become the new plague to run rampant through the cyber world, rising to the fifth most common malware type and causing the costs of restoring computer systems from such attacks to triple since 2016.

FULL STORY

Legal hack back lets you go after attackers in your network

Security teams can perform actions such as delivering a payload, wiping data, and setting up a beacon to see what attackers are doing next. Hack back is a controversial topic among security professionals, because so much can go wrong and the massive collateral damage that can result. Going after attacker infrastructure isn’t as straightforward as grabbing IP addresses and domain names; attackers regularly commandeer machines belonging to other individuals and launch attacks without the owners’ knowledge.

FULL STORY

Top 5 cybersecurity facts, figures and statistics for 2017

1. Cyber crime damage costs to hit $6 trillion annually by 2021. 2. Cybersecurity spending to exceed $1 trillion from 2017 to 2021. 3. Cyber crime will more than triple the number of unfilled cybersecurity jobs, which is predicted to reach 3.5 million by 2021. 4. Human attack surface to reach 6 billion people by 2022. 5. Global ransomware damage costs are predicted to exceed $5 billion in 2017.

FULL STORY

Businesses need to think about a public cyber star rating

Enter the cyber star rating system -- dubbed the Cyber Kangaroo in Australia -- which would function like an energy star rating, but for the security of devices and organisations. In a perfect world, not only would a company's rating be impacted by its own security, but also those of its suppliers. In the Domino's case, it appears that the pizza chain's IT systems are free of guilt, but that working with an insecure supplier is the cause of the data leak.

FULL STORY

Heart-stopping cybersecurity threats — literally

As our physical and virtual worlds continue to meld, bad actors are not only attempting to steal sensitive information but also manipulate life-sustaining internet-connected medical devices, such as internal defibrillators, pacemakers and automated insulin pumps. The interoperability of these devices is critical in helping doctors monitor patients and detect problems with implanted devices. However, the ability for these technologies to adapt through internet connectivity — their greatest strength — is also their greatest vulnerability.

FULL STORY

The Need for Global Cyber Security Standards

Pinto addressed the fact that, currently, every country across the globe has a different standard for cyber security, even though we’re facing a significant universal problem. Unfortunately, when every country has different standards in place, we begin to place ourselves in a difficult position. Consequently, concerns are beginning to grow among financial market regulators and participants about the risks that cyber attacks might pose to the financial system.

FULL STORY

Researchers surveil mobile users using just $1,000 worth of targeted ads

Using less than $1,000 worth of targeted advertising, University of Washington researchers were able to surveil individual users, determining location and habits. Researchers found that advertising can be used by the individuals buying ads to track a target's location in relative real-time and to determine which apps a target uses and when, for apps with ads, according to the ADINT: Using Targeted Advertising for Personal Surveillance report. [...] A targeted individual need not click the ad to be targeted and by using a canonical demand-side provider (DSP), researchers were able to identify a target's, home, routes and place of work, and even which apps were on a user's phone.

FULL STORY

Who has the most advanced cyber warfare technology?

Cyber warfare by definition is the use of computer technology to disrupt activities of a state or organization.

FULL STORY

Few people know it's National Cybersecurity Awareness Month. That’s a problem

Napolitano said, “This new hiring authority will enable DHS to recruit the best cyber analysts, developers and engineers in the world to serve their country by leading the nation's defenses against cyber-threats." Wow, great stuff that really had me proud to be an American and a cybersecurity professional. Unfortunately, my pride soon waned, and I came to a stark realization — NCSAM plays well in D.C. (and yes, in state/local government and academia to some extent), but the rest of the country could care less.

FULL STORY

Local government agencies remain concerned about lack of cyber awareness

In addition to the top concern around cybersecurity, the poll also found that the cybersecurity framework from the National Institute of Standards and Technology and the security framework from the FBI's Criminal Justice Information Services are the top guidelines for IT security in local government.

FULL STORY

Cyber Security Market Size to Expand Significantly by the End of 2020

Increasing threats such computer intrusion (hacking), virus deployment and denial of services are increasing the demand for cyber security solutions and services. The governments of various countries such as U.S., Canada, Germany and China etc. are increasing their investment in cyber security due to expansion in computer interconnectivity and dramatic in computing power of government network.

FULL STORY

Will an Act of Congress Elevate Cybersecurity? Lawmakers in the Senate ponder cybersecurity standards for government-purchased IoT devices.

"Lawmakers in the US Senate have introduced a bill that would set baseline security standards for government-purchased connected devices, from computers and routers to security cameras and other IoT devices. The IoT Cybersecurity Improvement Act of 2017 comes in direct response to the constant stream of cyber-attacks amid a burgeoning market of connected devices."

FULL STORY

The 20-year climb to an elevated CyberCom

A no-notice military exercise in 1997, dubbed Eligible Receiver 97, dramatically demonstrated that government authorities had little ability to recognize -- much less defend against -- a coordinated network attack and that our nation’s critical infrastructure was vulnerable to cyber disruption. The exercise combined simulated denial of service attacks on the 911 systems in nine large U.S. cities and actual penetration and disruption of military networks to the very top of the national command system.

FULL STORY

Cybersecurity and data privacy major issues worldwide, new book finds

“Staying Ahead of the Curve: Cybersecurity and Data Privacy- Hot Topics for Global Businesses” responds to industry cybersecurity concerns, and specifically highlights that cybersecurity and data protection challenges are continuing to grow in importance for global businesses, are evolving and raising new complexities, and are becoming massive global problems.

FULL STORY

2017 – The Year of Cyber-security Disasters

It wouldn’t be wrong to call 2017 the year of cyber-security disasters. Hacks, breaches, and ransomware have been a common occurrence. These cyber-security disasters were brought upon us by rogue groups, some of them against the common public, others against state agencies. Some have even been linked with the state against big enterprises and even the common man!

FULL STORY

On ethics and technology - we all know we have to do better, right?

And then there are the ongoing debates – in government and in business – around data protection and privacy; nation state cyber security attacks; artificial intelligence and its potential impact on jobs; the lack of diversity in the tech workforce (and the sexism all-too often associated with it); the list goes on. There’s no doubt that awareness of the risks and downsides of technology is becoming more widespread.

FULL STORY