April 26, 2017
Nick Ismail, Information-age.com, April 20, 2017
Over 80% of security professionals identify ‘people’ as the industry’s biggest challenge compared to technology and processes, according to the results of the second annual survey from The Institute of Information Security Professionals (IISP).The survey also indicated that while 60% of respondents still feel that investment is not keeping pace with threat levels, there was a modest 5% increase in businesses that feel better placed to deal with a breach or incident if it happens.
Matthew Kuznia, Delta-risk.net, April 14, 2017
If you’re a homeowner like me, hopefully you have a few basic around-the-house skills – changing a light bulb, fixing a loose door handle, unclogging a shower drain, making sure the deadbolts lock properly. I run into a new issue every week it seems. If you’re fortunate, there’s at least one person in your household who can handle fixes like these without having to call a plumber or a dedicated handyman every time something pops up. In the cyber security world, the same do-it-yourself (DIY) handyman approach can be beneficial, especially for mitigating less complex issues.
Ryan Francis, Csoonline.com, April 24, 2017
Last August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according to DataBreaches.net. The group noticed such things as dates of admission, whether the patients are on methadone, their doctors and counselors, and dosing information. In the DataBreaches.net blog, the hacker “Return,” who they think is Russian, described how he compromised the Man Alive clinic.
Jai Vijayan, Darkreading.com, April 18, 2017
For all the talk about cybersecurity needing to be a board-level issue, security executives and corporate directors continue to have very different views on just about every critical aspect of the security function. Research released this week by Focal Point Data Risk shows that CISOs and board members often have different perspectives on the value of cybersecurity, on how to assess the effectiveness of security programs, and how to measure and express risk.
Paula Long, Helpnetsecurity.com, April 21, 2017
Ransomware is unfortunately an IT reality. With the complexity and frequency of attacks, there is a good chance you or someone you know has been impacted. Many victims attacked are tempted to just pay the ransom and be done with it; a strategy that is more widely-used than you might think. Even the FBI has admitted that sometimes paying the ransom is the way to go. This can be a difficult decision: on one hand you know this form of digital extortion wouldn’t stop while it’s profitable, and on the other, you aren’t sure you can afford the downtime to take a stand and try and go it alone.
Michal Kassner, Techrepublic.com, April 21, 2017
Advice on the internet flows freely. With so much information available, how does one know what to believe? For example, there is still significant confusion regarding the now defunct FCC regulation requiring ISPs to get permission from their customers before they collect web-browsing data. So who do we trust to give good advice about being safe and private on the internet?
Tim Prudente, Govtech.com, April 24, 2017
The most security-sensitive companies approach their job and their day with the default assumption that they have been hacked, and they set out to prove that important components of their environment are safe. Less security-sensitive companies approach each day with the assumption that they are clean, and start looking for breaches. Or, at least, that’s Paul Farrell’s experiences have taught him.
Damian Fantato, Ftadvisor.com, April 25, 2017
Financial services firms are often not getting the basics right on cyber security, leaving them vulnerable to attacks. This is the claim made by the Financial Conduct Authority’s chief operating officer Nausicaa Delfas. In a speech yesterday (24 April), she said many companies falsely believed they getting the basics right when it came to cyber security. She cited research which showed that 10 vulnerabilities accounted for 85 percent of successful breaches.
Sarah O’Brien, Cnbc.com, April 25, 2017
Here’s another line item for your “things to discuss with my financial advisor” checklist: cybersecurity. With the financial services industry consistently considered a prime target for cyberattacks , some financial advisors say the electronic safety of personal data and assets should be part of the client-advisor conversation.