boost

now browsing by tag

 
 

Popular #culture #key to giving #cyber security much-needed #boost

The cyber security industry should turn to popular culture to raise awareness of the cyber threat to businesses and consumers and attract new blood to the field, says McMafia author

The cyber security industry is failing to communicate the scale and nature of the threat and is severely under-resourced in skills, according to UK journalist and author Misha Glenny.

“The Spooks BBC television series resulted in a phenomenal increase in applications to work for UK intelligence services, and the same should be done for the cyber security profession,” he said.

Glenny, author of McMafia, who has studied the patterns of “cyber malfeasance” including cyber crime for the past 12 years, believes one of the key failings of the cyber security industry is around communication.

“The generally high levels of misunderstanding and ignorance about cyber vulnerabilities and cyber security in the population as a whole leads to rich pickings in companies and institutions, for social engineers in particular, because people do not understand their function in a regime of digital hygiene,” he said.

This also persists at boardroom level, Glenny told a media briefing at the Palo Alto Networks End User Cybersecurity Summit in London.

Read More….

advertisement:

The post Popular #culture #key to giving #cyber security much-needed #boost appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Democrats #Seek $1 #Billion To #Boost #Cybersecurity For U.S. #Elections

Source: National Cyber Security News

Congressional Democrats introduced legislation on Wednesday that would provide more than $1 billion to boost cybersecurity of U.S. voting systems, and Vice President Mike Pence defended the administration’s efforts to protect polls from hackers.

The measure followed warnings on Tuesday from U.S. intelligence officials that midterm races in November are likely to see renewed meddling from Russia and possibly other foreign adversaries.

“We cannot let the Russians laugh about and take joy in the success they had in the last election,” Nancy Pelosi, the Democratic leader in the House of Representatives, told a news conference. “Their goal is to undermine democracy.”

Lawmakers have introduced several bills, some with bipartisan support, to bolster election security since the 2016 polls in which Republican Donald Trump was elected president. None have become law.

The new bill is the most comprehensive to date and is aimed at bolstering protection for the midterms and subsequent elections. It has no Republican co-sponsors in the House, which the party controls, and is therefore unlikely to succeed.

Pence, speaking at an event hosted by the online news site Axios, said Americans could trust the 2016 election results and that it was an “ongoing effort” of Trump’s administration to protect election infrastructure.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Four ways #state and local CIOs can boost #cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

Looking back at the hundred-plus FBI cyber investigations and victim notifications I’ve worked over the past decade, without a doubt, the most concerning and most difficult ones centered around local and state governments.

States and cities face a tall order: protecting critical data and infrastructure. They’re expected to conduct an investigation, and remediate and prevent future attacks, all with under-staffed or non-existent cybersecurity teams, limited incident response capacity, and a lack of reliable technology.

Working closely with CIOs in cities like Los Angeles and states like Colorado has given me perspective on what is working and where we should be devoting our energy. Here are the top four observations — and solutions — for helping city and state CIOs resolve their cybersecurity challenges.

1. Get the basics right, then tackle IoT

I get it. IoT is important. IoT is scary. But we are still not doing the basics on the workstations and servers that run those IoT devices. Many jurisdictions, for instance, do not yet have a complete and accurate inventory of every asset on their network. And the easiest way to breach a network will always be through the one unpatched piece of software the organization doesn’t know about — not the smart streetlight (yet). This is not to say states and cities should halt all IoT efforts. Rather, they should prioritize their time and investments in getting essential cyber hygiene efforts done first.

Action item: Have your security team run a vulnerability scan and compare the endpoints found with your IT team’s most recent patch report. If the reports are identical, compliment both teams; if they’re not, check both teams’ tools. One of them is broken.

2. Break down organizational silos

IT operations in state and city government are often run by the various agencies within the government, rather than being centralized under the state’s or city’s CIO. This leads to shadow IT, with a wide range of servers, software, and hardware spread across the state and city, and no standardized way to measure their risk level or even know when systems need to be updated. IT administrators cannot share best practices, causing further inefficiencies. What’s worse than shadow IT? Shadow security — rogue systems with no security features turned on. Fortunately, some states and cities have made significant efforts toward consolidating and federating their IT, and the broader trend is toward consolidation, as NASCIO reported in its survey of state CIOs.

Action item: Identify the agency or department with the least number of cybersecurity resources and consolidate those first. Don’t boil the ocean by starting at the agency with the most crown jewels.

3. Reduce the number of tools

Because technology management is so spread out across agencies, states and cities tend to have dozens of tools for managing their IT and security. I once responded to an incident at a state government that had more than a dozen different tools for asset inventory and patching alone. If you have a dozen tools, you need people with expertise in each piece of software, and you have to commit valuable time and money to train those people. When a mistake gets made and leads to an incident, IT staffers have to bring in outside help, because no one internally has expertise in all the tools, which is required to conduct a proper response. States and cities can significantly reduce their risk, and improve efficiency, by consolidating IT operations and security tools. Shared tools also are better for states’ budgets, because procurement officials can negotiate state-wide prices.

