INFOSECURITY NEWSLETTER

April 26, 2017

Cyber Security is a People Problem

Nick Ismail, Information-age.com, April 20, 2017

Over 80% of security professionals identify ‘people’ as the industry’s biggest challenge compared to technology and processes, according to the results of the second annual survey from The Institute of Information Security Professionals (IISP).The survey also indicated that while 60% of respondents still feel that investment is not keeping pace with threat levels, there was a modest 5% increase in businesses that feel better placed to deal with a breach or incident if it happens.

Read More

5 DIY Cyber Security Skills Every IT Professional Needs to Master

Matthew Kuznia, Delta-risk.net, April 14, 2017

If you’re a homeowner like me, hopefully you have a few basic around-the-house skills – changing a light bulb, fixing a loose door handle, unclogging a shower drain, making sure the deadbolts lock properly. I run into a new issue every week it seems. If you’re fortunate, there’s at least one person in your household who can handle fixes like these without having to call a plumber or a dedicated handyman every time something pops up. In the cyber security world, the same do-it-yourself (DIY) handyman approach can be beneficial, especially for mitigating less complex issues.

Read More

Healthcare Records for Sale on Dark Web

Ryan Francis, Csoonline.com, April 24, 2017

Last August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according to DataBreaches.net. The group noticed such things as dates of admission, whether the patients are on methadone, their doctors and counselors, and dosing information. In the DataBreaches.net blog, the hacker “Return,” who they think is Russian, described how he compromised the Man Alive clinic.

Read More

CISOs, Board Members Have Widely Divergent Views on Cybersecurity

Jai Vijayan, Darkreading.com, April 18, 2017

For all the talk about cybersecurity needing to be a board-level issue, security executives and corporate directors continue to have very different views on just about every critical aspect of the security function. Research released this week by Focal Point Data Risk shows that CISOs and board members often have different perspectives on the value of cybersecurity, on how to assess the effectiveness of security programs, and how to measure and express risk.

Read More

An Untold Cost of Ransomware: It Will Change How You Operate

Paula Long, Helpnetsecurity.com, April 21, 2017

Ransomware is unfortunately an IT reality. With the complexity and frequency of attacks, there is a good chance you or someone you know has been impacted. Many victims attacked are tempted to just pay the ransom and be done with it; a strategy that is more widely-used than you might think. Even the FBI has admitted that sometimes paying the ransom is the way to go. This can be a difficult decision: on one hand you know this form of digital extortion wouldn’t stop while it’s profitable, and on the other, you aren’t sure you can afford the downtime to take a stand and try and go it alone.

Read More

4 Critical Points to Consider When Receiving Cybersecurity and Privacy Advice

Michal Kassner, Techrepublic.com, April 21, 2017

Advice on the internet flows freely. With so much information available, how does one know what to believe? For example, there is still significant confusion regarding the now defunct FCC regulation requiring ISPs to get permission from their customers before they collect web-browsing data. So who do we trust to give good advice about being safe and private on the internet?

Read More

New Frontier of Cybersecurity Education Challenges Students to Hack Their College

Tim Prudente, Govtech.com, April 24, 2017

The most security-sensitive companies approach their job and their day with the default assumption that they have been hacked, and they set out to prove that important components of their environment are safe. Less security-sensitive companies approach each day with the assumption that they are clean, and start looking for breaches. Or, at least, that’s Paul Farrell’s experiences have taught him.

Read More


FCA Says Firms Ignoring Cyber Security Basics

Damian Fantato, Ftadvisor.com, April 25, 2017

Financial services firms are often not getting the basics right on cyber security, leaving them vulnerable to attacks. This is the claim made by the Financial Conduct Authority’s chief operating officer Nausicaa Delfas. In a speech yesterday (24 April), she said many companies falsely believed they getting the basics right when it came to cyber security. She cited research which showed that 10 vulnerabilities accounted for 85 percent of successful breaches.

Read More

More Financial Advisors are Upping Their Cybersecurity, Insurance Ante

Sarah O’Brien, Cnbc.com, April 25, 2017

Here’s another line item for your “things to discuss with my financial advisor” checklist: cybersecurity. With the financial services industry consistently considered a prime target for cyberattacks , some financial advisors say the electronic safety of personal data and assets should be part of the client-advisor conversation.

Read More
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th