more

now browsing by tag

 
 

Is our #smart home #growing more #vulnerable to #hacks?

Source: National Cyber Security – Produced By Gregory Evans

As more of our cameras, speakers, thermostats and locks connect online, they’re increasingly open to meeting up with hackers.

Hackers have come up with new ways to break into your data — sending attacks through our appliances, locks, blinds and anything that connects to the internet. These are part of the so-called Internet of Things (IoT), and hacking attacks sent through these devices “became the preferred weapon of choice,” for starting denial of service attacks last year, says a new report from Arbor Networks, a security software company.

Read More….

The post Is our #smart home #growing more #vulnerable to #hacks? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

More #CEOs to come from the #cyber security #space in #2018

Source: National Cyber Security – Produced By Gregory Evans

Oracle expects to see more chief executive officers to come from the cyber security space in 2018 as part of an effort to boost security.

Arun Khehar, senior vice-president of applications at Oracle Eastern Central Europe, Middle East, Africa, told Gulf News that enterprise security will be company’s top priority for 2018 and much of it will be automated.

With today’s ‘borderless enterprise as a result of cloud, mobile and edge technologies like IoT, he said that there is general consensus that there is no such thing as ‘total security’. As a result, business information can no longer be protected by the IT team trying to create digital castles and restrict access.

“We’ll see an increasing focus on security among companies, especially with new regulations such as General Data Protection Regulation (GDPR) [coming into effect from May 25, 2018] coming in with their associated penalties for failure,” he said.

He added that more companies are expected to turn to the cloud for security as researches show that more mature users recognise that cloud provides better security than on premises environments.

According to research firm Gartner’s latest forecast, worldwide security spending is expected to total $96.3 billion in 2018, an increase of eight per cent from 2017.

With skills continuing to be scarce, Khehar said that security will increasingly feature artificial intelligence/machine learning capabilities. By 2025, autonomous operations will become the catalyst to accelerate enterprise cloud adoption.

By 2025, he said that 80 per cent of cloud operations risk will vanish entirely — a higher degree of intelligent automation will permeate the cloud platform.

“Using machine learning and AI techniques, autonomous operations will anticipate outcomes, take remedial action, and be aware of real-time risks. The top concerns are infrastructure downtime, security threats and vulnerabilities and data protection,” he said.

It’s not just in security that humans can’t keep up, he said, right across the business and across industries; organisations are struggling to make sense of the rapid proliferation of data whether that is in finance, HR, sales or marketing systems or in operations around systems management and security.

Due to the growth in AI, he said that most of us will be chatting with chatbots by the end of 2018.

“We are going to see a new wave of more sophisticated conversational platforms that will be developed; creating chatbots that will feel completely natural to talk to replacing the currently, relatively unsophisticated interfaces,” he said.

Emirates NBD, Mashreqbank, DED, Aramex and Dewa are using chatbots to initiate and carry on conversations with their consumers in the UAE.

“Chatbots will be one of the key technologies that will be found on every organisation’s strategic customer experience road map. Those that get in and adopt them successfully early on will steal a march on the competition,” he said.

There will be a growing number of specialised ‘intelligent bots’ that will interact and learn from each other, he said.

For example, he said that CEOs, CFOs, or employees will be able to inquire about company data. Professionals such as doctors, pharmacists, lawyers, teachers, engineers, and service personnel can retrieve technical information. Citizens and consumers can interact with service organisations.

Oracle expects 2018 to be the year that hordes of smart devices begin to be tamed, as the focus moves away from the ‘things’ themselves to the integrated platforms that will turn IoT data into actionable insights and data-rich business models.

When it comes to IoT, he said that there are three core challenges — integration, analytics and security. “As smart devices share increases volumes of distributed data among themselves, and back into the enterprise, the challenges around these areas will become exponentially more complex,” he said.

