Following the news this morning that more than 1,000 incidents were reported to the National Cyber Security Centre in its first year of operation, IT security experts commented below. Jamie Stone, Vice President, EMEA at Anomali: “While the NCSC and GCHQ are doing a great job so far, the reality is that the number of threats is likely to be much larger. In our recent survey with Ponemon Institute, we found just 35% of UK organisations share intelligence with government associations. More needs to be done to promote the sharing of intelligence, as it improves visibility for better data analysis and delivers stronger defences optimised…
ISBuzz Team
In response to today’s testimony by former Equifax Chairman and CEO Equifax Richard F. Smith to the Digital Commerce and Consumer Protection Subcommittee of the US House Commerce Committee, two cybersecurity experts commented below on the company’s cybersecurity posture. Pravin Kothari, Founder and CEO at CipherCloud: “The CERT Apache Struts notification is no doubt an all-hands-on-deck type of notification, with a criticality of 10 out of 10, which in this case means hacker can get full control of the system. “A good security process would have identified vulnerable systems within 24 hours and patch must have been applied. But the Equifax process was “weak and…
Yahoo has announced that every customer account that existed at the time of the 2013 data breach was compromised; the new figure marks a three-fold increase over the estimate it disclosed previously. The disclosure comes four months after Verizon acquired Yahoo’s core internet assets for $4.48 billion, which was already reduced thanks to the breach. IT security experts commented below. Stephen Moore, Chief Security Strategist at Exabeam: “Large-scale breaches like this have driven a greater focus on behavioural analytics over the last couple of years. This is because it can help combat attempts to exfiltrate data by notifying the security team when someone is…
WordPress got its start by being a practical and reliable platform for blogging, but since it’s relatively humble beginning, WordPress has become nearly omnipresent on the web. Today, WordPress powers 26% of the web, an unheard of figure for a singular platform, and naturally WordPress has evolved far past its beginnings in order to reach this many websites. With a plethora of WordPress themes and plugins, WordPress developers have the ability to customize and build different websites more than ever before, and WordPress is used for all kinds of purposes, whether it’s a blog, a business website, or creating a…
According to a new report by the European policing agency Europol, ransomware is the top threat facing computer users, with high-profile attacks such as ‘WannaCry’ that reached millions of devices. Following this news, Brian Robison, Senior Director of Security Technology at Cylance commented below. Brian Robison, Senior Director of Security Technology at Cylance: “Ransomware is exploding – because it works! People pay to get their data back. Cybercriminals know this and exploit it. Companies are not the only targets, although with deeper pockets, organisations pay millions of dollars to regain control of their systems. On the consumer side, we are seeing new types of…
People are cautious of physical theft, but the security of digital assets is often ignored. The simplest actions can have devastating consequences for your data security. Outdated software, weak credentials, and malware all create opportunities for data exfiltration. Studies show that many users believe they won’t be targeted by hackers and aren’t aware of the sheer number of risks posed by cloud and mobile data access. With cybercrime on the rise, it’s important that we all take a proactive approach to data security. Here is just a handful of common attack vectors that hackers have taken advantage of in recent…
Children are to receive jargon busting leaflets explaining how their personal data is shared with social media companies. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “We’ve seen that millennials can be unaware of the ways in which their personal data could be used by companies, and demystifying lengthy terms and conditions documents could go some way to solving that. However it is my view that people of all ages could benefit from this kind of education. In this era of connected devices and social media we often share important information without…
Modern organizations have employees on the move all the time, visiting customers and checking in from devices of all types. Yet why do organizations still treat critical data as if it is always in a secure data center network? Cisco reports that by 2018, 76% of all data center traffic will come from the cloud. In traditional data center security, the focus has been on keeping data physically isolated via the perimeter or “demilitarized zone” (the DMZ). Yet today’s security strategies focus too much on protecting the outside, with little to no security features inside the network. As companies adopt…
It has been reported that Cybercriminals are using a new phishing campaign that impersonates “secure messages” from private financial institutions such as Bank of America and TD Commercial banking to deliver malware to unsuspecting victims, security researchers have found. The spoof emails claim to be secure messages from a legitimate banking institution and instruct the user to either download an attached document, reply to the sender or follow a set of instructions. They also use legitimate-looking bank domains, the institution’s logo and even a confidentiality statement at the bottom of the email to trick the user into believing these are secure message from…
It has been reported this morning that Whole Foods has been hacked- the popular grocery chain recently acquired by technology giant Amazon, suffered a data breach that saw hackers gain access to credit card data of customers who made purchases at some of its in-store taprooms and restaurants. IT security experts commented below. Andrew Clarke, EMEA Director at One Identity: “We are reading about the modern-day version of the bank raid – the challenge that presents itself is that on this occasion is by the time the organisation knows it has happened the criminals are long gone. Depending on the nature of the…
