[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]<\/p>\n
* 27% of US office workers would sell their passwords
\n* Mystery Of New York Fed Robbery Has Central Banks Asking Who’s Next
\n* In light of pervasive security threats, why not encrypt everything?
\n* Enhancing Singapore’s response to terrorism
\n* This one chart explains why cybersecurity is so important
\n* Managing cybersecurity and supply chain risks: The board’s role
\n* Turning cyber security threats into opportunity of growth
\n* Elisa says 3% of SMEs have suffered data breach
\n* Cocktail of global security threats pose real danger to maritime environment, MAST warns
\n* Three Health IT Trends to Watch in 2016: Cybersecurity, Telemedicine and Partnerships
\n* PCI Council Adds European Partner to Fight Fraud
\n* A third of email sent to U.S. House is malware, a virus or spam
\n* The IT-security divide is limiting full cyber attack chain analysis, expert warns
\n* Hacker-proof boardrooms top corporates’ agenda
\n* From Quidditch to cyber warfare: Israel\u2019s military elite take on hackers, Harry Potter style
\n* Australian defense minister submits defense white paper to Indonesia
\n* The next generation of APTs: Highly successful but surprisingly simple
\n* Money managers starting to buy cyberattack insurance
\n* The Service Desk: The Unsung Hero of IT Security
\n* 25% of knowledge workers don’t trust their IT teams with personal data
\n* Amid Hacking Threats, Law Firms Turn to Cyber Insurance
\n* Malware Word Search: Identifying Angler’s Dictionary
\n* How to keep your highly skilled and paid security team happy and engaged
\n* Coming soon, Denmark\u2019s intelligence presents the Danish Hacker Academy
\n* Threat intelligence exchanges OK, but most prefer to receive intel rather than give
\n* Cyber insurance gets Hill attention<\/p>\n
27% of US office workers would sell their passwords
\nThe study itself was conducted by Vanson Bourne, an independent research firm.
\nThe same survey was conducted last year as well, but then only one in seven employees were willing to sell their passwords.
\nCrooks have to be willing to shell out some dough, however, as 56 percent of employees priced their credentials at over $1,000.
\nOthers, however, were willing to go as low as $100.
\n“Last year, the minimum mark was $150,” said Rizkallah. “Things are getting worse.”
\nPlus, the employees were sneaky.
\nMany respondents added that after getting the money, they would immediately change their passwords.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6d1a27a627&e=20056c7556<\/p>\n
Mystery Of New York Fed Robbery Has Central Banks Asking Who’s Next
\nOn a quiet Friday morning in early February, a series of instructions using authenticated SWIFT codes was sent to 33 Liberty allegedly from the Bangladesh central bank requesting the transfer of nearly $1 billion from the country\u2019s FX reserves.
\nNow, the first thing that should jump out at you there is that Friday is a weekend in Bangladesh, a fact which probably should have set off alarm bells.
\nBut alas, it didn\u2019t and by the time the hackers who sent the transfer instructions screwed the pooch by spelling \u201cfoundation\u201d wrong in one of the requests, more than $80 million was sent to the Philippines where it landed in four accounts and eventually ended up transferred to at least two casinos and one unidentified man \u201cof Chinese origin” who has since been named as a Weikang Xu.
\nFor those who might have missed the story, here are our three previous accounts of what is truly a Hollywood-esque plot line:
\nAccording to testimony from a Rizal executive heard at a Senate hearing in the Philippines late last week, some $427,000 in cash was withdrawn from one of four accounts that received the illicit funds.
\nThat money was promptly deposited – into the back of Deguito\u2019s car.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d753d31567&e=20056c7556<\/p>\n
In light of pervasive security threats, why not encrypt everything?
\nIn healthcare, we all know what a breach is.
\nGenerally, it\u2019s an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of protected health information.
\nSo here is the basic question: Since encryption of electronic PHI is the only true safe harbor of protection offered to providers, why not encrypt everything, whether it\u2019s portable or on the desktop.
