100% of survey respondents say their cybersecurity function is not fit for purpose Utilities struggle to monitor their digital ecosystem more than all other sectors 85% of respondents say they don’t have a robust incident response program All utilities organizations surveyed in the latest EY Power and Utilities Global Information Security Survey 2017-18 (GISS): Why wait for a cyber catastrophe to prepare for a cyber attack?, say that their cybersecurity function does not meet their needs. The survey also finds that 58% of sector respondents anticipate difficulties in monitoring the perimeter of their digital ecosystem, compared with 36% across all sectors.…
ISBuzz Team
In light of the news that Britain’s energy, water and transport companies have been ordered to strengthen their cyber defences or risk fines amid growing fears that Russian hackers are planning an attack on critical infrastructure, Rodney Joffe, SVP and Fellow, Neustar and chairman of Neustar commented below. Rodney Joffe, SVP and Fellow at Neustar: “The Russians have been surveying and prepositioning themselves on power networks throughout the globe for some time now – but unlike before, their abilities coupled with their intent has given them the unique opportunity to build out their cyber capability to unmatched levels over the past few years. And this…
News broke earlier today that two top Dutch banks – ABN Amro and ING were hit by a series of DDoS attacks that took down their networks so customers were unable to use their mobile or online banking for hours. IT security experts commented below. Sean Newman, Director at Corero Network Security: “Reports of successful DDoS attacks against two major Dutch banking organisations come as a surprise. However, the surprise is not that these types of organisations are actually being subjected to such attacks but, after several years of similar high-profile attacks, that they still haven’t put adequate protection in place. Reports of…
With the threat landscape constantly evolving and cyber-criminals looking for new ways to breach organisations’ defences, maintaining the integrity of the business network and the data that resides there is a growing challenge. By and large, organisations are just about coping with the array of potential threats they are facing, but the growing number of threats can be overwhelming. In 2017, we witnessed some of the most high-profile and effective breaches ever seen, highlighting that significant breaches have equally significant consequences, ranging from reputational damage to legal investigation. Perhaps this is why more organisations than ever before have a clear understanding of the potential impacts…
Following the new UK Government announcement that critical national infrastructure firms that fail to protect themselves effectively from cyber-attacks will face fines of up to £17m, Adrian Davis, EMEA Managing Director for (ISC)², the largest membership body of information security professionals in the world commented below. Adrian Davis, EMEA Managing Director at (ISC)²: “With the NIS directive on the horizon, organisations deemed ‘essential services‘ will have begun implementing the necessary changes and practices outlined in the UK government’s guidance on the EU legislation. Responsible organisations that have followed this guidance should have more clarity and understanding of their security processes. For…
Following the news of the flaw in Lenovo fingerprint scanners, Jon Fielding, Managing Director, EMEA at Apricorn commented below. Jon Fielding, Managing Director, EMEA at Apricorn: “A security implementation is only as good as its weakest link. You can have the most robust front door with the strongest locks but, if you leave the key under the mat, they count for nothing. This is reminiscent of the high profile USB flaws found in various manufacturers in 2010, where they were passing the unlock key in the clear and using the same code for all devices. If a piece of data…
Following Microsoft’s announcement to accept Bitcoin for its Windows and Xbox online stores, High-Tech Bridge believes now is the time to simplify payment for security services among the skyrocketing number of blockchain startups. The majority of digital coins theft cases involve insecure mobile or web applications, and vulnerable applications are low-hanging fruit for cybercriminals. Applications are easy to hack and usually contain, or provide access to critical data and even access to the digital wallets. Many blockchain startups hesitate to spend their scanty reserves of fiat money on cybersecurity, preferring to pay in various digital currencies or tokens. To provide them with simple and convenient…
Over the weekend, news broke that Strava, a fitness-tracking app, is revealing potentially sensitive information about military bases and supply routes via its global heatmap website.The data map shows 1 billion activities and 3 trillion points of latitude and longitude from “Strava’s global network of athletes”, according to the American company. IT security experts commented below. Tom Bonner, Senior Manager of Threat Research EMEA at Cylance: “This incident serves to highlight a distinct lack of operational security employed by various government organisations around the world. Access to personal communication devices with geolocation services should be banned in sensitive/restricted locations, and broader assessments and awareness training undertaken…
The Robert Walters 2018 Salary Survey has found that salaries for cybersecurity specialists will see the highest salary increases among IT professionals, at 7%. Cybersecurity specialists have been highly sought after in 2017 in light of high profile data leaks and related cyberattacks, while developers have been in demand from companies to support digitalisation projects. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “This survey by Robert Walters is a welcome recognition of the importance of cybersecurity specialists to corporations and individuals in 2018. As data breaches, high profile ransomware attacks and other forms of cybercrime…
Check Point releases H2 2017 Global Threat Intelligence Trends Report, highlighting the rise in illegal cryptomining malware Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, today released its H2 2017 Global Threat Intelligence Trends report, revealing that cyber-criminals are increasingly turning to cryptominers to develop illegal revenue streams, while ransomware and ‘malvertising’ adware continue to impact organizations worldwide. During the period July to December 2017, one in five organizations were impacted by cryptomining malware, tools that enable cybercriminals to hijack the victim’s CPU or GPU power and existing resources to mine cryptocurrency, using as much as…
