What’s true in life is true in business: the best kind of mistake to learn from is someone else’s. And buried in the hundreds of lines of data maintained by the Department of Health & Human Services, you’ll find plenty of lessons. Stretching back to 2009, the department’s records tell the stories of lost or stolen laptops, leaked paper records, hackers breaking into servers, and employees accessing data that should have been beyond their reach. Each entry in its database tells all but one of the essentials of any whodunit: who, what, where and how … just not why. But…
ISBuzz Team
Bryan Lillie, Chief Technology Officer at QinetiQ explores the current threat of IoT-based cyber-attacks and suggests a novel method that could defend against them By 2020 it is estimated that the global internet of things (IoT) market will have grown to more than $1.7 trillion. According to a study by Gartner, by the end of this year alone the number of IoT devices on the planet will have reached more than 4 billion. It is not unreasonable to suggest that by the end of this decade, these devices will outnumber humans. Such exponential growth has facilitated two major developments. It has boosted technology markets around the world…
The domino effect Kevin Cunningham, president and founder, SailPoint “2016 has been the year of poor password hygiene, with people continuing to use the same password across a myriad of personal and professional applications. The result of this is that seemingly unrelated corporate accounts are put at risk. It’s a domino effect – hackers are going on to leverage identities from one organisation to the next, charting their way across the corporate landscape unchecked. This is a new phenomenon, but one we’re likely to see more of in 2017. It’s also an indication of how patient these guys are. They take…
Reports have emerged that a substation in Pivnichna in the Ukraine, was fully cut off from the main power grid for about 75 minutes late on Saturday 17 December lasting into the early hours of Sunday. As a result, houses and flats of the right bank district of Kyiv and neighbouring areas lost power. Ukrenergo, a Ukrainian energy provider, said “Among the possible causes of failure are considered hacking and equipment malfunction”. Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks commented below. Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks: “These reports are reminiscent of an attack experienced at…
A new study shows that 93% of the companies surveyed have adopted multi-factor authentication in some way which is up 40% over last year according to SecureAuth Corp. Rob Capps, VP of Business Development at NuData Security commented below. Rob Capps, VP of Business Development at NuData Security: “Single point authentication is no longer a viable solution, as hackers have shown not only a willingness, but also a capability to circumvent more sophisticated authentication systems relying on more than just a username and password. It is well beyond time for companies to deploy multi-layered and adaptive security solutions that take in to…
Following the news that a widespread “DNSChanger” attack on vulnerable home networking equipment has been redirecting traffic from afflicted networks, including that from Apple users, to fraudulent domains and opening up the routers to further attack. Cricket Liu, Chief DNS Architect at Infoblox commented below. Cricket Liu, Chief DNS Architect at Infoblox: “It’s important to note that, rather than being a vulnerability in the domain name system, or DNS, this is actually malware that exploits vulnerabilities or default login credentials in popular routers and reconfigures their DNS settings to use malicious name servers. “DNS is used to bootstrap basically every transaction over the Internet so,…
Independent research commissioned by Veracode highlights improvements made in secure development, as well as areas for future improvements in secure application delivery LONDON, United Kingdom. Veracode, a leader in securing the world’s software, today announced compelling insight from a survey of global developers and development managers on the current state of software security. The report underscores the importance of developer-led security in the age of DevOps, and showed that businesses are recognising the importance of securing applications. Despite showing moves toward earlier and more frequent security testing throughout the development process, the survey results also indicated there are still hurdles…
With Christmas right around the corner many people are hitting the shops looking for the latest gadgets. Imagine opening up the latest iPhone, smart watch or tablet on Christmas Day. Many people go into the New Year set with the latest devices but when these are brought into the workplace it can pose a huge challenge, causing the latest hangover for CIO’s in January. However, if organisations are prepared, these gifts can be used as an advantage to create a more collaborative and productive workforce. Making presents productive In January we expect many employees will return to work with new…
A flaw in an in-flight entertainment system used by major airlines including Emirates, Virgin and Qatar could let hackers access a planes’ controls. It security experts from NSFOCUS, Synopsys, NSFOCUS, IOActive and Tripwire commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS: “In the light of this research, physical separation between in-flight entertainment systems and aircraft control systems could never be more important. As airlines continue to add new customer-based entertainment and information technologies, airlines need to ensure that an impenetrable barrier is in place protecting aircraft control systems. This research demonstrates that hackers could cause all sorts of issues that could impact a…
Findings suggest increased regulatory scrutiny is contributing to program growth and maturity London, U.K. Companies may have reached a positive turning point when it comes to managing their vendor risks, according to the annual Vendor Risk Management Benchmark Study, released today by the Shared Assessments Program, a collaborative consortium, and Protiviti, a global consulting firm. The study found that organisations across all industries, and in particular financial services, are increasing their focus on managing vendor and third-party risks. The maturity levels associated with different vendor risk management program areas have improved noticeably, yet awareness levels and compliance measures aren’t where they need…