\nToday, encryption tools are embedded in current operating systems and come with almost every device purchased.
\nWhy not use it?
\nWhatever the financial and human capital costs to encrypt all electronic devices (and it would not be that great these days), it pales in comparison to the costs of handling a breach, not to mention the imputed value of reputational damage.
\nAs the stakes rise for keeping information secure, the industry needs to re-examine long-held practices\u2014or the lack thereof\u2014to protect patient information.
\nAny cost that offers protection against the damage of a hacker\u2019s cyber attack now appears to be a defensible cost.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=acf3569590&e=20056c7556<\/p>\n
Enhancing Singapore’s response to terrorism
\nHome Affairs Minister K.
\nShanmugam announced changes to harden Singapore against a terrorist attack at a Home Team Leaders’ Forum yesterday.
\nHere is an edited excerpt of his speech.
\nIt is no longer a question of whether an attack will take place but when an attack is going to take place in Singapore and we have to be prepared for that.
\nThe critical task for the Ministry of Home Affairs (MHA) is really to deal with this in the coming years.
\nWe have in place a comprehensive counter-terrorism strategy, which has dealt with the challenges so far and quite effectively.
\nNow we have to deal with an increased set of threats and deal with a new modus operandi.
\nThere is no time to waste.
\nWe have to do this urgently.
\nWe have to and will significantly enhance measures in two areas: security protection and vigilance, and security response.
\nFirst, we will further enhance protective security measures for buildings and premises.
\nThese include critical infrastructure, like Changi Airport and government buildings, and also soft targets, like entertainment centres, sports facilities and shopping centres.
\nThe Home Team will develop deep data analytical capabilities to allow real-time monitoring and analysis of the CCTV data.
\nThis will allow us to plan and execute our responses much more incisively.
\nThe footage will also help us identify the perpetrators, shorten the time taken to apprehend them and prevent them from launching more attacks.
\nWe will set up the network infrastructure to allow CCTV data in more areas to be accessible to the police, on-demand.
\nThese include CCTVs monitoring the public transportation system, commercial buildings with high footfall and government buildings.
\nI will speak about this in Parliament, at some point, soon.
\nPolice will work closely with premises owners to allow police access to their CCTVs.
\nMembers of public will also be able to submit videos to the police on crowdsourcing platforms.
\nThese are preventive, protective measures that we intend to put in place with necessary legislation.
\nBut we must assume that even with all these measures, some attacks will get through, so we will also enhance our ability to respond to these attacks.
\nWhen an attack takes place, the speed and the manner in which we respond will be critical in taking down the attackers and limiting the damage.
\nOur ability to deal with terrorism effectively as a country depends on how many Singaporeans face up to, and respond, to this challenge as individuals and as members of the community.
\nI mentioned earlier that the aim of the attackers is to inflict maximum fear and casualties and divide society.
\nThis is why the cornerstone of a counter-terrorism strategy has to be a community response plan – one that enhances community vigilance, community cohesion and community resilience.
\nWith these considerations in mind, the Home Team will develop and launch a new national programme, which we will call “SG Secure”.
\nSG Secure will represent our national strategy to safeguard our homeland and our way of life against this threat.
\nJust as we have “Total Defence”, which involves every Singaporean playing a part for the defence of Singapore, SG Secure must become a rallying call for Singaporeans from all walks of life to unite, to play a part in making Singapore a safe place that it is today.
\nThe fight ultimately is one between Freedom and Terror; a fight between Liberty and Servitude; a fight between the spirit of Humanity and the forces of Darkness; or very simply, a fight between Good and Evil.
\nI don’t believe that the terrorists will ever win in the longer term.
\nWe must believe that we can never be kept down by terror.
\nLiberty, Freedom and the Human Spirit will ultimately succeed.
\nBut we have to be prepared to fight for it.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a0d0f48460&e=20056c7556<\/p>\n
This one chart explains why cybersecurity is so important
\nNew hacking threats have emerged in the past two years, and with it has come an large increase in worldwide concern about cybersecurity.
\nIn the infographic below, John Greenough of BI Intelligence, Business Insider’s premium research service, explains what cybersecurity is, what the investment will be, the top types of attacks, and the ways enterprises are protecting themselves.
\nIn 2014, 69% of executives expressed concerned about cyber threats, including a lack of data security, according to a PricewaterhouseCoopers survey.
\nIn 2015, an updated survey increased that number to 86%, so it’s clear that the desire for better cybersecurity is not going away anytime soon.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9e19d2046c&e=20056c7556<\/p>\n
Managing cybersecurity and supply chain risks: The board’s role
\nSecurity is no longer solely the IT and security department’s responsibility.
\nThe types of threats alone have changed in recent years, as politically motivated attacks and those seeking intellectual property become increasingly commonplace.
\nTake supply chain risk management (SCRM), for example.
\nWhen making the case to the board regarding the return on investment value of GRC analytics, the supply chain is a good place to start, said Jon Boyens, program manager of cyber-SCRM at NIST.
\n“Supply chain folks have been fairly successful in showing ROI because supply chain disruptions are expensive,” Boyens said during an RSA panel.
\nJust how expensive.
\nFor starters, 55% of supply chain disruptions will exceed $25 million in costs, according to a recent survey by Business Continuity Institute.
\nFurthermore, 24% of these are caused by cyberattacks and 22% by data breaches.
\nIt’s one thing to bring these statistics and risks to the attention of board members; the challenge is in helping them to understand that information and their role in managing supply chain risks and making use of GRC analytics.
\n“This is important because, as you’re preparing for the board, for senior management, what involvement level do they have and how often do you [have that conversation with them]?” Arsenault said.
\n“You have CIOs, CISOs responsible for IT; different business lines responsible for their business line — but there is rarely any intersection between the two,” he said.
\nThis stems from not only the lack of intersection between SCRM training and IT management training but also system owners’ lack of involvement in information security processes.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5fe4feb0f8&e=20056c7556<\/p>\n
Turning cyber security threats into opportunity of growth
\nAll of a sudden, the dream of digital possibilities has turned into a frightening experience.
\nIt has obviously dented the confidence of the people in the digital infrastructure in handling critical affairs.
\nIn the aftermath of losing US$100 million in the biggest-ever cyber robbery, responsible people are blaming each other over the handling of the incident which may be likened to a tsunami or earthquake.
\nSome officials have also been fired.
\nNow, what measures should the government of Bangladesh take to combat information security menaces.
\nLike a coin, cyber security threat has two sides.
\nThe heist of US$100 million of foreign currency reserves of the Bangladesh Bank (BB) from the account of the Federal Reserve Bank of New York has exposed the devastating side of the coin, traumatising the whole nation.
\nBangladesh must focus on building the epicentre of information security innovation and entrepreneurships around universities-which may take a decade to start producing tangible results.
\nBut this is the only option we have to turn cyber security threat into the opportunity of growth for us-like the way many smart nations have turned critical impediments to new engine of economic growth.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4b2725c388&e=20056c7556<\/p>\n
Elisa says 3% of SMEs have suffered data breach
\nFinnish operator Elisa and the Federation of Finnish Enterprises (Suomen Yrittajiat) have published a study on digitisation and security among small and medium-sized enterprises (SMEs).
\nThe majority of entrepreneurs (84%) felt that their company had not been compromised, while 13 percent were unsure and 3 percent said they had been victims of a data breach.
\nIt said this translated to approximately 6,000 SMEs with between two and 50 employees.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7e03a2f13b&e=20056c7556<\/p>\n
Cocktail of global security threats pose real danger to maritime environment, MAST warns
\nAsia was also the most active region for maritime crime in 2015, according to MAST\u2019s new Risk Map.
\nThere were a total of 386 maritime crime incidents reported, with 66% of all pirate activity taking place in Asia (255 incidents) compared with 16% around the Horn of Africa and 17% on the West African Coast.
