concerns

now browsing by tag

 
 

AppSec Concerns Drove 61% of Businesses to Change …

Source: National Cyber Security – Produced By Gregory Evans According to new Dark Reading research, some respondents have even left behind commercial off-the-shelf software and migrated to open-source or in-house homegrown applications. Click image to read more. The marketplace is beginning to pinch the software industry for application security failings and complications, according to a […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | UK Has a Plan to Corral Huawei. But Security Concerns Linger

Source: National Cyber Security – Produced By Gregory Evans The UK government ruled Tuesday that Chinese telecom giant won’t be banned outright from selling equipment for mobile 5G networks there, though it will face severe limits. The question is: Will the restrictions provide the security protections that policymakers want? The decision is the latest in […] View full post on AmIHackerProof.com

#hacking | Priyanka Gandhi Raises Concerns On WhatsApp Hacking

Source: National Cyber Security – Produced By Gregory Evans

Congress leader Priyanka Gandhi Vadra on Friday said if the BJP or the government engaged Israeli agencies to snoop into the phones of journalists, lawyers, activists and politicians, it is a “scandal” with grave ramifications on national security.

Her remarks come after WhatsApp said that Indian scribes and human rights activists were among those globally spied upon by unnamed entities using Israeli spyware Pegasus.

“If the BJP or the government has engaged Israeli agencies to snoop into the phones of journalists, lawyers, activists and politicians, it is a gross violation of human rights and a scandal with grave ramifications on national security,” Priyanka Gandhi said in a tweet.

Waiting for the government’s response, the Congress general secretary said.

The Congress on Thursday attacked the Modi government over the issue, alleging that it had been “caught snooping”. The opposition party demanded a Supreme Court-monitored probe into the “illegal hacking” of cellphones.

Amid the controversy, government asked the Facebook-owned messaging service to explain the breach and list out measures that have been taken to safeguard privacy of millions of Indians. IT Minister Ravi Shankar Prasad said that the government is committed to protecting the privacy of Indian citizens.

(PTI)

Source link

The post #hacking | Priyanka Gandhi Raises Concerns On WhatsApp Hacking appeared first on National Cyber Security.

View full post on National Cyber Security

Cybersecurity #law causing #mass concerns among #foreign firms in #China

Source: National Cyber Security News

New rules have added to costs and had a big impact on how they do business, survey finds, and tax regime and land acquisition policy are also headaches

Most of the 215 foreign firms polled said the country’s tax regime, land acquisition policy and cybersecurity law were all headaches, according to a white paper and report on the business environment in China released on Thursday.

But of the three areas, it is the new cybersecurity law introduced in June that is causing “mass concerns” among foreign firms because it has greatly increased operating costs and has had a big impact on how business is done in China, said Harley Seyedin, president of AmCham South China.

“It created uncertainties within the investment community and it’s resulting in, at the minimum, postponement of some R&D investment,” Seyedin said.

“The law requires approval … to be obtained for cybersecurity, but it does not tell you where to apply, how long it takes you to apply, how long it takes for the results to come out, and what the process might be in case you want to appeal the decision,” he said. “All of these are vague but it’s going to result in .

Read More….

advertisement:

View full post on National Cyber Security Ventures

Hackers and a #Shrinking #Talent #Pool Top #CEO #Concerns for #2018

Source: National Cyber Security – Produced By Gregory Evans

Corporate leaders see cybersecurity threats, disruptive technologies and stiffer competition for talent as some of their most pressing issues in the new year, according to interviews with nearly a dozen CEOs.

“I don’t think there’s any such thing as an easy year for CEOs anymore,” said Jim M. Loree, who just finished his first full year in the highest job at Stanley Black & Decker Inc.

The growing pressures coincide with a massive changing of the guard in the corner office, creating one of the largest legions of new leaders in years to tackle those tough tasks.

Last year, 919 chief executives resigned, retired or got fired at publicly traded North American companies, the highest number in at least a decade, according to Liberum Research.

The feverish pace of turnover claimed some of the biggest names in corporate America, including the leaders of Equifax Inc., General Electric Co., Ford Motor Co., Caterpillar Inc., Arconic Inc., Macy’s Inc. and Mondelez International Inc. And on Dec. 31, Papa John’s International Inc. founder John Schnatter stepped down as CEO.

Under increased investor pressure, directors are making unprecedented demands of their chiefs, some leadership specialists say. “The expectations that boards have of CEOs is that they can do everything,” said Hugh Shields, co-founder and principal at Shields Meneley Partners LLC, a career-transition and leadership-coaching firm for senior executives. “In some cases, they are looking for a unicorn.”

