[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]<\/p>\n
* How Your Voice Is Preventing Hackers From Accessing Financial Information
\n* Infamous Hacking Groups: 5 Things They Hope to Accomplish
\n* 6 cybersecurity and emergency situations every IT department should train for
\n* The 5 most common reasons for corporate data loss
\n* Complex Bitcoin Phishing Scheme Revealed – Cisco’s OpenDNS Security Team
\n* Online Exclusive: DDoS Attacks Fuel the Need for Modern Protection Methods
\n* Overcoming the barriers to ISO 27001 adoption for success on G-Cloud
\n* The key tenets of a regional cyber security framework
\n* 5 questions the CISO should ask the Threat Analyst
\n* Taking cyber risk management to the next level<\/p>\n
How Your Voice Is Preventing Hackers From Accessing Financial Information
\nVoice biometrics is being implemented by many financial institutions such as banks and retirement providers, because it does not require consumers to be physically present or have the software capable of authenticating them through their fingerprint or an iris scan.
\nThe technology encompasses an individual’s voiceprint of over 100 vocal and personal characteristics with 50% consisting of their physical traits such as their vocal cords, sinuses and lung capacity and the remaining half comprising of their personal tone, pitch and pace when they speak, she said.
\nMany companies utilize the technology by acquiring a person’s voiceprint passively or simply capturing it as the individual inquires about a transaction and answers questions with a customer service representative.
\nThe next time they call to ask about a purchase or a deposit, the company can compare their current voice against the voiceprint, Thomson said.
\nWithin seconds, the employee at the bank can determine if the caller’s voice matches the voiceprint.
\nAfter a pilot program last year, Citigroup now authenticates a small fraction of its customers who have their branded credit cards by using NICE’s voice biometrics technology.
\nAs of June, 750,000 customers out of a total of 23.8 million active and inactive accounts can access their accounts by using their voiceprint.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=387a25a475&e=20056c7556<\/p>\n
Infamous Hacking Groups: 5 Things They Hope to Accomplish
\nAs one might assume, not all hacking groups are bent on simply causing mass destruction of computer systems or stealing user information.
\nPossibly the most well-known hacking group, Anonymous, is infamous for their strong-armed methods to raise awareness of hacktivist related issues.
\nOn the flip side, some hacker collectives do not want to defend the interests of the greater good, but merely work to defend their opinions and attack those that oppose their views.
\nFor instance, the Syrian Electronic Army (SEA) is a group of hackers that strongly voices their support for the President of Syria, Bashar al-Assad.
\nAlthough the first two examples of hacking groups were more politically motivated, not all hacking initiatives are driven to fight for a specific cause or interest.
\nSome are simply created to arbitrarily wreak havoc on networks and computer systems.
\nFor example, one hacking group that focuses on hacking for sport is known as Lulz Security or LulzSec for short.
\nTheir group motto is aptly written as, \u201cLaughing at your security since 2011.\u201d
\nOther hacking groups are more insidious in the way they deal with hacking attempts and primarily want to strike fear in others.
\nIn 2014, a hacker collective called the Lizard Squad successfully shut down the online Xbox and Sony PlayStation gaming networks, which caused major outages during a peak holiday gaming season.
\nUnfortunately, this isn\u2019t where the issue ends.
\nLastly, some hacking groups form in order to educate the general public on the dangers of cyber security vulnerabilities.
\nOver thirty years ago, a hacking group called the Chaos Computer Club (CCC) was formed with the sole purpose of exploiting various security flaws that are present in today\u2019s cyber security standards.
\nCCC is regarded as one of Europe\u2019s largest and well-known hacking groups in existence.
\nIn the mid-1980s, the group once successfully stole 135,000 Deutsch Marks from an establish credit union in Germany to highlight the lack of proper security for their computer systems.
\nThe club then returned the money once they gained notoriety for their accomplishment.
