[From the desk of Paul Davis – his opinions and no-one else’s]
Keep an eye on Adobe and your browsers, the pown2own competition has/will trigger new patches.
So onto the news:
Data company [IDT911] to open European HQ in Galway
A company that offers data protection services is to create 60 jobs with the opening of its European headquarters in Galway.
The company provides identity management, fraud monitoring and cyber security services to 17.5 million private customers in the US and Canada as well as to more than 750,000 businesses.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e858d8e671&e=20056c7556
Is the UK gaining on the US in its spate of major cyber security breaches?
The data breach landscape in the UK has changed beyond all recognition over the last few years. More than four in ten Britons (42%) have been affected in some way by a breach, and their levels of concern are growing.
Experian has recently completed a new paper, Data Breach Readiness 2.0: The ‘Customer First’ Data Breach Response, which assessed the rapidly changing landscape of data breach in the UK. Not only did we survey businesses and consumers we also spoke, at some length, with industry authorities from leading lawyers, insurers, digital forensic experts, customer support specialists and crisis communications experts to assess the true extent of preparedness among UK organisations should a data breach occur.
Costs are higher also: The average US data breach costs £132 per record compared with £104 in the UK; and lastly lost business costs are higher in the US, reaching £2.2 million on average, compared with less than £1 million in the UK.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a9b74f781a&e=20056c7556
PoSeidon malware targeting retailers, say researchers
A family of improved malware is targeting retailers’ point of sale (PoS) systems, taking up where Zeus and BlackPoS left off, say Cisco researchers.
Dubbed PoSeidon, the malware is designed to scrape PoS devices’ memory for credit card information and exfiltrate that data to servers. The data can be used to create cloned credit cards, and is typically sold on criminal markets. The demand for such data has driven the growth in the number of data breaches involving PoS malware.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=554d707153&e=20056c7556
Bridging the Cyber-Security Skills Gap Using the Right Technology
According to the 2015 Global Cybersecurity Status Report from industry association, ISACA, a huge 90% and 87% of US- and UK-based IT and security professionals respectively testified to there being an international shortage of skilled cyber-security professionals, with direct impact on these organizations’ ability to prepare and fend off sophisticated attack as a result.
The technology is moving in the right direction, we just need to make sure it will focus on helping the humans fight the bots and the malicious humans on the other side, not burry them in additional labor.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7cd4ef3c47&e=20056c7556
CEOs have false perception of the extent of their cyber risk insurance cover, new report finds
The report on the role of insurance in managing and mitigating cyber risk (32-page / 2.78MB PDF) highlighted a discrepancy between the cover that chief executives believe their companies have for cyber risk and the reality of the insurance protection their businesses have purchased.
“Business leaders who are aware of insurance solutions for cyber tend to overestimate the extent to which they are covered,” the report said. “Surveys show that 52% of CEOs believe that they have cover, whereas in fact less than 10% do. This picture is likely a result of the complexity of insurance policies with respect to cyber, with cyber sometimes included, sometimes excluded, and sometimes covered as part of an add-on policy.”
According to the report, just 2% of large businesses in the UK have “explicit cyber cover” and approximately half of the businesses the government liaised with for the report said they were not aware “that cyber risks can even be insured”.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=91ff587a15&e=20056c7556
Adobe Flash Player Sees Additional Update, Patches Vulnerabilities Found at Pwn2Own Contest
The latest beta version of Adobe Flash Player is now available. It is version number 17.0.0.134, and is the latest free version of the player. This version of Adobe Flash Player comes with many new incremental updates and performance enhancements that increase the quality of the player. Most of the fixes are technical in nature, but many users will see some performance enhancements if they spend a lot of time using Adobe Flash Player.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7dea6c78f4&e=20056c7556
Communication Security Establishment’s cyberwarfare toolbox revealed
The CSE toolbox includes the ability to redirect someone to a fake website, create unrest by pretending to be another government or hacker, and siphon classified information out of computer networks, according to experts who viewed the documents.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=362834b250&e=20056c7556
An introduction to threat intelligence services in the enterprise
Learning about relevant threats as soon as possible gives organizations the best chance to proactively block security holes and take other actions to prevent data loss or system failures.
Threat intelligence services are relative newcomers to the security industry, so there are still a lot of differences in the types of services each offering delivers.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ca5cc43740&e=20056c7556
Airbus Wins UK Cyber Center Research Deal
LONDON — The creation of a UK virtual cyber operations center aimed at defeating battlefield attacks took a step forward with the award of a small study contract to Airbus UK by Ministry of Defence researchers.
Airbus Group’s technology innovation arm in the UK announced Monday it secured a £1.4 million (US $2.1 million) deal late last year from the MoD’s Defence Science and Technology Laboratory (Dstl) to study the development of a 3-D virtual world to enable analysts, military experts and others to collaborate and share situational awareness to detect and counter cyber attacks on information and weapon systems.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4400f3ebe3&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=3776d7ca1d)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)