How UK organisations are leaving themselves open for cyber attack

UK organisations are leaving themselves wide open to cyber attack despite huge investments in cyber security systems, according to two former hackers now working in cyber defence Organisations such as UK phone and broadband provider TalkTalk claim to take security seriously and have made significant investments in cyber defences, and yet still fall prey to data breaches. From a hacker perspective, many organisations are still leaving the front door open and the windows unlocked.

Read the source article at

7 cyber security threats to SMEs and how to secure against them

Small businesses that see themselves as too small to be targeted by cyber criminals are putting themselves at direct risk. In fact, small businesses are at an equal, if not greater risk of being victims of cyber crime – two thirds of small UK firms were attacked by hackers between 2014-2016, according to a report from the Federation of Small Businesses. Cyber crime can cause massive damage to a young business’s reputation, result in loss of assets and incur expenses to fix the damage caused.

Read the source article at

Global Ransomware Attack Reminds Us of the Importance of Cyber Security

The Wannacry ransomware attack has many companies once again looking at not only steps they can take to help protect their business from a cyber attack, but also ways to protect their business and its assets in the event of a cyber attack. Most businesses should consider purchasing Cyber Insurance to help protect its business assets in the event of a cyber breach. Our sister company, A Plus Risk & Insurance works with several carriers that are experts in writing cyber insurance.

Read the source article at A Plus Benefits

Don’t Sit Back and Wait for Security Risks to Disappear

Risk management is the essence of what we do as information security professionals. We identify key security risks and analyze those risks in the context of the business. We then communicate the confirmed or potential outcomes to management. Finally, we decide — or wait for decisions — on how to respond. Many security challenges begin at this step.

Read the source article at Security Intelligence

10 ways cyber security will evolve in the face of growing threats

Information Age identifies ten ways cyber security will evolve over the next five years, as threats like ransomware continue to spread ‘Over the next five years, there will be an ever-growing urge across the tech industry to leverage the IoT for anything from automating data collection to programming manual actions in the physical world’ The cyber threat landscape is constantly evolving, with different strains of malware attacking network systems every day.

Read the source article at

4 Cybersecurity Best Practices to Bolster Small Business Defenses – National Cyber Security Ventures | Hacker News

As cybervillains intensify efforts to crack into your networks and devices, here’s how to keep your data safe. Through its exercise videos and nutritional shakes and supplements, Beachbody helps people get buff, lose weight and live healthier lives. In fact, the fitness company’s IT team knows all about working up a sweat, but in their case, it’s to add muscle to the company’s cybersecurity defenses.

Read the source article at National Cyber Secuirty University

Once Stolen, What Do Hackers Do With You Data?

It’s a common question: What happens to your data after a hacker steals it? Understanding the nuts and bolts of an attacker’s post-hack routine is not only interesting, but it could also help you minimize the damage if your data is stolen. (Note that the following information is a general overview of the most common steps […]

Read More – Once Stolen, What Do Hackers Do With You Data?

Read the source article at Secplicity

The cyber security remedy: prevention is better than a cure

Wonga’s recent announcement that it was hit by a data breach affecting 245,000 of its UK customers is yet another sharp wakeup call for businesses. All available information concerning the attack indicates that this could be one of the biggest financial information leaks the country has ever seen. Businesses across Britain are waking up to the fact that it is a case of “when” not “if” they will be targeted. Just look at what has happened to NHS, TalkTalk… the list goes on and on and on.

Read the source article at

Cyber-crime targets: No company is too small

Cyber security is arguably the most challenging issue facing companies today. According to a new governmental report on cyber security breaches for 2017, businesses are increasingly looking to websites, social media pages and the use of cloud services, meaning that companies need to ensure these platforms and services are kept secure and managed effectively.

Read the source article at ITProPortal

Reasons Managed Security Services Are Crucial to Your Business – DZone Security

Technology is evolving at a constant pace and so are the skills of online hacktivists. Hackers are constantly active, trying to find chinks in your security systems to steal and misuse your crucial data. The Global Economic Crime Survey by PwC reveals that cybercrime has climbed to the second most reported economic crime, impacting 32% of organizations. According to Forbes, cybercrime costs will reach $2 trillion by 2019.

