Cyber security has become a critical business continuity issue. There truly are only two types of companies: those that know they have been hacked, and those that do not. The operational, financial and reputational costs of breaches are rising as well. In some cases, CEO’s and board members have been forced to resign. Many boards, however, are just waking up to this risk. The following questions can provide a framework for corporate directors as they fulfil their fiduciary responsibilities. Read more
At the end of each year, ESG conducts a wide-ranging global survey of IT professionals, asking them about challenges, purchasing plans, strategies, etc. As part of this survey, respondents were asked to identify areas where their organisation has a problematic shortage of skills.
In 2018-2019, cyber security skills topped the list — 53% of survey respondents reported a problematic shortage of security skills at their organisation. IT architecture/planning skills came in second at 38%.
The cyber security skills shortage is nothing new. Alarmingly, the skills deficit has held the top position in ESG’s annual survey every year. Furthermore, the percentage of organisations reporting a problematic shortage of cyber security skills continues to increase. Read more
Over the last few years, data breach incidents have grown in both frequency and severity. The most recent of these high-profile scandals is the Marriott data breach, where hackers stole private details from around 500 million customers. These details include names, addresses, credit card and phone numbers, as well as passport numbers and travel details.
While it’s not the largest data breach by any means, 500 million is no small number. The data stolen can be used by criminals to commit identity theft, where they could convince targeted individuals to give up vital, personal information, like passwords or access to banking sites. The more convincing a phishing email is, the more likely someone is to reply to it. Read more
As the year begins, there are a few key areas that cyber security professionals should keep in mind.
After the excesses of the holiday period, you are more than likely looking at the blank slate of a new year with a sense of optimism and hope for times ahead.
Those in the infosec industry may view it more as a future filled with potential threats and attack vectors to worry about. With this in mind, here are a selection of cyber security trends that could be on the horizon as the year begins. Read more
If 2018 belonged to AI becoming mainstream, it was also a year marked with high-profile cyber threats and breaches. Facebook, the social networking giant, invited the wrath of government agencies and the public alike when the alleged breach exposed close to 50 million of its users’ data. The attackers allegedly gained access to the users’ ID exploiting a feature in Facebook’s code.
With attackers readying to exploit every loophole in the cyber space, security breaches in 2019 are only going to be more ubiquitous. Taking all this into consideration, the need for organisations and governments to safe-proof their existing cyber infrastructure has become increasingly important. Read more
Brexit uncertainty and fears over cyber security have left Britain’s manufacturers much less confident about the prospects for the UK economy than they were a year ago.
With the clock ticking on Britain’s departure from the EU at the end of March, almost three-quarters of manufacturers — 72 per cent — said Brexit was their biggest source of uncertainty, according to a joint survey by EEF, the manufacturers’ trade body, and insurer AIG.
More than four-fifths of companies, or 81 per cent, of those worried about Brexit uncertainty cited exchange rate volatility as a risk to their business plans. The impact of a weaker sterling putting upward pressure on input costs was also cited as a risk by a majority of manufacturers. Read more
According to research by several major cyber security firms, the growing cyber security skills gap will reach one million positions by 2020. One million vacant jobs with nobody to fill them. Hundreds of thousands of organisations forced to face an increasingly-hostile threat landscape without the necessary defences.
Cyber security’s looming talent shortage has officially crossed the line from challenge to catastrophe. And in spite of this, most businesses seem to lack any real concept of how to address it. In their eyes, there simply aren’t enough qualified individuals.
Here’s the thing – that’s only partially true. While it’s certainly accurate to say that there aren’t enough people specifically seeking out security degrees and certifications, assuming this means talent is impossible to find is highly inaccurate. Experience and expertise may well be in short supply, but talent is not. Read more
Generally, predictions are tough, but even more so in the chaotic world of cyber security. The threat landscape is huge, offensive and defensive technologies are evolving rapidly, and nation-state attacks are increasing in terms of scope and sophistication.
This cyber “fog of war” makes it hard to see or assess every trend. For example, not many anticipated the rapid rise of cryptomining during 2018. In hindsight, this relatively easy to execute, lower risk way for cyber criminals to monetise their efforts should have been an obvious choice.
Still, a few things were called right: more automation of threat-detection processes, significant rise in attacks using compromised IoT devices, and the decline of trust in the face of rising cyber crime, to name a few. Read more
Over half of UK organisations wrongly assume their business insurance covers them for cyber attacks at a time when firms are being targeted by an attempted hack every two and a half minutes.
Research by MoneySuperMarket has shone a light on a lax attitude to cyber security insurance, with claims that many companies still identify as being “offline” businesses, despite 98% of private companies and 93% of charities relying on some form of digital communications or service.
Most business insurance policies don’t cover cyber security, according to the price comparison platform, with 52% of firms incorrectly assuming their packages protect them in the event of a breach. In most cases, cyber security cover needs additional policies to be taken out. Read more
With the holiday shopping season in full swing, retailers and payment experts are increasingly concerned about heightened threats to e-commerce sites and the potential impact on mobile shopping activity.
A recent study found payment card fraud remains the top concern of retailers, as cyber attackers have moved away from in-store fraud to online following the implementation of EMV chips on credit and debit cards. About 55 percent of retailers are concerned about the rise of payment card fraud.
“The chip in an EMV card makes it difficult to counterfeit the card, but it does nothing to show whether the person trying to use the card is a legitimate cardholder,” said Stephanie Martz, senior vice president and general counsel at NRF, in a release of the study. Read more