January 17, 2018
In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. Join our incident response experts for a 45-minute webinar to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.
Incident Response Q&A Part II: Why Incident Response Playbooks Aren’t the Answer, and Advice for New CISOs
Ryan Clancy, deltarisk.com, January 12, 2018
Incident response will continue to be an important cyber security priority for many organizations in 2018. We took a moment to get some deeper insight into the incident response landscape from Delta Risk Senior Consultant Ryan Clancy. Here’s part II of our incident response discussion.
Elizabeth Snell, healthitsecurity.com, January 15, 2018
CISOs are increasingly concerned about the likelihood of falling victim to a cybersecurity attack, with 67 percent reporting that they think their organization will face that type of data breach in 2018, according to a recent survey. Conducted by the Ponemon Institute and sponsored by Opus, What CISOs Are Worried About in 2018 gathered the responses of over 500 CISOs and other information security professionals.
Darren Thomson, itproportal.com, January 15, 2018
2017 once again proved that the cyber threat landscape is complex and constantly changing, dictating the need for comprehensive and responsive defences that step up to the real challenges that organisations face. AI-aided attacks, increased regulation and the exponential growth of endpoint and IoT devices present the opportunity for entirely new forms of risks to emerge, ever changing the face of cyber security.
Catalin Cimpanu, bleepingcomputer.com, January 11, 2018
A group of hackers has made over a quarter-million dollars worth of Monero by breaking into Oracle WebLogic servers and installing a cryptocurrency miner. The attacks have been going on since early December 2017, according to experts at the SANS Technology Institute and Morphus Labs.
Help Net Security Staff, helpnetsecurity.com, January 11, 2018
According to the researchers, if the mobile application vulnerabilities identified are exploited, an attacker could disrupt an industrial process or compromise industrial network infrastructure, or cause a SCADA operator to unintentionally perform a harmful action on the system. The 34 mobile applications tested were randomly selected from the Google Play Store.
Joan Goodchild, bankinfosecurity.com, January 11, 2018
It seems like every vendor in the data security industry makes predictions this time of year. Which ones should you pay attention to? All of them, says Dan Lohrmann, who formerly served as the state of Michigan’s CISO and CTO. “I really view it as something that professionals need to widen their perspectives,” Lohrmann says in an interview with Information Security Media Group.
Eamon McCarthy Earls, searchnetworkingtechtarget.com, January 16, 2018
Jon Oltsik, an analyst at Enterprise Strategy Group in Milford, Mass., said the global cybersecurity skills shortage is bad and getting worse. According to Oltsik, skills shortages among various networking disciplines have not eased — and the cybersecurity shortage is particularly acute — citing ESG’s annual survey on the state of IT. For instance in 2014, 23% of respondents said that their organization faced a problematic shortage of cybersecurity skills.
Catalin Cimpanu, bleepingcomputer.com, Janaury 16, 2018
An Indiana hospital paid a ransom of $55,000 to get rid of ransomware that had infected its systems and was hindering operations last week. The infection took root last week, on Thursday, January 11, when attackers breached the network of Hancock Health, a regional hospital in the city of Greenfield, Indiana.
Zeljka Zorz, helpnetsecurity.com, January 16, 2018
A group of Princeton and Purdue researchers has shown that it’s possible to mount a denial-of-service (DoS) attack against hard disk drives via acoustic signals. Hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their increased reliability, fault tolerance, storage capacity, and so on.