[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
\nSorry for the delay in sending out the newsletter.<\/p>\n
* How MSSPs can address the cybersecurity talent gap
\n* FireEye: Hackers are racing to infiltrate retail POS systems
\n* Cyber security budgets on the rise but not in line with threats
\n* New Report Reveals Cybersecurity Risks Are the Biggest Barrier to Enterprise Mobility and BYOD Success
\n* Hackers Breach Law Firms, Including Cravath and Weil Gotshal
\n* Enterprise security trends for APAC<\/p>\n
How MSSPs can address the cybersecurity talent gap
\nThe cybersecurity labor market is suffering a severe workforce shortage.
\nBy 2019, the demand for talent is estimated to be about 6 million jobs, with a projected shortfall of at least 1.5 million skilled workers, according to Symantec’s CEO Michael Brown.
\nThe issues of compatibility and integration are also front of mind for IT leaders, because with so many devices and tools, complexity quickly becomes an issue.
\nThat’s one of the biggest problems an MSSP can help solve, says Mark Stevens, senior vice president of global services at Digital Guardian.
\nThe MSSP model can also be a competitive differentiator for companies that can point to their MSSP as proof that they’re actively involved in security best practices with specialists, says Stevens.
\nIt also means threats can often be addressed before clients even know an incident is happening.
\nIt’s much more cost-effective, too, especially for smaller organizations that might not have the budget for high-priced security talent or expensive on premise tools, Stevens says, not to mention that attacks that are simply a nuisance for large enterprise networks can be downright crippling for SMBs or startups.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f83cd1838d&e=20056c7556<\/p>\n
FireEye: Hackers are racing to infiltrate retail POS systems
\nNart Villeneuve, a senior threat intelligence researcher with FireEye, wrote on Monday that more than a dozen malware families that target POS systems were found last year.
\n“Criminals appear to be racing to infected POS systems in the United States before U.S. retailers complete this transition,” Villeneuve wrote.
\nIn response, card issuers and banks have improved their ability to identify and block potentially fraudulent transactions.
\nBut the potential windfall has criminals working overtime.
\nVilleneuve described a new type of POS malware called Treasurehunt, which steals payment card data from a computer’s memory.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff9916f3ff&e=20056c7556<\/p>\n
Cyber security budgets on the rise but not in line with threats
\nThe Institute of Information Security Professionals (IISP) has announced the findings from its 2016 member survey.
\nWith over 2,500 members working in security across a wide range of industries and roles, including a significant proportion at Senior\/Lead\/CISO level, the results of the IISP provide an accurate snapshot of the state of the UK cyber security landscape from those working on the frontline.
\nThe survey reveals that for over two thirds of members, information security budgets have increased, while a further 15% said that they had stayed the same.
\nThese are encouraging figures but they have to be examined alongside increasing risk and the survey also found that 60% of respondents felt that budgets were still not keeping pace with the rise in the level of threats.
\nOnly 7% reported they were rising faster than the level of threat.
\nThe survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn\u2019t just lie in the number of people.
\nRespondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c8f71bf301&e=20056c7556<\/p>\n
New Report Reveals Cybersecurity Risks Are the Biggest Barrier to Enterprise Mobility and BYOD Success
\nWASHINGTON–(BUSINESS WIRE)–Following industry predictions that the global BYOD and enterprise mobility market will reach $360 billion by 2020, Crowd Research Partners today released the results of its new 2016 BYOD and Mobile Security Report, in conjunction with leading data security vendors Bitglass, Blancco Technology Group, Check Point Software Technologies, Skycure, SnoopWall and Tenable Network Security.
\nBased on a survey of over 800 global cybersecurity professionals who are members of the 300,000 member Information Security Community on LinkedIn, the study provides a conflicting portrayal of BYOD security barriers and adoption trends in the workplace.
\nKey BYOD and mobile security trends that surfaced from the study include:
\nSecurity (39 percent) and employee privacy (12 percent) are the biggest inhibitors of BYOD adoption.
\nIn contrast, management opposition (3 percent) and user experience concerns (4 percent) rank far lower.
\nOne in five organizations suffered a mobile security breach, primarily driven by malware and malicious WiFi.
\nSecurity threats to BYOD impose heavy burdens on organizations\u2019 IT resources (35 percent) and help desk workloads (27 percent).
\nDespite increasing mobile security threats, data breaches and new regulations, only 30 percent of organizations are increasing security budgets for BYOD in the next 12 months.
\nMeanwhile, 37 percent have no plans to change their security budgets.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8a8c5c5fed&e=20056c7556<\/p>\n
Hackers Breach Law Firms, Including Cravath and Weil Gotshal
\nHackers broke into the computer networks at some of the country\u2019s most prestigious law firms, and federal investigators are exploring whether they stole confidential information for the purpose of insider trading, according to people familiar with the matter.
\nThe firms include Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies in everything from lawsuits to multibillion-dollar merger negotiations.
\nIt isn\u2019t clear what information the hackers stole, if any, but the focus of the investigation is on whether confidential data were taken for the purpose of insider trading, according to a person familiar with the matter.
\nLaw firms last year formed an information-sharing group to disseminate information about cyberthreats and other vulnerabilities.
\nIt is modeled after a similar organization for financial institutions.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ffc0a1b968&e=20056c7556<\/p>\n
Enterprise security trends for APAC
\nThat\u2019s according to Pierre Noel, chief security officer and advisor, Microsoft Asia, ahead of the CommunicAsia2016 Summit.
\nNoel says that while there will always be new threats, new attacks and new technologies to keep an eye on, there are some security trends businesses in Asia Pacific should know about.
\nMobile Malware
\nOnline extortion and hacktivism
\nPassword recovery scams, including spear phishing and smishing
\nA New Approach To Cybersecurity
\n\u201cCompanies must evolve from a simple, \u2018protect and recover\u2019 model to a more holistic protect, detect and respond posture that utilises real-time insights and predictive intelligence across networks to stay ahead of threats,\u201d he says.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=81d6d7a179&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=f436af6127)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] Sorry for the delay in sending out the newsletter. * How MSSPs can address the cybersecurity talent gap * FireEye: Hackers are racing to infiltrate retail POS systems * Cyber security budgets…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1212","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1212","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1212"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1212\/revisions"}],"predecessor-version":[{"id":3699,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1212\/revisions\/3699"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1212"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1212"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}