CBR reports: A new survey has revealed that 61% of energy security professionals believe their organisation could detect a critical system breach within 24 hours. 94% of executives agreed that their organisation is a target for cyber criminals, with 86% of respondents saying that they could detect a breach in less than one week. 49% of respondents…
Category: Commentaries and Analyses
FBI says crypto ransomware has raked in >$18 million for cybercriminals
Sean Gallagher reports: The FBI’s Internet Crime Complaint Center (IC3) has issued an alert warning businesses and individuals about the continued spread of cryptographic ransomware. This malware encrypts a victim’s files with a key held by criminals on a remote server, and it then extorts money from the victim to recover those files. The biggest threat among…
CYBERSECURITY: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies – GAO
CYBERSECURITY: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies GAO-15-725T: Published: Jun 24, 2015. Publicly Released: Jun 24, 2015. From the highlights of a newly-released GAO report: GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity, including the following: Designing and implementing a risk-based cybersecurity program….
UK: 2015 Information security breaches survey
From PWC: We have been commissioned by the Department for Business, Innovation and Skills (BIS) to survey companies across the UK on cyber security incidents and emerging trends. This survey aimed to provide greater awareness amongst UK business of the risks, insights on how companies are mitigating those risks (or not) and key trends. The…
ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information
Alexander Major of Sheppard Mullin writes: On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal systems. The guidelines, Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, apply to…
IRS employees can use ‘password’ as a password? No wonder we get hacked
Trevor Timm writes: The public is finally starting to learn what security experts have been warning for years: the US government has no idea what it’s doing when it comes to cybersecurity. Worse, the government’s main “solutions” may leave all our data even more vulnerable to privacy violations and security catastrophes. Read more on The Guardian.