Cyber Connections News Roundup: January 15

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

January 15, 2018

Cybersecurity Implications of the Government Shutdown Could Have Long-term Implications

Furloughed workers and frozen funding has compromised our nation’s defenses against foreign cyber attackers, according to cyber blogger Joseph Steinberg. As a very basic example, it is highly unlikely that updates and patches are being tested and applied in a timely fashion to all computers that need them. The shutdown is also having a dramatic impact on the ability of key federal departments and agencies, such as the Department of Homeland Security and the National Institute of Standards and Technology, to secure the private sector, according to a recent www.govtech.com report. Read more.

Compliance Costs and Mobile Attacks Top the List of APAC Cyber Predictions for 2019

According to a recent article on www.networksasia.net, China is the top source of security incidents in Asia, accounting for more than one-fifth (22.8%) of them, followed followed by India (18.4%) and Russia (11.3%). These insights were derived from research developed by Ensign InfoSecurity (EIS), from the period of October 2017 to March 2018. Key cybersecurity predictions for the APAC region include: rising compliance costs; growing attacks on mobile, cloud platforms and SCADA systems; an increased influence of artificial intelligence; and an increase in the complexity of attacks. Read more.

Airline Industry To Take a More Proactive Stance on Cyber Threats

Airports and airlines are industry leaders when it comes to physical security checks, such as baggage scans, restrictions on liquids, and random passenger searches. But now they are focusing more on online threats, according to a recent www.webtravel.com report. The wake-up call came last year, when Cathay Pacific, British Airways, Delta Air Lines and Singapore Airlines all experienced cybersecurity breaches that exposed the personal data of millions of travellers worldwide. Read more.

U.S. Education Industry’s Cybersecurity Lags Behind 16 Other Sectors

According to a recent http://www.edweek.com article, the education industry has the worst cybersecurity vulnerability among 17 industry sectors. Citing a recent report by SecurityScorecard that surveyed 2,393 companies in the education industry, schools tend to underestimate the need for monitoring and protecting network infrastructures. The growth of computer-based assessments also creates cybersecurity concerns. Read more.

HHS Releases Voluntary Healthcare Cybersecurity Practices

In late December, the Department of Health and Human Services (HHS) released voluntary cybersecurity practices to the healthcare industry with the aim of providing practice guidelines to cost-effectively reduce cybersecurity risks. According to a report on www.healthcare-informatics.com, the “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients” publication aims to provide guidance to healthcare organizations of all types and sizes, ranging from local clinics to large hospital systems. The publication was produced in response to a mandate set forth by the Cybersecurity Act of 2015 Section 405(d), to develop practical cybersecurity guidelines to cost-effectively reduce cybersecurity risks for the healthcare industry. Read more.

Cyber Connections News Roundup: December 18

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

December 18, 2018

Does the Latest Bitcoin Hoax Mean Ransom Attacks Are on the Rise?

On Dec. 13, school administrators, business owners and others across the U.S. and Canada received emails threatening them to pay $20,000 worth of Bitcoin or risk a deadly explosion. The scam, which put law enforcement agencies and emergency personnel on high alert, represents a shift in the threat landscape, namely as it relates to scale, according to a recent article on http://www.circa.com. Once phoned in, perpetrators now can email thousands of bomb threats and financial scams with one click of the mouse. Ransom attacks are most likely on the rise, as they are seen as an inexpensive and easy way for individuals and nation states to raise money and move that money around. Read more.

Why Satellites Need Cybersecurity Too

Cybersecurity is a threat countries must not overlook when protecting their satellites, according to a recent article on http://www.space.com. Vulnerable to a number of different types of threats and attacks are hard to trace, satellites also have a series of attack points, rather than a single entry point that’s easier to defend. Read more.

Think a Department of Cybersecurity is a Good Idea? Maybe Think Again

A recent report from http://www.defense360.com argues that many of the cybersecurity challenges we face today already have an approach suited to the problem, and none of them involve a Department of Cybersecurity, a disruptive bureaucratic solution that would fail to solve problems and may also add new ones. One notable concern is that turning cybersecurity over to a centralized department runs the risk of a one-size-fits-all technical solution that does not consider the unique risk environments of other agencies. Read more.

Aramco and Raytheon Cybersecurity Joint Venture A Boon to Job Creation

Saudi Aramco and American defense contractor Raytheon have signed a memorandum of understanding (MoU) to establish a joint venture cybersecurity company, the companies announced on Dec. 14. According to a report on http://www.arabianbusiness.com, the new company will market and provide cybersecurity software and hardware capabilities as well as research and development. The venture also is expected to advance Saudi Arabia’s economic development goals by creating highly skilled jobs in the cybersecurity sector. Read more.

New Mimecast Survey Exposes Lack of Employee Cybersecurity Training

According to a new study by cloud-based email protection company Mimecast, of 1,000 employees who use employer-issued devices, 25 percent of employers do not understand the most common cybersecurity threats against their organizations. Mimecast also found that only 45 percent of businesses put their employees through mandatory, formal cybersecurity training. What does this mean? According to Mimecast, it could indicate that businesses are inherently trusting of their employees. Or, it could also mean that companies simply don’t have the resources or know-how to implement formal cybersecurity training. Read more.