Read the source article at

Outsourcing security: Would you turn over the keys to a third party?

Managed security services providers are gaining a foothold in the market. Years ago it would have been unthinkable to give up control to securing your most valuable assets. But for some companies the risk of handing the security keys to a third party is less than the idea of facing the daily barrage of attacks. When asked why a company would cede control, many vendors said it depends on the level of staffing that company has. If the expertise is lacking, why take the chance.

Read the source article at Welcome to Network

How to improve cyber security awareness in your organisation | IT Security

Training, providing secure devices & delivering a cultural change are ways CIOs can raise awareness of security in the workplace Cyber security remains an ongoing issue for CIOs and businesses today. According to The Culture, Media and Sport Committee, 25% of companies experience a security breach at least once a month, with the problem continuing to grow. An increasing number of CIOs are exploring new ways to protect customers and employees from online threats.

Read the source article at Tech and IT Business Opinion, Interviews

How can Welsh Businesses Protect Themselves from Future Cyber Attacks?

Business News Wales asks businesses in Wales; How can Welsh businesses ensure they are protected from any future Cyber Attacks? Basic Cyber Security should start with a risk assessment to define which assets a business needs to protect. The Queen does not leave the crown jewels on the lawn outside the palace for obvious reasons!

Read the source article at Business News Wales

Evolving Cyber Threats Require Evolving Training – ISACA Now

Today’s cyber security professional is an amalgamation of haphazard professional experience, rapid-fire bootcamps, and smatterings of dynamically defined academic programs. This has created a vibrant field, full of individuals with creative takes on issues and unconventional approaches to problems that are difficult to predict. However, as the field matures and the online attackers ratchet up their skill sets, the traditional solution becomes less effective.

Read the source article at Information Technology

WannaCry Ransomware Shows Why Software Updates Are Important

We’ve all been guilty of it. You’re cramming to hit a deadline, and you dismiss that tiny notification in the corner of your screen reminding you to install a new software update. But if there’s anything to be learned from the global ransomware attack that’s plagued computers in 150 countries, it’s that these updates are as crucial as ever. “This whole disaster could have been prevented if people had patched their system,” says Jerome Segura, a security researcher for software firm Malwarebytes.

Read the source article at

WannaCry ransomware prompts legacy MS17-010 patch

Microsoft responds to WannaCry ransomware with an MS17-010 patch for legacy systems as new ransomware variants spread to more countries around the globe. WannaCry ransomware exploded over the weekend and spread like a worm to infect more than 200,000 systems across 150 countries around the world, according to Europol. In response, Microsoft took the emergency step to release patches for no longer supported versions of Windows.

Read the source article at

Global Ransomware Attack: What Your Organization Needs to Know Now

Beginning on Friday, May 12, 2017, organizations across the world were hit by a cyberattack called WannaCry. This malware—a type of ransomware—operates by encrypting an organization’s data and demanding a Bitcoin payment (nearly $300 per attack) before it will restore the affected files. So far approximately 200,000 computers in over 150 countries have been impacted, making this the largest international ransomware attack to date.

Read the source article at National Law Review

Third parties leave your network open to attacks

Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole. The use of third-party providers is widespread, as are breaches associated with them.

Read the source article at

Cyber-Security: It’s Time To Make Security A Priority – A Blog About IT & Security. The Social Network For Your Network

Security is no longer just a problem for a few individuals but rather a problem involving more and more people, and it should occupy an important part in our lives. Security is still the top player in IT priorities and will continue to be. What we can learn from the recent series of cyberattacks last week, is that the seizure of information stored by users and companies on various platforms has become one of the most important trends.

Read the source article at

‘Perfect storm’ of conditions helped cyberattack succeed

NEW YORK — The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.

Read the source article at

Where the global cyberattack has hit hardest

NEW YORK — Here is a look at some of the places hit by the global cyberattack.

