If you are strongly considering implementing an ERP, the first thing you need to do is sign up for an ERP demo. You will not want to select any product without first getting a sense for how it works, what it can do, and how the provider will serve your interests. Just as important as signing up for the demo, however, is insisting on getting the kind of demo you really want and need. It is easy for a provider to show you the flashiest features and highlight the most exciting examples. But that does little to tell you if…
ISBuzz Team
At a time when cyber attacks are on the rise, nearly three quarters of global organisations (73 per cent) cannot identify these and protect their corporate assets and processes, a new report said on Friday. Lamar Bailey, Sr. Director, Security R&D at Tripwire commented below. Lamar Bailey, Sr. Director, Security R&D at Tripwire: “A new approach is not needed, this “new approach” is the problem. Organizations are spending their very limited security resources on new products and trends but are not focusing on the fundamentals. Research shows that the vast majority of incidents are due to know vulnerabilities and most of…
SALT LAKE CITY, UT. New research from Venafi® Labs shows that 21 percent of the world’s websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1. On February 23, 2017, Google affiliated security researchers announced they cracked the SHA-1 security standard using a collision attack. The incident proved that the deprecated cryptographic secure hash algorithm still used to sign many website digital certificates can be manipulated. Newly issued certificates using the SHA-2 family of hash functions solve these problems, but Venafi Labs’ research shows that many companies have not replaced all their certificates with ones signed by SHA-2. This leaves…
Half of information management professionals believe that having to move data between organisations places it at greater risk of loss or exposure London, UK. A future of sharing is fast becoming a reality for many of the UK’s local authorities; the vast majority (96%) are already sharing different services with neighbouring authorities. These services range from back office functions, ICT and customer services to social care, public health and housing benefits. Figures provided by councils to the Local Government Association suggest that shared services contributed to savings of half a billion pounds for UK taxpayers in 2016. However, research from…
There have been a handful of wiper malware attacks in the wild in the last decade with Shamoon’s destruction of more than 35,000 workstations at Saudi Aramco in 2012 and the Dark Seoul attacks on Sony Pictures Entertainment the most high profile. Chris Doman, Security Researcher at AlienVault commented below. Chris Doman, Security Researcher at AlienVault: “Kaspersky suggest in their report that the Stonedrill attackers may be linked to a group known as Newscaster – previously seen targeting the US military. There have been reports they are located within Iran, as are the Shamoon attackers. Whilst Shamoon and Stonedrill may share common targets and even…
75 percent recognise the important role identity governance plays within GDPR compliance plans LONDON, UK. SailPoint, the leader in identity management, surveyed customers and attendees at this week’s Gartner IAM Summit about their plans for meeting compliance requirements associated with the General Data Protection Regulation (GDPR) which goes into effect in 2018. Of approximately 100 survey respondents, 80 percent see GDPR as a priority even if they don’t have a specific plan in place (only 25 percent of respondents have an established plan) to comply with the regulation. Of those who are planning ahead for GDPR, most (75 percent) recognise…
Security researchers announced that they have discovered Chinese IoT devices containing a hidden backdoor. This enables access by the manufacturer and leaves the devices open to exploitation by others, which despite the researchers following the responsible disclosure process, has repeatedly been left exposed by the vendor. Zach Lanier, research director at Cylance commented below. Zach Lanier, Research Director at Cylance: “Unfortunately, this is not an isolated issue. Network devices from manufacturers all over the world have fallen prey to attackers time and time again – often by way of backdoor services and accounts. These backdoors are often present under the…
Columbia Sportswear suing its departing IT Senior Director after he created a dummy account on Columbia’s computer system and used it to access corporate data hundreds of times? Péter Gyöngyösi, Product Manager at Balabit commented below. Péter Gyöngyösi, Product Manager at Balabit: “Even though such stories don’t usually get as much publicity as large-scale data breaches, rogue insiders, departing or disgruntled executives and technology people have long been the nightmare of the security staff at any enterprise. This is reflected in the findings of research released by the Ponemon Institute last week who, after surveying security experts across the field, found that malicious…
A recent announcement from Consumer Reports, an influential US group that conducts extensive product reviews, suggests that they are gearing up to start considering cyber security and privacy safeguards when scoring products. IT security experts from LogMeIn and Allot Communications commented below. Ryan Lester, Director Of IoT Strategy at Xively by LogMeIn: “No matter the product, security needs to be a foremost concern for manufacturers. When talking about IoT products specifically, security becomes even that more important and complex. Having an assessment model in place will be a great incentive to make sure manufacturers are leaving no stone unturned when it comes to…
Researchers have spotted a piece of malware that has somehow gotten hold of genuine Apple code-signing signature. Tim Helming, Director, Product Management at DomainTools commented below. Tim Helming, Director, Product Management at DomainTools: “This latest Mac malware shows that OSX, like all other targeted operating systems, is vulnerable to several types of attacks. One particularly nasty malware used by a group called APT 28 exfiltrates iPhone backups stored on a compromised Mac. While many people think that only targeted attacks use Macintosh malware, that’s not true. Macintosh has been recently targeted in a multitude of different ways, including adware, spyware, and other…
