Even advanced security systems are vulnerable to an insider – through malice or incompetence – opening the door or sharing information with outside actors. While many organisations’ IT departments focus their efforts primarily on hardening the organisation against external attacks, failing to understand “insider threats” can render these efforts meaningless.
Cyber risk must be articulated as a fundamental business risk and regularly reviewed at board level. Yet in many organisations cyber is still considered a risk the IT department will address, despite the existential threat for the entire business that a cyber-attack poses.
Ransomware has dominated the cybersecurity news agenda in recent months, following a spate of high-profile attacks against critical infrastructure.
You may recall in June we speculated that ransomware would be on President Biden’s agenda when he met President Putin in Geneva. We suggested that ‘the Biden administration is likely to use the opportunity to put further pressure on the Russian government to assist in closing down the criminal networks benefitting from ransomware attacks’
In the summer of 2015, a hacker group called Impact Team decided to take down Ashley Madison (owned at the time by Toronto based company, Avid Life Media) and expose their lax security. Ashley Madison’s high-profile CIO had been proclaiming that the site had amazing security because, as he put it, “It’s not lipstick on our collars anymore getting us caught, it’s digital lipstick; voicemails, text messages [etc.]”.
For decades we have used heuristic methods for analysing data, looking for pre-programed patterns through Boolean based logic: AND, OR and IF. This logic has been critical in automating simple and repetitive tasks usually prone to human error. However, this programmatic approach cannot meet the defence requirements for the current cyber threat.
Being asked to email your card details to gain a refund is not a great process but is something I was asked to do recently. Why not, you might ask? Shaun Wakefield explains.
With days to go to the G7 Summit in Cornwall, the group of seven leading economies have some big issues on their agenda. The pandemic and climate change will no doubt dominate but what about cyber and the scourge of ransomware that is hitting so many organisations?
Reliance acsn’s Vice-Chairman, Tarquin Folliss, asks Dr Buchanan if a large part of our vulnerability to the disruptive consequences of cyber-attacks is a consequence of our failure to protect adequately what is critical to us?