March 28, 2018
Security teams remain challenged to identify cyber security threats in the cloud. In this white paper, our cloud security experts share methods for choosing the right monitoring solution to improve cloud visibility into your network and critical assets.
Andrew Cook, deltarisk.com, March 21, 2018
A few weeks ago, I participated on a panel at SecureWorld Boston on “The Future Threatscape -Ransomware and Beyond.” The audience asked some thought-provoking questions about the “next big cyber security threats.” While our discussion covered topics ranging from cyber warfare to quantum computing and virtualization, ransomware was one of the biggest concerns.Ransomware is today’s menace. It’s profitable, simple to pull off, and can hit organizations of any size. We’ve helped clients recover from these attacks and have seen how quickly the damages can cripple unprepared organizations.
Ashwin Krishnan, techrepublic.com, March 14, 2018
If you have not grasped the extent of this fiasco, it could be because it was late evening in the U.S. on Friday last and the weekend has dawned in most other parts of the world when this new broke.In a nutshell, a Facebook app developed by one Dr. Aleksandr Kogan called “thisisyourdigitallife” had obtained user data through that app (which was originally built in 2014) by scraping data from the profiles of people who took the quiz as well as that of their friends—apparently allowed under Facebook’s policy for third-party apps at the time!!
Ionut Arghire, securityweek.com, March 19, 2018
According to the company, it discovered last week that a third-party lockbox software program had been compromised, resulting in unauthorized users being able to view and copy images of checks stored electronically in the image archive. Frost Bank systems weren’t impacted in the incident, Frost says. Customers can use lockbox services to send payments to a central post office box. The bank receives the payments and credits them directly to a business’s account. The information that was accessed as part of the incident could be used to forge checks, the company says.
Cara Livernois, clinical-innovation.com, March 27, 2018
The report, which included the evaluation of 1,368 cybersecurity incidents from 27 countries, delves into the cybersecurity of healthcare following the Data Breach Investigations Report (DBIR). The PHIDBR includes findings on what cased cybersecurity incidents, what types of incidents are most common, and solutions to improving the privacy and security of patient data.
Stephanie Ewing, deltarisk.com, March 23, 2018
I have spent the most notable years of my career helping organizations improve their cyber security incident response plans. To do this effectively, we dive in, ask questions, consider scenarios, look at contingencies, and identify gaps. It has personally been very rewarding for me because planning is in my core – I rarely fly by the seat of my pants, and usually have multiple back up plans. But on August 25, 2017, I was blindsided by Hurricane Harvey. This category four storm devastated my home, my neighbors’ homes and businesses, and our island town along the Texas coast.
Waqas Amin, hackread.com, March 20, 2018
Orbitz.com, a Chicago, Illinois based popular travel website owned by Expedia Inc. has suffered a massive data breach in which personal and financial details of over 800,000 registered customers may have been stolen by unknown hackers. In a statement to media, the company said that the breach was identified on March 1st, 2018 after an in-depth investigation conducted by Orbitz.
Drew Markham, infosecurity-magazine.com, March 20, 2018
Security has always inhibited the take-up of cloud. I believe in most cases fears are overstated, but data security in the public cloud cannot be taken lightly. Data remains the responsibility of the organization that owns it, regardless of where it is stored. Your data may be held in an external cloud, but you cannot abdicate your own security responsibilities. Your choice of cloud service should be based on what your organization can do and your appetite for risk. If you have limited resources, you will be more reliant on your cloud provider, but it is up to you to ensure they offer the security you need and continue to provide it throughout the contract.
Scott Matteson, techrepublic.com, March 26, 2018
It may sound like something out of a Tom Clancy novel, but the situation is all too real. Russian hackers have targeted United States government agencies as well as companies in the infrastructural space such as those in “the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors,” according to the United States Computer Emergency Readiness Team (CERT). CERT’s announcement contains comprehensive data on the extent of the attacks which, even more disturbing, were conducted by the Russian government itself rather than mere lone hackers. Most troubling of all is the fact that these activities could have resulting in the Russians deliberately shutting down power plants if they had chosen to do so.
Gabe Carey, techradar.com, March 5, 2018
Cybersecurity and information security (InfoSec) are both growing fields that anyone with an inherent interest in computing, maths or science should think about aiming for – there’s a decent living to be made. Cybersecurity – also known as computer security or IT security – involves safeguarding computers and servers from unwanted tampering. That includes, oftentimes, theft, a commonly occuring threat in the world of technology. And as the threats faced by businesses multiply and mutate, the demand for cybersecurity experts has gone up.