Cyber Connections News Roundup: June 4

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

June 4, 2019

Startup BlueVoyant Raises $82.5 Million at a Valuation in Excess of $400 Million

According to a recent article on www.techcrunch.com, New York based cybersecurity startup BlueVoyant, a provider of managed security, professional services and, threat intelligence, has raised $82.5 million in a Series B round of funding at a valuation in excess of $430 million. The funding is coming from a range of new and existing investors that includes fintech giant Fiserv. Read more.

Cybersecurity Stands to Benefit from Advancements in AI

An article on www.globalsign.com reports that cybersecurity may be one of the key beneficiaries of advancements in artificial intelligence (AI). AI, for example, can be used to detect imminent threats by collecting data from different logs and records and identifying new threats that are being spread by hackers. AI can also identify malware and spyware trends by analyzing data across multiple channels. AI lets users detect malware systems faster and before they can do damage on a large scale. Read more.

Middle East and Africa Cybersecurity Market Expect to Take Off

A new report featured on www.researchandmarkets.com predicts that the Middle East and Africa cybersecurity markets will expand at a CAGR of 11.9 percent and is expected to be valued at USD 23.4 billion by 2023. Contributing to this rise is the digitization in verticals such as banking, financial services, government, and the oil and gas industries, which has triggered the risk of cyber attacks. The main reason for the cybersecurity market’s exponential growth rate is improved awareness, and the adoption of various cybersecurity services that are needed to safeguard smart grid devices, digitized businesses, and IoT-based smart cities. Read more.

New Cybersecurity Legislation Aims to Secure Nation’s Election

Sens. Amy Klobuchar, D-Minn., and Susan Collins, R-Maine, introduced legislation to secure the nation’s elections by providing training to state and local election officials, according to a report on www.brainerddispatch.com. The “Invest in Our Democracy Act of 2019” would direct the Election Assistance Commission to provide grants in support of continuing education in election administration or cybersecurity for election officials and employees. The Act would establish a grant program administered by the Election Assistance Commission to cover up to 75 percent of the cost of the yearly tuition of election officials and employees who are enrolled in an accredited certificate program for election administration or cybersecurity. The Act would also provide $1 million for fiscal year 2021 and such sums necessary for each fiscal year between 2022 and 2028. Read more.

Poor Cybersecurity Can Do Damage Beyond Your Bottom Line

A recent article on www.securityboulevard.com enumerates the ways poor cybersecurity measures could harm your business. For example, your initial impression may be that weak cybersecurity only affects your organization, but a lack in cybersecurity can also be problematic for an organization’s customers and wider markets. Companies can steer clear of this fault by taking a top-down approach to cybersecurity. Read more.

 

Cyber Connections News Roundup: May 21

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

May 21, 2019

States Make Strides In Cybersecurity But Is it Enough?

On https://www.govtech.com, blogger Dan Lohrmann offered a report from the National Governors Association Center for Best Practices’ third National Summit on State Cybersecurity (May 14-15, 2019 at the Shreveport Convention Center). The event convened state homeland security advisors, chief information officers, chief information security officers, governors’ policy advisors, National Guard leaders and others to explore cybersecurity challenges and promising practices. Overall, Lohrmann observed “a sense of how far the nation has come regarding cybersecurity, tempered by a recognition of how much more needs to be done.” He also highlighted comments from keynote speaker Chris Krebs, director, Cybersecurity & Infrastructure Security Agency, U.S. Department of Homeland Security, who discussed the actions of Russia during the 2016 election and reminded the audience that ransomware and a host of other cyber trends are also top priorities of the administration. Read more.

IoT Is Major Driver in Growth of Artificial Intelligence Market

According to a new report from B2B research provider MarketsandMarkets, the artificial intelligence in cybersecurity market is projected to reach USD 38.2 billion by 2026 from USD 8.8 billion in 2019. Major drivers for the market’s growth include the adoption of IoT. Other factors are the increasing number of connected devices, rising instances of cyber threats, and increasing vulnerability of Wi-Fi networks to security threats. According to the report, titled “The Artificial Intelligence in Cybersecurity Market,” opportunities include the growing need for cloud-based security solutions and the increased use of social media for business functions. Read more.

