[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
**
\n————————————————————
\n* Obama Creating Federal CISO Post
\n* Google adds warning to unencrypted emails
\n* The economic cost of being hacked
\n* NTT Security : UK businesses could spend \u00a31.2 million recovering from a cyber security breach according to new research
\n* How to convince the CFO of the budgetary security need
\n* Cyber attack top business threat for second year running
\n* INSIGHT: Growing hacker threats make cybersecurity a great career choice
\n* Breaches Infest C-Stores, Gas Stations: Study
\n* Change Agent: Google Introduces Filter That Blocks Evolving Botnets
\n* IDT911\u2122 Revamps Industry Leading DataRiskStages\u00ae Service for More Accurate Cyber Underwriting, Simplified Claims Handling, and Enhanced Service for Commercial Policyholders<\/p>\n
Obama Creating Federal CISO Post
\nPresident Obama is creating the position of federal chief information security officer as part of a multifaceted initiative aimed at strengthening the nation’s IT security.
\nWhite House Cybersecurity Coordinator Michael Daniel sees a “deep relationship” between modernizing federal IT and cybersecurity. “It is critically important that we begin to address the underlying structural weakness that we have in cybersecurity by modernizing underlying IT,” Daniel said at a White House briefing on Feb. 9.
\nThe new federal CISO would drive these changes across the government.
\nThe federal CISO would report to the federal CIO and be located in the White House Office of Management and Budget (see: 10 Facts About New Federal CISO Position).
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=68a334c7e5&e=20056c7556<\/p>\n
Google adds warning to unencrypted emails
\nUsers will be shown a small red unlocked padlock icon in the upper right-hand corner of a message to let them know that someone they’re sending messages to or receiving email from doesn’t support TLS encryption that would keep information from prying eyes in transit.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ac5ec602dc&e=20056c7556<\/p>\n
The economic cost of being hacked
\nCyber security specialist Praesidio has put together an infographic looking at just how expensive a cyber attack can be.
\nIncreasingly businesses expect to be attacked at some point. 52 percent of brands anticipate being attacked in 2016, and only 20 percent say they’re confident about avoiding a phishing attack.
\nThe total average cost of a data breach is now put at $6.53 million which includes $3.72 million in lost business.
\nFor financial companies the cost of each compromised record is put at $259, with an average of 10,000 records stolen per incident that\u2019s a significant cost.
\nThe total cost of damage due to cyber attacks is put at $400 million.
\nForensic investigations can cost up to $2,000 an hour, while the average annual salary of a security engineer is $92,000.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5cfc93630d&e=20056c7556<\/p>\n
NTT Security : UK businesses could spend \u00a31.2 million recovering from a cyber security breach according to new research
\nLondon, UK; 10 February 2016 – Most business decision makers in the UK admit that their organisation will suffer from a cyber security breach at some point.
\nThey also anticipate that to recover from a data breach would cost upwards of \u00a31.2 million on average for their organisation, the highest figure globally.
\nThis is according to a new Risk:Value report from global information security and risk management company, NTT Com Security, which surveyed business decision makers in the UK, as well as US, Germany, France, Sweden, Norway and Switzerland.
\nWhile nearly half (48%) of UK business decision makers say information security is ‘vital’ to their organisation and just half agree it is ‘good practice’, a fifth admit that poor information security is the ‘single greatest risk’ to the business, ahead of ‘decreasing profits’ (12%), ‘competitors taking market share’ (11%) and on a par with ‘lack of employee skills’ (21%).
\nWell over half (57%) agree that their organisation will suffer a data breach at some point, while a third disagree and one in ten say they do not know.
\nRespondents estimate that a breach would cost them \u00a31.2m, even before ‘hidden costs’ like reputational damage and brand erosion are taken into consideration, and take on average two months to recover from.
\nThey also anticipate a 13% drop in revenue, on average, following a breach.
\nIn terms of remediation costs following a security breach, nearly a fifth (18%) of a company’s costs would be spent on legal fees, 18% on fines or compliance costs, 17% on compensation to customers, and 11% for third party remediation resources.
\nOther anticipated costs include PR and communications (14%) and compensation paid to suppliers (12%) and to employees (11%).
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4097c01194&e=20056c7556<\/p>\n
How to convince the CFO of the budgetary security need
\nIt is important that the CFO understand an organization\u2019s cyber security needs by working with the Chief Security Officer and\/or Chief Information Security Officer.
\nHelping to educate the CFO on the nature of the threats, as well as their potential impacts against the organization\u2019s business process, production, customer relations, and public perception will better inform them as to how to address security needs within a risk management environment.
\nSince it is nearly impossible for organizations to protect all aspects of their enterprise, working with the CFO to prioritize threats by severity, potential impact, and cost-benefit analysis is an integral endeavor for security personnel looking to receive a budget that fits their needs.
\nThere are some encouraging signs that the gap between CFO and CSO\/CISO is narrowing.
\nAccording to a 2015 survey conducted of 100 U.S. technology CFOs by BDO USA, a leading association of accounting, consulting, and professional service firms, two-thirds said they have increased cyber security measures for their respective organizations since the preceding year.
\nThese findings are not alone.
