Cybersecurity – Page 11 – Cyber Law Watch

Security incidents high, confidence to manage them low. Really? We did see this coming – why aren’t we better prepared?

Aug 31 2017

By Cameron Abbott and Olivia Coburn

RiskIQ, a US-based cyber security company, has reported that 40% of businesses surveyed in the US and the UK have experienced 5 or more significant security incidents in the past 12 months. Significant incidents include malware, targeted attacks, mobile exposures, rogue mobile apps, website or brand abuse, phishing and social impersonation.

RiskIQ, through IDG Connect, also surveyed the confidence of corporate decision-makers in their ability to handle and mitigate cyber threats. Their report, 2017 State of Enterprise Digital Defense Report, reveals that nearly two-thirds of respondents had no to modest confidence in their ability to manage digital threats.

Gartner: Worldwide spending on information security to reach $93 billion in 2018

Aug 24 2017

By Cameron Abbott and Olivia Coburn

Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.

This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.

Together we are stronger – Australia and Singapore partner up on cybersecurity

Jun 06 2017

By Cameron Abbott and Allison Wallace

A freshly inked Memorandum of Understanding between Australia and Singapore will see the two countries strengthen their cybersecurity through a joint effort to build a secure and resilient cyber space.

The two-year partnership which was signed last week, will see Singapore’s Cyber Security Agency work with the Australian government to conduct regular information exchanges on cyber threats, share best practices to promote innovation in cyber security, and build cyber security capabilities. Read More

Is your IoT device putting you at risk?

Mar 21 2017

By Cameron Abbott and Giles Whittaker

As the uptake of IoT (Internet of Things) devices increases, industry experts question whether adequate cybersecurity measures are in place. While we are not surprised with the results of a recent survey, it has been confirmed that IoT devices represent the next big cybersecurity threat.

A Tripwire study found 96% of surveyed IT pros expect to see an increase in security attacks on IoT. The study acknowledges the promise of these devices in facilitating tasks and bringing convenience, but also notes the risk they pose as they’re not always built with security in mind. The study found the industries facing the biggest threat include energy, utilities, government, healthcare and finance with devices connecting the Industrial Internet of Things viewed as susceptible to serious consequences. David Meltzer, COO at Tripwire, says there must be a change in the level of preparation for such attacks or the realization of these risks will be experienced.

Juniper report predicts IoT botnets will be an unmanageable cyber-security issue

Jan 26 2017

By Cameron Abbott

Juniper’s Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021 cautions that the scale of connectivity related to consumer IoT will lead to unmanageable cybersecurity risk created by botnets in excess of 1 million units. The research found that botnets that disrupt internet services form part of the near-term threat landscape and will be used for more malicious purposes in the future. Botnets are expected to be used not only to disrupt services, but also to create a distraction in order to enable multi-pronged attacks. While the research calls on IoT manufacturers to implement security-by-design, it also found the market is wide open for challenger security vendors.

Cyber-attacks: a problem in 2016, still a problem in 2017

Jan 11 2017

By Cameron Abbott and Allison Wallace

A survey of nearly 600 organisations across a variety of industries globally has revealed 98% of these organisations experienced some form of cyber-attack in 2016. (We are left wondering if the other 2% just didn’t notice?)

The survey, conducted by cyber-security company Radware, also found that many organisations are still not prepared to face the threat landscape including that 40% of organisations do not have an incident response plan in place.

Respondents indicated that ransom was the top motivation behind cyber-attacks (41%), followed by insider threats (27%), political hacktivism (26%) and competition (26%).

Radware’s Vice President of Security Solutions, Carl Herberger, says that money is the top motivator in today’s threat landscape. He says “attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data”.

Radware predicts that in 2017, we will see an increase in the use of IoT botnets, cyber ransom, telephony DoS, permanent denial of service for data centre and IoT operations, and public transport being held hostage.

Not the most positive outlook for 2017, but it would be a brave person to suggest they are wrong with those predictions.

UK companies taking on cybersecurity-related insurance in soaring numbers

Jan 09 2017

By Cameron Abbott and Allison Wallace

There was a 50% growth in the adoption of cybersecurity-related insurance in the UK between 2015 and 2016.

CFC Underwriting discovered the trend after polling industry representatives at the 2016 Cyber Symposium late last year.

The underwriter, which provides cyber insurance to more than 20000 clients globally, found the factors driving clients to purchase these kinds of policies included the “fear factor” of a cyber attack (23%) and the impending introduction of the European General Data Protection Regulation in 2018 (26%).

More than half of the respondents to the poll (53%) indicated they believed electronic computer crime will lead to an increase in insurance claims. Earlier figures released by CFC Underwriting revealed it handled over 400 claims on cyber policies in 2016, a 78% increase on 2015.

Boards Push Insurers to Quantify Cyber Risks

Nov 02 2016

By Cameron Abbott and Rebecca Murray

US risk management firm Advisen recently held the Cyber Risk Insights Conference where insurers, brokers, corporate risk managers and CSOs came together to discuss the importance of company CFOs quantifying cybersecurity risks. Panelists included the risk managers of Merck and Time, who both classified cybersecurity risk exposure as a top danger faced by corporations. Time’s risk management department, for example, is working to quantify the company’s exposure to cyber attacks so that it can transfer some of the risks to insurers. However, Time’s director of risk management says culling all cyber-risk-management information together in a meaningfully predictive way is a challenging task.

Furthermore, gaining assistance from insurers about how to quantitatively define cybersecurity risk is also problematic as the insurance industry is only getting started on truly understanding how to forecast cyber losses. Cyber security practice leader for insurance broker Lockton Cos, Ben Beeson has revealed that insurers have only really become aware of the vast extent of loss that can eventuate when handling personal data this year. Keeping up with incredibly evolving and dynamic cybersecurity threats is sure to be an immense challenge for insurers. Read more here.

Threat from hackers against Internet of Things grows

Oct 17 2016

By Cameron Abbott and Rebecca Murray

New research by Akamai Technologies has revealed that cyber criminals have cracked into as many as two million Internet-of-Things (IoT) devices at homes and businesses. IoT devices are products that connect to the internet, which now include refrigerators, sound systems, televisions and home security systems. In the report, researchers state that “Once malicious users access the web administration console of these device they can then compromise the device’s data and in some cases, take over the machine.” This report sheds much needed light on one of the most under-focused on areas of cyber security. Read the report here.

Sour Apple blasts the Banks for application to ACCC

Aug 10 2016

By Cameron Abbott and Rebecca Murray

Last month we reported that three of Australia’s largest banks had collectively launched an application to the ACCC seeking permission to negotiate with Apple Inc. to install their own electronic payment applications on iPhones.

Apple has submitted a scathing response to the ACCC, warning that allowing the banks to negotiate will compromise the iPhone handset’s security, reduce innovation and blunt Apple’s entry into the payments market in Australia. Read Apple’s submission to the ACCC here.

Apple expressed particular concern about security risks, claiming that providing simple access to NFC antenna by banking applications would fundamentally diminish the high level of security of Apple devices. This concern is not unwarranted as it was recently revealed that hackers have found ways to intercept contactless mobile payments in Samsung’s latest Galaxy smartphones. While Samsung refuted this in a recent blog post, an attached Samsung FAQ revealed that it is possible for an attacker to skim a smartphone’s payment token and make fraudulent purchases.

Tag:Cybersecurity