In light of the news that nearly half of the cybersecurity incidents reported to the ICO are phishing attacks, please see a comment from David Emm, principal security researcher at Kaspersky Lab, addressing how enterprises can defend from cyber attacks. David Emm, Principal Security Rresearcher at Kaspersky Lab UK: “The fact that phishing scams account for nearly half of the cyber incidents reported to the ICO clearly shows that it remains a tactic favoured by cybercriminals, and highlights that more needs to be done to tackle this within organisations. One particular strategy which cybercriminals are utilising in order to steal money and gain access…
ISBuzz Team
The Information Commissioner’s Office revealed it has been receiving 500 reports by telephone per week since GDPR came into force, a third of which are considered to be unnecessary or fail to meet the threshold for a data incident. ICO deputy commissioner James Dipple-Johnstone revealed that misconceptions are still commonplace among organisations more than three months after GDPR came into force, leading to a large number of needless calls to the regulator. Andy Norton, Director of Threat Intelligence at Lastline: “In the first 32 days of GDPR coming into existence, there were 4009 complaints lodged across the various European Data Protection Offices. Unfortunately many…
Following the news about the Yahoo data breach for $47 million, Ilia Kolochenko, CEO of web security company at High-Tech Bridge commented below. Ilia Kolochenko, CEO at High-Tech Bridge: “Class actions are known to provide their members with very modest compensation compared to individual lawsuits. The settlement (subject to approval by court) makes slightly above $10 per breached account – a scanty amount in the GDPR era. Should a similar data breach happen today with the same disclosure timeline and similar circumstances, the amount of settlement could be significantly higher. Therefore, I think this is a considerable legal victory for…
The state of workplace mobility The continued white-hot proliferation of personal devices has led to businesses adopting cultures where employees can contribute remotely, using whatever device is accessible. For many, this has led to Bring Your Own Device (BYOD) initiatives, where businesses formally embrace the use of personal devices and enable remote access to corporate data and applications. For others, a specific line of business drives the increased usage of personal devices, such as a sales team becoming increasingly mobile or a customer-facing team leveraging tablets to execute transactions. According IDC’s Worldwide Semiannual Mobility Spending Guide, worldwide spending on mobility…
Could this be one last positive from Brexit? The European Commission has scrapped 300,000 UK resident-owned .eu domain names. The EU is pushing through its anti-meme (and more importantly, data) Copyright Directive. Increasingly-frequent disruptions raise the serious question of the future of European business with such uncertainty. The UK government is making no changes to online copyright, domains and data. This strongly signals Britain cares about its data industry and is still a place of stability for them in an otherwise ever-changing landscape. As such, the UK is well-placed to receive a boost from data industry businesses moving somewhere they are valued. Big data expert…
It has been reported by Krebs that Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card. IT security experts commented below. Pravin Kothari, CEO at CipherCloud: “Recently acquired by Securus Technologies, a Carrollton, Texas-based company, GovPayNet is a major provider of credit and debit card…
Following the news that a security analysis of cyber-attacks against universities and colleges in the UK has discovered staff or students could often be responsible, rather than organised crime or hacking groups. A government-funded agency that provides cyber-security has examined the timing of 850 attacks in 2017-18. Jisc found a “clear pattern” of attacks being concentrated during term times and during the working day. When the holidays begin, “the number of attacks decreases dramatically”. Dave Aitel, Chief Technology Officer, Security at Cyxtera: “Generally, a single indicator, like timing of attacks, shouldn’t be the primary attribution method. For example, it’s possible that attacks…
The global IT audience has seen far too many data breaches occur. This year alone, breaches affected companies as diverse as Orbitz to Partners Healthcare while businesses crossed their fingers and hoped that they would be one of the lucky ones whose company was spared. Although some security professionals know all too well the steps their companies should take to become more secure, knowing is only half the battle. The other half is being able to convince upper management why they need to invest more money, time and resources into bolstering security operations before it’s too late. The good news…
With a recent security analysis of cyber-attacks against universities and colleges in the UK has discovered that staff or students could be responsible, Dr Guy Bunker, SVP of Products at data security company, Clearswift commented below. Guy reveals why the insider is a major threat to organisations and what universities and similar bodies can do to mitigate the risk, including promoting cybersecurity as a career choice. Dr Guy Bunker, SVP of Products at Clearswift: “It’s very easy in this day and age to immediately jump to the conclusion that external cybercriminals are responsible for cyber-attacks and breaches, despite research indicating that most attacks come from inside the organisation.…
Amazon is investigating allegations that some employees may have sold customer data to third-party companies that Amazon did business with particularly in China. IT security experts commented below. Niles Rowland, Director of Product Development at The Media Trust: “Most threats are internal and they can cause the most significant damage. These threats include those related to third parties with whom organizations have become increasingly dependent. And, when you transplant operations to geographies where legal infrastructures are weaker, these threats can escalate. The growing number of consumer data protection laws like GDPR that are sweeping across the world will require companies…