\nThese days, CCC is working to shed some of the negative connotations associated with hackers and look to rebrand themselves as \u201ctechnology experts.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3223d2b388&e=20056c7556<\/p>\n
6 cybersecurity and emergency situations every IT department should train for
\nSerious vendor vulnerability
\nMajor web site rollback
\nSocial engineering attack
\nInsider data theft
\nCritical change request
\nContinuity of IT leadership
\n[Paul would also add-in be prepared for the UnExpected, i.e. when there is a predefined playboook.]
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=767ed7ce83&e=20056c7556<\/p>\n
The 5 most common reasons for corporate data loss
\nA recent study by Kroll Ontrack revealed very interesting data gathered using the company’s data recovery tool.
\nAccording to the study, the main problem, accounting for 25% of the total number of cases, is failure to detect the storage drive.
\nThat is logical, especially if we are talking about hard drives and flash drives, which are used in mass storage devices in all kinds of corporate environments despite being much more prone to failure than other more reliable types of devices, like magnetic tape.
\nAnother of the big problems behind data loss is the device not powering on, which can be caused by a failure in the power supply or in other components.
\nCuriously, in third place, we find one of the reasons that can cause hardware to fail, and that is the device being dropped on the floor from height.
\nFurthermore, the increased use of solid-state drives (SSD) with flash memory in recent years will undoubtedly have pushed this percentage up.
\nThese types of drive offer faster access to data than conventional mechanical hard drives, but also are more prone to failure if used to write data continually, which is why they are not recommended for use in servers or in computers where reliability is critical.
\nIn fourth and fifth place in the table, we can find two reasons that tend to be caused by software failures occurring at the same time as the data is being used, or malware that directly affects the stored data.
\nSo here we are talking about files being deleted (accidentally or deliberately) or becoming corrupted.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=606ce4bd2b&e=20056c7556<\/p>\n
Complex Bitcoin Phishing Scheme Revealed – Cisco’s OpenDNS Security Team
\nCriminals have started staging phishing campaigns having discovered that Bitcoin can provide an easier way to steal, says Cisco\u2019s OpenDNS security team after they revealed a complex phishing scheme aimed at collecting user credentials from various Bitcoin-related services.
\nThe discovery was made after the price of the digital currency rose by over 58% to reach about $775 in the last month (though it has dropped in a week) based on several factors.
\nThe latter includes the finite and constrained supply of Bitcoin, its pending supply growth reduction next month, the anticipated supply drop which will drive demand and more people using and wanting Bitcoin.
\nCyren says it detected the investment pattern of a phishing campaign – rental of botnets, purchase of exploit kits, and the acquisition of compromised site lists – as its attack vector is pay-per-click advertising via Google AdWords.
\nThe OpenDNS Labs detected blolkchain[.]com which was another phish on the same IP 89.248.171.88 June 13 2016.
\nThey were able to uncover three anonymous offshore hosting companies using the identified websites\u2019 IP space.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=de9946c972&e=20056c7556<\/p>\n
Online Exclusive: DDoS Attacks Fuel the Need for Modern Protection Methods
\nNearly every day there is a headline brandishing the news of yet another distributed denial of service (DDoS) attack on some major organization.
\nMany other organizations experience DDoS attacks on a daily basis, but those attacks don\u2019t make headline news.
\nIt\u2019s an alarming situation, globally.
\nIn a recent survey of IT security professionals and network operators at the RSA Conference 2016, 31% of respondents stated that their enterprise experiences DDoS attacks weekly or daily.
\nThis survey also asked participants about their current methods of handling the DDoS threat; nearly one third (30%) of respondents still rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks.
\nAlthough hackers often launch DDoS attacks purely to create a nuisance by taking a website offline, it\u2019s becoming very common for hackers to launch \u201cDark DDoS\u201d attacks that distract IT security staff while the hackers launch malware or infiltrate sensitive databases.
\nIn all of these cases, the DDoS attacks are low-threshold, short-duration attacks that escape the attention of IT security staff; such attacks may not cripple a website but they can negatively affect network or application performance.
\nAn organization\u2019s security posture is only as good as their ability visualize the security events in the environment.
