Industrial IoT presents huge opportunities for makers of industrial equipment and providers of related systems. By connecting machines to the cloud revolutionary new approaches to customer service and process automation can be realised; predictive maintenance being one of the fastest growing business lines. Critical to the success of disciplines such as predictive maintenance or process automation is the ability to connect these machines to the cloud. The majority of machines are not designed with native internet connectivity built in, certainly not wireless connectivity. They are typically designed to be securely connected to control systems (such as SCADA) which monitor and…
ISBuzz Team
Following Barracuda’s latest research that found Email remains the No.1 threat vector for businesses, with a full 76% of ransomware attacks starting with a malicious message, Paul Edon, Director at Tripwire commented below and believes the issue will only get worse due to its effectiveness. Paul Edon, Director at Tripwire: “This isn’t a surprise email based attacks continue to grow because it works. Sending out mass emails is a cost effective way for criminals to distribute malicious software and find more victims. As long as it remains effective, it will continue to be used. The reason why ransomware is the prime choice for attackers is because it…
News broke today that University College London (UCL) has suffered a major ransomware attack. The university took the decision to disable access to the UCL N and S drives and some other systems to reduce the likelihood of further infection. IT security experts commented below. Gavin Millard, EMEA Technical Director at Tenable Network Security: “While I have sympathy for the predicament UCL finds itself in, ransomware attacks shouldn’t happen as they are completely preventable. In the majority of cases, the malware targets a handful of well-known vulnerabilities so keeping systems patched and up to date goes a long way towards preventing a ransomware attack taking…
According to industry analyst organization Techaisle and cloud services provider dinCloud, the need to secure many different profiles that are the source of security challenges and breaches (e.g. mobile devices, network gear, data center applications, data and equipment) will force SMBs to spend on IT security solutions in four categories: Protection of data entering the corporate environment 2. Protection of the mobile environment 3. Traffic inspection 4. Protection of information in use With this, Techaisle believes that Managed Service Providers (MSPs) will become the preferred source of cloud and mobility security deployment, with 59% of SMBs already partnering with one, according…
Emails are the top target for cyber criminals to infiltrate businesses through phishing and spear phishing attacks according to the latest report from Barracuda Networks. The report highlights that 76% of Ransomware attacks start with a phishing email. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “The ransomware threat is growing and soon everyone will know somebody who has been directly impacted by it. Even with proper backups in place, the time required to bring systems back on-line can be substantial. Beyond routinely training employees, complete prevention of this threat is impossible. Therefore, it is very…
What is an Insider Threat? According to US-Cert.gov, an Insider Threat is a current or former employee, contractor, or other business partner who has or had authorized access to an organization’s network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization’s information or information systems. Why should the average company be concerned about Insider Threats? Many companies worry about insiders stealing physical property, but theft and misuse of intellectual property, systems and data may have an even greater negative impact on their business. Abusing access rights and insider cyber theft…
News broke yesterday that WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass that could let an attacker change the password of the admin user, gain access to the device, or the network behind it. Ben Herzberg, Security Research Group Manager at Imperva Incapsula: “The lack of basic security in a wide-spread number of devices connected to the internet has caused a lot of security issues over time. From large-scale Denial of Service attacks done from a horde of infected devices, launched against a wide array of targets (For example see: New Mirai Variant Launches 54-hour DDos Attack…
A ‘keep everything’ culture puts most businesses at risk of non-compliance with upcoming legislation As the impending GDPR deadline looms, business managers must do more to help their employees treat information responsibly, says Iron Mountain® The deadline for complying with the new General Data Protection Regulation (GDPR) is just a year away, yet the majority of businesses are struggling to implement good information governance because they fail to engage employees to help establish and enforce an organisation-wide policy for dealing with information. According to the latest study from Cohasset Associates and ARMA International, a ‘keep everything’ culture persists at 81%…
The crippling financial implications of online banking security incidents have been brought to light by the latest Kaspersky Lab report into cybersecurity threats in the financial sector. The report shows that an accident involving a bank’s online banking services costs the organisation $1,754,000 (£1,371,000) on average – that’s double the price of recovering from a malware incident, which costs as much as $825,000 (£645,000) on average to resolve. The study shows that 61 per cent of cybersecurity incidents affecting online banking come with additional costs for the institution targeted – including data loss, the loss of brand/company reputation, confidential information becoming leaked,…
With the adoption of cloud services, employee mobility and increased inter-organization collaboration, the threat surface for network attacks against application infrastructure increases. In parallel, traditional perimeter defense techniques founded on a basis of trust are unable to cope with the security demands of the new disparate enterprise. This combination leaves the infrastructure unacceptably vulnerable. A new network security model is needed that eliminates the idea of a trusted network inside, or outside, the corporate perimeter. The Changing Perimeter Historically, enterprises employed perimeter security solutions to protect themselves from external threats to their application infrastructure platforms. However, as enterprises have become…
