New research of European businesses, conducted by Kaspersky Lab, has revealed surprising variations in the levels of preparedness for the General Data Protection Regulation (GDPR). With less than nine months to go before the regulations become enforceable, there’s a surprising – and worrying – inconsistency of readiness levels across IT decision makers in Europe. With businesses that process personal data within the EU continuing to grapple with their GDPR obligations, Kaspersky Lab set out to shed further light on the levels of awareness and preparedness for the regulation across Europe. Despite its decision to leave the EU, the UK will still fully comply with the…
ISBuzz Team
It has been reported this morning that according to the PwC Global State of Information Survey, UK businesses have reduced cybersecurity budgets by a third, from £6.2m last year to £3.9m this year- although the financial cost of attacks had also dropped from £2..6m to £857,000. However, impact of attacks were felt more widely across the business in areas such as operations and data, while the ultimate cost can be hard to quantify. Andrew Clarke, EMEA Director at One Identity commented below. Andrew Clarke, EMEA Director at One Identity: “Historically an organisation’s cyber security strategy was focused on securing the enterprise…
It has been uncovered that a data breach has potentially affected millions of South Africans after being discovered by security researcher Troy Hunt. The huge trove of data, which includes property ownership, employment history, income and company directorships is thought to have contained more than 30m unique South African ID numbers. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Breaches can occur at any time. However, in this instance, it appears as if there were no detection controls in place at all that would have alerted to a breach. Not only was it not detected, but…
It has been reported that British intelligence agency Government Communications Headquarters (GCHQ) may have been collecting personal social media data of people as part of their mass surveillance efforts. According to an Engadget report, the GCHQ has been collecting such information over years, even decades, and has been sharing this information with foreign intelligence and other law enforcement agencies. The Investigatory Powers Commissioner’s Office (IPCO), the body that oversees the activities of the GCHQ, has also been reportedly left out of the loop with regards to this. Lee Munson, Security Researcher at Comparitech.com commented below. Lee Munson, Security Researcher at…
Alert Logic Survey Finds Only 5 Percent of EU Companies Believe They are Compliant with GDPR 27 Percent Not Confident They Will Meet Deadline LONDON, UK – Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, today announced the results of a survey conducted with over 200 European based companies. The survey results show that while most of the surveyed companies (77 percent) are familiar with the EU General Data Protection Regulation (GDPR), only 5 percent believe they are compliant with all applicable requirements less than a year before the regulation goes into effect. A further 27 percent were not…
News broke yesterday that every Wi-Fi connection is potentially vulnerable to an unprecedented security flaw that allows hackers to snoop on internet traffic. The vulnerability is the first to be found in the modern encryption techniques that have been used to secure Wi-Fi networks for the last 14 years. In theory, it allows an attacker within range of a Wi-Fi network to inject computer viruses into internet networks, and read communications like passwords, credit card numbers and photos sent over the internet. IT security experts commented below. Lisa Baergen, Director at NuData Security: “The security industry will chase vulnerabilities for the foreseeable future, and…
Stephen Burke, Founder and CEO at Cyber Risk Aware: “The effects of a spear phishing campaign can be far reaching such as ransomware, data breaches or financial fraud due to fake CEO emails, companies must ultimately have a ready to go and fully tested incident response plan. It goes without saying that technical defences are required such as email filtering /gateways and anti-virus. However with over 35% of malicious emails getting through current defences as criminals regularly test emails and malware against these defences, the main focus for companies must be to help their staff know to what to look…
It has been reported that there are secret hard-coded accounts in thermal security cameras manufactured by FLIR Systems, Inc., one of the largest vendor of such products. Depending on the FLIR camera version, the following username-password combos will grant an attacker access over the device. Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at the prpl Foundation: “The divulgence of such information is worrying particularly to all those who have acquired a FLIR security camera. A breach of these devices will not only lead to a considerable loss of privacy, but could potentially lead to…
News broke today that the official website of Sweden’s Transport Agency (STA) came under a series of DDoS attacks on two separate days, forcing it to go offline. Stephanie Weagle, VP at Corero Network Security commented below. Stephanie Weagle, VP at Corero Network Security: “Critical Infrastructure Operators, like Transportation cannot leave DDoS attack protection to chance. In the reported example of DDoS attacks against Sweden’s Transport Agencies prove just how damaging a DDoS attack can be if not properly protected. “Recent Freedom of Information data revealed that most UK critical infrastructure organisations (51%) are potentially vulnerable to these attacks, because they do not detect or mitigate…
Consumers are tired of usernames and passwords. With the explosion in online shopping and services, the number of different login details each individual must remember has become unsustainable. As a result, the convenience of the format has been greatly diminished. This has a damaging effect on commerce: 86% of users report abandoning a purchase when asked to register with a website. Usernames and passwords are also an increasingly insecure way of verifying digital identity. Hackers are now highly adept at cracking even sophisticated passwords and around 63% of online security breaches can be attributed to compromised passwords. Michael Chertoff, former head of Homeland Security…
