Safely move on from COVID-19

ISMS.online News Roundup – 30th January 2020

Leaked Documents Expose the Secretive Market for Your Web Browsing Data

In this eye-opening storey for Motherboard, Joseph Cox explains how a joint investigation by Motherboard and PCMag discovered that an antivirus programme utilized by hundreds of millions of people across the globe is selling highly sensitive web browsing data to many of the world’s largest businesses through leaked documents and contracts.

Read the full article here.

Fines for European privacy breaches reach 114 million euros: report

In this brilliant article for Reuters, Douglas Busvine discusses how European authorities have levied $126 million in data violation penalties since the introduction of GDPR, that introduced tighter regulations on privacy when it came into force in mid-2018.

Read the full article here.

Statement on data protection and Brexit implementation – what you need to do

The Information Commissioner’s Office has issued an excellent statement on how data protection will not be impacted by the entering of the United Kingdom into the transitional period on 31 January after its separation from the European Union, including documents that provide advice and guidance to companies on how to plan for the end of the transitional period by the end of December 2020.

Read the full article here.

Huawei set for limited role in UK 5G networks

This Tuesday, the UK decided to allow Huawei to continue to operate on its 5 G networks, with constraints, despite calls from the US to exclude the corporation. This insightful article by Leo Kelion, for BBC News, outlines the implications of this decision for both the Chinese company and the UK as well as the responses to this decision.

Read the full article here.

What are the concerns over Huawei and the UK’s 5G network?

In this brilliant article for ITV News, Daniel Hewitt explores the key issues concerning the choice to use Huawei in the rollout of the UK 5G network, prior to the PM’s decision, and how other countries have addressed this controversy, as well as Huawei’s own response.

Read the full article here.

What can you use instead of Google and Facebook?

Online data controversies have raised concerns about the influence that technology holds as services that we use every day are perceived to be free but the true cost is our data and privacy. In this interesting BBC News storey, Tom Jackson discusses how freelance copywriter Edward Armstrong has rejected the use of Internet giants, such as Google and Facebook, over smaller alternatives that offer greater privacy.

Read the full article here.

New IoT Security Regulations: The Devil’s in the Details

On Monday, the UK announced its plans to implement a minimum of three regulations for the Internet of Things products after consultations started in May 2019. Ed Targett discusses what these standards involve as well as how the consultation paper indicates lots of holes in the new policy with little clear solutions in this excellent CBR report.

Read the full article here.

1 in 10 Macs hit by crude malware that poses as Flash Player update, reports Kaspersky

According to a newly published survey by Russian security firm Kaspersky, in 2019 10% of macOS devices were infected with Shlayer malware, which usually poses as an upgrade to Adobe Flash Player. In this superb blog post, Graham Cluley explores whether this statement is true as well as how to defend yourself from becoming infected by malware like this.

Read the full article here.

Welcome to the World, NIST Privacy Framework 1.0!

This Tuesday, Data Privacy Day 2020 was marked. As a result, NIST published this excellent blog post by Naomi Lefkovitz and Kaitlin Boeckl, which details the launch of Version 1.0 of NIST’s Privacy Framework, in addition to addressing the efforts made to improve data privacy over the last decade.

Read the full article here.

Space industry group focused on cybersecurity to begin operations in spring 2020

In this fascinating article on SpaceNews, Sandra Erwin discusses how the Space Information Sharing and Analysis Center or the Space ISAC will release an unclassified platform where businesses can exchange and review cybersecurity data with an intention to start operating in the spring of this year.

Read the full article here.

The Human Element Of Cybersecurity

Since companies have become progressively targeted by cybercriminals, these threat actors exploit human laziness and fallibility with their most impactful attacks. In this excellent article for Forbes, Tim Conkle examines what organisations should do to decrease the human risk of cybersecurity.

Read the full article here.

Cybersecurity isn’t infrastructure? ‘Like hell it isn’t’ warned New Orleans mayor

Following the ransomware attack on the New Orleans City Councils computer system in December, Benjamin Freed examines how Mayor LaToya Cantrell has argued for cybersecurity support to be included in the city’s budget for critical infrastructure, as well as the expense of this incident on the city and its services, in this brilliant article for StateScoop.

Read the full article here.

C-suite unprepared for NotPetya and other extinction-level cyberattacks

Allen Bernard discusses how, after a survey conducted by Deloitte, 65 per cent of cybersecurity experts and C-suite executives regard disruptive cyber attacks as a top priority for cybersecurity. He goes on to explore why so many executives often are not aware of what their organisation’s cyber defences are or do not take sufficient actions to prevent incidents in this fascinating TechRepublic post.

Read the full article here.

UK Government releases new cyber security guidance for ports

The UK Department for Transport published a new Code of Practice on Cyber Security for United Kingdom ports on Monday. Beth Maundrill describes how the document identified the impact of the 2017 cyber attack on Maersk, that resulted in losses of $200 to $300 million as a reason for cyberattacks on port systems to no longer be considered theoretical in this terrific article for Port Technology.

Read the full article here.

Top Ways to Avoid Security Breaches in 2020

Financial institutions should implement digital infrastructure strategies since cyber-attacks and data breaches are more expensive to financial institutions than any other sector. Stuart R. Crawford discusses the top priorities, according to 360 Smart Networks, to be included in any organization’s cybersecurity strategy in this wonderful TechZone360 post.

Read the full article here.

The future of telecoms in the UK

In this excellent NCSC blog post, Technical Director Dr Ian Levy discusses how the technology research behind the Department for Digital, Culture, Media and Sport’s supply chain assessment could guarantee that UK telecommunications networks are safe irrespective of the suppliers used.

Read the full article here.

Cybersecurity in 2020: The rise of the CISO

In this superb episode of MIT Technology Review’s Business Lab podcast, Laurel Ruma speaks to Stephanie Balaouras about how the proliferation of data breaches in 2019 has shown companies that the world of cyber threats is more and more nuanced and dangerous demonstrated that all organisations should have a Chief Information Security Officer or CISO.

Read the full article here.

This Week in Tweets

Here are our top tweets of this week from the #infosec and #cybersecurity twitterverse.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.

GET IN TOUCH

Phone:   +44 (0)1273 041140
Email:    enquiries@isms.online