The threat of data breaches poses a critical risk, according to Mr. Loree and several other chief executives.

“These bad actors keep getting smarter and more aggressive,” Mr. Loree said. “It’s an ongoing war.”

Stanley Black & Decker, which makes power and hand tools, recruited Mark Maybury as its first chief technology officer in November. He is a cybersecurity specialist with a doctoral degree in artificial intelligence. Dr. Maybury’s duties include overseeing cybersecurity, Mr. Loree said.

About 64% of 1,031 human-resources professionals believe data security and the threat of a cyberbreach will become a very challenging or extremely challenging issue in 2018, according to a recent survey by XpertHR, an online provider of compliance guidance.

Another challenge in the new year will be anticipating how emerging technologies open new markets or upend their industries, company leaders say. Julio Portalatin, president and CEO of Mercer Consulting, a unit of professional-services firm Marsh & McLennan Cos., said that high on his priority list is guarding against unforeseen, nimble rivals that could harness automation and artificial intelligence to poach customers in niche markets. “It’s the [rivals] I don’t know about that I’m concerned about,” he said.

To gird Mercer’s business against such attacks, Mr. Portalatin said Mercer formed a business this summer focused on helping employers use data analytics and other new technologies to recruit and manage employees and assist their workforces in adapting to a more digital economy.

New technologies are disrupting the war for top talent as well, said Mike Cannon-Brookes, co-founder and co-CEO of Atlassian Corp., which has headquarters in Sydney and San Francisco. The maker of workplace software tools no longer solely competes with other tech firms for staffers. In their quest to build highly sophisticated technology platforms, some financial-services giants now have more software engineers than bankers and traders on their payrolls, Mr. Cannon-Brookes said.

To fill more than 200 positions currently open at the 2,300-employee company, Atlassian is looking to hire people across four continents.

The imminent drop in U.S. corporate-tax rates may intensify political pressure on chief executives to expand their U.S. workforces, some business leaders say.

Polaris Industries Inc., a producer of snowmobiles, motorcycles and all-terrain vehicles, expects to hire nearly 100 engineers world-wide in 2018 and most will work in the U.S., said CEO Scott W. Wine. The company already employs nearly 900 U.S. engineers.

“With the additional money from tax reform, we can invest a bit more in our best [research] programs,” Mr. Wine said. Those engineering projects typically generate a new technology, engine or vehicle.

The Polaris chief anticipates spending about $260 million on research and development in the new year, compared with just under $240 million for 2017.

Despite widespread revelations of workplace misconduct that toppled numerous powerful executives in 2017, most CEOs don’t rank sexual harassment among their top concerns for 2018.

One exception is Anil Chakravarthy, head of software maker Informatica LLC. The recent scandals have prompted “an extensive look at our code of conduct [and] what protections we have for whistleblowers,” Mr. Chakravarthy said.

Sexual harassment “is not an issue for us today,” he added. “But I don’t want it to be.”

Write to Joann S. Lublin at joann.lublin@wsj.com and Vanessa Fuhrmans at vanessa.fuhrmans@wsj.com

Corporate leaders see cybersecurity threats, disruptive technologies and stiffer competition for talent as some of their most pressing issues in the new year, according to interviews with nearly a dozen CEOs.

“I don’t think there’s any such thing as an easy year for CEOs anymore,” said Jim M. Loree, who just finished his first full year in the highest job at Stanley Black & Decker Inc.

The growing pressures coincide with a massive changing of the guard in the corner office, creating one of the largest legions of new leaders in years to tackle those tough tasks.

Last year, 919 chief executives resigned, retired or got fired at publicly traded North American companies, the highest number in at least a decade, according to Liberum Research.

The feverish pace of turnover claimed some of the biggest names in corporate America, including the leaders of Equifax Inc., General Electric Co., Ford Motor Co., Caterpillar Inc., Arconic Inc., Macy’s Inc. and Mondelez International Inc. And on Dec. 31, Papa John’s International Inc. founder John Schnatter stepped down as CEO.

Departures of company chiefs continue in the new year. On Tuesday, Rent-A-Center Inc. said founder Mark Speese had stepped down from its top spot.

Under increased investor pressure, directors are making unprecedented demands of their chiefs, some leadership specialists say. “The expectations that boards have of CEOs is that they can do everything,” said Hugh Shields, co-founder and principal at Shields Meneley Partners LLC, a career-transition and leadership-coaching firm for senior executives. “In some cases, they are looking for a unicorn.”

The threat of data breaches poses a critical risk, according to Mr. Loree and several other chief executives.

“These bad actors keep getting smarter and more aggressive,” Mr. Loree said. “It’s an ongoing war.”