EUROPEAN UNION — Europol’s European Cybercrime Centre, known as EC3, said the attack “is at an unprecedented level and will require a complex international investigation to identify the culprits.”

Read the source article at

Get Started: Keep your company’s data safe from cyberattack

Small business owners are getting a reminder about the need for cybersecurity from the worldwide “ransomware” attack on computers.

The attack, which has hit companies, schools, government agencies and hospitals, has put company owners on notice that their businesses could be vulnerable to the invasive software that often arrives by email, locks up the files on a PC or server and renders them useless.

Read the source article at

The Latest: More US firms believed hit by cyberattack

NEW YORK — The latest on the global extortion cyberattack that hit dozens of countries (all times local):

A law enforcement official says investigators believe additional companies in the United States have been affected by the global “ransomware” software cyberattack but have not yet come forward to report the attacks.

The official spoke to The Associated Press on condition of anonymity because the official was not authorized to speak publicly about an ongoing investigation.

Read the source article at

The blame game, ransomware edition: Who’s at fault?

NEW YORK — From governments to individuals, there’s plenty of finger-pointing going on following the latest global cyberattack.

Who’s being targeted for blame? There’s Microsoft, whose ubiquitous Windows operating systems were compromised after attackers exploited a security hole.

Then there’s the U.S. government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals.

Read the source article at

Third parties leave your network open to attacks

Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole. The use of third-party providers is widespread, as are breaches associated with them.

Read the source article at

Proactive approach needed for cyber security: report

This is according to a report released by global technology association CompTIA. The report, titled The Evolution of Security Skills, states companies need to adopt various proactive measures to identify weak links before they are exploited; broaden the security skills of their technology professionals, as well as to implement top to bottom security training throughout the organisation.

Read the source article at

How to Evaluate Your Security System’s Cyber Risk | 2017-04

Whether it’s an HVAC system, a point-of-sale terminal or a video surveillance camera, malicious attackers are looking for any way into your network and closer to your valuable data, systems and intellectual property. While enterprises are working to shore up the weak links of their cybersecurity systems, it’s necessary to take a close look at the cyber risks your own physical security system may bring to the enterprise.

Read the source article at Security Magazine

The five steps for managing cyber security threats

Cyber security is a people problem more than a technology problem. A single compromised employee, whether malicious or negligent, can render the best systems worthless. Although the media loves a shady computer hacker story — usually adorned with images of a man in a hoodie sitting in a dark room — the reality is that rogue employees can often do much more damage to an organisation’s data integrity.

Read the source article at Public sector news, government learning

Ransomware And Retail

Imagine turning on your smartphone and finding that it has been completely locked out by a stranger demanding payment, a cybercriminal. If you have ever lost access to your phone for other reasons, you know the frustration of not being able to get to your contacts, emails, calendar or any communication convenience. Now imagine this frustration applied to your entire retail operation — blocking all transactions and disrupting your connection to the customer.

Read the source article at Retail TouchPoints

3 Essential Cybersecurity Tips for Small Businesses

In fact, being able to translate brand values to an online audience has never been more essential for businesses looking to keep up with the competition. This shift towards digital technologies also presents a new set of challenges for companies of all sizes, none more so than cybersecurity. As the online marketplace increases in size, so does the propensity for online scams.

Read the source article at Frugal Entrepreneur

Cybersecurity Attacks Hit 87% of Organizations in 2016

April 12, 2017 – A majority of organizations reported that they were affected by a cybersecurity attack last year, with one in three saying that they had been hacked more than five times in the past 12 months, according to a recent Bitglass report. In response, 52 percent of respondents also said that their entity planned to increase their overall security budgets.

Read the source article at

Four Cybersecurity Trends That Every Retailer Needs to Know

Call it optimism or just human nature — retailers, like most people, don’t like to spend a lot of time thinking about unseen threats. A series of painful breaches a few years ago forced the industry to wake up to the dangers of cyber crime and implement new measures to address and control online risks, leading to industrywide security gains.

