These security breaches have been detrimental to the image of these companies. TalkTalk was perhaps hit the hardest, with 101,000 customers leaving on the back of the hacking scandal.
Showing posts with label Cyber Security. Show all posts
Showing posts with label Cyber Security. Show all posts
Monday, 11 April 2016
Is the internet becoming less secure?
These security breaches have been detrimental to the image of these companies. TalkTalk was perhaps hit the hardest, with 101,000 customers leaving on the back of the hacking scandal.
Wednesday, 9 March 2016
Upgrading India’s cyber security architecture
Two things set aside India’s digital spaces from that of major powers such as the United States and China: design and density. India is a net information exporter. Its information highways point west, carrying with them the data of millions of Indians. This is not a design flaw, but simply reflects the popularity of social media platforms and the lack of any serious effort by the Indian government to restrict the flow of data. Equally important is the density of India’s cyberspace. Nearly 500 million Indians use the Internet today, but they do not access the Internet from the same devices. Apple’s market share in the U.S., for instance, is 44 per cent, but iPhones account for less than 1 per cent in India. The massive gap between the security offered by the cheapest phone in the Indian market and a high-end smartphone makes it impossible for regulators to set legal and technical standards for data protection.
With little control over the hardware used by Indian Internet users as well as the information that is carried through them, India’s national security architecture faces a difficult task in cyberspace. India’s infrastructure is susceptible to four kinds of digital intrusions: espionage, which involves intruding into systems to steal information of strategic or commercial value; cybercrime, referring to electronic fraud or other acts of serious criminal consequence; attacks, intended at disrupting services or systems for a temporary period; and war, caused by a large-scale and systematic digital assault on India’s critical installations.
Indian authorities have spent the lion’s share of their resources tackling localised cybercrime while responding to major attacks on a case-by-case basis. Recognising the strategic dimensions of cyberspace, the Prime Minister’s Office (PMO) created the position of the National Cyber Security Coordinator in 2014, a welcome first step. There is, however, no national security architecture today that can assess the nature of cyber threats and respond to them effectively. India’s civilian institutions have their own firefighting agencies, and the armed forces have their own insulated platforms to counter cyber attacks.
Read More: http://www.thehindu.com/opinion/columns/upgrading-indias-cyber-security-architecture/article8327987.ece
Cyber Security Trends To Watch: 2016
LONDON—One year ago, Control Risks highlighted two prominent cyber trends and made four predictions for 2015. While none of those predictions appear particularly revelatory in hindsight, they have all proven correct and, along with the trends discussed then, are likely to continue through the year ahead. Moreover, they provided a brief snapshot of the dynamism of the cyber threat landscape, a snapshot that I will look to expand upon in this year’s edition of our cyber security trends to watch.
The role of geopolitics and the emergence of cyber deterrence
Recalling a theme from last year, the first point to note is that geopolitics will be the core determinant of the shape and severity of the cyber threat many public and private sector organizations face. As countries grapple with the uncertainties and vicissitudes of contemporary international relations, it is becoming increasingly clear that cyber deterrence will eventually become a core pillar of 21st century diplomacy. The US is currently working out the finer points of its official cyber deterrence policy and, through websites directly linked to state-run media outlets, the Chinese military has given a fairly clear indication of its own. Russia, on the other hand, has already put its approach to cyber deterrence into action, regularly carrying out retaliatory operations seemingly intended to punish and shape the decision-making of strategic rivals and erstwhile allies. Likewise, North Korea has episodically lashed out with disruptive attacks against identified adversaries, knowing that its self-contained internet infrastructure largely protects it from external cyber retaliation.
Alarmingly for business, the majority of apparent cases of cyber deterrence involved targeting of commercial entities. This reflects the imperative role that corporate enterprises play in ensuring that, at a fundamental level, populations are provided with basic commodities like electricity, food, water, fuel and the ability to communicate. It is also indicative of the internet’s status as the backbone of any modern society. Because they deliver a privately-owned public good, critical national infrastructure (CNI) providers are likely to bear the brunt of nation-states’ deterrent cyber attacks. There is little prospect of many of the more outlandish doomsday scenarios put forward about cyber operations against CNI being realized. Nonetheless, the threat is real and growing.
Formerly, Iran was assessed by many observers in the Western intelligence community as one of the nations most likely to conduct a destructive attack against their core industries. However, the lifting of US and international nuclear sanctions will bring about a step change in Iranian operations that will reshape the nature and potentially reduce the scope of the Iranian cyber threat to the West. Namely, there will be a transition from cyber operations almost solely focused on developing situational policy awareness and collecting target-specific intelligence with a view to future disruptive attacks, to a situation in which cyber-enabled corporate espionage becomes increasingly prominent.
Read More: http://www.forbes.com/sites/riskmap/2016/03/08/cyber-security-trends-to-watch-2016/#629e505a1a36
The role of geopolitics and the emergence of cyber deterrence
Recalling a theme from last year, the first point to note is that geopolitics will be the core determinant of the shape and severity of the cyber threat many public and private sector organizations face. As countries grapple with the uncertainties and vicissitudes of contemporary international relations, it is becoming increasingly clear that cyber deterrence will eventually become a core pillar of 21st century diplomacy. The US is currently working out the finer points of its official cyber deterrence policy and, through websites directly linked to state-run media outlets, the Chinese military has given a fairly clear indication of its own. Russia, on the other hand, has already put its approach to cyber deterrence into action, regularly carrying out retaliatory operations seemingly intended to punish and shape the decision-making of strategic rivals and erstwhile allies. Likewise, North Korea has episodically lashed out with disruptive attacks against identified adversaries, knowing that its self-contained internet infrastructure largely protects it from external cyber retaliation.
Alarmingly for business, the majority of apparent cases of cyber deterrence involved targeting of commercial entities. This reflects the imperative role that corporate enterprises play in ensuring that, at a fundamental level, populations are provided with basic commodities like electricity, food, water, fuel and the ability to communicate. It is also indicative of the internet’s status as the backbone of any modern society. Because they deliver a privately-owned public good, critical national infrastructure (CNI) providers are likely to bear the brunt of nation-states’ deterrent cyber attacks. There is little prospect of many of the more outlandish doomsday scenarios put forward about cyber operations against CNI being realized. Nonetheless, the threat is real and growing.
Formerly, Iran was assessed by many observers in the Western intelligence community as one of the nations most likely to conduct a destructive attack against their core industries. However, the lifting of US and international nuclear sanctions will bring about a step change in Iranian operations that will reshape the nature and potentially reduce the scope of the Iranian cyber threat to the West. Namely, there will be a transition from cyber operations almost solely focused on developing situational policy awareness and collecting target-specific intelligence with a view to future disruptive attacks, to a situation in which cyber-enabled corporate espionage becomes increasingly prominent.
Read More: http://www.forbes.com/sites/riskmap/2016/03/08/cyber-security-trends-to-watch-2016/#629e505a1a36
Tuesday, 1 March 2016
Tackling Data Theft With Managed Security Services
While organizations across the world have begun to appreciate the criticality of data security, the cost and sophistication of data breaches have increased simultaneously, posing a serious threat to governments and businesses alike. The situation becomes even more dire if companies lack the required security talent to deal with such cyber menaces.
Tuesday, 1 December 2015
The security risks of IoT devices
The Internet of Things (IoT) isn’t a new concept, but it has gained momentum especially within the last year, as more and more connected devices have come to market. While connecting everything brings added convenience to our everyday lives, it’s crucial to understand what we may be compromising from a security perspective, and importantly, which devices could pose a threat either now or in the future.
With so many connected devices we decided to take a look at those that have made the headlines so far this year. Cars, for instance, have only recently become connected, although they have long been computerized. However, with poor Internet security expertise some manufacturers are being caught out.
In April, Cyber security experts Charlie Miller and Chris Valasek revealed a software flaw that allowed them to take control of a Jeep Cherokee on the move -- all from a laptop computer at home. Hacking into the Jeep’s electronics through the entertainment system, they were able to change the vehicle’s speed, alter its braking capability, and manipulate the radio and windscreen wipers. The two described the hack as "fairly easy" and "a weekend project".
A few months later, news broke that researchers had hacked a Tesla Model S, once again via the car’s entertainment system. Although it took closer to a year to pull this hack off, the researchers were able to apply the hand brake, lock and unlock the car, and control the touch screen displays. Tesla quickly developed a fix, which has been sent to all of the affected vehicles.
Hacked vehicles are an obvious cause for concern, but the hazards presented by apparently innocuous devices such as the "smart fridge" or "connected toaster" also warrant equal consideration. The thought of a hacker gaining control of your refrigerator may be less daunting than them taking control of your steering wheel on the motorway, but these products can act as a gateway to much more sensitive information.
Read More: http://betanews.com/2015/11/30/the-security-risks-of-iot-devices/
With so many connected devices we decided to take a look at those that have made the headlines so far this year. Cars, for instance, have only recently become connected, although they have long been computerized. However, with poor Internet security expertise some manufacturers are being caught out.
In April, Cyber security experts Charlie Miller and Chris Valasek revealed a software flaw that allowed them to take control of a Jeep Cherokee on the move -- all from a laptop computer at home. Hacking into the Jeep’s electronics through the entertainment system, they were able to change the vehicle’s speed, alter its braking capability, and manipulate the radio and windscreen wipers. The two described the hack as "fairly easy" and "a weekend project".
A few months later, news broke that researchers had hacked a Tesla Model S, once again via the car’s entertainment system. Although it took closer to a year to pull this hack off, the researchers were able to apply the hand brake, lock and unlock the car, and control the touch screen displays. Tesla quickly developed a fix, which has been sent to all of the affected vehicles.