Stanley Black & Decker, which makes power and hand tools, recruited Mark Maybury as its first chief technology officer in November. He is a cybersecurity specialist with a doctoral degree in artificial intelligence. Dr. Maybury’s duties include overseeing cybersecurity, Mr. Loree said.

About 64% of 1,031 human-resources professionals believe data security and the threat of a cyberbreach will become a very challenging or extremely challenging issue in 2018, according to a recent survey by XpertHR, an online provider of compliance guidance.

Another challenge in the new year will be anticipating how emerging technologies open new markets or upend their industries, company leaders say. Julio Portalatin, president and CEO of Mercer Consulting, a unit of professional-services firm Marsh & McLennan Cos., said that high on his priority list is guarding against unforeseen, nimble rivals that could harness automation and artificial intelligence to poach customers in niche markets. “It’s the [rivals] I don’t know about that I’m concerned about,” he said.

To gird Mercer’s business against such attacks, Mr. Portalatin said Mercer formed a business this summer focused on helping employers use data analytics and other new technologies to recruit and manage employees and assist their workforces in adapting to a more digital economy.

New technologies are disrupting the war for top talent as well, said Mike Cannon-Brookes, co-founder and co-CEO of Atlassian Corp., which has headquarters in Sydney and San Francisco. The maker of workplace software tools no longer solely competes with other tech firms for staffers. In their quest to build highly sophisticated technology platforms, some financial-services giants now have more software engineers than bankers and traders on their payrolls, Mr. Cannon-Brookes said.

To fill more than 200 positions currently open at the 2,300-employee company, Atlassian is looking to hire people across four continents.

The imminent drop in U.S. corporate-tax rates may intensify political pressure on chief executives to expand their U.S. workforces, some business leaders say.

Polaris Industries Inc., a producer of snowmobiles, motorcycles and all-terrain vehicles, expects to hire nearly 100 engineers world-wide in 2018 and most will work in the U.S., said CEO Scott W. Wine. The company already employs nearly 900 U.S. engineers.

“With the additional money from tax reform, we can invest a bit more in our best [research] programs,” Mr. Wine said. Those engineering projects typically generate a new technology, engine or vehicle.

The Polaris chief anticipates spending about $260 million on research and development in the new year, compared with just under $240 million for 2017.

Despite widespread revelations of workplace misconduct that toppled numerous powerful executives in 2017, most CEOs don’t rank sexual harassment among their top concerns for 2018.

One exception is Anil Chakravarthy, head of software maker Informatica LLC. The recent scandals have prompted “an extensive look at our code of conduct [and] what protections we have for whistleblowers,” Mr. Chakravarthy said.

Sexual harassment “is not an issue for us today,” he added. “But I don’t want it to be.”

The post Hackers and a #Shrinking #Talent #Pool Top #CEO #Concerns for #2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The 4 #Top #Security #Concerns On The #Minds Of #Millennials

Source: National Cyber Security – Produced By Gregory Evans

When it comes to cybersecurity, millennials are a radically different generation. They’re far more tech savvy than their older generational counterparts, but various pieces of research show that they worry less about being the target of a hack or a breach.

Does this mean that millennials don’t care about cybersecurity, or that they represent a bigger risk in the workforce? Some articles might lead you to believe this, but in reality, millennials just have a different perspective—and different priorities.

Why Millennials See Cybersecurity Differently

First, let’s consider why millennials see cybersecurity differently:

  • Growing up with technology. Millennials grew up with technology, and came of age when the first social media platforms were emerging. Technology isn’t as new to them, and because they’ve spent more time interacting with it, they generally have more familiarity with the types of threats to watch out for.
  • Less business experience. Millennials also have less business experience and more personal experience with technology. Accordingly, their views take on a more personal perspective, prioritizing individual efforts over organization-wide changes.
  • Secondary and cultural factors. Another part of the split here is millennials’ lack of interest in cybersecurity; only 7 percent of cybersecurity workers are under age 29, which is in part due to millennials believing a cybersecurity-focused education is necessary to enter the field. It may also be due to other generational factors, such as different values and beliefs.

Main Concerns

So what are the main concerns that millennials have about cybersecurity, if they differ so strongly from those of baby boomers and Gen Xers?