The Intersection of Trade Wars and Cybersecurity

A recent article on www.forbes.com highlights the potential for foreign adversaries to create and exploit vulnerabilities in information and communications technology and services. In light of the current trade war with China, the administration has banned two Chinese technology companies from entering U.S. markets. The Commerce Department added Huawei, the telecom equipment giant, to the Bureau of Industry and Security’s “Entity List,” a designation that bars firms from doing business with U.S. companies without a special license from the bureau. Prior to that move, the FCC voted unanimously to deny China Mobile’s application to provide telecommunications services in the United States. Read more.

The Evolution of the Utilities Industry Could Mean a Rise in Cyber Threats

The evolution of the utilities industry to a “smart infrastructure” that relies on digitized equipment and connectivity across devices, plants, and systems will most likely result in a growing number of cybersecurity threats, according to a recent article on www.helpnetsecurity.com. Current security policies of many utilities have not evolved in step with this evolution and could leave companies vulnerable. Of the six risks enumerated in this article, boundary protection tops the list. Read more.

Defining and Deploying a Cybersecurity Culture Is an Ever-Evolving Challenge

A recent article on https://cybersecurity.isaca.org/ by Luis Emilio Alvarez-Dionisi, Ph.D. and Nelly Urrego-Baquero offers a path forward, but the authors concede: “Having a cybersecurity culture is a dynamic process that demands continuous attention.” The main objective of cybersecurity culture is to develop and implement a cybersecurity culture ecosystem to support cybersecurity. Sharing the experience of establishing an advanced social and psychological groundwork may help support cybersecurity. Deploying a cybersecurity culture requires senior leadership buy in. The board of directors and senior management must decide to support and enable a cybersecurity shield to mitigate the risk associated with cyber attacks. Read more.

 

 

Cyber Connections News Roundup: May 7

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

May 7, 2019

New Cybersecurity Executive Order Focuses on Jobs and Talent Pipeline

On May 11, President Trump issued Executive Order 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” to improve the Nation’s cyber posture and capabilities in the face of intensifying cybersecurity threats. The order laid a number of federal initiatives, including standardizing job listings to help cybersecurity workers more easily move between the Department of Homeland Security and other agencies and establishing awards for elementary and secondary school educators who foster cybersecurity talent. Read more.

Finance CEOs Are Increasingly Worried About Cyber Attacks

The CEOs of some of the top financial institutions in the US, according to a recent article on https://markets.businessinsider.com, are increasingly worried about the risk of a cybersecurity attack on the nation’s financial system. Speaking at the Milken Global Institute, David Hunt, CEO of Prudential Global Investment Management, sees the next financial crisis coming from an attack on the infrastructure of the financial markets. JPMorgan CEO Jamie Dimon said cybersecurity “may very well be the biggest threat to the US financial system.” JPMorgan has stepped up its cybersecurity efforts after a 2014 cyber attack impacted 76 million households and seven million small businesses. Read more.

More Spending on Cybersecurity from Finance Sector

The finance sector is responding to concerns about cyber attacks, as described in the paragraph above, by investing more in  combating them. According to a recent survey conducted online in fall 2018 by San Diego-based Financial Services Information Sharing and Analysis Center in conjunction with the cyber risk services practice of Deloitte Touche Tohmatsu Ltd., financial institutions spend an average of 10 percent of their information technology budgets on cybersecurity. The survey of banks, insurers, investment management firms and other financial institutions, revealed that the defining characteristics of organizations that have achieved cybersecurity’s highest maturity level, as defined by the National Institute of Standards and Technology. These include securing the involvement of top executives and the board; raising cybersecurity awareness within the organization beyond the IT department; and aligning cybersecurity efforts more closely with the company’s business strategy. Read more.

