The week in security: Time to review your organisation’s cyber risk profile

Even as a review suggested most European companies are failing to meet their GDPR obligations, security and insurance vendors were offering new methods for evaluating and managing your organisation’s cybersecurity risk.

The ASX100 companies might want to be more diligent in evaluating their risk, given an audit that suggests most large Australian companies still aren’t progressing with the implementation of DMARC anti-fraud technology.

The US NIST offered 17 reasons why it can’t certify or trust Internet of Things (IoT) devices – specifically that it doesn’t have a system for certifying them.

Security firms were warning about a ‘cold boot’ attack that can open your laptop to exploitation by hackers in just a few minutes.

Also new to the threat matrix was Xbash, which introduces a new breed of cryptocurrency attack that can’t be good for potential victims.

Hackers may be confident in their ability to regularly develop new exploits, but executives are too confident in their organisation’s ability to identify and stop them, according to new figures that pointed to a significant gap in perception of DevSecOps maturity between business and cybersecurity executives.

Australian secure-development firm Secure Code Warrior completed a sizeable capital-raising that will help it expand its gamified secure-development platform into the US market.

The developers of Cisco’s Webex recording player may want to spend a bit of time on the platform, after a Cisco advisory highlighted an infestation of bugs in the platform.

British company Senseon has been building momentum for new ‘AI triangulation’ technology that has reportedly been enthusiastically received by CIOs testing it.

Google’s Chrome 70 browser added fingerprint login to websites from macOS and Android devices.

Fingerprint security is just one of the ways to protect businesses from online payments fraud – and the [[xref:https://www.cso.com.au/article/647065/newegg-confirms-credit-card-information-taken-sophisticated-attack/ |breach of online retailer Newegg highlights the omnipresent risks that companies face from it.

Google’s bug bounty has seen the company doing its part to root out bugs in its Android operating system – yet while the company paid $3m ($A4.2m) in bounties last year, the average pay was flattening out.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags hackersASXcyber securitycrypto-currencyCyber riskDevSecOpsartificial intelligence (AI)GDPR obligations

More about CiscoGoogleWebex

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

More videos

Blog Posts