\nA total of 62 counts of maritime crime were counted in the Horn of Africa, with nine logged as pirate attacks.
\nThese numbers are a significantly low for the area which was traditionally a piracy hotspot and at its peak in 2008 cost the global economy around $6bn.
\nOf the 255 incidents in Asia last year, 97% involved a ship being boarded by unknown assailants with almost half (47%) resulting in a robbery, and 10 cases leading to the ship being hijacked.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2843a9e6bb&e=20056c7556<\/p>\n
Three Health IT Trends to Watch in 2016: Cybersecurity, Telemedicine and Partnerships
\nNavigant\u2019s healthcare practice identified three healthcare IT trends in 2016 that will have a profound impact on their business:
\nCybersecurity
\nTelemedicine
\nPartnerships
\nTrend #1: Sophisticated Cybersecurity Protects Against Complex Cyberattacks
\nTrend #2: Technology Enables Patients to Own Their Healthcare
\nTrend #3: Companies Must Enhance IT Services and Offerings
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=313ef8ebaf&e=20056c7556<\/p>\n
PCI Council Adds European Partner to Fight Fraud
\nThe PCI Security Standards Council envisions PCI-DSS as a single, globally-unified data security standard.
\nNow that the European Card Payment Association is a strategic regional member of the council, that goal is significantly closer, says Jeremy King, the council’s international director.
\nThe PCI Council on March 22 formally announced its partnership with the ECPA, describing the pairing as “joining forces to protect against payment data theft around the world.” What this means in practical terms is that the ECPA will now collaborate with the council’s working groups and committees to help shape future versions of PCI-DSS, as well as to promote adoption of the standard to its members, in conformance with evolving European Union regulations.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fcc8060a5a&e=20056c7556<\/p>\n
A third of email sent to U.S. House is malware, a virus or spam
\nWASHINGTON \u2014 Roughly a third of the 200 million emails received by the U.S.
\nHouse in 2015 were comprised of malware, viruses or spam, according to the top House administrator.
\nHouse officials used cybersecurity tools to detect and block those emails, but the people trying to breach the network are getting craftier, House Chief Administrative Officer Will Plaster said at a recent hearing of the House Appropriations Legislative Branch Subcommittee.
\nPlaster was responding to questions from Rep.
\nSteven Palazzo, R-Miss., who said he is concerned about phishing attempts by “bad actors” trying to get congressional aides to click on innocent-looking email attachments and links that allow potential spies inside the House network.
\nHackers who try to get into government networks can range from criminals trying to steal employees’ identities to foreign governments seeking classified information.
\n“The use of malware has gone up, whether you’re talking about government or the private sector,” said Arun Vishwanath, a communications professor and cybersecurity expert at the University at Buffalo. “Five to eight years ago, you would have had to have the ability to create your own malware if you wanted to infiltrate a system.
\nNow, you can just go buy malware off the shelf and use it.”
\nPlaster said the House administration is putting in place “more and more tools to monitor traffic within the network” and stop intruders from moving around within the network if they get inside.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=807572e38b&e=20056c7556<\/p>\n
The IT-security divide is limiting full cyber attack chain analysis, expert warns
\nDespite years of technological progress, many companies are deploying security defences with an eye to blocking malware and command-and-control (C&C) traffic but fail to build internal relationships that ensure regular cyber attack chain gap analysis becomes an ongoing part of business as usual, an operational-security expert has warned.
\nThis operational gap had emerged as many businesses implement appliance-based security without \u201ca commitment to making prevention part of the architecture,\u201d Tim Treat, cyber operation and defence expert with Palo Alto Networks, told CSO Australia.
\n\u201cCISOs and CIOs cannot defend their enterprise in a vacuum,\u201d he added, \u201cand gap analysis isn’t a one-time deal; it’s a commitment we make with them, and every quarter we go in with IT architects and security architects to assess how fully the technologies are deployed.