    1. The security of cloud service providers. Cloud security is becoming more important and more complex, with most tech platforms and services offered through the “cloud” in some way. Accordingly, millennials are starting to prioritize cloud security over in-house security; in other words, rather than trying to beef up their personal devices or work networks, millennials would rather work with the right cloud vendors. They’re doing more research on cloud security to improve their understanding, and they’re more discerning about the platforms they eventually use.
  1. Personal passwords and account management. Millennials also focus more on practical efforts to improve security, such as choosing strong passwords and carefully managing their accounts. They worry far less than their older generations, but they take more steps to proactively guard against hacks and threats; for example, 4 percent of millennials use between 3 and 5 distinct passwords for their accounts, rather than one, and they’re the generation who uses two-factor authentication the most, at 40.4 percent.
  2. Awareness and education of current threats. Compared to older generations, millennials are more aware of various threats, and are better able to distinguish between different levels of threats online. For example, millennials are about as cautious as baby boomers when it comes to anticipating an online banking cyberattack, with 19 percent of boomers and 14 percent of millennials believing their bank could be breached. But the generations split on social media, where 63 percent of boomers think social media is especially vulnerable to cyberattacks, compared to 45 percent of millennials. Millennials would rather learn about current threats, and increase their knowledge, than work blindly, and they seek more education and training because of it.
  3. External trust. Finally, millennials tend to be more trusting of external organizations, putting their faith in major brands that have established a reputation for themselves. This makes them less worried and less active when a breach is announced, and makes them more likely to lean on external vendors to solve internal security concerns. Of all this items on this list, this is the most ambiguous in terms of value; on one hand, this trust enables them to focus on more pressing security concerns, such as personal habits and education, but on the other, that trust may be unfounded.

So do millennials have the right perspective when it comes to cybersecurity? There are clear advantages to prioritizing these outlooks, rather than spending more money on IT or worrying about the potential of a hack. Additionally, millennials seem more aware and knowledgeable about the nature of cybersecurity, and the digital risks that companies face.

It’s hard to say whether this perspective is truly “superior,” but it definitely reflects our changing work culture. If we’re going to conquer this seemingly endless string of breaches, and build a professional environment where cybersecurity is more of a guarantee, we need to examine all perspectives, and work together to create new defenses.

The post The 4 #Top #Security #Concerns On The #Minds Of #Millennials appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Advanced #threats and #insider security #threats top #enterprises’ #cybersecurity #concerns, finds #Alert #Logic survey

Source: National Cyber Security – Produced By Gregory Evans

Alert Logic, a Security-as-a-Service provider for the cloud, has announced the results of a survey conducted with 400 UK cybersecurity professionals to better understand the evolving cyber threat landscape UK companies face.

The survey found that respondents’ confidence in their organisations’ overall cybersecurity posture is moderate to high, with only a fifth (21%) indicating they are not at all, or only slightly, confident in their organisation’s security posture.

When asked about the top challenges facing their cybersecurity teams, respondents cited detection of advanced threats (62%) and detection and/or mitigation of insider threats (48%) as the two top security challenges. Furthermore, 41% lacked advanced security staff to oversee cyber threat management and nearly a third (27%) lacked confidence in their automation tools catching all cyber threats.

“Advanced cyber threats present the most arduous task for cybersecurity professionals, and the survey results bear this out,” said Oliver Pinson-Roxburgh, EMEA director at Alert Logic. “Cyber attacks are increasingly difficult to detect, as the security threats presented by malicious actors become increasingly bold and sophisticated, particularly when attacking web applications.”

Lack of budget (51%), skilled personnel (49%) and lack of security awareness amongst employees (49%) weighed in as the most significant obstacles facing cybersecurity teams, inhibiting their organisations from adequately defending against cyber threats. In addition, when asked about the business impact of security incidents, system downtime was highlighted as having the biggest impact.

Interestingly, revenue impact was only cited as a relatively minor factor (16%), suggesting that either security teams have evolved their maturity to effectively manage risk or lack full visibility into the downstream business impact of security incidents.

Respondents were asked about the likelihood of their organisation being compromised by a successful cyber attack in the next 12 months, compared to last year. Here, the survey found a remarkably even distribution of expectations. Roughly one third (32%) expected that a compromise was likely, while a slightly smaller number (29%) felt that a compromise was less likely.

“Lack of cybersecurity awareness and budget create a strain on an organisation’s ability to combat advanced cyber threats,” said Pinson-Roxburgh. “Organisations must foster an inclusive security culture, and consider security service models if they don’t have the budget for in-house expert security staff; otherwise organisations will continue to expose their IT infrastructure and their sensitive data to risks.”

The post Advanced #threats and #insider security #threats top #enterprises’ #cybersecurity #concerns, finds #Alert #Logic survey appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity, #regulatory #concerns #hindering autonomy #progress

Source: National Cyber Security – Produced By Gregory Evans

Cybersecurity and readiness to adopt new technology are among prime concerns holding back the development of unmanned vessels according to a report by solicitors Clyde & Co and the Institute of Marine Engineering, Science & Technology (IMarEST).