Read the source article at Total Retail

Government: Half of UK Firms Hit by Cyber-Attack

Nearly half (46%) of UK firms experienced a breach or cyber-attack last year, with many still failing to implement basic, formalized security despite spending money on threat defence, according to a new government report. The Cyber Security Breaches Survey 2017 was commissioned by the Department for Culture, Media and Sport (DCMS) as part of the National Cyber Security Programme, and is based on interviews with over 1,500 businesses.

Read the source article at Infosecurity Magazine

PCI Compliance is Cheap Compared to EU GDPR

At RBTE at Olympia London, May 09 2017, a panel of payment security experts considered the future of secure payments and the impact that EU GDPR will have in a panel session titled Strengthening security without losing sales. Jeremy King, international director of the PCI Security Standard Council, admitted that PCI compliance is “an expensive, massive thing”, especially, he noted, for smaller merchants without the IT team or the understanding of data and payment security.

Read the source article at Infosecurity Magazine

Why an accountant is a cybercriminal’s favourite target

Justin Dolly of Malwarebytes looks at what accountants can do to protect their data and minimise cybersecurity risks. When most people think of a data breach, they often think of hospitals, retailers or even banks being victimised. But what about accounting firms? Think about it – everyone trusts you with their personally identifiable information.

Read the source article at Accountancy Age

IT security as a business issue: how great security helps you grow

Studies suggest that in 2016, hackers stole an estimated $1 billion using ransomware. This translates into a cost of around £75,000 per small business. Without a doubt, the need for robust IT security has never been greater. There are many simple ways to improve your security posture: firewalls, external servers and cloud back-ups can stop hackers in their tracks. Above all, it’s important to keep the best tools on hand as hackers techniques become more advanced.

Read the source article at

26,000 Debenhams Customers Breached

A cyber-attack has compromised the personal data of up to 26,000 Debenhams customers. The breach, which is understood to have been malware-based, targeted the online portal for the retailer’s florist arm, Debenhams Flowers. IT security experts from Cylance, Imperva and Kaspersky Lab commented below. Anton Grashion, Managing Director Security Practice at Ajay Uggirala, Director at “Our experience show that 100% of businesses are under attack.

Read the source article at home – Information Security Buzz

Why Physical Security For Your Business Is Just as Critical as Online Security

For most people involved in running an online business, implementing stringent security practices has become second nature. It’s easy to see why: Not only do technologies such as SSL and encryption keep your company’s data secure, but the sight of that little green padlock in a browser’s address bar gives your customers confidence that they’re dealing with a legitimate business.

Read the source article at Entrepreneur

How Your Business is Being Hacked and How to Stop It

60% of small companies that suffer a cyber attack or breach are out of business within six months, according to data from the National Cyber Security Alliance. Small businesses that previously escaped the attention of cyber criminals are now increasingly targeted by these catastrophic attacks. If you’re an SME, cyber security is more important than ever.

Read the source article at

IT security from the start: 3 ways to make it a business priority

One of the biggest priorities in IT this year will be to finally resolve the ongoing debate: Who is responsible for security? Is it the sole responsibility of IT, the CISO’s job, or is it a business problem? From my point of view, if you don’t think security is part of your job, you become part of the problem. To truly secure the enterprise, security must become central to everyone’s role. I like to relate this issue to driving. When you’re on the road, your job is to drive the car.

Read the source article at The Enterprisers Project

Cybersecurity risks for small businesses are anything but small

Working in data breach resolution, I have the opportunity to assess both the emerging security risks and misconceptions haunting businesses today. Recently, I’ve heard from others in the industry – risk managers, cyber insurers and various security professionals – that many small businesses don’t believe they will be targeted by cyber-attacks.

Read the source article at Security Magazines

Is your business too complacent about cyber security?

Cyber security has never been as heavily in the public eye as it is today. But are businesses complacent about this increasingly necessary practice? Top management is committed to continuous vigilance and improving cyber security, recognising that a sound security culture – where everyone in the organisation understands the risk and knows what part they can play in keeping their organisation and stakeholders secure – is essential The results are in.

Read the source article at