The post More #CEOs to come from the #cyber security #space in #2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Get #ready for more #hacks in #2018

Get #ready for more #hacks in #2018

After the year we’ve had, do you need any more convincing that your personal information is constantly being exposed to hackers?

It wasn’t just the Equifax hack, which leaked 145.5 million Social Security numbers, or the WannaCry ransomware attack that locked up our computers and demanded a ransom paid in bitcoins.

Even the security software on millions of our computers became suspect when, for example, the US government banned the widely popular Kaspersky Lab software over concerns about connections to the Russian government. And experts made us question whether we can trust the invisible systems that connect our devices to the internet, like Wi-Fi.

But as scary as all this news is, I don’t recommend putting your fingers in your ears and chanting “fa la la la” until the next hack (though sometimes I’m tempted to do that myself).

The good news is that even as things get worse, you can still do a lot to protect yourself from many types of cyberattacks. In fact, it’s because these trends aren’t likely to turn around in 2018 that you should do all of the following:

Start by backing up your photos, music and other important stuff. Also, update all your software. If you’re not doing these two things, the rest of this is useless.
Next, learn how to adopt some of the increasingly easy-to-use tools for locking down your accounts, like authentication apps, Yubikeys and services like Google Now that come with an authentication tool built in.
Finally, don’t give up on security software — you’ll still need it in 2018 with the way things are going.
Sound like too much work? You should really carve out some time for this stuff. If you’ll permit me to be Debbie Downer for a moment, our security situation is likely to get worse, not better in 2018. Here’s how.

Ransomware will get sneakier, so your backups will be even more important

It’s hard to imagine how ransomware could get much worse. In the WannaCry attack, hackers used NSA hacking tools that leaked into the criminal underworld, repurposing them to launch ransomware at regular computer users.

But the attacks will get stealthier, according to Dave Dufour, vice president of cybersecurity and engineering at Webroot. That’s because hackers are coming up with ransomware attacks that are harder for consumer security products to detect. Instead of running files on your computer that your antivirus software can flag as malicious, hackers will rely more on code that looks legitimate because it runs in programs like Microsoft Word.

Patch your phone, patch your Mac, patch your Windows machine.
Dave Dufour, VP, Webroot
Antivirus tools will have to catch up with that trend to protect consumers. But if you don’t want to wait for that to happen (and you shouldn’t), you can keep backups of your files on the cloud and on external devices, Dufour said.

“If you back it up, you don’t have to care about ransomware,” Dufour said.

There’s one more thing you should do to prevent the pain of ransomware. Consider the ransomware attacks of 2017: “Many of them could have been mitigated by patching your systems,” Dufour said. “Patch your phone, patch your Mac, patch your Windows machine.”

Data breaches will continue, so don’t just rely on passwords

The passwords you and I use daily are a terrible security tool that we only rely on because nothing better has come along.

I mean, really, if someone said they’d protect your bank account with a key that anyone can copy at any moment, you probably wouldn’t use it. But that’s what we do with passwords.

Fortunately, that’s beginning to change. More ways to log in and unlock devices came on the scene this year, and you can expect more in 2018.

Apple made the biggest splash here by introducing FaceID in the iPhone X — the first widely available device using facial recognition technology. FaceID raised privacy concerns and inspired attempts to fool the technology with masks. But if users find it as simple and intuitive to use as Apple’s Touch ID fingerprint system, it will add your face to the list of biometrics that can lock down your accounts.

Better security is getting easier

There’s another tool for keeping your accounts secure that’s getting safer and easier to use, though it’s not quite as futuristic and sexy as a 3D scan of your face.

It’s called two-factor authentication.

This system works by adding another step to your login process, so just having your password isn’t enough for malicious actors to get into your accounts. I know, that’s more work for you, and remembering your password is hard enough. But if you use it, you’ll get to feel smug instead of scared the next time there’s a data breach like the one that, as we learned in October, affected all 3 billion Yahoo accounts.