\nA robust modern DDoS solution will provide both instantaneous visibility into DDoS events as well as long-term trend analysis to identify adaptations in the DDoS landscape and deliver corresponding proactive detection and mitigation techniques.
\nAutomatic DDoS mitigation is available today to eradicate the threat to your business and eliminate both the service availability and security impact.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6ca0332140&e=20056c7556<\/p>\n
Overcoming the barriers to ISO 27001 adoption for success on G-Cloud
\nbarriers ISO 27001 adoptionA recent attention grabbing headline that was just too controversial to ignore: \u201cSloppy SaaS firms lose out on G-Cloud deals, research suggests\u201d.
\nIn the article, former EuroCloud secretary general Lindsay Smith stated that the majority of SaaS providers on the UK G-Cloud were failing to win business there because their listings are not up to scratch.
\nHis research into Digital Marketplace buying trends suggests three-quarters (77%) of SaaS suppliers recorded zero sales during the 12 months to January 2016.
\nThe fact is that whilst ISO 27001 certification is not a prerequisite to working with the public sector, there is little doubt that a UKAS accredited ISMS is an important differentiator.
\nAn ISO 27001 implementation is no insignificant investment.
\nTaking into consideration the cost of gaining in-house expertise, or buying it in from external consultants, audit visits and certification, all on top of the anticipated management resource can result in a hefty budget being needed.
\nOf course, there are firms that will promise to \u2018deliver\u2019 an ISMS to minimise disruption to business and eliminate the need for in-house expertise.
\nSome will even guarantee UKAS certification.
\nHowever, the costs are high and without an organisation\u2019s active involvement, understanding and ownership, there is a danger this becomes a \u2018manual\u2019 to be dusted-off prior to each annual audit.
\nIf you are on G-Cloud presumably you want to do business with government.
\nMore and more firms are recognising they\u2019ll stand a far better chance with ISO 27001.
\nBut, keep in mind that a UKAS accredited ISO 27001:2013 certification is the only one they will recognise so, whilst arguably more rigorous and expensive, choosing a non-UKAS accredited certification could be a false economy.
\nBecause it is the only independently audited ISMS it demonstrates the competence, impartiality and performance capability of certification bodies.
\nThis reduces the need to be assessed by customers and supply chain partners and will differentiate you amongst knowledgeable buyers and procurement departments.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bd46eb7a94&e=20056c7556<\/p>\n
The key tenets of a regional cyber security framework
\nAt the recent Fortinet Partner Conference 2016 in Chengdu, China, representatives from Cyber Security Malaysia (CSM), Korea Internet and Security Agency (KISA), Philippine National Police Anti-Cybercrime Group (PNP ACG), Frost & Sullivan and the host vendor shared ideas and possibilities for an Asia Pacific Security Framework.
\nInspired by the tenets of the US National Institute of Standards and Technology cyber security framework, the panelists discussed incident response, culture and education, risk and resiliency, collaboration and enforcement.
\nKISA, for example, has established systems and policies for incident response to mitigate distributed denial of service (DDoS) and malware attacks; and a threat intelligence-sharing program in collaboration with industry players such as Fortinet.
\nIn the Philippines, the PNP ACG was established to implement and enforce laws on cybercrimes and pursue an effective anti-cybercrime campaign in line with the PNP Patrol Plan 2030.
\nBy 2025, the PNP ACG aims to be a highly responsive and dynamic unit in enforcing laws such as the Cybercrime Prevention Act 2012 and the Data Privacy Act of 2012.
\nMeanwhile, the Cyber Security Malaysia specialist agency provides technical assistance and training services in support of the country\u2019s cyber crisis management.
\nIts core services include: cyber security emergency services; security quality management services; info-security professional development and outreach; and cyber security strategic engagement and research.
\nFrost & Sullivan recommends operationalizing cyber protection for defending against known threats; cyber intelligence for uncovering unknown threats; and cyber resilience for organizational readiness and responsiveness.
\nRepresentatives from the respective national cyber security agencies agree that, beyond just sharing information, there\u2019s a need to collaborate on a higher scale.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e194fc40bd&e=20056c7556<\/p>\n
5 questions the CISO should ask the Threat Analyst
\nThe following five questions represent a way for the CISO to start a risk-based dialogue that can be a source of metrics supporting the use of threat intelligence data.
