According to a survey by information systems and communications security Thales and Ponemon Institute, more than half of all respondents said their organization transfers sensitive or confidential data to the cloud. Despite the transfer of sensitive information, 35 percent of respondents said their use of the cloud actually decreased their security posture. More than 60 percent felt the cloud provider held the primary responsibility for protecting their data, yet more than half admitted they have no idea what their cloud provider does to protect the data. As more consumers and companies fully adopt the cloud, security threats will become more…
Author: ISBuzz Team
Why All Enterprises Should Adopt the NIST Cybersecurity Framework More of our customers have become concerned about cybersecurity after 2014 — the year of massive data breaches. The Sony breach cost more than $100 Million total, while the 2014 Target breach cost about $110 million and JP Morgan Chase cost $53 million. To help businesses looking forward to the future of regulation and compliance, I’ve been spending hours going through the National Institute of Standards and Technology (NIST) Cybersecurity Framework. Unlike the other standards out there, the NIST Framework combines the best parts of existing assessments, regulations, and standards into one actionable…
Google’s new OnHub router is said to be offering secure, easy-to-set up Wi-Fi access point. Google proposes to ensure that OnHub is secured by automating updates so that clueless users and over-worked network administrators don’t have to update their routers. Security experts from ESET and Imperva discuss whether these features make the router any safer than other products out there and what users can do to stay safe. [su_note note_color=”#ffffcc” text_color=”#00000″]Mark James, Security Specialist at IT Security Firm ESET : “I think any process that ensures the firmware is kept up to date on systems that the average person will never ever…
ENITSE Enterprise IT Security Conference & Exhibition will be held on 04-05 November 2015 in Istanbul – Turkey. ENITSE is one of the most important events in EMEA in its category. ENITSE Conference presents a perfect platform at where speakers share their experience, knowledge, visions and future forecasts with the visitors. The conference speeches will be either in Turkish or English and simultaneously will be translated to Turkish or English. At the conference exhibition area, there will be exhibiting spaces of the sponsor companies. The Conference Program (Agenda) of ENITSE 2015 is published on the conference website. An intensive participation…
Following the Ashley Madison data breach story, new reports have shown that some users including members of the Ministry of Defence have used their work email address to sign-up to the website. CensorNet and Tripwire commented on the it also seems reminiscent of the Sony breach which also appeared to have personal attack overtones. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of IT Security and Risk Strategy at Tripwire : “The release of this information in such a public way precludes any blackmail motivation. You can’t blackmail someone if the data is already public. The tough questions are likely to come after the data…
Security watchers have warned about a new class of DDoS amplification attack threat which only exists because too many users are failing to follow basic safeguards. Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the most high-profile of which battered Spamhaus and buffeted internet exchanges back in March 2013. Over recent weeks, another service – Portmap – has become a vector of DDos attacks, US-based carrier Level 3 warned. Ofer Gayer Security Researcher at Imperva , gives insights into these attacks. [su_note note_color=”#ffffcc” text_color=”#00000″]Ofer…
Recently we can see every day in the news headlines “Cyber-Security Breaches” or “Cyber Attacks”. Attackers can come from anywhere, at any time, whatever your company size or type is targeted. According to the global study by PwC, volume of cyberattack grew up to 48 % in 2014. Everything about the way we work, play, shop, and communicate nowadays is online and we see digitalization in different sectors. In our cyberspace world, save time, money and other resources is a must these days. That is why it is crucial to be forewarned and protected against such threats before they occurred,…
Intel Security encourages those travelling abroad to think ‘Slip-Slap-Slop-Secure’ to stay safe this summer Nearly half (47%) do not know how to protect their devices when connecting to an open Wi-Fi network when abroad Over a third (38%) of respondents would connect to an open Wi-Fi network when on holiday 13% of Brits would share photos, surf the internet and log into their bank using an open Wi-Fi network abroad; over a fifth (22%) of these respondents were aged between 18-24 years old as young people race to share their holiday experiences with friends back home More than one in…
Following the infamous Ashley Madison hack, in which hackers have released the personal data of thousands of people who used the adultery website. Security experts from Rapid7, Tripwire and Lieberman Software explains that “Hacktivist groups are more likely than general cybercriminals to share information on vulnerable sites and intended targets.” [su_note note_color=”#ffffcc” text_color=”#00000″]Tod Beardsley, Security Engineering Manager, Rapid7 : “Curiosity seekers, suspicious spouses, and divorce attorneys would do well to avoid wasting too much time hunting for “one true and correct” Ashley Madison dump on their own. While the dump from last night appears to be credible among the few forensic experts who have looked at it,…
When Microsoft finally released its long-awaited Windows 10 operating system in late July, the information security community immediately issued assessments of Microsoft and how well its new security features would protect users. Leading the way is the new Device Guard feature, which prevents applications from running unless they originate from the Windows Store, specific vendors or the organization running the operating system. This feature provides enhanced protection against an array of new threats. Microsoft has also improved user authentication with Windows Hello, which supports third-party biometric logins. While enterprise-grade biometrics hardware is still, for the most part, in its developmental…