\nIt comes down to knowing your environment: you have to know what’s happening in the environment at all times.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=370d631583&e=20056c7556<\/p>\n
Hacker-proof boardrooms top corporates’ agenda
\nLast week, Flipkart’s finance chief got an email from an account that looked similar to that of co-founder Binny Bansal, with an instruction to transfer $80,000 to a bank account.
\nAccording to research by PricewaterhouseCoopers, even the biggest companies are vulnerable to cyberattacks.
\nHackers apparently have access to 525 email addresses of 34 companies (out of Nifty 50), and can potentially target these companies at their will, it said.
\nIn the past one year, hackers have graduated to targeting big conglomerates as well, including prying on directors during the boardroom meetings.
\n“Cybersecurity in board rooms has become very important and this is not just about checking whether the room is bugged or not.
\nThere are ways by which hackers can remotely trigger recording in the cellphone of a person attending the meeting or even hack into CCTV cameras and check the feed,” said Altaf Halde, managing director, South Asia, at software security group Kaspersky Lab India.
\nTop Comment
\nBoard rooms must be protected from hackers to protect the company.Valid Sach
\nOften, say industry experts, the attack doesn’t come from the hacker but even from a competitor.
\nAnd, the espionage is only increasing and going to a different level in finding out what is happening inside the board room. “There have been instances reported where, apart from the cell phones and laptops of board members, the meeting room’s answering machine and the EPBX have been compromised to tap the room’s conversations.
\nWe are moving towards a time where, like physical body guards, individuals will subscribe to virtual body or identity guards,” said Saket Modi, CEO of Lucideus Tech, an online cybersecurity company.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1beee414c3&e=20056c7556<\/p>\n
From Quidditch to cyber warfare: Israel\u2019s military elite take on hackers, Harry Potter style
\nIsraeli’s newly formed Cyber Command are training in the virtual battlefield with Harry Potter drills including one exercise based on Quidditch, the sport played on broomsticks in the wizard world.<\/p>\n
During the course, cyber cadets from land, air and sea corps were assigned to groups named after houses at the school in the Harry Potter books.
\nOne exercise was based on Quidditch, the wizarding sport played on broomsticks.
\nIn another drill, an insider based on the series\u2019 Severus Snape character infiltrated networks while Death Eaters attacked on the perimeters.
\nRecruits both parried and carried out attacks on their fantasy enemies.<\/p>\n
For the officer trainees in Israel\u2019s cyber command, a top priority is learning to recognize that something as seemingly insignificant as an error message may be suspect.<\/p>\n
Israel\u2019s cyber security industry numbered nearly 430 companies at the end of 2015, according to the IVC Research Center, which tracks technology venture capital funding.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=763fd6a47f&e=20056c7556<\/p>\n
Australian defense minister submits defense white paper to Indonesia
\nJakarta (ANTARA News) – Australian Defense Minister Marise Ann Payne has submitted a copy of Australias white paper on defense to the Indonesian government.
\nThe paper was submitted at a bilateral meeting between the Minister of Defense Ryamizard Ryacudu and his counterpart Marise Ann Payne on Monday (March 21).
\nThe white paper on defense is a summary of the countrys defense policy, and is used as a guideline.
\nSharing of this document is expected to help build mutual trust and ensure transparency.
\nThe Australian Defense Minister said she expected that bilateral cooperation would proceed properly.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=423e3f43e0&e=20056c7556<\/p>\n
The next generation of APTs: Highly successful but surprisingly simple
\nA new generation of Advanced Persistent Threats (APTs) is emerging around the world, and the key point of difference of these threats is that they aren\u2019t advanced so much as they are persistent, says Maya Horowitz, Check Point intelligence operations group manager.
\n\u201cThe new generation of APTs are a bit different,\u201d she says. \u201cThey have the same targets that are APT worthy, like government, critical infrastructure, and financial organisations, but nowadays these attacks are not only done by NSA, China, and Russia, but are being outsourced to individuals, and smaller groups who have less financial skills and technical resources.
\nThey\u2019re still APTs, but I would leave the \u2018A\u2019 out – they\u2019re not advanced.\u201d
\nOne example of a threat campaign Check Point was able to uncover was known as \u2018volatile cedar\u2019, which Horowitz says was successful in breaching the security parameters of organisations, but was not very advanced at all.
\nIn a report on the attack, Check Point wrote, \u201cWhile many of the technical aspects of the threat are not considered \u2018cutting edge\u2019, the campaign has been continually and successfully operational throughout this entire timeline, evading detection by the majority of AV products.
\nThis success is due to a well-planned and carefully managed operation that constantly monitors its victims\u2019 actions and rapidly responds to detection incidents.\u201d
\nRocket Kitten is another example of this generation of APTs and has been investigated by organisations around the world, including Check Point.
\nAccording to the company, Rocket Kitten highlights a recurring problem: minimal changes to existing malware often evade most current protection solutions, and effectively stopping attackers requires employee engagement as well as basic security measures.
\nEducation requires security teams to step up and become a source of information for their fellow employees.
\nHorowitz recommends these teams to find out about persistent threats, pick and choose a few that are more common or more easy to protect against, and educate the people – even if it\u2019s just with a simple training session every few months or an email newsletter.
\n\u201cToday there are smaller organisations that do APTs, there\u2019s outsourcing to individuals to do APTs, and there are just people out there who know how to do some coding and having their own malware, so there are so many threat vectors out there.
\nAnd today also every one of us are a target.
\nIt\u2019s not just networks anymore, it\u2019s stand-alone pcs.
\nEveryone is starting to hear about it, and be aware, but now we need to take the steps to protect ourselves,\u201d she says.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e2444e1d0b&e=20056c7556<\/p>\n
Money managers starting to buy cyberattack insurance
\nAbout 30% of U.S. institutional money managers had cybersecurity insurance coverage as of Jan. 1, sources said, most of which were firms with more than $10 billion in assets under management.
\nThat compares with only 5% at the start of 2014, they said.
\nAs part of the new round of Regulation SCI reviews, which focus on firms’ technology safeguards in the event of a breach or a system failure, the SEC wants to know what, if any, cybersecurity insurance managers have.
\nMost managers contacted for this story wouldn’t discuss whether they have cybersecurity insurance, citing overall concerns about publicizing their cybersecurity policies.
\nAlong with the 30% of managers with cybersecurity insurance overall, another 25% have either talked with officials at Crystal and other brokerages about buying such coverage or are in the process of obtaining the insurance, sources said.
\nPart of the reason money managers \u2014 particularly those with less than $10 billion in AUM \u2014 don’t have cybersecurity insurance is cost, sources said.
\nA typical $1 million cyberinsurance policy with a $10,000 to $20,000 deductible for a money manager with $1 billion to $5 billion in assets costs about $10,000 a year in premiums.
\nThose costs can be onerous when added to firms’ required compliance costs to meet regulations under Basel III and the Dodd-Frank Wall Street Reform and Consumer Protection Act.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=949e03ac81&e=20056c7556<\/p>\n
The Service Desk: The Unsung Hero of IT Security
\nIn the real world, for the majority of any data breach-discovery period, it\u2019s likely that an incident would\u2019ve been logged with the service desk.
\nProperly actioned, there\u2019s no chance it would take 200+ days to discover, and while this boils the argument down to a rather simplistic conclusion, it certainly seems to suggest that these teams could be doing much more to coordinate an effective response \u2013 not to mention building a defence against the attack in the first place.
\nGartner says that by 2018, 40% of service desk interactions will be via mobile devices and, today, more tickets than ever are specifically IT security related.
\nEven routine requests that are easily dealt with in isolation may have a bearing on IT security.
\nGiven access to the right tools, the service desk offers a powerful first line of cyber-defence.