Popular services are adopting more convenient ways for you to use two-factor authentication. In 2017, Facebook started letting you use a piece of physical hardware called a Yubikey to verify your identity. You plug in the device to your computer’s USB drive and tap it to get into your account. Google introduced Google Prompt, which lets you tap a button on your phone to verify your identity when you log into your accounts.

That’s way easier — and safer — than the industry standard of years past, which was entering in a one-time code sent by SMS to your phone.

Security software is still your friend

Things got a little weird this year with security software like antivirus scanners and password managers. Kaspersky antivirus software was banned from US government computers and taken off the shelves by some retailers. Password manager LastPass patched a big security flaw, and OneLogin got hacked. And dozens of antivirus apps on the Google Play store turned out to be malicious.

Security software will continue to be a target for hackers, who would love to trick you into downloading a malicious tool with high-level access to your computer or phone. But that software is still the best (and sometimes only) way to stop some of the most prevalent hacking attacks.

Unless you’re some kind of memory savant, password managers are the only sensible way for you to use unique passwords on all your accounts. That helps keep one data breach at, say, Yahoo, from letting hackers access more of your accounts.

And despite concerns about compromised or outright malicious antivirus scanners, the software hasn’t outlived its usefulness yet. That’s according to Jerome Segura, a security researcher at Malwarebytes, a firm that focuses on catching malicious code that traditional antivirus software can’t catch.

“It’s important to have security software, especially if you’re running Windows,” Segura said.

All that being said, these steps only mitigate damage caused by hackers. As the companies that protect and store our data keep getting compromised, we’ll likely all receive another helping of apologies and free credit monitoring in 2018.

“You are kind of at the mercy of companies if they get hacked,” Segura said.

View full post on National Cyber Security Ventures

Expect more #hackers for #hire in 2018 – #researchers

Source: National Cyber Security – Produced By Gregory Evans

Washington – After a year marked by devastating cyber attacks and breaches, online attackers are expected to become even more destructive in 2018, security researchers said on Wednesday.

A report by the security firm McAfee said the ransomware outbreaks of 2017 offer just a taste of what’s to come as hackers develop new strategies and “business models”.

McAfee researchers said that as ransomware profitability fades in the face of new defences, hackers will turn to new kinds of attacks that could involve damage or disruption of computers and networks.

Attackers will also look to target wealthy individuals and aim at connected devices which offer less security than computers and smartphones.

“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” said Steve Grobman, McAfee’s chief technology officer.

McAfee also predicted wider use of cyber attacks “as a service”, allowing more hackers for hire to have an impact.

Commercialise hacking

Raj Samani, chief scientist at McAfee, said the events of 2017 showed how easy it is to commercialise hacking services.

“Such attacks could be sold to parties seeking to paralyse national, political and business rivals,” Samani said.

McAfee’s 2018 Threats Predictions Report also said privacy is likely to be eroded further as consumer data – including data involving children – is gathered and marketed by device makers.

“Connected home device manufacturers and service providers will seek to overcome thin profit margins by gathering more of our personal data – with or without our agreement – turning the home into a corporate store front,” the McAfee report said.

The report said parents “will become aware of notable corporate abuses of digital content generated by children”, as part of this effort to boost profitability.

McAfee said it expects some impact for the May 2018 implementation of the European Union’s General Data Protection Regulation, which limits how data is used and sold and which would affect companies with operations in the EU.

The GDPR regulation “makes 2018 a critical year for establishing how responsible businesses can pre-empt these issues, respecting users’ privacy, responsibly using consumer data and content to enhance services, and setting limits on how long they can hold the data”, said McAfee vice president Vincent Weafer.

The post Expect more #hackers for #hire in 2018 – #researchers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity: The #Tech #Companies More #Important than the #FANGs.

Source: National Cyber Security – Produced By Gregory Evans

The products and services provided by the behemoths of the tech industry may seem indispensable, and the most fundamental features of the technological environment, however, there are a group of less glamorous firms that arguably are the necessary foundations of the whole industry: cybersecurity firms.

Cybersecurity is defined as the measures taken to ensure protection against unauthorised or criminal use of electronic data.

The world has become acutely aware in recent years that data is the new oil- and reserves are plentiful and exponentially growing. The amount of data in the digital world is growing so rapidly due to trends such as the ‘internet of things’ and ‘bring your own device’ (BYOD); the enormous amount of devices connected to the internet makes data abundant and cybersecurity a constant war ground.

The main antagonist in the cybersecurity realm is ransomware which is a pernicious software emanating from cryptovirology that poses the threat of making a victim’s data public, or permanently blocking access to it, unless a ransom is paid.

Therefore, as more data is created, more ransomware will inevitably be deployed. The ubiquity of ransomware is debilitating for anyone with data and internet access, but it represents a pot of gold for cybersecurity firms – the mercenaries of the technological age.

The Casualties

Everyone reading this will likely be aware of some large organisation that has been attacked by ransomware during 2017. Ransomware victims range from multinational companies such as Equifax and WPP to state institutions such as the NHS.

One of the most malicious attacks that has been seen was this year’s ‘WannaCry’ attack, which impacted 230,000 computers and 10,000 companies throughout 150 countries.

WannaCry infected 47 NHS hospitals, starkly highlighting the callous nature of these attacks. They are not just against multi-billion dollar institutes that are considered to line the pockets of the top 1%, but are also instigated much like actual warfare and terrorism, with no consideration for the innocence or relevance of its victims.

No sector is immune from cyber attacks and over 20% of institutions in financial services, education, entertainment, media, IT and telecoms have all been targeted recently.

One reason for the rapid increase in attacks is that it is becoming increasingly easy to launch a malware attack due to the ability to hire malware. By having the option to hire malware, criminals can launch attacks online with rented viruses which in turn opens up the battlefield to low-skilled, street criminals as well as highly-educated criminals.

The Figures

The opportunities available to cybersecurity firms are plentiful, providing they have the ability to innovate and stay ahead of the malware. The industry is so dynamic as attackers are constantly evolving and producing more vicious, efficient attacks and providing cybersecurity firms can produce the solutions to these attacks: they are indispensable to helpless victims.

The growth that has already been witnessed in this industry is evidence of the huge future potential for growth: the global cybersecurity market was worth $3.5bn in 2004, $64bn in 2011, $138bn in 2017, and is projected to be worth $232bn by 2022.

Furthermore, the US Bureau of Labor Statistics reports that by 2024 there will be an increase in the demand for cybersecurity staff by 36% – double the demand compared to digital workers in other fields.

The vast increase in demand for workers in cybersecurity corroborates the notion that this industry is on track to being one of the most important and lucrative sectors out there.

The Firms

Fortinet is arguably the market leader in cybersecurity and has a very large, diverse product base which enables it to trade with large and small firms. Its reports from 2017 Q1 showed a 20% increase in revenue and an increase in net income of 410% YTD, taking it to $10.7 million. Fortinet’s expected revenue for the entire year is estimated at $1.77bn.

CyberArk Software primarily focuses on protecting internal digital infrastructure, keeping privileged accounts safe, which includes the most sacred and hence potentially dangerous data.

In essence, if an attack manages to breach an initial firewall, CyberArk’s security will keep the crown jewels safe. CyberArk currently has flat earnings but is debt free and has amassed cash assets of $287m.

Furthermore, CyberArk is one of the pioneering companies in the industry and has an impressive client list of 3,200 and does business with 45% of Fortune 100 companies. Additionally, CyberArk acquired Conjur this year ($42m) which will allow it to expand into other areas of security.

Palo Alto Networks focuses on protecting data infrastructure and sells its products and services to 85 of the Fortune 100 companies. This year adjust EPS rose 32.6% to $0.61 and the 3Q revenue report showed a record of $432m, as well as gaining the second highest number of new customers since the business began.

Going Forward

It is clear that the growth potential for cybersecurity is enormous. In fact, some might even say that it is terrifying how dependent society will be on this industry in the near future. People must also not approach cybersecurity in a myopic sense and assume that it only has applications for large firms that have the capital to pay high-price ransoms.

The futuristic phrase of ‘cyberwarfare’ may seem reserved for the cinema screens, however, if hackers sitting in their bedrooms can wreak havoc on some of the biggest institutions in the world, imagine what a government-funded group of experienced, ruthless ‘cyber soldiers’ could do. Less than 10 countries have nuclear capabilities but any country with an internet connection could have access to cyber arms.

Conclusion

Finishing on a more positive note, cybersecurity is currently one of the most highly paid careers in technology with 39% of its employees earning more than £87,000 and 75% earning more than £47,000.

In the past, one would have to risk their lives for almost no remuneration to complete patriotic duty. Now, one can fulfil this moral craving whilst sitting at home, rather than in a dilapidated barracks.

The post Cybersecurity: The #Tech #Companies More #Important than the #FANGs. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ports to #spend more on #cybersecurity as #digital #investments rise

Source: National Cyber Security – Produced By Gregory Evans

If there was one positive effect of the string of cyberattacks the world witnessed in 2017, it was that a clear message was sent: cybersecurity is no longer an option for supply chain professionals. In fact, it may even be up to those professionals to ensure cyber resilience.

Cyber risk is unlike any other digital threat previously left to the IT department, because it requires participation from every person, and every link in the value chain. Most companies today rely on third-party SaaS providers for pivotal business functions, and these maintain valuable and proprietary data. If this indirect supplier, however, is not secure — neither is the buyer.

The most recent disruption from a cyberattack sheds valuable insight upon the importance of security to ports. A.P. Moller – Maersk’s systems were attacked in June, costing the company up to $300 million and completely shutting down the carrier’s fully automated port terminal in Rotterdam. That same attack also targeted FedEx, which suffered days of disruptions to its TNT Express network, impacting European supply chains.

Previously, carrier and port provider choices were made mainly on cost or lead time advantages. But, when considering various service providers, procurement professionals also consider risk. Labor disruptions have led shippers to reconsider their options in the past, will cyberattacks do the same?

The post Ports to #spend more on #cybersecurity as #digital #investments rise appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Chinese #Hacking Efforts More #Strategic, Less #Noisy

Source: National Cyber Security – Produced By Gregory Evans

Chinese #Hacking Efforts More #Strategic, Less #Noisy

Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.

The prototype of the Chinese hacker is well documented in the cyber-security industry. Chinese actors hack whatever they can, grab whatever they can, and sift through the data after the fact.

They also don’t care about stealth, rarely hide their tracks, and operate based on a set of general instructions that trickle down through a convoluted network of state agencies and private companies.

Nation-state cyber operations have been going on since the mid-90s, but it was only after the appearance of Chinese actors in the early 2000s that people started to pay more attention to the world of cyber-espionage.

While Russian and US groups were focusing on carrying out secret operations, putting most of their efforts in remaining hidden, Chinese hackers came like a flood and drove a truck through the front door with no regard to getting detected.

In fact, the term APT (advanced persistent threat) that is now used to describe hacker groups believed to be operating at orders and under the protection of local governments, initially stood for Asia-Pacific Threat, mainly because of the onslaught of Chinese hacks at the start of the 2000s.

US-China pact had a temporary effect on Chinese hacking operations

Their clumsiness and noisy actions eventually landed China at odds with the US, and political tensions rose so much that in the autumn of 2015, Chinese and US authorities had to meet and sign a mutual pact where neither government would “conduct or knowingly support cyber-enabled theft of intellectual property.”

The pact effectively limited nation-state hacking between the two countries to intelligence gathering operations only.

This agreement had an immediate result and after six months, cyber-security firm FireEye noted that the pact and a series of military reforms had visibly slowed down’s China’s cyber-espionage operations.

In reality, Chinese hackers didn’t stop hacking, but just started choosing their targets more carefully.

Chinese hackers become more careful

Instead of driving a truck through the front door, Chinese hacker groups started to pick locks and operate in the shadows.

For example, the clever hack and poisoning of the CCleaner app is believed to have been carried out by a Chinese APT codenamed Axiom. And let’s not forget the well-planned hacks of cloud providers so Chinese hackers could silently reach into organizations’ internal networks.

“There was indeed a decrease in activity of Chinese APTs following the pact,” Tom Hegel, Senior Threat Researcher at 401TRG, told Bleeping Computer.

“They became more strategic and operate with improved tactics since then,” Hegel added. “They were once very noisy with little care for operational security. These days it’s more strategically controlled.”

Three reports detail new Chinese hacking operations

This is why it’s so rare and most likely a coincidence that we’ve seen three reports released in the past two weeks describing various cyber operations, all linked to China.

“I personally wouldn’t say these reports are a resurgence [of Chinese hacking activity], but rather a continued increase in public reporting and identification,” Hegel said.

The first of these three new reports detailing Chinese APT activity was published last week by RiskIQ. The report details a new remote access trojan named htpRAT that was used against various targets in Laos.

The RAT comes with the ability to log keystrokes, take screenshots, record audio and video from a webcam or computer microphone, install and uninstall programs and manage files. Infrastructure reuse links the group behind this malware with PlugX, the decade-old favorite malware of multiple Chinese APTs.

A second report was released yesterday by Pwc’s cyber-security division. The report highlights new activity from a Chinese APT known as KeyBoy [1, 2], previously dormant for around four years.

The report also highlights a new RAT that can take screenshots, exfiltrate files, and download and run other malware. While previously the group targeted Taiwan, Tibet, and the Philippines, the group is now going after Western organizations. Parys says the group appears to currently be interested in corporate espionage.

Last but not least we have Check Point’s revised report on the IoT_Reaper botnet. New evidence reveals that command and control domains used by Reaper botnet were registered with an email address that is connected to the Black Vine Chinese APT, the group that breached health insurance provider Anthem in 2015.

It’s still a mystery why a cyber-espionage group would be building an IoT botnet. Some could say the group is creating a tool that could be used to launch DDoS attacks against targets the Chinese government would like to silence. Another theory is that Black Vine would use the botnet as a layer of proxies to hide future operations.

All in all, we’re seeing both a curb and maturation of Chinese hacking efforts, some of which can be attributed to the military reforms enforced by President Xi Jinping after he took power in 2012 when he said that government and military elements should stop using state resources for their own agendas.

The post Chinese #Hacking Efforts More #Strategic, Less #Noisy appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Millennials are more aware of #cyber risks yet are ‘alarmingly’ careless #online. What gives?

Source: National Cyber Security – Produced By Gregory Evans

Millennials are more aware of #cyber risks yet are ‘alarmingly’ careless #online. What gives?

Millennials are more aware of cybersecurity careers than they were four years ago and believe that cyber attacks influenced the 2016 presidential election, and yet they’re not interested in pursuing cyber professionally and exhibit careless online habits in their everyday lives.

No, this is not the head-scratching dichotomy of the latest viral video from Simon Sinek explaining this either self-absorbed and entitled or passionately idealistic generation — it depends on whom you ask — born between 1981 and 1997. Rather, the insights are from a new survey from Raytheon Co.’s Intelligence, Information and Services business unit, based in Dulles, along with the National Cyber Security Alliance and Forcepoint, an Austin, Texas-based cyber company owned by Raytheon.

The annual study, in its fifth year, captures what the companies call “alarming” trends among millennials when it comes to cybersecurity. And why does a $24 billion gov-con giant like Waltham, Massachusetts-based Raytheon (NYSE: RTE) care?

Because “the demand for skilled cyber talent has become a national security issue,” Dave Wajsgras, president of the company’s Intelligence, Information and Services division, said in a statement. “While great strides have been made to increase millennial awareness in the cybersecurity profession, there is still work to be done.”

Indeed, hacks and breaches seem to grow more damaging and widespread by the day. At the same time ISACA, a nonprofit information security advocacy group formerly known as the Information Systems Audit and Control Association, predicts there will be a global shortage of 2 million cybersecurity professionals by 2019.

Every year in the U.S., 40,000 jobs for information security analysts go unfilled, and employers are struggling to fill 200,000 other cybersecurity-related roles, according to cybersecurity data tool CyberSeek. For every 10 cybersecurity posts that appear on careers site Indeed, only seven people even click on one of the ads, let alone apply, according to Forbes.

Opinion research firm Zogby Analytics independently conducted the Raytheon survey, polling 3,359 young adults ages 18-26 in nine countries: Australia, Germany, Jordan, Poland, Qatar, Saudi Arabia, United Arab Emirates, United Kingdom and United States.

Some of the survey’s findings are encouraging, showing rising cyber awareness and engagement among millennials:

  • 34 percent of U.S. survey respondents (37 percent globally) said a teacher discussed cybersecurity with them as a career choice, up 21 percent from the number of respondents who said a career in cyber had been mentioned to them by a teacher, guidance or career counselor in 2013.
  • 51 percent of U.S. respondents (52 percent globally) said they know the typical range of responsibilities and job tasks involved in the cybersecurity profession, up from 37 percent in the U.S. in 2014.
  • Globally, 46 percent of men have met or known someone studying cybersecurity at the high school, university or graduate level.
  • 71 percent of young adults surveyed think it’s their responsibility to keep themselves secure online rather than relying on the government, commercial companies or other individuals.

At the same time:

  • Globally, only 38 percent of millennials were willing to consider a career in cybersecurity. That percentage is unchanged from 2016.
  • Only 26 percent of women globally have met or known someone studying cybersecurity at the high school, university or graduate level.
  • Globally, 63 percent click on links even if they aren’t sure the source of the link is legitimate.
  • The proportion of U.S. young adults who share passwords with non-family members nearly doubled from 23 percent in 2013 to 39 percent in 2017 (42 percent globally this year).
  • 74 percent reported using unsecured public Wi-Fi today in the U.S. as a matter of convenience even though the security risks are well documented, up from 66 percent in 2013.

“We need to be providing the tools for this generation to take action and embrace safe online practices,” Michael Kaiser, executive director of the National Cyber Security Alliance, said in a statement. “We also need strong role models – including parents, teachers, colleagues, and friends – to help improve cyber practices nationwide and encourage the pursuit of cybersecurity careers among young adults.”

 

The post Millennials are more aware of #cyber risks yet are ‘alarmingly’ careless #online. What gives? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Why We Need to Worry More Than Ever About Getting Hacked

Source: National Cyber Security – Produced By Gregory Evans

The narrative around hacking has changed. Thanks to the proliferation of high-profile hacks in recent years, we’re no longer asking ourselves, “What if?” Now, the question is, “When?” After all, if a powerhouse with unlimited resources like HBO is vulnerable to a hack, surely anyone is susceptible. It can be…

The post Why We Need to Worry More Than Ever About Getting Hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

European Commissioner Calls For More Collaboration In Cyber Security

Source: National Cyber Security – Produced By Gregory Evans

“Earlier this week at the CyberSec European Cybersecurity Forum in Poland, Julian King European commissioner for the security union called for increased collaboration in defending against cyber attacks after revealing more than 4,000 ransomware attacks have taken place every day across the EU since 2016. This comes as no surprise…

The post European Commissioner Calls For More Collaboration In Cyber Security appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures