cybersecurity (66)

8028267701?profile=originalThe hot water in which Uber has been simmering has just reached new thermal heights. Back in October 2016, hackers stole the personal data of 57 million customers and drivers containing their names, email addresses, phone numbers, and in the drivers’ cases, their driver’s license numbers. They finally disclosed the breach this month.

Now, in comparison to the scope and nature of other breaches such as Equifax and Yahoo, the Uber hack may appear to pale in comparison. However, this company represe

Read more…

8028264890?profile=originalAs I watch the Equifax scandal unfold, it becomes clear to me that many are at a loss of what to do, or even how to think about this data breach. The first reaction people have is centered on if they, their friends, or family were personally impacted. Rightfully so. For some advice on what you can do to protect your identity, read my recent blog, Equifax Data Breach: How to Protect Yourself.

In addition to the personal reaction, however, I would call on all employers to consider how this breach,

Read more…

Equifax Data Breach: The Point of No Return

8028267475?profile=original

On September 7, big-three credit reporting company Equifax reported that hackers gained access to the personal information of about 143 million U.S. consumers. This scandal will be bigger than the Wells Fargo, BP, Chipotle, Volkswagen and Bernie Madoff scandals combined.

The Equifax breach is unprecedented in both quantity and quality. It is second to none in terms of how many Social Security numbers were compromised, dwarfing all preceding attacks 10 to 1. But more importantly, this attack is un

Read more…

Kmart recently suffered another cyber breach (the second in the past few years) that echoes events affecting companies including Wendy’s and Target. In this case, a wholly preventable weakness in the company’s POS system let through a malware attack, affecting an undetermined number of Kmart’s 735 domestic sites. Failure to recognize and mitigate the root cause of a security breach is inadequate risk management; it leaves the company vulnerable to future failures.8028257698?profile=original

In response to the breach, Sears

Read more…

Last week, news broke of a global ransomware attack that has struck individuals and companies around the world. In the wake of the attack, which has affected computers in 150 countries, many companies are wondering 1) if they’re going to be hit and 2) what they can do to protect themselves.

The WannaCry ransomware attack still isn’t over, and we’ll see over the coming weeks what the final numbers are. It’s not too late to improve preventative measures for the next wave, which will likely be smart

Read more…
Expert Chuck Brooks Offers A Cybersecurity “Cheat Sheet” For The C-Suite

Chuck Brooks: VP of Government Relations and Marketing, Sutherland Global Solutions

The Internet was invented in a government laboratory and later commercialized in the private sector. The hardware, software, and networks were originally designed for open communication. Cybersecurity initially was not a major consideration. That mindset has surely changed

Read more…

8028248258?profile=original

Cybersecurity vulnerabilities are a concern for every company in every industry. In 2016, 4.2 billion records were stolen during 4,149 reported data breaches. This doesn’t take into account breaches not noted in the public record.

According to a Ponemon Institute survey, while security incidents have expensive consequences, costs associated with reputational damage are even greater. That explains why more than 60% of executives are primarily concerned with negative brand impact, according to the

Read more…

short course on cybersecurity risk

What's your biggest cybersecurity risk?  Chances are it's that you're using the wrong methods to assess that risk!

Douglas W. Hubbard, author of big sellers How to Measure Anything and The Failure of Risk Management, now has done a new book, How to Measure Anything in Cybersecurity Risk.  He and I are teaming up to offer a one-day short course on the subject at the Holiday Inn in Rosslyn (Arlington), Virginia, Thursday, October 6.  The course includes training in calibration of your risk assessme

Read more…

The words “data breach” are often met by a clamor whenever they make headlines. Home Depot, Target, Ashley Madison, Heartland, Citibank, the list goes on and on. These breaches spent time in the limelight because of their magnitude; they affected hundreds of thousands – in some cases millions – of cardholders.

powerful-ERM-software-500x350.png?width=250But the reality is data breaches are far more common than large headline events like these would have us believe. According to a report published by the Identity Theft Resource Center, ther

Read more…

Cybersecurity Is Still A Boy’s Club

Cyberweapons are a constant and evolving threat to society. They have the potential to shut down entire electric power grids and bring companies to their knees. Securing networks against the threat is possibly the most pressing priority, and the cybersecurity market is expected to grow from $75 billion in 2015 to $170 billion by 2020 as a result.

One of most pressing priorities for companies in ensuring cybersecurity is what seems to amount to a massive talent shortfall. Current estimates place t

Read more…

Security Appreciation lacking

What’s it gonna take for companies to crack down on their cybersecurity? What’s holding them back? Why do we keep hearing about one company data breach after another?

Well, there’s just not enough IT talent going around. The irony is that most company higher-ups admit that cybersecurity is very important and can even name specific situations that could compromise security, such as

having multiple vendors vs. only a single vendor; not having quality-level encryption in place; allowing employees to

Read more…

Companies are constantly attacked by hackers, but what if those attacks come from the inside? More companies than ever before are dealing with insider security threats.Here are 11 steps that all organizations should take to mitigate these threats and protect important company data:

  1. Always encrypt your data If you want to minimize the impact of an insider threat, always encrypt data. Not all employees need access to all data and encryption adds another layer of protection.
  2. Know the different types
Read more…

What's Changing in the Approach to IT GRC?

Increasing cyber-hazards have been accompanied by another trend; Governance, Risk Management, and Compliance (GRC) focused on IT (referred to as IT GRC) is changing. More and more organizations have been turning to a risk-based approach.

Traditionally, IT is comprised of a variety of underlying functions. These functions include:

  • IT Asset Management, commonly used to inventory servers, computers, and other technology hardware;
  • IT Risk Management, including vulnerability and threat identification an
Read more…

Cybersecurity a “Must” for Credit Unions

Credit union online news agency CUInsight.com recently published an article declaring cybersecurity a “must” for credit unions. In support of its position, author Stuart Levine cites more than 400 incidents – recorded by the Identity Theft Resource center in 2015 – putting at least 80 million records at risk and tallying costs in excess of $100 million for the targeted organization.

What’s the best way for credit unions to tackle cybersecurity risk management? The author suggests credit unions st

Read more…

Here at LogicManager, we’ve spent a lot of time considering issues related to cybersecurity. To find a new way in which a cybercriminal has exploited electronic vulnerabilities, all you need to do is skim today’s newspaper, which will almost inevitably report a data breach or fraud-related scandal. An evolving set of threats means incident likelihood is increasing, and generally, cybersecurity risks have serious impacts – meaning such risks have very high inherent indices, or combinations of imp

Read more…

The concept of cyberattacks, while still disturbing, is no longer as new and unfamiliar as it was five years ago. However, we are still seeing money invested in inefficient and ineffective risk mitigation responses. All the major corporations that have suffered breaches had sophisticated control solutions in place. Even so, their risk exposure was significant in known but uncovered areas, all thanks to poor risk management.

Companies are buying and implementing point solutions despite not underst

Read more…

5 In-Demand Cybersecurity Specialties

There are numerous subspecialties within the booming cybersecurity field[i]. Here are some of the most in-demand professions:

Cybersecurity Engineer: This is the all-around, jack-of-all-trades, go-to guy or gal of cybersecurity. For all intents and purposes, a cybersecurity engineer is a hacker – but a good one. Using their advanced knowledge of malware, viruses, theft, DDoS attacks and other digital threats, cybersecurity engineers defend organizations against crime online. Personality traits re

Read more…

There’s a problem on the home front: security lapses in the computers of the Secret Service and Immigration and Customs Enforcement, says a report on townhall.com. These departments were recently audited, and weaknesses were revealed.

Recently, hackers got into the White House, State Department and the Office of Personnel Management, among other entities. And this has caused the public to wonder about just how strong cybersecurity is for the U.S. government. So thus, the audit was carried out.

The

Read more…

There are many prominent cybersecurity companies, including FireEye and Symantec. These companies “focus on blocking or detecting intrusions as they occur or responding to attacks after the fact,” according to The New York Times. Sometimes, this approach yields fruit, but inherently, it cannot “gain the upper hand” over threats; no matter how quickly security responds to an intrusion, that intrusion is already underway.

This is why cyber intelligence agency ISight zeroes in on hackers’ objectives

Read more…

Cybersecurity has been on our radar a lot lately, but that's thanks to the alarming number of recent, high-profile security breaches. Take a look at our recent blog post regarding a major flaw in the Android operating system, or our discussion of hackers' disturbing rate of maturity.

Federal officials recently broke up a long-term insider trading scheme

cyber-crime.jpg?width=300In early August of this year, it was announced that Feds succeeded in breaking up a hacking and insider trading scheme in which international hack

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead