
In Pictures: 7 commonly overlooked ways to tighten cybersecurity
It's OK to be paranoid about every last detail when it comes to security.
19 Nov | View galleries
As the Facebook data sharing scandal ignites concern and
David Braue | 11 Apr | Read more
Cybercriminals’ surging interest in cryptocurrency miners has seen the quickly-evolving technique apparently displacing ransomware, a new analysis has found, as instigators work to keep ahead of enterprises’ slowly-maturing information defences.
David Braue | 28 Mar | Read more
The explosive Facebook/Cambridge Analytics scandal was set to claim the scalp of Facebook security head Alex Stamos, who was said to be preparing to leave after disagreements about how the company should handle disinformation investigations and disclosures.
David Braue | 26 Mar | Read more
Despite the masses of highly sensitive data that healthcare companies manage, new analysis has warned that chronically poor endpoint security, weak patching practices and high exposure to social engineering make the industry one of the worst-performing sectors when it comes to protecting data.
David Braue | 15 Feb | Read more
It may be a day for love and for lovers, but Valentine’s Day is also living up to expectations as a magnet for cybercriminal activity.
David Braue | 14 Feb | Read more
No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.
Taylor Armerding | 30 Jun | Read more
CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.
Antone Gonsalves | 10 Apr | Read more
How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.
Kim Lindros and Ed Tittel | 24 Feb | Read more
Kirsty woke up to find that someone else had taken control of her Twitter account. I tell her how to get it back.
Lincoln Spector | 09 Sep | Read more
Midsized companies with revenues from $100 million to $1 billion spent an average of $3 million on information security as of 2014 per "The Global State of Information Security Survey 2015" from PwC.
David Geer | 18 Aug | Read more
Security experts and users follow a drastically different set of best practices to protect their security online, according to a new report from Google.
Kristin Burnham | 12 Aug | Read more
Like nearly any transactional system, usable CRM data backups are tricky because the data is always changing and dependent on coherency across several tables. Ideally, you'd fully quiesce the system and do a full backup every day, or enable the online backup. But with modern cloud systems and 7x24 customer access (via portals or mobile apps), you can't take the system down, and cloud vendors like SFDC don't provide a full backup more often than once a week. The situation with audit trails is different: they may reliably capture all the changes, but you may only be allowed to track a limited number of fields (the default in SFDC is 20 per object).
David Taber | 30 Jul | Read more
230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories. 6.5 billion transactions processed last year alone.
Maria Korolov | 17 Jul | Read more
"Caveat emptor" - buyer beware - is the most common warning to those shopping for big-ticket items. That, apparently, applies in spades to buying cyber insurance.
Taylor Armerding | 10 Jul | Read more
Whaling — derived from an analogy with a big “phish” — is particularly threatening because it’s both highly deceptive and damaging. A cyber-criminal, disguised as the CEO, CFO or other senior executive, typically sends an email message to a recipient and convinces this person to initiate a wire or data transfer. These attacks are also referred to as impersonation attacks or business email compromise attacks.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.