Select Page

Month: October 2017

Cyber security expert on new online threat called ‘Reaper’

Reports of a scary new threat to your online security called, Reaper, have come out just in time for Halloween. Robert Jorgensen, a Professor at Utah Valley University, joined Brian Carlson to explain what that means for you. A botnet is a collection of computers or internet connected devices that have been compromised by an attacker to be used for nefarious purposes. Each device is called a zombie, and it basically acts like it should until it is issued commands. These commands can instruct the devices to send spam or even attack other computers. So, what is Reaper? It is a name of a new botnet that is currently spreading through the “internet of things”. Initial estimates of how many computers are in this botnet were in the millions, but now most researchers say it is about 30,000. Right now it doesn’t seem to be doing much of anything but spreading and waiting. Last year, the Mirai botnet took out Reddit, Netflix, Twitter, and other sites. This one has the potential to do something similar, especially if it takes over more devices. Jorgensen recommends updating your devices to protect yourself. When getting new devices during Black Friday and while doing other holiday shopping, check to see if there are updates from the manufacturer. If the device has a default password, change it to something...

Read More

Jersey: Cybersecurity: How Safe Is Your Workforce?

In mid-May 2017 unprecedented global hacks brought organisations including the NHS, Telefónica and FedEx to a standstill.   Incidents such as this ensure that the public focus is firmly fixed on attacks by faceless criminal third parties.  However when it comes to the protection of vital corporate and client data organisations must also recognise the risks much closer to home, posed by their own personnel.  IBM’s “2016 Cyber Security Intelligence Index” found that 60% of all attacks were carried out by insiders.  Three quarters of these attacks were malicious, with the remainder involving reckless or inadvertent breaches by employees.  It may be necessary to think again about how we tackle cybercrime, given the potential business ramifications, financial, reputational and operational. Employee risk Cyber risk isn’t just a matter for an organisation’s IT department or about having the most-up-to-date software.  Employees need to be trained to understand cyber risk and given the tools to identify and deal with such risk appropriately.  This can only be done effectively if the whole organisation buys into the process.  This is fundamentally a governance issue: as with any other area of risk, it must be managed coherently with arrangements covering all of those who can access organisational information, including directors, employees and contractors. Human error and malicious intent Not all data breaches are deliberate or malicious: many are down to simple human error.  It may involve a...

Read More

HK cyber security regulations expected to result in more jobs and higher pay for IT professionals

According to a new independent research commissioned by recruitment firm Robert Half, confidence to successfully respond to new regulation is high amongst Hong Kong’s IT leaders, despite the city facing increased risks of cyber-attacks. The research reveals, in light of the Hong Kong government’s Cyber Resilience Assessment Framework (C-RAF), that 83% of Hong Kong CIOs are confident in their organization’s ability to respond to any new government regulations to improve their organization’s cyber security practices, as they believe they have skilled cyber security talent in place within their company to respond to the latest regulations. C-RAF is a risk-based cyber security maturity assessment tool to help Authorized Institutions (AIs) evaluate their cyber-resilience, and is part of the government’s wider Cyber-security Fortification Initiative (CFI). The initiative is designed to further strengthen the cyber-resilience of banks in Hong Kong. The government’s increased focus on cyber security regulation has resulted in increasing optimism among Hong Kong’s IT leaders. When asked what impact they expect the increased focus on security regulation will have on the IT jobs market in Hong Kong, 31% of CIOs believe that it will lead to an increase in job opportunities and an increase in average salaries for cyber security specialists. Indeed, the 2017 Robert Half Salary Guide shows a 14% year-on-year increase in starting salaries for IT security specialists. In addition to this, more than two in three...

Read More

Columbus State dedicates TSYS Center for Cybersecurity

In a ceremony Monday afternoon, Columbus State University dedicated the TSYS Center for Cybersecurity, celebrating another chapter in the partnership between the university and the electronic payments processor – and demonstrating their commitment to developing and training employees for such an essential career field. The center is a $2.5 million project and part of the $5 million gift TSYS gave in 2015toward the university’s more than $100 million First Choice fundraising campaign. CSU moved to the library a computer lab on the ground floor in the Center for Technology and Commerce to make room for the cybersecurity center, where two learning spaces are equipped with state-of-the-art technology to teach cybersecurity. To put this project in perspective, CSU president Chris Markwood gave the gathered guests a history lesson about the university’s partnership with TSYS. “When the company was first starting to flourish, they had such a need for computer programmers that they considered moving their headquarters out of Columbus so they would have easier access to the talent they craved,” Markwood said. “However, Columbus State University stepped in and worked with them to develop a partnership program that allowed CSU to tailor our computer science courses so we train the workers to the exact requirements that TSYS needed. “I’m told there are now more than 1,000 Columbus State University alumni who have worked at TSYS at one time or another (including CEO...

Read More

SANS Announces Second Annual Automotive Cybersecurity Summit

SANS Institute, the global leader in information security training, today announced the second annual Automotive Cybersecurity Summit and Training taking place in Chicago, IL May 1-8, 2018. The SANS Automotive Cyber Security Summit was created to develop and foster a culture of cyber-intelligence and awareness in organizations across the vehicle supply chain and digital ecosystem. Leading automotive cybersecurity experts, seasoned practitioners, policy makers, and system designers will come together to characterize industry risks and discuss what can be done to safeguard organizations, products and customers from the evolving threat landscape. “We look forward to continuing the conversation at the 2018 Summit where we will discuss the opportunities related to connected vehicles of all types, their interactions with the environment, and the complexities of the extended supply chain,” said Mike Assante, Summit Chair and Director of SANS Industrial Practice Area. “Experts will share best practices and guidance for the design, build, operation, and maintenance aspects of the contemporary vehicle lifecycle and their supporting infrastructures.” The SANS Automotive Cybersecurity Summit and Training brings together the public and private-sector, manufacturers, suppliers, assemblers, and technology providers to discuss the increasingly complex and interdependent relationships between smart vehicles and ever-expanding smart infrastructures. Connected cars, trucks, fleets, heavy machinery and the networked systems in which they interact will all be explored. The Summit will include two days of in-depth presentations followed by six days of immersive cybersecurity education courses that...

Read More