June 28, 2017
Jeff Goldman, Esecurityplanet.com, June 26, 2017
Almost half of all U.S. companies that use IoT devices have been hit by a security breach, according to the results of a recent Altman Vilandrie & Company survey [PDF] of 397 IT executives across 19 industries. For companies with under $5 million in annual revenue, the cost of the breaches represented more than 13 percent of their annual revenue, and for larger firms, the breaches cost tens of millions of dollars
Matthew Kuznia, Deltarisk.com, June 23, 2017
At least once a day, I see a new article on the topic of how to close the cyber security skills gap. Without fail, these discussions center on the need for public and private sector collaboration, early STEM education, skills-based training, and increasing cyber security programs and course options through colleges and universities.
Zelijka Zorz, Techrepublic.com, June 15, 2017
Evidence of the cybersecurity workforce shortage continues to mount: By 2022, there will be 1.8 million open jobs in this field, according to the recent Global Information Security Workforce Study from the nonprofit ISC(2)—up from the 2015 estimate of 1.5 million by 2020.”The numbers are going in the wrong direction,” said Wesley Simpson, COO of ISC(2), of the study, which surveyed 19,000 cybersecurity professionals.
Stephanie Ewing-Ottmers, Deltarisk.com, June 21, 2017
With the ongoing shortage of cyber security professionals, more IT professionals are finding themselves assuming responsibilities to cover their organization’s cyber security program. The landscape is even more difficult to navigate given the many information security standards and regulations that industries most follow.
Michael Kassner, Techrepublic.com, June 22, 2017
Let’s face it, phishing attacks—where cybercriminals disguise their malware-laced digital messages to give the appearance of official communiqués—are way more successful than anyone would like. Verizon’s 2017 Data Breach Investigations Report (DBIR) states: “There were a little over 1,600 incidents and more than 800 breaches featuring social actions in this year’s  corpus (all external actor driven).
Jeff John Roberts, Fortune.com, June 22, 2017
Who has been hacked? It might be easier to ask who hasn’t been hacked, as Fortune explores in the cover story of our Jul. 1 issue. The list below is just a sample of big companies and institutions struck by major data breaches in the past five years. As you can see, no industry has been spared. By now, the damage has afflicted billions of consumer accounts and is costing the companies tens or hundreds of millions.
David Sykes, Csooline.com, June 22, 2017
Headline-grabbing hacks of email accounts belonging to celebrities, businesses and government officials are commonplace. This is because there’s one major vulnerable flaw allowing cyber crooks to access systems, empty bank accounts, destroy reputations, or send someone into bankruptcy; human nature.
Lily Hay Newman, Wired.com, June 21, 2017
When you think of a standard hacker toolkit, software vulnerabilities and malware come to mind. But a pair of researchers are testing a different type of instrument: a physical tool that can break into devices with a wave of your hand.
Theo Douglas, Govtech.com, June 23, 2017
Phishing and spear-phishing — two simplistic examples of cyberattacks well-known in the public sector — may remain popular indefinitely, but state cybersecurity personnel are battling the bad actors with strategies aimed at the same soft target: the human mind.