Data Protection Day comments from Imperva, Veritas, KCOM and Tanium. The comments include: Spencer Young, RVP EMEA at Impervaexplaining where companies are going wrong in getting data protection right, including data that is difficult to find, using the wrong technology and failing to govern data access Jasmit Sagoo, senior director, Northern Europe atVeritas describing the data power shift we have seen between businesses and consumers post-GDPR, where businesses are going wrong in the cloud, and the need for a culture of compliance David Francis, Information Security Consultant at KCOM, explaining the road to success on Data Protection Day, and the two…
ISBuzz Team
Following the news that a new strain of ransomware is targeting gamers and PC users, Eoin Keary, CEO at edgescan, explains why the attack is targeting gamers and what users can do to protect themselves: https://twitter.com/DMBisson/status/1087829409204240384 Eoin Keary, CEO at Edgescan: “Attackers target gamers and PC users mainly for two reasons. Firstly, gamers are usually young and therefore have a generally lower level of cyber security awareness. Secondly, games now contain “loot boxes”, which are purchased with real-world funds. This results in some gamers investing a greater amount of their money into a game over time. The funds and time invested…
Sue Bergamo CIO & CISO at Episerver has provided the following commentary on the security risks with the government shutdown: Sue Bergamo, CIO & CISO at Episerver: What should be done Separating the humanitarian issues from the security issues is paramount in resolving the conflict between the U.S. Congress and our President. Both the humanitarian and security issues are dealing with human life and these issues should take precedence over grandstanding for political gain. Human life is the ultimate sacrifice and is the most important aspect to this debate. What cybersecurity risks exist and how can the U.S. be safe during…
Following the news that the Ministry of Justice is still experiencing an IT outage, Mike Walton, Founder and CEO at Opsview has released comments focused on the incident. https://twitter.com/MoJGovUK/status/1087792662554574851 Mike Walton, Founder and CEO at Opsview: “The pressure’s on for enterprise leaders to make immediate and significant progress in digital initiatives before they fall behind competitors. In this context, underperforming legacy technology at The Ministry of Justice is a major roadblock on innovation, agility and performance. There are many organisations like the MoJ that are rushing to adopt business transformation initiatives, but hampered by a heterogeneous mix of decentralised systems and…
Cybersecurity firm, Malwarebytes, today announced its third annual State of Malware Report, which analyzes top malware threats from January through November 2018 and compares them with the same period in 2017. The report identifies a sharp increase in business-based malware detections, including more than 100 percent increase in Trojan, riskware tool, backdoor and spyware activity. Overall, the research shows that cybercriminals are finding businesses as the best target with the highest returns. https://twitter.com/Malwarebytes/status/1088391176456151040 Gavin Millard, VP of Intelligence at Tenable: “We are seeing an uptick in malware simply because attackers know it works. Cybercriminals are unlikely to change their tactics given what’s working at the moment is going…
Yesterday, the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to address ongoing incidents associated with global Domain Name System (DNS) infrastructure tampering. CISA is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the agencies that maintain them. The directive requires Federal agencies to take specific steps and comply with reporting procedures to mitigate risks from undiscovered tampering, prevent illegitimate DNS activity, and detect unauthorized certificates. https://twitter.com/JamesConley/status/1087962808099188736 Emily Hacker, Security Researcher at DomainTools: “DNS hijacking is a particularly dangerous attack technique due to the wide variety of malicious activity…
A trove of more than 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the U.S., has been found online after a server security lapse, as reported in Techcrunch. https://twitter.com/TechCrunch/status/1088230664875507713 Experts Comments Below: Ilia Kolochenko, CEO at High-Tech Bridge: “Unprotected cloud storage and passwordless databases exposed online are unfortunately very widespread these days. Large organizations struggle to maintain petabytes of their data under control and inventory. Numerous suppliers and partners may urgently need their data for various legitimate business purposes, but fail to maintain appropriate internal security controls. Third-party risk…
WhatsApp is putting a worldwide limit of five on the number of times a message may be forwarded in an effort to stomp out misinformation and the spreading of rumours. “Starting today, all users on the latest versions of WhatsApp can now forward to only five chats at once, which will help keep WhatsApp focused on private messaging with close contacts,” the company said in an update to a blog post, confirming a Reuters report. https://twitter.com/WhatsApp/status/451198381856014337 Corin Imai, Senior Security Advisor at DomainTools: “While this is of course a welcome response to fake news by WhatsApp, stopping the spread of fake news which is already…
Almost 30 million cyberattacks were carried out in the United Kingdom in the fourth quarter of last year. This is according to a new report by Kaspersky Lab, based on an analysis of threats between October and December 2018 in the country. The report claims that browser-based attacks were the primary method from spreading malicious programs in the country. There were more than 12 million detected threats. Out of all Kaspersky users that were attacked by malicious software, 16 per cent were web-borne threats. Commenting on the news are the following security professionals: Todd Peterson, IAM Evangelist at One Identity: “The reason browser-based attacks are…
It has been reported that the Girl Scouts of America is now offering girls as young as five a badge in cybersecurity. It’s part of a drive to get more girls involved in science, technology engineering and mathematics from a young age. An event in Silicon Valley gave scouts an opportunity to earn the first patch in the activity. https://twitter.com/eShoreLtd/status/1087395068183482368 Cristina Roa, VP International at Securonix: “The Girl Scouts initiative is an investment in the future of cybersecurity, and it will help to boost interest and participation in an industry in which women are not only traditionally underrepresented but an industry that is…