\nA separate survey conducted by CFO Signals in 2015 found that of 103 CFOs polled, 74 percent ranked cyber security as their top priority, demonstrating that not only are CFOs getting the need to invest in cybersecurity, they are understanding that they have a role in it as well.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=109aeaf471&e=20056c7556<\/p>\n
Cyber attack top business threat for second year running
\nCyber attack is the top threat perceived by businesses, according to the fifth annual Horizon Scan report published today by the Business Continuity Institute (BCI), in association with BSI.
\nSimilarly, the threat of a data breach rises to second in the list, up one place from 2015.
\nThe annual BCI Horizon Scan assessed the business preparedness of 568 organisations worldwide and shows that three quarters (85%) of business continuity managers fear the possibility of a cyber attack, with 80% worried about the possibility of a data breach similar to those suffered by Carphone Warehouse and Sony.
\nConcerns over supply chain disruption remained in the top ten, but fell two places from fifth last year to seventh this year.
\nAlmost half of those polled (47%) identified increasing supply chain complexity as a trend, leaving their organisation vulnerable to disruption from conflict or natural disasters.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=672369b950&e=20056c7556<\/p>\n
INSIGHT: Growing hacker threats make cybersecurity a great career choice
\nA massive increase in cybersecurity jobs is coming.
\nMuch of the money spent on cybersecurity finds its way to the professionals working daily to keep companies safe; therefore, spending toward new jobs is more than likely.
\nHowever, therein lies a problem.
\nCybersecurity already has a huge number of empty jobs.
\nCurrently, Cisco found that there are 1 million cybersecurity positions worldwide that aren\u2019t filled.
\nAs the market grows, new cybersecurity positions will increase, demanding more people to enter the field.
\nIf you haven\u2019t set your goals for the year, make it a point to receive training in cybersecurity.
\nThe industry is poised for a lot of growth, and the high number of vacant positions will give you multiple career options.
\nNot only that, but you\u2019ll also have a level of job security that you probably won\u2019t be able to find elsewhere.
\nSo take the leap.
\nSearch local training centers for more on information security training and get that cybersecurity position you\u2019ve always dreamed about.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9eb9d9f36a&e=20056c7556<\/p>\n
Breaches Infest C-Stores, Gas Stations: Study
\nConvenience store and gas station chains appear to be most susceptible to data breaches, according to a study from the Richmond, Va.-based Risk Based Security, \u201cData Breach QuickView: 2015 Data Breach Trends.\u201d
\nAccording to the study, the total number of data breach incidents was up 23% to 3,930 in 2015 from 3,192 in 2014.
\nThe number of exposed records, however, fell 33% to 736 million in 2015 from 1.1 billion the year before, the report said.
\nAutomated fuel dispenser skimming is the most frequent form of data theft, the report said.
\nTo pull this off, a skimmer usually affixes a device over the mouth of the card reader and secretly captures credit and debit card information when customers insert their cards into the ATM machines or fuel pumps.
\nCriminals also use a combination of cameras and video devices to capture cardholder PINs as part of their ATM skimming scheme.
\nThe analysis found California had the highest number of data breach incidents in 2015 at 199, with Florida coming in second at 130.
\nCalifornia retained the top spot from 2014, while Florida rose to the No. 2 spot.
\nNew York came in third in 2015 at 102 incidents.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=31c6190325&e=20056c7556<\/p>\n
Change Agent: Google Introduces Filter That Blocks Evolving Botnets
\nGoogle is upping its defenses against ad fraud to take on three malware families.
\nThe offenders include Bedep, plus two previously unknown entities internally code-named Beetal and Changthangi, which are named for goat species.
\nRead the blog post.
\nGoogle has developed a filter \u2013 now available for advertisers using DoubleClick Bid Manager (DBM) and Google Display Network (GDN) \u2013 to block traffic from these families.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=602e9a0343&e=20056c7556<\/p>\n
IDT911\u2122 Revamps Industry Leading DataRiskStages\u00ae Service for More Accurate Cyber Underwriting, Simplified Claims Handling, and Enhanced Service for Commercial Policyholders
\nSCOTTSDALE, Ariz., Feb. 9, 2016 \/PRNewswire\/ — IDT911\u2122 announced significant enhancements to its industry leading DataRiskStages\u00ae data breach mitigation and remediation service to better support insurance companies and their commercial policyholders.
\nAnticipating insurance industry needs, the DataRiskStages platform has been enriched with three new features: Ins.breachresponse.com to help avoid and manage a breach, CyberClaims911\u2122 for more efficient claims handling, and new analytics for more accurate cyber underwriting.
\nCombined, the three services offer triple threat cyber service for the insurance industry.
\nor commercial policyholders, Ins.breachresponse.com from DataRiskStages offers important and comprehensive pre-breach risk awareness education and post-breach remediation guidance.
\nCyberClaims911 is the first and only third-party administrator that focuses solely on cyber claims processing\u2014delivering industry-leading data breach avoidance and resolution services resulting in stronger management over losses and reduced operating expenses.
\nAdvanced analytics and reporting from IDT911 strengthens your insight when underwriting cyber risks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2513afb7c2&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage1.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=04c460bc88)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: ** ———————————————————— * Obama Creating Federal CISO Post * Google adds warning to unencrypted emails * The economic cost of being hacked * NTT Security : UK businesses…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1197","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1197","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1197"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1197\/revisions"}],"predecessor-version":[{"id":3684,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1197\/revisions\/3684"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1197"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1197"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1197"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}