As reported in the WSJ today: “Fair Isaac Corp., known for its US-standard FICO consumer-credit scores, waded deeper into online security Tuesday with the acquisition of cybersecurity startup QuadMetrics. The terms of the deal were not disclosed. The company said it plans to leverage QuadMetrics’s predictive analytics and security-risk assessment tools to develop an industry-wide “enterprise security score” for businesses. The security score is meant to provide an “easy-to-understand” metric to help chief information officers and other corporate IT decision-makers gauge their company’s online risks, while managing risks from third-party software vendors. It can also act as a guide for cyber-breach insurance underwriting, the company said.” Security experts from VASCO Data Security and Lastline responded below. John…
Author: ISBuzz Team
Tenable gives CISOs the right tools to continuously measure security program effectiveness, identify gaps and take decisive action against cyber threats in mobile, cloud or on-premises environments Tenable Network Security, Inc. a global leader transforming security technology for the business needs of tomorrow, announced today a new solution that helps organizations measure security program effectiveness to gain board-level buy-in and optimize defenses to improve overall security. “By 2020, 100 percent of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is up from today’s 40 percent,” noted Gartner in the…
The compliance landscape has changed significantly in the last few years. Not only are IT security threats continually evolving, but so are regulations related to compliance and security protections. With the whole technology sector moving at such a fast pace, new challenges are inevitably going to emerge. We live in an age where IT security isn’t just about protecting files, but ensuring infrastructure is secure as well. Recently, Christopher Frei, Director General at the World Energy Council, described cybersecurity as one of the major issues “keeping energy leaders awake at night.” The case for maintaining compliance now goes further than…
The losses being reported for recent bank cyberattacks are frighteningly large– banking cybercrime in 2016 most definitely pays. Things used to be so simple in the Good Old Days… Ever since the earliest forms of banking were established there has always been a need to protect the currency of the day. The first treasuries were established within temples to ensure that the loot was not only protected physically, but morally too by the overseeing deity. Bank strong rooms evolved to incorporate increasing levels of physical security. Safes became vaults, with more steel and concrete being used. Similarly, lock technology increased…
Large Italian utility provider uses 1200R security appliance to enhance visibility and control of SCADA networks Check Point® Software Technologies Ltd. (Nasdaq: CHKP) announced Acea Distribuzione, part of Acea Group, one of the largest Italian public utility companies for power and water supply, has deployed Check Point’s 1200R security gateway appliances to secure its critical infrastructure, SCADA network and control systems. Following the findings of the Panoptesec project, Acea selected the Check Point solution following a competitive tender for a customizable, rugged solution that would work in harsh operating environments, including primary and secondary energy switching and distribution sites, while meeting specific…
Following the news that a hacker put 51 million file sharing accounts for sale on dark web, Beardsley, Security Research Manager at Rapid7 commented below. Tod Beardsley, Security Research Manager at Rapid7: “The iMesh breach from 2013 contains the usual bad passwords made familiar from many similar breaches over the years, such as “123456,” “password,” and “qwerty,” as well as site-specific passwords of “bearshare” and “music.” These common passwords imply that many of the user accounts associated with the service were throwaway accounts, where the users did not consider their accounts to be all that valuable. Most people have about three to five…
In an effort to stay connected while on-the-go, employees are using cloud services as part of their productivity suite – unfortunately, these services can be implemented without enterprise permission. Although these cloud-based collaborative tools are enabling workers to gain access to files when outside of the office, there is a layer of risk being added to the enterprise. As such, IT decision-makers must understand the potential security pitfalls of these technologies, while also learning about solutions. Tech companies such as DropBox and Box, also known as enterprise file sync share (EFSS) vendors, have created services that allow mobile workers to…
File sync and share (FSS) services are designed to foster collaboration and communication among employees and increase productivity. File sync and share tools also allow employees to access documents from anywhere on any device. This is increasingly important in today’s mobile world, as many people work from home or on the road regularly. According to a recent Gallup poll, 37% of respondents said they have telecommuted. And, in a recent Tinypulse survey of remote workers, 91% of respondents said they are more productive outside of the office. File sync and share tools provide an organizational structure for workgroups, allowing multiple…
Following the news that Twitter locks some accounts after 32 million passwords leaked, security experts from InfoArmor and Lastline commented below. Andrew Komarov, Chief Intelligence Officer at InfoArmor: All this data is from third party sources and botnets, and in 80% – it is fake, or generated, and that’s why we suggest that people be calm when faced with such big figures with reference to potential breaches and password leaks such as today’s Twitter news. It has no relations to any real security incidents, and cybercriminals use it as form of speculation to earn money.” Craig Kensek, Security Expert at Lastline: It’s interesting to note that…
As demand exceeds supply, ESET finds online scammers are trying to take advantage of fans desperately scouring the web for the last few tickets. Using newly created fake websites, they are offering overpriced tickets that they may not even possess. The competition to find the best national football team in Europe starts in just a few hours, and fans across the continent are eager to see their favourite players perform live. But for the unwary, the process of buying late tickets for UEFA Euro 2016 matches can be tricky, and risks ending in disappointment, lost money or even compromised data.…