Ransomware: The genre of cyber attack that is impossible to predict…and prevent
Computer Business Review
Ransomware is a growing cybersecurity threat for consumers and organizations everywhere. Reporter Eleanor Burns conducted a Q&A session with Andy Buchanan, RES’ area vice president for the United Kingdom and Ireland, to discuss the risk of being targeted by ransomware attacks, the trends in these attacks and who they are targeting, what companies should do if they are targeted and his predictions for the future of ransomware attacks. Buchanan’s insights include why hospitals are key targets of ransomware attacks, that companies should not pay ransom if they are targeted, that awareness programs in the workplace are critical to helping employees fight cybercrime and that ransomware shows no signs of slowing down.
How the Internet of Things will affect security & privacy
According to Business Insider (BI) Intelligence, there will be more than 24 billion internet-connected devices installed around the world by 2020 – more than four devices for every person on earth. Despite the many benefits of the growth of Internet of Things (IoT) technology for our convenience, efficiency and connection to those around us, there are many potential concerns associated with security and privacy. BI reporter Andrew Meola compiles – and discusses – a list of the biggest IoT privacy and security issues, including connected devices’ vulnerability to hacking by cybercriminals, the public perception of IoT – with many Americans concerned about their information being stolen or compromised from smart devices. With only 10 percent of enterprises surveyed in AT&T’s Cybersecurity Insights Report feeling confident they could secure their IoT devices against cybercriminals, the potential for companies to use IoT device data on consumers’ health or driving habits to make hiring decisions and the vulnerabilities associated with the sheer volume of data collected and generated by the Internet of Things.
Placing cyber security at the top of the boardroom agenda
Information Age writer Nicholas Ismail discusses the “exploding attack surface” companies face today and their often “fragmented outdated, reactive attitudes” regarding cybersecurity and recommends that C-level executives put cybersecurity at the forefront of their boardroom plans. Ismail warns against leaving security experts out of strategic business decision making, as waiting to consult them until security issues arise leaves “gaping holes in the security plan that simply cannot be effectively filled retrospectively.” He also says that security must be considered and included in the planning stages of every company strategy and that the security team must have control over policies and implementation in order to improve defense and business value. Ismail recommends using a more fluid “software-defined perimeter” to help businesses be secure in the face of “constant operational change” and gives other recommendations for businesses looking to enhance their cybersecurity.
How cyber security pros transition to board level decision makers
Many cybersecurity professionals who have cultivated skills and expertise in the field hope to eventually transition into advisor or board member roles. These professionals, however, may not know the right ways to go about getting noticed by key executives and companies looking to fill these sought-after seats. CSO contributing writer Stacy Collett shares cybersecurity experts’ insights and advice for how to “get on the radar of board decision-makers,” including the importance of networking and raising awareness, the formula that a board-worthy person has technical expertise, business acumen and “gravitas,” looking at organizations and industries with the greatest need for cybersecurity expertise, making oneself visible to “connecters…like recruiting firms and board influencers” and the benefits of rounding out resumes with appropriate certifications and/or degrees.