\nThe proactive management of operating systems and application vulnerabilities with automated patching; endpoint protection to ensure only authorised applications run; policy-based enforcement of removable devices to control data in\/out of endpoints; application control and intelligent white-listing for endpoint security are all pre-requisites to making this happen.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d458c3a65c&e=20056c7556<\/p>\n
25% of knowledge workers don’t trust their IT teams with personal data
\nResearch from Code42’s 2016 Datastrophe Study studied over 400 ITDMs that included CISOs and CIOs within companies of 500+ people as well as 1,500 knowledge workers including CEOs, team leaders and employees.
\nIt was discovered that 67 percent of knowledge workers don’t feel their company has a clearly defined bring your own device (BYOD) policy in place, however 65 percent of ITDMs believed that they do.
\nA quarter (25 percent) of knowledge workers don’t trust their IT teams\/employers with their personal data.
\nOver a third (36 percent) of knowledge workers think the company they work for may be at risk of a data breach in the next year.
\nKnowledge workers feel that their company’s biggest challenges are insider threats (18 percent), constantly evolving threat (20 percent), unwitting employee behaviour (33 percent), and cyber-threats\/hackers (44 percent).
\nOn the other hand, ITDMs say the top challenges are encryption, the constantly evolving threat landscape, gaining visibility of threats (eight percent), cyber-security (13 percent), data privacy (13 percent), and data protection (17 percent).
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fe78204e75&e=20056c7556<\/p>\n
Amid Hacking Threats, Law Firms Turn to Cyber Insurance
\nAccording to insurance brokerage Aon, more than 60 out of the 250 medium and large law firms that it services have purchased cyber insurance within the last two years.
\nMarsh said that close to 40 percent of its roughly 100 large law firm clients have purchased the insurance, up from 20 percent two years ago.
\nInsurance professionals say the uptick is driven by an increased awareness of the threat of a data breach or hack, as well as a realization that existing law firm insurance policies don\u2019t cover all the costs that could result from such an attack.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=61b09fca73&e=20056c7556<\/p>\n
Malware Word Search: Identifying Angler’s Dictionary
\nExploit kits are constantly evolving and changing.
\nWe recently wrote about some subtle Angler changes but then Angler changed drastically on March 8.
\nIn this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the origins of the words being leveraged to create them.
\nBeginning on March 8, Talos noticed some major changes to the URL structure for Angler.
\nThese changes were drastic and have altered every part of the URL for the landing pages.
\nLet’s first look at the old syntax
\nWe extracted thousands words from the landing page URLs all of them unique and a number of them quite obscure, such as epigrammatic, atropine, and umbrageous.
\nWe conclude that corncob.dict is a likely candidate for the source of words used by the Angler URL generation code because all the words seen in the URLs are found in that dictionary, even the obscure ones, and the distribution of lengths and starting letters are very close.
\nAdditionally, corncob has the fewest words which means finding all 1776 words in the URLs by chance is unlikely.
\nThis insight may lead to better detection and may also explain the source of some of the other generated words seen in Angler traffic.
\nIt also offers a technique to identifying the generation mechanisms in other traffic such as DGAs.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b7fb9a2920&e=20056c7556<\/p>\n
How to keep your highly skilled and paid security team happy and engaged
\nAll is not lost.
\nThere are several initiatives organizations can undertake to demonstrate their commitment to providing a rewarding cyber security culture that keeps its personnel.
\nIn addition to providing a competitive salary or comparative work-life balance, some factors that can influence an individual\u2019s decision to remain at his place of employment are:
\n– Determine the satisfaction level of the individual.
\n– Provide career growth and enhancement.
\n– Seek out their ideas.
\nLike in any tea<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] * 27% of US office workers would sell their passwords * Mystery Of New York Fed Robbery Has Central Banks Asking Who’s Next * In light of pervasive security threats, why not…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-2485","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2485"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2485\/revisions"}],"predecessor-version":[{"id":4972,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2485\/revisions\/4972"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}