Action item: Track the top 10 agencies in your state or city by number of employees and count the number of IT and security tools being used across all 10 networks. Start thinking about how many tools overlap and which ones can be decommissioned.

4. Create dedicated security roles

The cybersecurity workforce gap is an oft-discussed issue, but it’s especially prevalent in local governments and even some state agencies. Too often, IT professionals are tasked with taking on security roles, too, or their positions are only part time. In both cases, not enough attention is being paid to security. IT teams need to get creative in solving their workforce issues. Try forming tiger teams made up of diverse experts from across agencies to evaluate your state holistically and solve discrete IT and security problems. Consider leveraging existing resources, such as your state’s National Guard. Explore ways to partner with local universities to get young people interested in government and cybersecurity. By far, the most interesting cyber cases I’ve investigated happened only because I worked for the government. It is why NSA, not Silicon Valley, is able to hire the best mathematicians — they recruit early and often.

Action item: Sponsor a capture-the-flag hacker tournament at a state college and offer the top three winners summer internships at your agency.

Many of these challenges and solutions are connected. Reducing the number of tools not only helps with security, it also addresses your workforce issues by freeing up the time and money you were formerly spending on a plethora of tools and training.

States and cities are clearly placing an increased emphasis on improving IT management and security, as was made clear when 38 governors signed the National Governors Association’s cybersecurity compact this summer. Now it’s time to tackle the tough issues.

The post Four ways #state and local CIOs can boost #cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How data analytics can boost health IT security

Source: National Cyber Security – Produced By Gregory Evans

It’s frightening to consider that the new generation of combat might extend to the very hospital beds of our wounded veterans. But no less than that is at risk when we talk about security of health IT systems. Because of development and acquisition cycles, a medical device is already three…

The post How data analytics can boost health IT security appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Singapore and Australia agree to boost cybersecurity cooperation

Source: National Cyber Security – Produced By Gregory Evans

Singapore and Australia agree to boost cybersecurity cooperation

Australia and Singapore have agreed to strengthen cybersecurity cooperation, with a two-year Memorandum of Understanding (MOU) signed on Friday (Jun 2). Key areas of collaboration include having a regular exchange of information on cybersecurity incidents and threats, sharing best practices to promote innovation in cybersecurity, training in cybersecurity skillsets, and…

The post Singapore and Australia agree to boost cybersecurity cooperation appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Online quiz launched to boost kids’ cyber safety

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ An online quiz has been launched to arm New Zealand students with the digital skills they need to be safe and smart online. The interactive online quiz called Digital Licence will …

The post Online quiz launched to boost kids’ cyber safety appeared first on Become007.com.

View full post on Become007.com

CEOs still not persuaded to boost investment in cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

CEOs still not persuaded to boost investment in cybersecurity

Employees are an optimal entry point for attackers seeking a way in to a company’s weak infrastructure. Cybersecurity and insider threats are two of the highest concerns confessed by CIOs and CISOs. Therefore, user negligence with company networks and devices is the main agent for cyber breaches and data leaks, especially when social engineering techniques are deployed. As employees usually …

The post CEOs still not persuaded to boost investment in cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Target Settles Hacking Investigation With Promise To Boost Cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

Target Settles Hacking Investigation With Promise To Boost Cybersecurity

A multi-state probe into one of the country’s biggest ever hacking attacks has been settled after Target promised to boost its security. Target has reached an agreement to settle a multi-state investigation into a 2013 data breach that affected the payment information of more than 41 million customer payment accounts — one of the biggest hacking attacks in U.S. history. …

The post Target Settles Hacking Investigation With Promise To Boost Cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

5 insider password hacks to help boost your cyber security

Source: National Cyber Security – Produced By Gregory Evans

5 insider password hacks to help boost your cyber security

Lee Painter, CEO of network security specialists, Hypersocket Software, is warning that employee passwords still remain a major weakness in many organistions’ cyber defences. He comments: “The use of biometric identification, such as fingerprints, iris, voice or facial recognition might be on the rise, but the traditional password is deeply ingrained in the security psyche and is difficult for many …

The post 5 insider password hacks to help boost your cyber security appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Child sexual abuse: Agencies to get £40m funding boost

Ministers have pledged £40m towards the fight against child sexual abuse, exploitation and trafficking.
The cash will go towards bringing offenders to justice, targeting online exploitation, and protecting vulnerable children at risk of trafficking.
A new £7.5m “centre of expertise” will be set up to offer support and guidance to professionals on the front line.
But councils are warning that a “funding gap” of £1.9bn could put child protection services at risk.
In 2015, the government published a new strategy for addressing failures in child protection across England in response to the Rotherham abuse scandal – in which more than 1,400 children were abused between 1997 and 2013.

Read More

The post Child sexual abuse: Agencies to get £40m funding boost appeared first on Parent Security Online.

View full post on Parent Security Online