By Cameron Abbott and Olivia Coburn
The United States Securities and Exchange Commission (SEC) is facing scrutiny on its handling of a data breach that occurred in 2016 – but was only publicly disclosed on 20 September 2017.
Hackers accessed information on corporate filings intended for investors, which would be used for insider trading.
By Cameron Abbott and Olivia Coburn
“Big four” accounting and consulting firm Deloitte revealed on Monday that it was targeted by a hack that exposed its email system and client records.
Although Deloitte has not yet provided details on the full extent of the breach, it confirmed that the information accessed includes confidential emails and plans of some of its blue-chip clients. It also said that “very few” clients were affected.
By Cameron Abbott and Olivia Coburn
Equifax has joined Yahoo on the podium for the award no one wants: suffering one of the largest data breaches in history.
Equifax, one of the three largest US credit reporting agencies, announced last week that it suffered a cybersecurity incident potentially impacting 143 million US consumers – a figure comprising of roughly 55 per cent of Americans aged 18 years or older. Some UK and Canadian residents are also affected.
By Cameron Abbott and Olivia Coburn
RiskIQ, a US-based cyber security company, has reported that 40% of businesses surveyed in the US and the UK have experienced 5 or more significant security incidents in the past 12 months. Significant incidents include malware, targeted attacks, mobile exposures, rogue mobile apps, website or brand abuse, phishing and social impersonation.
RiskIQ, through IDG Connect, also surveyed the confidence of corporate decision-makers in their ability to handle and mitigate cyber threats. Their report, 2017 State of Enterprise Digital Defense Report, reveals that nearly two-thirds of respondents had no to modest confidence in their ability to manage digital threats.
By Cameron Abbott and Olivia Coburn
Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.
This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.
By Cameron Abbott and Allison Wallace
A freshly inked Memorandum of Understanding between Australia and Singapore will see the two countries strengthen their cybersecurity through a joint effort to build a secure and resilient cyber space.
The two-year partnership which was signed last week, will see Singapore’s Cyber Security Agency work with the Australian government to conduct regular information exchanges on cyber threats, share best practices to promote innovation in cyber security, and build cyber security capabilities. Read More
By Cameron Abbott and Giles Whittaker
As the uptake of IoT (Internet of Things) devices increases, industry experts question whether adequate cybersecurity measures are in place. While we are not surprised with the results of a recent survey, it has been confirmed that IoT devices represent the next big cybersecurity threat.
A Tripwire study found 96% of surveyed IT pros expect to see an increase in security attacks on IoT. The study acknowledges the promise of these devices in facilitating tasks and bringing convenience, but also notes the risk they pose as they’re not always built with security in mind. The study found the industries facing the biggest threat include energy, utilities, government, healthcare and finance with devices connecting the Industrial Internet of Things viewed as susceptible to serious consequences. David Meltzer, COO at Tripwire, says there must be a change in the level of preparation for such attacks or the realization of these risks will be experienced.
Juniper’s Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021 cautions that the scale of connectivity related to consumer IoT will lead to unmanageable cybersecurity risk created by botnets in excess of 1 million units. The research found that botnets that disrupt internet services form part of the near-term threat landscape and will be used for more malicious purposes in the future. Botnets are expected to be used not only to disrupt services, but also to create a distraction in order to enable multi-pronged attacks. While the research calls on IoT manufacturers to implement security-by-design, it also found the market is wide open for challenger security vendors.
By Cameron Abbott and Allison Wallace
A survey of nearly 600 organisations across a variety of industries globally has revealed 98% of these organisations experienced some form of cyber-attack in 2016. (We are left wondering if the other 2% just didn’t notice?)
The survey, conducted by cyber-security company Radware, also found that many organisations are still not prepared to face the threat landscape including that 40% of organisations do not have an incident response plan in place.
Respondents indicated that ransom was the top motivation behind cyber-attacks (41%), followed by insider threats (27%), political hacktivism (26%) and competition (26%).
Radware’s Vice President of Security Solutions, Carl Herberger, says that money is the top motivator in today’s threat landscape. He says “attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data”.
Radware predicts that in 2017, we will see an increase in the use of IoT botnets, cyber ransom, telephony DoS, permanent denial of service for data centre and IoT operations, and public transport being held hostage.
Not the most positive outlook for 2017, but it would be a brave person to suggest they are wrong with those predictions.
By Cameron Abbott and Allison Wallace
There was a 50% growth in the adoption of cybersecurity-related insurance in the UK between 2015 and 2016.
CFC Underwriting discovered the trend after polling industry representatives at the 2016 Cyber Symposium late last year.
The underwriter, which provides cyber insurance to more than 20000 clients globally, found the factors driving clients to purchase these kinds of policies included the “fear factor” of a cyber attack (23%) and the impending introduction of the European General Data Protection Regulation in 2018 (26%).
More than half of the respondents to the poll (53%) indicated they believed electronic computer crime will lead to an increase in insurance claims. Earlier figures released by CFC Underwriting revealed it handled over 400 claims on cyber policies in 2016, a 78% increase on 2015.
Copyright © 2024, K&L Gates LLP. All Rights Reserved.