In light of the report from Which? Money which states that UK banks are experiencing daily IT glitches that are slowing down payments, Jake Moore, Cyber Security Specialist at ESET commented below. Jake Moore, Cyber Security Specialist at ESET: “IT glitches are common place but it comes down to how the banks deal with these issues, ranging from slowing down payment times to network blackouts and mass failures. Most importantly, these banks will have a crisis management process planned out for all known attacks which will guide them through stage by stage to get back up and running, leaving a minimal impact…
ISBuzz Team
Encryption is being leveraged by cybercriminals to evade security according to the July-December 2018 Crimeware Trends report put out by security researchers at Gigamon. https://twitter.com/gigamon/status/1055499828493512710 Usman Rahim, Digital Security & Operations Manager at The Media Trust: “Companies that are truly committed to putting customers first need to take a layered approach to protecting their website and mobile app users. Encryption is still important, but it should be combined with other security measures, like continuously scanning these digital assets to identify and root out any unauthorized code. Why? Because third party code for plugins, content recommendations, payment processing, chat boxes, etc., fall…
For too long, organisations have sought the holy grail of 100% Cyber Security. But security is never absolute; it is essential to understand that a breach is inevitable. It is the way in which organisations respond to a cyber security breach that is critical. Alan Calder, Chief Executive of GRC International plc, parent company of IT Governance explains the fundamental importance of creating a Cyber Resilient model. Cyber Security Myth Cyber security is defined as the state of protecting information from attack by identifying risks and establishing appropriate defences. But as investment in security solutions continues to spiral it is essential for…
Cybersecurity is at the heart of protecting our digital economy and society. But only 10 percent of the profession is female, which is a striking statistic to consider when we celebrate International Women’s Day on 8th March. https://twitter.com/cipherstorm/status/1000127427606020096 One of the women in cybersecurity is Sivan Nir, the Threat Intelligence Team Leader at Skybox Research Lab, part of Skybox Security. She talked about the diversity gap in the industry. Sivan Nir, the Threat Intelligence Team Leader at Skybox Research Lab: “Quite clearly, the number of women in cybersecurity is far too low. This is such a waste because it’s a field that’s longing…
Most people who decide to launch their own small business often run into the exact same IT related issues. This article provides a few practical tips to address the biggest concerns and avoid typical mistakes in this regard. From my own experience, there are several common characteristics inherent to small businesses. These include limited IT infrastructure budgets and a low threshold of the required IT services accessibility (a small business hardly ever sets five-start reliability requirements). Let’s move on to the specific things that will help young small enterprises get a maximum out of the modern information technologies with a…
A Dow Jones list of 2.4 million people considered at risk for bribery and corruption, as well as high-profile criminals and terrorists, sat out in the open on an unsecured online database, a researcher has found. Experts Comments below: Warren Poschman, Senior Solution Architect at comforte AG: “In a regrettable trend, Dow Jones & Co. is yet another example of a company that has failed its customers without taking proper security measures – and twice now. Surely, heads will roll in their IT organization but it’s their customers that are left at risk and bearing the pain of the identity theft and privacy failures. …
Following the news that Revolut may have enabled thousands of money-laundering transactions to pass over its platform following a mistake in its systems, please see comment below from Colin Bristow, fraud & anti-money laundering specialist at data leader SAS, on why companies have to invest in AI solutions if they want to stay ahead of the tide of digital fraud. Colin Bristow, Fraud & Anti-Money Laundering Specialist at SAS UK & Ireland: “Revolut may have enabled thousands of fraudulent payments simply because its systems could not accurately identify suspicious transactions and block them at the same time. Financial organisations are facing a mountain of transaction data in…
Hackers earned $19 million in bug bounties on HackerOne in 2018; Hacker community surpasses 300,000 with more than 600 hackers registering any given day HackerOne, the leading hacker-powered security platform, today announced findings from the 2019 Hacker Report, which reveals the hacker community has doubled year over year and has earned $19 million in bounties, nearly matching the total bounties paid to hackers in the previous six years combined. The annual report is a benchmark study of the bug bounty and vulnerability disclosure ecosystem, celebrating hackers’ motivations, education and training, favorite tools, attack surfaces, finances, collaboration, and more. The report highlights the hackers…
FireMon State of Hybrid Cloud Security Survey: Lack of Visibility, Speed of Cloud Business Initiatives Hamstring the Ability to Secure and Manage Hybrid Environments 60% of respondents say cloud business initiatives are accelerating faster than security teams’ ability to secure them FireMon today announced the results of its inaugural State of Hybrid Cloud Security Survey. The survey polled over 400 information security professionals, ranging from operations to c-level, about their practices maintaining network security across hybrid cloud environments. The survey aims to shed a light on the challenges security and network professionals face as they expand hybrid cloud initiatives. Cloud Business and Cloud Security Misalignment Cloud-based…
A proprietary watchlist of 2.4M risky individuals and corporate entities owned by Dow Jones has been exposed, after a third-party company with access left it on an AWS-hosted Elasticsearch database without a password. The indexed, tagged and searchable list includes current and former politicians, citizens with alleged criminal histories and possible terrorist links, and companies under sanctions or convicted of high-profile financial crimes. The exposed records include names, addresses, locations, dates of birth, genders, whether they are deceased or not, and in some cases, photographs. https://twitter.com/McCurdy_Rob/status/1100927980895961088 Experts Comments below: Chris DeRamus, CTO and Co-founder at DivvyCloud: “This security lapse from the…