Last year, cyber security breaches wreaked havoc on some of the biggest financial institutions, retailers and governments in the world, causing data and financial loss and even corporate embarrassment for a certain entertainment powerhouse. In 2016, we can likely expect more - more advanced attacks including targeted industry espionage, ransomware, and social engineering.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
As the world becomes more complex non-traditional approaches to ensuring data security and protection must be evaluated. In this article Wei Chieh, the founder of SWARMNETICS draws a parallel between how we treat open source software and the Asian organisational attitude toward White Hat hackers (or ‘independent security researchers’) as assets that might help to stem the tide of security breaches that Asian companies face today.
The number of cyberattacks continues to rise and organisations need to come to terms with the fact that traditional approaches to mitigating the effects of malicious attacks may no longer be viable. One of these approaches is to harness the power of big data technology to help companies improve their proactive and reactive cyber-defence capabilities. David White and Annie Tu examine how old approaches may be found wanting and a paradigm based on new defence models can help companies not only stop hackers, but also help to better identify and respond to malicious activities.
Recently, we examined some of the challenges that companies face in terms of the evolving privacy and data protection landscape - and how these challenges may require a whole new breed of information security professional. In this second part of the series we unpack the argument for a new role combining Chief Security Officer and Chief Privacy Officer in a rapidly evolving regulatory and threat rich environment. We also chat with Chief Security and Privacy Officer (CSPO) at a Fortune 500 company to get his take on the subject.
The holiday season in 2016 will see many of these large enterprises up their game in terms of protecting customer data. It’s not as if they have much choice, data breaches in the past have reduced public trust in online retailers – but the latest approaches to ensuring data security go some way to restoring that trust.
In this article, we examine the role of International Standards Organization (ISO) standards, and how standards are important for an incident and data breach response plan.
In this second part of a two part series we will be taking a look at how online retailers are taking steps to mitigate against the almost inevitable threat to data from hackers that seems part and parcel of the holiday buying season.
Privacy issues in the Philippines have become headline news as 2017 gets underway. In January, the National Privacy Commission (NPC) in that country issued a statement placing the blame for a data breach that put the personal information of millions of voters at risk squarely at the feet of the Commission on Elections (COMELEC) and its Chairman Andres Bautista.
Mobile smartphone usage is now reaching saturation point in the developed world. Increasingly mobile phones are becoming (or have become) indispensable business tools as well as powerful communication devices. However, with great power comes great responsibility – something that seems to have escaped U.S. President Donald Trump who is still using a legacy Android device. In this article we examine just why mobile devices present massive challenges when it comes to data security – and why business users need to be vigilant.
There is now a new breed of highly sophisticated cyber criminals who are attracted by the huge financial gains made possible by highly targeted ransomware attacks. Today, with IoT being adopted across a wide variety of industries, it seems that it’s only a matter of time before cyber criminals take Internet of Things (IoT) devices hostage using ransomware, potentially placing hundreds of thousands of people at risk. In this article, we examine the rising threat of ransomware, the potential impact on the IoT environment and how we can avoid a global ransomware pandemic.