Hacked vehicles are an obvious cause for concern, but the hazards presented by apparently innocuous devices such as the "smart fridge" or "connected toaster" also warrant equal consideration. The thought of a hacker gaining control of your refrigerator may be less daunting than them taking control of your steering wheel on the motorway, but these products can act as a gateway to much more sensitive information.
Read More: http://betanews.com/2015/11/30/the-security-risks-of-iot-devices/
The future of internet security
CYBER CRIME IS A MULTI MILLION POUND business. In the UK alone, the Cabinet Office estimates the cost of cyber crime to be in the region £27bn every year, and that number is only snowballing as we move towards a society where everything and everyone perpetually relies on information, and nothing is obscure.
We have become almost entirely dependent on the continued availability,
accuracy and confidentiality of information and communications technology. But as well as significant benefits, this has enabled old crimes to be committed in new and more subtle ways, meaning that as tech progresses, so do the criminals relying on it.
Cyber crime, hacks and data breaches are becoming more prevent, and within the last couple of years, they have hit some of the world's biggest service providers. It's now not a matter of if your company will get breached, but when, and what can be done to try and prevent the inevitable.
Security has now passed well beyond hacking for fun and is now often fuelled by the potential to obtain large quantities of money without physically robbing a bank. Major conglomerates are being targeted, and real people are having their personal information and finances put at risk every day.
So in five years' time, as technology becomes even more pervasive and cyber criminals find it even easier to take advantage of organisations that at the same time are taking more security precautions, how will the threat landscape look?
Read More: http://www.theinquirer.net/inquirer/feature/2433753/the-future-of-internet-security
We have become almost entirely dependent on the continued availability,
accuracy and confidentiality of information and communications technology. But as well as significant benefits, this has enabled old crimes to be committed in new and more subtle ways, meaning that as tech progresses, so do the criminals relying on it.
Cyber crime, hacks and data breaches are becoming more prevent, and within the last couple of years, they have hit some of the world's biggest service providers. It's now not a matter of if your company will get breached, but when, and what can be done to try and prevent the inevitable.
Security has now passed well beyond hacking for fun and is now often fuelled by the potential to obtain large quantities of money without physically robbing a bank. Major conglomerates are being targeted, and real people are having their personal information and finances put at risk every day.
So in five years' time, as technology becomes even more pervasive and cyber criminals find it even easier to take advantage of organisations that at the same time are taking more security precautions, how will the threat landscape look?
Read More: http://www.theinquirer.net/inquirer/feature/2433753/the-future-of-internet-security
Tuesday, 24 November 2015
Managed Security Services Prove Their Worth
The world of cybersecurity changes every day. New threats enter the security landscape, and organizations leverage new and better tools to deal with these threats. At the same time, business users travel around the world, carrying notebooks, tablets and smartphones that contain sensitive information. How can enterprises continue to secure data in such a dynamic environment?
Cloud-based security solutions - known as Security as a Service, delivered by managed security service providers - fill this gap. Cloud-based security offerings provide organizations with the flexibility to respond to an increasingly diverse spectrum of attacks. Once considered fringe products, Security as a Service offerings now play a critical role in building strong defenses.
The Benefits of Security as a Service
Security as a Service providers offer several key benefits that simply aren’t found in traditional on-premises offerings. Cloud-based products are often scalable, affordable options that offer state-of-the-art security controls with only a fraction of the administrative burden needed to support on-premises systems.
Cloud providers design their service offerings with scalability in mind. The hundreds or thousands of customers they serve simultaneously demand highly scalable solutions that easily accommodate both predictable and unpredictable spikes in usage. If an organization’s website sees a sudden spike in demand — perhaps with the arrival of a seasonal peak or because of media coverage — an on-premises solution may not cope with that demand without a time-consuming and expensive hardware upgrade. Cloud security offerings can automatically scale to meet changing needs.
Read More: http://www.biztechmagazine.com/article/2015/11/managed-security-services-prove-their-worth
Cloud-based security solutions - known as Security as a Service, delivered by managed security service providers - fill this gap. Cloud-based security offerings provide organizations with the flexibility to respond to an increasingly diverse spectrum of attacks. Once considered fringe products, Security as a Service offerings now play a critical role in building strong defenses.
The Benefits of Security as a Service
Security as a Service providers offer several key benefits that simply aren’t found in traditional on-premises offerings. Cloud-based products are often scalable, affordable options that offer state-of-the-art security controls with only a fraction of the administrative burden needed to support on-premises systems.
Cloud providers design their service offerings with scalability in mind. The hundreds or thousands of customers they serve simultaneously demand highly scalable solutions that easily accommodate both predictable and unpredictable spikes in usage. If an organization’s website sees a sudden spike in demand — perhaps with the arrival of a seasonal peak or because of media coverage — an on-premises solution may not cope with that demand without a time-consuming and expensive hardware upgrade. Cloud security offerings can automatically scale to meet changing needs.
Read More: http://www.biztechmagazine.com/article/2015/11/managed-security-services-prove-their-worth
Subscribe to:
Posts (Atom)