Expert(s):
VP of Product Management feature_status*/ ?>
Clearswift

Comments Dotted : 4
May 20, 2020

UK airline easyJet data breach impacts 9M customers – expert commentary
A major data breach is the last thing the travel sectors needs now
This last thing that the travel industry needed right now was a data breach of this size and scale. However you look at it, nine million customers with their data breached is not a good look and the true cost of this to EasyJet is yet to be revealed. Such breaches occur with depressing regularity now, yet organisations do not seem to think it will happen to them – until it does. Effective cyber security is not just a question of investing in the latest software, it’s about that combination .....Read More
This last thing that the travel industry needed right now was a data breach of this size and scale. However you look at it, nine million customers with their data breached is not a good look and the true cost of this to EasyJet is yet to be revealed. Such breaches occur with depressing regularity now, yet organisations do not seem to think it will happen to them – until it does. Effective cyber security is not just a question of investing in the latest software, it’s about that combination of people, processes and technology. If an organisation is lacking any one of these three, then they will be vulnerable. People use budget airlines in their millions and accept that certain elements of the experience will be different to other airlines. Whether that acceptance extends to having their personal information hacked, is another question.  Read Less
April 01, 2020

Industry Leaders And Cybersecurity Experts Insight On Marriott International Data Breach
Smart cyber security relies on people, process and technology. If any one of these is missing, then the organisation will be vulnerable.
“Successful cyber security is not just a question of investing in the latest software, it’s about a combination of people, processes and technology. If an organisation is lacking any one of these three, then they will be vulnerable.” “The fact that this breach began in mid-January and was only discovered and halted by the end of February is really not good. It then took a further month to begin notifying the customers that had been breached. Cyber security is complicated and.....Read More
“Successful cyber security is not just a question of investing in the latest software, it’s about a combination of people, processes and technology. If an organisation is lacking any one of these three, then they will be vulnerable.” “The fact that this breach began in mid-January and was only discovered and halted by the end of February is really not good. It then took a further month to begin notifying the customers that had been breached. Cyber security is complicated and challenging against an ever-evolving threat, but an essential part of it is having the right processes in place – being able to identify breaches as soon as possible, taking measures to stop them and reporting them to the relevant authorities. It feels like those processes just weren’t in place here. Given that Marriott International has already been fined £99M by the Information Commissioner’s Office (ICO) under GDPR for its previous breach, it is hard to understand why that was the case.”  Read Less
March 03, 2020

Experts Insight On Visser Data Breach (Supplier To Lockheed, Tesla, Boeing And SpaceX)
If ransomware attacks are on the rise again, organisations need to allow password protected documents only from trusted senders.
It has felt like ransomware incidents are ramping up once more, with a number of attacks over the past few weeks. This DoppelPaymer attack has been the most high profile of those, partly because of the organisation being held to ransom - Visser, a parts manufacturer to major brands such as Boeing, Tesla and SpaceX – and partly because of DopplePaymer’s nature. It’s file-encrypting malware which first exfiltrates a company’s data and only discloses the data theft when that company goes.....Read More
It has felt like ransomware incidents are ramping up once more, with a number of attacks over the past few weeks. This DoppelPaymer attack has been the most high profile of those, partly because of the organisation being held to ransom - Visser, a parts manufacturer to major brands such as Boeing, Tesla and SpaceX – and partly because of DopplePaymer’s nature. It’s file-encrypting malware which first exfiltrates a company’s data and only discloses the data theft when that company goes to the ransomware’s website to pay the ransom. This means that organisations might not even be aware of their data being exfiltrated, a highly vulnerable place to be in. DoppelPaymer relies on employees opening the email message, which will contain a password so that the user can open the file – once this has happened then the ransomware can move across a network and take all the data it wishes. But these types of file are relatively easy to defend against. Organisations can build policy to allow password protected documents only from trusted senders, although ideally they should move to use email encryption as its more secure.  Read Less
February 14, 2020

Coronavirus Emotet – Expert Analysis
Coronavirus-based attacks are best defended against via education, testing and technology.
It’s really difficult for organisations to stay protected, because there is so much variety in social engineering threats and the Coronavirus is just the latest example. People are concerned the Coronavirus and are perhaps more vulnerable to emails purporting to be about that. Protecting the enterprise against such attacks is done via a combination of education, testing and technology. Staff need to be trained on a regular basis about new threats and the best ways to deal with them,.....Read More
It’s really difficult for organisations to stay protected, because there is so much variety in social engineering threats and the Coronavirus is just the latest example. People are concerned the Coronavirus and are perhaps more vulnerable to emails purporting to be about that. Protecting the enterprise against such attacks is done via a combination of education, testing and technology. Staff need to be trained on a regular basis about new threats and the best ways to deal with them, phishing tests must be carried out regularly and the right technology is essential. It must protect staff and detect the real phishing messages as best as it can – bearing in mind that it’s a constant arms race between the security vendors and cyber criminals, who are more than willing to use news such as the Coronavirus to get people to open emails and click on the links.  Read Less