\nThe answers to the questions can also be a regular part of board level discussions.
\n– What are the risks to our brand?
\n– Are our employees\u2019 credentials part of any mass exposure?
\n– Are we as aligned as we can be with security operations?
\n– How do we know we are hunting the right threats?
\n– What can we share with and learn from other companies in our industry vertical?
\nMaking threat intelligence data useful requires a robust threat intelligence platform that can off-load correlation IOCs with log data from the SIEM.
\nThis is a necessary step for making tens of millions of active IOCs useful for threat hunting.
\nThis approach is efficient and aligned across threat analysts, SOC personnel and incident responders.
\nA proactive approach to cyber security means finding threats before they become a problem.
\nMake everyone a threat hunter by unleashing your entire security team\u2019s creativity but keep it efficient through active prioritisation and inside the bounds of what matters to the organisation.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0866ea0c3d&e=20056c7556<\/p>\n
Taking cyber risk management to the next level
\nBanks, investment companies, and insurers are prime targets for cybercriminals looking to steal money or information, disrupt operations, destroy critical infrastructure, or otherwise compromise data-rich financial services institutions (FSIs).
\nIndeed, FSIs lead the pack in terms of the average cost of cybercrime incurred by companies in a particular industry, counting both internal activities and external consequences.
\nThat figure reached $28.3 million in 2015\u2014which is significantly higher than the six-year average for FSIs of $19.4 million annually (see figure 1).1
\nYet despite having had several years to bolster cybersecurity capabilities, our latest research found that many FSIs are still struggling to keep up with a moving target.
\nBasic blocking and tackling strategies to lock down devices, systems, and platforms remain a work in progress at many companies because of the pace of attacks, the growing sophistication of threat actors, as well as multiplying, often conflicting demands facing chief information security officers (CISOs).
\nAdding to the sense of urgency surrounding cybersecurity is the massive technological transformation underway in financial services driven by fintech, regtech, mobile applications, cloud adoption, and other emerging developments.
\nCISOs and the business executives they work with are being challenged to become more agile and provide a frictionless customer experience.
\nBeyond facilitating technology upgrades, they must balance the needs of cybersecurity with other forces, such as cost reduction, globalization of the workforce, and regulatory compliance.
\nOverall, we found that while some FSIs have become leaders in cyber risk management, there is a wide variance on the cybersecurity maturity curve.
\nThe bar needs to be raised for many individual companies and the industry as a whole.
\nOur interviews with leading players and experience in serving clients across financial services provide a number of key insights into how these challenges might be overcome, whether by sharing leading practices or through continuous innovation, just as the threat actors themselves have done.
\nThe bottom line is that by whatever measurement, cybersecurity is not being shortchanged by FSIs, and the vast majority of those we spoke with don\u2019t foresee a significant slowdown in spending anytime soon.
\nOne respondent said trends in cybersecurity spending are the \u201cnew normal,\u201d noting that his budget will likely have to keep increasing to stay ahead of evolving threat actors.
\nLonger term, at some point CISOs will have to start making hard choices on spending priorities, based on a true cybersecurity game plan that is aligned with the company\u2019s business and technology strategies.
\nSince it is probably unlikely, even for the largest institutions, to allot funds to build capabilities in all areas of security simultaneously, CISOs should triage among competing calls for investments.
\nOne interviewee advises his staff to be \u201cdisciplined\u201d about product choices as new solutions emerge.
\nCISO teams should see what works and what doesn\u2019t before adding or substituting new security technologies as they are introduced.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1d6e31a916&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=8369782959)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] * How Your Voice Is Preventing Hackers From Accessing Financial Information * Infamous Hacking Groups: 5 Things They Hope to Accomplish * 6 cybersecurity and emergency situations every IT department should train…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1241","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1241"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1241\/revisions"}],"predecessor-version":[{"id":3728,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1241\/revisions\/3728"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}