The RE: View for November and December 2016

Jan 5, 2017 6:20am



Nov. 11

Combat cyberattacks by staying a step ahead of hackers
Investor’s Business Daily
Reporter Morey Stettner discusses three steps businesses can take in addressing cybersecurity threats: “identifying risks, taking steps to reduce those risks and auditing your business operations to ensure you’re complying with regulatory requirements.” Stettner shares financial advisors’ insights on securing client data and preparing for cyberattacks, including using encryption, doing due diligence when hiring vendors and focusing not just on attack prevention but also on “preparing a seamless response to a severe hack.” 

Nov. 16

Cyber attack readiness is falling – major global study reveals
Computer Business Review (CBR)
A 2016 Ponemon Institute-IBM study revealed troubling insights about organizations’ preparedness for cyber attacks. Only 32 percent of IT and security professionals surveyed said their organizations were highly cyber resilient, a decrease from 35 percent in 2015. Additionally, 75 percent of respondents said their employers did not have formal cybersecurity incident response plans implemented organization-wide. According to Resilient CEO and co-founder John Bruce, the study shows that organizations “are still not prepared to manage and mitigate a cyber attack.” Ambrose McNevin discusses these and other findings of the survey, including the barriers to cyber resilience and organizations’ changing priorities regarding cyber threats and planning.

Nov. 29

Why transportation networks are especially vulnerable to ransomware
CNBC
Over Thanksgiving weekend, San Francisco’s light rail system experienced a ransomware attack, an indicator of the potential impact of cybercrime on transportation networks. CNBC reporter Harriet Taylor examines a recent PhishMe report in which a simulated phishing attack was more likely to work on transportation workers than those in any other industry. In order to be able to follow the FBI’s recommendation and not pay the ransom if hit by a ransomware attack, it is important for organizations to have their systems backed up. Taylor discusses this and other things companies and transportation systems can do to prepare for cyber attacks and educate their employees about cybercrime.

Nov. 25

Cybercriminals use DDoS as a smokescreen for other attacks, says Kaspersky Lab
International Business Times
Kaspersky Lab’s Corporate IT Security Risks survey indicates that cybercriminals sometimes use distributed denial of service (DDoS) attacks to mask other attacks. More than half the businesses questioned “were ‘confident’ that DDoS has been used as a smokescreen for other kinds of cybercrime.” According to Kaspersky Lab’s head of DDoS protection, Kirill Ilganaev, DDoS attacks create “all hands on deck” situations for IT teams, so they can easily be used as decoys to “distract IT staff from another intrusion taking place through other channels.” Hyacinth Mascarenhas discusses the implications of these results in a growing DDoS landscape.

Nov. 21

Half of surveyed U.S. businesses admitted to suffering a ransomware attack
Computerworld
In a recent international SentinelOne survey of 500 businesses, nearly half of businesses admitted to having suffered ransomware attacks in the last 12 months, and of those who had experienced attacks, 85 percent had suffered 3 or more incidents. Many organizations reported feeling “helpless to defend [themselves] from new forms of ransomware” and lacking faith in traditional security measures like antivirus software as a result of the growing prevalence of attacks. Reporter Darlene Storm discusses the results of the survey, including that the largest chunk of ransomware in 2016 affected employee information, and shares top executives’ insights on combating this threat. 

Dec. 5

New cybersecurity report highlights some surprising trends
Inc.
The most recent Cybersecurity 500, a quarterly cybersecurity report surveying 500 leading cybersecurity solution and service providers, revealed several new trends. Joseph Steinberg presents and discusses these trends, including that 1) health care has surpassed financial services as the hardest hit sector by cyber attacks 2) the public is becoming “much more aware of the security risks” related to email and 3) companies are focusing more on people (and not just technology) when combating cyber threats than before. 

Dec. 16

Why hackers love the cloud
Fox Business
Companies’ cloud systems can be sources of many opportunities for cybercriminals, who can target them for customers’ account information, Social Security numbers and/or other personal data. According to Will Donaldson, CEO of digital security firm nomx, the cloud “simply expands the systemic vulnerabilities that have existed since the internet was developed.” Reporter Thomas Barrabi discusses the cyber threats presented by a growing cloud and the importance of backing up data, enabling strong authentication and taking other security precautions.    

Dec. 21

Here are the biggest IoT security threats facing the enterprise in 2017
TechRepublic
As the Internet of Things (IoT) grows in popularity not just with consumers but also across companies’ networks, security for IoT has become a top issue for businesses. TechRepublic discusses IoT and predictions for 2017 with several security experts; predictions include that a “large-scale IoT security breach will occur in 2017,” that manufacturers will face increased pressure to “architect fundamental security principles” into the designs of their products, that DDoS will be a top concern for internet-based companies and that the newly appointed federal chief information security officer (CISO) will prioritize cloud security and safe cloud enablement.