Local Economy and Talent Are Driving Growth Maryland’s Cyber Economy

A recent article on https://technical.ly/baltimore/ points to economic and local talent factors as key drivers of Maryland cybersecurity’s economic growth. The growth of tech in general has resulted in a greater need for protection. And Maryland, with its close proximity to the federal government, has for a long time been the home for people who have been working on the protection side for a long time. Meanwhile, the state is offering incentives to help cybersecurity companies. Last year, for example, the Cybersecurity Association of Maryland encouraged legislation to provide tax credits for investors and companies that “Buy Maryland Cybersecurity” within the state. Read more.

Marketing Teams Are Unsung Heroes of Cybersecurity Success

According to a recent article on www.techrepublic.com, when digital assets are breached, it is the marketing department that is on the front line of relaying the company’s position going forward to affected customers and the media. Marketers must become educated in the threat landscape and understand how to communicate the company’s response to customers, according to Norman Guadagno, senior VP of marketing and chief evangelist at Carbonite. Guadagno shares his tips with fellow marketers in a recent Medium article titled “Marketers, You Will Be Hacked.” Read more.

Cyber Connections News Roundup: April 23

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

April 23, 2019

New Vermont Law School Study Examines Current State of Grid Cybersecurity

A recent article on https://dailyenergyinsider.com reports on a new study by the Vermont Law School’s Institute for Energy and the Environment that focuses on the challenges of protecting the electric grid from cyber attacks and provides some solutions for future success. The “Improving the Cybersecurity of the Electric Distribution Grid” study, funded by Florida-based nonprofit Protect Our Power, includes case studies of several states that detail ongoing challenges while also examining best practices for how state electric utility commissions and their regulated utilities can increase investments to enhance grid security. Read more.

Challenges Ahead for Linux, IoT and Cybersecurity

Linux, a family of free and open-source operating systems developed in 1991 by Linus Torvalds, serves as the backbone of the Internet and the Android operating system. Now, Linux is expanding into the realm of the Internet of Things (IoT), providing the foundation for domestic appliances, cars and many other devices that require a minimal operating system to run dedicated software. However, the Chrysler recall of 1.4 million vehicles in 2016 after a pair of hackers demonstrated a remote hijack of a Jeep’s digital systems exposed the cybersecurity risks related to IoT. A recent article on https://securityboulevard.com lays out the challenges associated with the proliferation of IoT devices running Linux. Read more.

Global Healthcare Cybersecurity Market to Exceed $12 Million by 2025

According to a new report by The Research Insights titled “Global Healthcare Cyber Security Market,” increasing incidents of hacking and other forms of cybercrimes have increased the need for cybersecurity in the healthcare sector. As a result, healthcare organizations are increasingly adopting cybersecurity solutions for keeping the cybercriminals at bay. Healthcare providers are investing more to secure their connected networks and devices. A summary of the report can be found on http://industryreports24.com. Read more.

Take a Peek Inside the NSA’s Approach to Cybersecurity

A recent article on www.govloop.com offers an inside look at how the National Security Agency (NSA) addresses cybersecurity challenges. According to Marianne Bailey, the NSA’s Deputy National Manager (DNM) for National Security Systems (NSS), the government spends a significant amount of money combating cyber threats that often cost very little to deploy. But the cost incurred by cyber threats per year comes to about $500 billion. The NSA is now pushing toward enterprise solutions, but the challenge, according to Bailey, is that the agency operates millions of devices developed in every generation imaginable. Read more.

World Economic Forum Weighs in on Blockchain Cybersecurity

The World Economic Forum has published an article titled “3 Things You Need to Know About Securing a Blockchain,” a detailed analysis of what today’s global leaders must do to secure blockchain technologies while leveraging benefits. Tech leaders may be aware of the many security benefits inherent with a blockchain, such as cryptography, immutability, decentralization, but questions remain about the best approach to combating the ways in which attackers compromise blockchain technologies. Read more.

Cyber Connections News Roundup: April 9

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

April 9, 2019

The Legal Industry Must Do More to Address Cyber Threats

Part one of a recent two-part article on www.abovethelaw.com focuses on the cybersecurity risk landscape in the legal industry and what attorneys and firms can do to reduce their exposure to threats and attacks. Considering the value of the information exchanged between client and attorney, including material related to intellectual property, and mergers and acquisitions, it’s reasonable to understand why law firms are particularly vulnerable to breaches and attacks. The article cites two major examples – the breach of 11.5 million documents from Panama-based law firm Mossack Fonseca in 2016 and the 2017 ransom ware attack on DLA Piper. Part two of the article will focus on what firms and attorneys can do to protect their data and mitigate risk. Read more.

The Skills Cybersecurity Pros Need to Develop to Complete in 2019

Regardless of the talent shortage that exits in the cybersecurity industry, professionals still need to gain an edge to compete for the top positions and highest salaries. To help, the website www.darkreading.com offers six sills cyber pros need to in 2019 to stand out. Coding, data science and privacy expertise rank high on the list of the areas of expertise today’s cyber pros should consider honing. Read more.

The State of Cybersecurity in Education: It’s a People Problem

Institutions of higher education face a dilemma, according to a recent article on https://edscoop.com. Restricting users in order to secure networks means limiting the collaborative nature of higher education. The real problem among educational institutions is human error. According to a 2018 report published by the consultancy EdTech Strategies, 54 percent of all digital data breach incidents experienced by K-12 schools were directly carried out or caused by members of the affected school community. Further frustrating schools’ cybersecurity, according to the article, is the open nature of many schools’ networks. The bottom line is that investment in technology and upgrades are not enough to eradicate threats. Read more.

The Emergence of 5G Networks and the Impact on Cybersecurity

As major network operators roll out their 5G plans,  it’s clear that a new era of connectivity is upon us with  5G playing a leading role in shaping our future, according to an article on www.techradar.com. According global telecom company Ericsson, in just five years’ time over 1.5 billion of us will be connected to 5G. In the meantime, the IT community has been voicing its concerns for the cybersecurity landscape. The widespread opinion is that 2G, 3G and 4G were designed for people, whereas 5G is  designed for the Internet of Things (IoT). Given this scenario, it is more important than ever than companies reevaluate their security strategies. Read more.

Companies Will Invest More in Cybersecurity if They Understand the Real Cost of an Attack

According to IBM, the average cost of a cybersecurity breach is now at $3,860,000, a 6.4 percent increase in their estimate for 2017. Perhaps if we examine the cost of a cyber attack to a business, we may do more to address future threats. A recent article on https://hub.packtpub.com puts the cost of an attack in real numbers to help us gain a better understanding of the impact on the bottom line. The article, an excerpt from the book Hands-On Cybersecurity for Financeby Dr. Erdal Ozkaya and Milad Aslaner, uses cost to motivate organizations to come up with better tools and strategies to prevent attacks. Read more.

Cyber Connections News Roundup: March 26

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 26, 2019

Building an Effective Cybersecurity Program Starts with the Perimeter

Cybersecurity is not a device, a recent article on www.forbes.com reminds us. No matter the size of your business, an effective cybersecurity program starts with defining and protecting your perimeter, much like you would with your personal property. Defining and defending the perimeter is one pillar of a successful program. Others include understanding your data, controlling access to that data, training, and providing assurance to all stakeholders that the data is protected. Read more.

K-12 Leaders Must Fully Embrace Cybersecrurity

As schools continue to adopt leading-edge technology for teaching, learning, and operations, a lack of cybersecurity expertise at the top may introduce new risks to school district operations, according to an article on www.edweek.com. Local K-12 schools were reported to have the least mature cybersecurity risk-management practices of any state or local government agency, according to a review by the Multi-State Information Sharing & Analysis Center. Similarly, a survey published last year by the National School Boards Association found that school officials are less prepared for cyber attacks than their peers in private sector companies. To combat attacks, superintendents and school board members jointly embrace their cybersecurity governance responsibilities. Read more.

Cyber Competitions Play a Central Role in Closing the Skills Gap

Cybersecurity competitions such as hackathons are among the key activities students can do to get ready to enter the job market, according to a recent article on www.securityboulevard.com. In addition to providing hands-on training to detect security vulnerabilities, competitions offer a number of other not-so-visible benefits for aspiring cybersecurity professionals as they prepare to succeed in the job market and their careers, such as team building, critical thinking and gender parity. Read more.

Federal Cybersecurity Laws Still Face Challenges as States See Progress

A recent report on www.thehill.com suggests that the 2020 presidential race may help advance the issue of cybersecurity standards at the federal level as the legislative records of three top Democratic hopefuls, Sen. Kamala Harris (D-Calif.), Sen. Kirsten Gillibrand (D-N.Y.), and Sen. Elizabeth Warren (D-Mass.), could bring cybersecurity to the forefront. Encouraging as this may be, the report also points out that standardizing cybersecurity practices at the federal level also faces significant challenges, such as jurisdiction issues and the siloing of best practices among federal agencies. Fortunately we’re seeing progress at the state level with regard to proposed regulations. Read more.

Congress Introduces Bill to Address IoT Security

As reported on www.securitytoday.com and elsewhere, members of the U.S. Senate and House of Representatives introduced on March 11 the Internet of Things Cybersecurity Improvement Act, a bill that proposes to bring legislative action to improve cybersecurity in the emerging technology. The Act aims to address the national security threat posed by insecure IoT devices by requiring a bare minimum of security standards for any device used by the federal government. The bill would not establish security standards for IoT companies across the board, just those that want to sell to the U.S. government. Read more.

 

 

Cyber Connections News Roundup: March 12

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 12, 2019

Hackers Penetrate Three U.S. Colleges

Hackers recently breached admissions files at three private colleges, Oberlin College in Ohio, Grinnell College in Iowa and Hamilton College in New York. According to a www.washingtonpost.com report, applicants to each of the three colleges received a suspicious email offering them the chance to buy their admission files. For a fee, the sender promised access to confidential information in the applicant’s file, including comments from admissions officers and a tentative decision. The emails demanded thousands of dollars in ransom from prospective students for personal information the hackers claimed to have stolen. Read more.

New Study Predicts Steep Growth in Cybersecurity Market

According to a new study by Absolute Markets Insights, the cybersecurity market will grow at a CAGR of 13.5 percent over the forecast years (2019 – 2027). Cyber attacks, predicted as the fastest growing type of crime worldwide during this period, are predicted to drive this increase. Emerging technologies, such as machine learning and big data, are also increasingly causing several industries to become more vulnerable to exploitation and cyber-attacks. Read more.

AT&T Launches Cybersecurity Division

AT&T announced at last week’s RSA Conference (March 4-8) a new standalone security division, AT&T Cybersecurity. The new unit, according to a recent report on www.sdxcentral.com, combines technology and threat intelligence from Alien Vault, which A&T acquired last year, and AT&T’s security consulting and managed services. AT&T also announced that it has become the first North American operator to join the Global Telco Security Alliance, a group launched last year by Etisalat, Singtel, SoftBank, and Telefónica to share threat intelligence and security best practices. Read more.

Winning the War on Cybersecurity Starts Young

In a recent opinion post on www.forbes.com, Danny Pehar, managing director of security awareness at Cytelligence, maintains that instilling cybersecurity knowledge and awareness in the next generation of Internet users is the key to making progress in winning the war on cybersecurity. Sharing digital information has become such a big part of our every day lives that it has become vital that we teach children how to determine whether or not certain information is sensitive and how it needs to be protected. The bottom line, according to Pehar, is teaching young people about risk. “Everything in cybersecurity begins and ends with the understanding that if you have data, then you have cyber risk,” he said. Read more.

Should Selling Products Now Mean Selling Trust?

A recent article Harvard Business Review article illuminates two conflicting trends: an increased reliance on software and technology in just about every aspect of our lives and the inherent privacy and security vulnerabilities that come with the territory. More and more companies are adopting the philosophy that successfully selling products means selling trust – the ability safeguard the relationship with customers by being honest about the dangers of data in the digital age. Read more.