[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Data breaches could cost the global economy trillions by 2019<\/p>\n
Juniper Research has concluded that data breaches could cost the global economy as much as $2 trillion in the next five years, and has pointed the finger at weak corporate and network security as the reason for the breaches.<\/p>\n
Juniper notes that healthcare, financial and banking, and government industries will be the most lucrative targets.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c2b0ed96b3&e=20056c7556<\/p>\n
The GC\u2019s 30-Minute Breach Drill<\/p>\n
A data breach requires you, the general counsel, to quickly assess the situation and be able to give a coherent initial report to your CEO. If you are well organized you should be able to prepare an effective CEO initial briefing in about 30 minutes. Here are some tips from working with 52 data breaches \/data compromises in the past year. With advanced planning, every GC can master the first steps of a computer intrusion smoothly. Try to follow these nine steps in the order offered.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=405506c2ba&e=20056c7556<\/p>\n
Security analytics key to breach detection<\/p>\n
“Breach detection is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level,” says Eric Ahlm, research director at Gartner. “Security analytics platforms endeavor to bring situational awareness to security events by gathering and analyzing a broader set of data, such that the events that pose the greatest harm to an organization are found and prioritized with greater accuracy.\u201d<\/p>\n
The challenge to this approach is that major security events, such as breaches, don’t happen all at once. There may be an early indicator, followed hours later by a minor event, which in turn is followed days or months later by a data leakage event. Gartner says that when these three things are looked at as a single incident that just happens to span, say, three months, the overall priority of this incident made up of lesser events is now much higher. This is why “look backs” are a key concept for analytics systems.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=384079c51d&e=20056c7556<\/p>\n
Breaches and More Breaches \u2013 We need to play a new game!<\/p>\n
The global survey results showed that 54 percent of respondents plan to increase their security spend to deal with insider threats next year and the remaining 39 percent will be spending at least as much as they are now. Below are a few results from our insider threat report:\u2026. It\u2019s clear we need to stay on top, or potentially get on top of these security threats. To do so, we all need to \u201cget with the program\u201d \u2013 not just play the same old game and get the same old results:…<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=354e7033af&e=20056c7556<\/p>\n
Mystery botnet hijacks broadband routers to offer DDoS-for-hire<\/p>\n
The discovery was made by security firm Incapsula (recently acquired by Imperva), which first noticed attacks against a few dozen of its customers in December 2014 since when the firm estimates its size to exceed 40,000 IPs across 1,600 ISPs with at least 60 command and control (C2) nodes.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8049ad1c1e&e=20056c7556<\/p>\n
root9B Uncovers Planned Sofacy Cyber Attack Targeting Several International and Domestic Financial Institutions<\/p>\n
The banks identified as potential targets in the pending attack are TD Bank, Bank of America, UAE Bank, and other organizations including the United Nations Children’s Fund, United Bank for Africa and Regions Bank.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a0ce5d9987&e=20056c7556<\/p>\n
Banking Malware Delivered from SQL Database, Disables G-Buster Plugin<\/p>\n
Security researchers spotted a new method for distributing malware, where a banking Trojan is delivered to a compromised computer from a Microsoft SQL database available online.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5f02d09000&e=20056c7556<\/p>\n
Cyveillance Phishing Report: Top 20 Targets<\/p>\n
RBC Royal Bank, Facebook, and Sparkasse were new entrants on the Cyveillance top 20 list, displacing Lloyds, Comcast, and Navy Federal Credit Union. Apple remains a top phishing target with an increase of more than 65% over the prior week, and Bank of America increasing more than 60%. Lloyds TSB dropped off the list with the most dramatic reduction (>80%), followed by TD Canada Trust (>70%), Amazon (>50%), USAA (>55%), and AOL (>40%).<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=62f185632f&e=20056c7556<\/p>\n
Ad Industry Blacklist Will Help Share Fraud Intelligence<\/p>\n
The ad industry is creating a blacklist for Web sites associated with online ad fraud, a move meant to spread the word about bad actors and help crack down on an activity that is costing marketers.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a8ee29da5b&e=20056c7556<\/p>\n
Microsoft releases 13 security updates for Windows as part of this month’s Patch Tuesday<\/p>\n
Bulletin #8 (Important) \u2013 This is a security update to patch an elevation of privilege vulnerability found in the Service Control Manager of the Microsoft \u2026<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bd1cb2b7be&e=20056c7556<\/p>\n
Mozilla Firefox 38 Gets a Baker’s Dozen Security Updates<\/p>\n
Five of the 13 security updates for Firefox 38 are considered critical. … Mozilla has also issued 13 security advisories for vulnerabilities fixed in the \u2026<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=14a73cbdd0&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=dde7f4592f)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Data breaches could cost the global economy trillions by 2019 Juniper Research has concluded that data breaches could cost the global economy as much as $2 trillion in…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1073","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1073"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1073\/revisions"}],"predecessor-version":[{"id":3560,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1073\/revisions\/3560"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}