A survey of 220 marine executives found a lack of clarity around collisions involving unmanned ships, with 59% of survey respondents agreeing there is confusion surrounding regulations in this area. Almost two thirds (64%) believe there is uncertainty regarding insurance and liability should an umanned vessel be involved in an incident caused by a cyber-attack.

“Technology is advancing at an unprecedented rate and promises a host of new solutions for the maritime industry in terms of improved efficiency, safety and environmental performance. However, we should not be blinded by the benefits,” said David Loosley, CEO, IMarEST. “This joint research report examines these vulnerabilities and how they might be addressed and is an important starting point for the industry to begin preparing for the future.”

International shipping law states that vessels must be properly crewed, which means that unmanned ships are not presently permitted to enter international waters. However, the IMO announced in June that it would begin to consider updating SOLAS to allow cargo ships with no captain or crew to travel between countries.

“The present state of SOLAS and collision avoidance regulations are being overtaken by and holding back potentially industry-changing technology from being developed and implemented,” said Joe Walsh, partner, Clyde & Co. “Fortunately, the IMO and other industry interests appear to have recognised that there is a real appetite to test the water with unmanned ships at a commercial level. Industry will quickly need some legal clarity around cyber liability and collision regulations before any ground-breaking progress can be made.”

Over two thirds (68%) of respondents fear that unmanned ships present a greater cyber-security risk than traditional ships. Another key issue is the availability of insurance cover for unmanned ships. Four of every five (80%) survey respondents think it is unclear how insurers will approach the new technology.

The infrastructure and crew skills required for autonomous ships are also lacking, respondents noted, with 63% and 51% respectively registering concerns. Almost half (48%) of respondents believe unmanned ships will be operating within the next 10-15 years.

The post Cybersecurity, #regulatory #concerns #hindering autonomy #progress appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

IoT #Security #Concerns Loom Even as #Adoption #Continues

Source: National Cyber Security – Produced By Gregory Evans

IoT #Security #Concerns Loom Even as #Adoption #Continues

Most (90%) of consumers lack confidence in the security of internet of things (IoT) devices. Yet, more  than half own one or more IoT devices.

According to a survey by Gemalto, the main fear of consumers (cited by two-thirds of respondents) is hackers taking control of their device. In fact, this was more of a concern than their data being leaked (60%) or hackers accessing their personal information (54%).

However, despite 54% of consumers owning an IoT device (on average two), just 14% believe that they are extremely knowledgeable when it comes to the security of these devices.

Meanwhile, businesses are realizing that they need support in understanding IoT technology and are turning to partners to help, with cloud service providers (52%) and IoT service providers (50%) the favored options. When asked why, the top reason was a lack of expertise and skills (47%), followed by help in facilitating and speeding up their IoT deployment (46%).

“It’s clear that both consumers and businesses have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Jason Hart, CTO, Data Protection at Gemalto. “With legislation like GDPRshowing that governments are beginning to recognize the threats and long-lasting damage cyber-attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”

The survey also found that IoT device manufacturers and service providers spend just 11% of their total IoT budget on securing their IoT devices. When it comes to protecting devices and the data they generate or transfer, just half (50%) of IoT companies have adopted a security-by-design approach.

According to the survey, businesses are in favor of regulations to make it clear who is responsible for securing IoT devices and data at each stage of its journey (61%) and the implications of non-compliance (55%). In fact, almost every organization (96%) and consumer (90%) is looking for government-enforced IoT security regulation.

“The lack of knowledge among both the business and consumer worlds is quite worrying and it’s leading to gaps in the IoT ecosystem that hackers will exploit,” Hart continued. “Within this ecosystem, there are four groups involved—consumers, manufacturers, cloud service providers and third parties—all of which have a responsibility to protect the data. ‘Security by design’ is the most effective approach to mitigate against a breach. Furthermore, IoT devices are a portal to the wider network and failing to protect them is like leaving your door wide open for hackers to walk in. Until both sides increase their knowledge of how to protect themselves and adopt industry standard approaches, IoT will continue to be a treasure trove of opportunity for hackers.”

The post IoT #Security #Concerns Loom Even as #Adoption #Continues appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Local cybersecurity concerns grow along with attacks

Source: National Cyber Security – Produced By Gregory Evans

Hacking. Phishing. Identity theft. They’re household words in this digital age. If it seems like you’re hearing about them more often, you probably are. “It’s going to get even worse before it gets better. We ain’t seen nothing yet,” says Sri Sridharan, Managing Director of the Florida Center for Cybersecurity…

The post Local cybersecurity concerns grow along with attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures