Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Top Posts
15 Schools Hit By Cyberattack In Nottinghamshire
Qualys Hit With Ransomware And Customer Invoices Leaked
Experts Reaction On PrismHR Hit By Ransomware Attack
Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is...
ObliqueRAT Trojan Lurks On Compromised Websites – Experts...
Microsoft Multiple 0-Day Attack – Tenable Comment
Experts Reaction On Malaysia Airlines 9 Years Old...
IoT Security In The Spotlight, As Research Highlights...
Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber...
Expert Reaction On Solarwinds Blames Intern For Weak...
Information Security Buzz
Connecting Security Experts
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Expert(s): November 30, 2020
Edgard Capdevielle
CEOfeature_status*/ ?>
Nozomi Networks

Comments Dotted : 2
October 04, 2020

Comment: US Dept Of Treasury Warns Ransomware Victims Who Pay Could Be Fined

Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity.
Ransomware attacks are continuing to rise, and without a doubt the stakes are getting higher. These attacks are increasing in volume and sophistication and while it might be tempting to pay a ransom, doing so only fuels the fire. We are seeing more instances where the public and private sector respond to the pressure and pay the ransom. In addition to this week's OFAC advisory, Senators Warren and Wyden have both introduced separate bills that would hold corporate executives accountable if.....Read More
Ransomware attacks are continuing to rise, and without a doubt the stakes are getting higher. These attacks are increasing in volume and sophistication and while it might be tempting to pay a ransom, doing so only fuels the fire. We are seeing more instances where the public and private sector respond to the pressure and pay the ransom. In addition to this week's OFAC advisory, Senators Warren and Wyden have both introduced separate bills that would hold corporate executives accountable if they fail to take cybersecurity seriously. Ransomware attacks and other cyberthreats will continue to remain constant as our personal lives and business operations continue to digitalise. That’s why choosing to pay a ransom is too often a short-sighted response that could come at a high cost. Research has shown that paying a ransom can double the cost of recovery. Building, maintaining and constantly improving an organisation’s cybersecurity program is always the best approach and there are certainly tools available today that provide cost effective solutions. Fortunately, choosing to pay a ransom is not an approach we’ve seen corporate boards take in the industrial networking and critical infrastructure space. Paying a ransom can be a slippery slope - and even illegal in some cases as we now see with the OFAC advisory. Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity. When it comes to ransomware attacks, prevention will always be better than a cure.  Read Less
Like(3)  (0)

Linkedin Message

@Edgard Capdevielle, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comment-us-dept-of-treasury-warns-ransomware-victims-who-pay-could-be-fined

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Edgard Capdevielle, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/comment-us-dept-of-treasury-warns-ransomware-victims-who-pay-could-be-fined

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
May 05, 2020

Expert Comments On Trump Issues Executive Order To Protect Power Grid From Attack

The order does not name countries, or propose anything specific.
As is so often the case the latest executive order signed by President Trump, which prohibits the use of bulk power system equipment from foreign countries to limit the risk to the US power grid, is a step in the right direction, but it does not go far enough. While there are several positives in the order; namely, raising the importance of our grid infrastructure and electric power in our lives, national security, and developed economic life; pointing at countries that may want to challenge.....Read More
As is so often the case the latest executive order signed by President Trump, which prohibits the use of bulk power system equipment from foreign countries to limit the risk to the US power grid, is a step in the right direction, but it does not go far enough. While there are several positives in the order; namely, raising the importance of our grid infrastructure and electric power in our lives, national security, and developed economic life; pointing at countries that may want to challenge our global status, way of life, or ability to keep stable conditions; and seeking to address a potential vector of attack in the backdoors and trojans that could be implanted in foreign-sourced infrastructure equipment. However, there are a few shortcomings. Firstly, it ignores the largest problems in the electric cyber environments: lack of visibility in the networks and any nationally enforceable standards. Secondly, it is not immediately actionable. The order does not name countries, or propose anything specific, it just enables a team to go look at this without clear advice if problems are found. And lastly, even if enforced and specifics were given, i.e. no new equipment from China or Russia in the grid, it does not address all the legacy infrastructure that has been and will be around for a very long time. While this latest executive order on securing the US bulk power system is good in some ways, it is simply not enough. Though it is directionally correct, it left me wanting real substance, and real security.  Read Less
Like(0)  (0)

Linkedin Message

@Edgard Capdevielle, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The order does not name countries, or propose anything specific...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-comments-on-trump-issues-executive-order-to-protect-power-grid-from-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Edgard Capdevielle, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The order does not name countries, or propose anything specific...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-comments-on-trump-issues-executive-order-to-protect-power-grid-from-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Stephen Kapp, CTO and Founder, Cortex Insight

"Updating and patching systems should be a priority for schools and mandatory for their pupils. "

15 Schools Hit By Cyberattack In Nottinghamshire

Jake Moore, Cybersecurity Specialist, ESET

"In general, malicious actors now use full-blown extortion tactics to make sure they get what they came for in attacks like this. "

Qualys Hit With Ransomware And Customer Invoices Leaked

Ilia Kolochenko, CEO, ImmuniWeb

"Qualys’s response to the incident is a laudable example of transparent and professional handling of a security incident. "

Qualys Hit With Ransomware And Customer Invoices Leaked

Natalie Page, Cyber Threat Intelligence Analyst, Sy4 Security

"Due to the nature of this organisation, PrismHR makes for an extremely valuable target to an adversary looking to extract sensitive information. "

Experts Reaction On PrismHR Hit By Ransomware Attack

Lewis Jones, Threat Intelligence Analyst, Talion

"Ransomware renders any files it touches unreadable unless, and until, a victim pays for a digital key needed to unlock the encryption on them. "

Experts Reaction On PrismHR Hit By Ransomware Attack

Stephen Kapp, CTO and Founder, Cortex Insight

"An attack like this will not only impact PrismHR but also its customers who will need access to systems in order to pay employees. "

Experts Reaction On PrismHR Hit By Ransomware Attack

Richard Walters, CTO , Censornet

"“Careless clicks sink ships.” "

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And Stronger Than Ever

Saryu Nayyar, CEO, Gurucul

"The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques. "

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

James McQuiggan, Security Awareness Advocate, KnowBe4

"It is essential to conduct red team or pen testing exercises. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Nikos Mantas, Incident Response Expert, Obrela Security Industries

"Data security should be a priority for all organisations today. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

David Sygula, Senior Cybersecurity Analyst , CybelAngel

"Organisations must constantly scan for leaked documents outside the enterprise perimeter. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Satnam Narang, Senior Research Engineer, Tenable

"We expect other threat actors to begin leveraging these vulnerabilities in the coming days and weeks. "

Microsoft Multiple 0-Day Attack – Tenable Comment

Sam Curry, Chief Security Officer, Cybereason

"Total transparency is needed and they need to hone in on more specific details and be completely transparent with Enrich members. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Florian Thurmann, Technical Director, EMEA , Synopsys Software Integrity Group

"Your organisation won’t be able to determine which of their employees has made a given change in the system. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Alan Grau, VP of IoT , Sectigo

"Best-practices for IoT device security include strong authentication and secure software updates. "

IoT Security In The Spotlight, As Research Highlights Alexa Security Flaws

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

ISB CONFERENCE

ISB Conference 2021

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel