The internet of things (IoT) is all about connecting devices to the internet so that they can talk to each other and to us, to make life more convenient. That might mean turning on the lights when we get up, or allowing us to use our phones to see who’s at the front door, even when we're at the office. The potential applications are endless.
There are already more than 6 billion connected "things," and that's set to rise to more than 20 billion by 2020, according to Gartner.
But the enthusiasm for all things IoT has blinded us to the potential risks. Too many companies, keen to gain a foothold in the market, have rushed out products that lack basic security protocols. The risks here are enormous.To read this article in full or to leave a comment, please click here
The internet of things (IoT) is all about connecting devices to the internet so that they can talk to each other and to us, to make life more convenient. That might mean turning on the lights when we get up, or allowing us to use our phones to see who’s at the front door, even when we're at the office. The potential applications are endless.
There are already more than 6 billion connected "things," and that's set to rise to more than 20 billion by 2020, according to Gartner.
But the enthusiasm for all things IoT has blinded us to the potential risks. Too many companies, keen to gain a foothold in the market, have rushed out products that lack basic security protocols. The risks here are enormous.To read this article in full or to leave a comment, please click here
As 2016 draws to a close, we can reflect on a year where cybersecurity has played a major role. Even presidential campaigns haven’t been free from hacking scandals and data leaks. The average cost of a data breach for companies grew from $3.8 million last year to $4 million in 2016, according to the Ponemon Institute.Companies of all sizes have embraced the cloud and open source has become the standard for infrastructure software. Both pose their own blend of benefit and risk. A major datacenter attack or failure could be problematic for many companies, and we can certainly expect an increase in the number of cyber-attacks based on open source vulnerabilities.To read this article in full or to leave a comment, please click here
As 2016 draws to a close, we can reflect on a year where cybersecurity has played a major role. Even presidential campaigns haven’t been free from hacking scandals and data leaks. The average cost of a data breach for companies grew from $3.8 million last year to $4 million in 2016, according to the Ponemon Institute.Companies of all sizes have embraced the cloud and open source has become the standard for infrastructure software. Both pose their own blend of benefit and risk. A major datacenter attack or failure could be problematic for many companies, and we can certainly expect an increase in the number of cyber-attacks based on open source vulnerabilities.To read this article in full or to leave a comment, please click here
In 2012, the European Commission proposed new regulations on data protection that would supersede the national laws of the 28 EU member states. It was formally approved in April this year, and it will go into effect May 25, 2018.
This General Data Protection Regulation (GDPR) introduces several major changes that will impact many organizations worldwide.
The smart move is to familiarize yourself with the incoming regulation now, and begin preparing to comply with your obligations. The GDPR will apply to any business that operates within the EU, but also any company that processes data from EU citizens. It doesn’t matter where the organization is located.To read this article in full or to leave a comment, please click here
In 2012, the European Commission proposed new regulations on data protection that would supersede the national laws of the 28 EU member states. It was formally approved in April this year, and it will go into effect May 25, 2018.
This General Data Protection Regulation (GDPR) introduces several major changes that will impact many organizations worldwide.
The smart move is to familiarize yourself with the incoming regulation now, and begin preparing to comply with your obligations. The GDPR will apply to any business that operates within the EU, but also any company that processes data from EU citizens. It doesn’t matter where the organization is located.To read this article in full or to leave a comment, please click here
The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.The numbers are simply staggering. It is estimated over 900,000,000 records of personally identifiable information (PII) have been stolen in the U.S. over the past few years. Keeping a memory of all the hacks and when they happened may require the use of complex data visualization.To read this article in full or to leave a comment, please click here
The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.The numbers are simply staggering. It is estimated over 900,000,000 records of personally identifiable information (PII) have been stolen in the U.S. over the past few years. Keeping a memory of all the hacks and when they happened may require the use of complex data visualization.To read this article in full or to leave a comment, please click here
Data breaches are increasingly becoming an expensive problem for more and more companies. According to the most recent Ponemon Institute Data Breach report, insecure data cost companies an average of $221 per compromised record in 2016, an increase of 7 percent from the previous year and an all-time high.+ Also on Network World: A breach alone means liability +
The key to securing against this threat lies in a common metaphor—if a ship has a hole, it is better to patch the breach than bail the water. Effective cybersecurity means being proactive, getting ahead of the problem and addressing the issue at its core rather than operating in a reactive fashion, constantly fixing the symptoms.To read this article in full or to leave a comment, please click here
Data breaches are increasingly becoming an expensive problem for more and more companies. According to the most recent Ponemon Institute Data Breach report, insecure data cost companies an average of $221 per compromised record in 2016, an increase of 7 percent from the previous year and an all-time high.+ Also on Network World: A breach alone means liability +
The key to securing against this threat lies in a common metaphor—if a ship has a hole, it is better to patch the breach than bail the water. Effective cybersecurity means being proactive, getting ahead of the problem and addressing the issue at its core rather than operating in a reactive fashion, constantly fixing the symptoms.To read this article in full or to leave a comment, please click here
This is the final entry in our series on the 20 Critical Security Controls devised by the Center for Internet Security (CIS) as best practices to help the public and private sectors tighten their cybersecurity.We started down the path of building a solid security foundation by taking inventory of hardware and software, we looked at vulnerability assessment and administrative privileges, and we discussed how to build malware defenses. We also explored how to create a data recovery plan, how to protect your data, and the importance of monitoring and training employees.To read this article in full or to leave a comment, please click here
This is the final entry in our series on the 20 Critical Security Controls devised by the Center for Internet Security (CIS) as best practices to help the public and private sectors tighten their cybersecurity.We started down the path of building a solid security foundation by taking inventory of hardware and software, we looked at vulnerability assessment and administrative privileges, and we discussed how to build malware defenses. We also explored how to create a data recovery plan, how to protect your data, and the importance of monitoring and training employees.To read this article in full or to leave a comment, please click here
To say the National Security Agency (NSA) prefers to lay low and shuns the limelight is an understatement. One joke said about the secretive group, widely regarded as the most skilled state-sponsored hackers in the world, is NSA actually stands for “No Such Agency.”But now a recent leak has put the group right where it loathes to be—squarely in the headlines. Last month, a group called “The Shadow Brokers” published what it claimed were a set of NSA “cyber weapons,” a combination of exploits, both zero day and long past, designed to target routers and firewalls from American manufacturers, including Cisco, Juniper and Fortinet.To read this article in full or to leave a comment, please click here
To say the National Security Agency (NSA) prefers to lay low and shuns the limelight is an understatement. One joke said about the secretive group, widely regarded as the most skilled state-sponsored hackers in the world, is NSA actually stands for “No Such Agency.”But now a recent leak has put the group right where it loathes to be—squarely in the headlines. Last month, a group called “The Shadow Brokers” published what it claimed were a set of NSA “cyber weapons,” a combination of exploits, both zero day and long past, designed to target routers and firewalls from American manufacturers, including Cisco, Juniper and Fortinet.To read this article in full or to leave a comment, please click here
The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety—and a widening gap in the skills required to identify and combat them. Having someone who knows how to lead the charge in identifying and analyzing threats, creating strategic security plans and ensuring compliance requires the right level of expertise.+ Also on Network World: Why you need a CSO/CISO +The Information Systems Security Association spoke of a “missing generation” in information security, pointing to an estimated 300,000 to 1 million vacant cybersecurity jobs. To further complicate the labor shortfall, security professionals at enterprises understand they are in demand, and it is understood that employees will be receiving offers from other companies. According to a Ponemon study, senior security executives on average leave after 30 months on the job.To read this article in full or to leave a comment, please click here
The enterprise is facing a dangerous combination of mounting cybersecurity threats of increasing subtlety—and a widening gap in the skills required to identify and combat them. Having someone who knows how to lead the charge in identifying and analyzing threats, creating strategic security plans and ensuring compliance requires the right level of expertise.+ Also on Network World: Why you need a CSO/CISO +The Information Systems Security Association spoke of a “missing generation” in information security, pointing to an estimated 300,000 to 1 million vacant cybersecurity jobs. To further complicate the labor shortfall, security professionals at enterprises understand they are in demand, and it is understood that employees will be receiving offers from other companies. According to a Ponemon study, senior security executives on average leave after 30 months on the job.To read this article in full or to leave a comment, please click here
You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most likely to be the result of employee error or an inside job, according to the ACC Foundation: State of Cybersecurity Report.It’s good to focus on firewalls, malware defenses and data protection, but too often employees are an afterthought.To read this article in full or to leave a comment, please click here
You can have the most secure system in the world, but hackers will always seek out the path of least resistance. When your defenses are good, the weak link is often your employees. Data breaches are most likely to be the result of employee error or an inside job, according to the ACC Foundation: State of Cybersecurity Report.It’s good to focus on firewalls, malware defenses and data protection, but too often employees are an afterthought.To read this article in full or to leave a comment, please click here
As more and more Internet-connected devices find their way into our homes and businesses, it’s important to remember that they represent a security risk. The Internet of Things (IoT) is growing rapidly, and in the rush for convenience, our privacy and safety is often an afterthought. Leaving them unsecured is the digital equivalent of leaving the back door unlocked.INSIDER: 5 ways to prepare for Internet of Things security threats
There are 5.5 million new things getting connected every day in 2016, as we head toward more than 20 billion by 2020, according to Gartner. That’s an awful lot of devices. They might bring all sorts of handy new features, but, whether it’s the latest cutting-edge baby monitor or a wireless doorbell camera that links to your phone, it’s also a network-connected computer and should be treated as such. Here are eight tips to help you secure those IoT devices.To read this article in full or to leave a comment, please click here
No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only to healthcare on Trend Micro’s list of the most-breached industries.With more than 500 security breaches across 320 higher education institutions since 2005, higher ed accounts for 35 percent of all breaches, according to an enlightening infographic from SysCloud.To read this article in full or to leave a comment, please click here
Michelle Drolet