ISMS.online News Roundup – 12th March 2020

Welcome

How businesses are responding to the Coronavirus outbreak; Virgin Media exposed consumers’ details in an unsecured database; New Yorks answer to CCPA; How Australia can and should defend against foreign interference; and much more in this weeks edition of ISMS.online’s Information and Cybersecurity News Roundup!

Virgin Media left 900,000 consumers’ details exposed in unsecured database

Graham Cluley’s fantastic blog post describes how Virgin Media has confirmed that it has left a database containing unencrypted data of more than 900,000 UK residents, both current and potential customers, freely accessible to anyone on the Internet without the need for a password. The Office of the Information Commissioner has been notified of the incident.

Read the full article here.

Vodafone to test pandemic plan by making 1200 employees work off-site

Lydia Lewis, in this brilliant article for NewsHub, details how the 1200 members of staff at Vodafone’s New Zealand headquarters will work off-site in an effort to see how well its Business Continuity Plan works, as well as to identify any gaps, in the midst of the coronavirus outbreak.

Read the full article here.

If you want to improve your organisation’s resilience, you can with ISMS.online! We offer a comprehensive and intuitive range of Business Continuity Management tools that help you anticipate the unexpected and react well to it so you can stay business as usual in the face of a crisis, like the COVID-19 pandemic.

One billion Android devices at risk of hacking

This excellent BBC News report describes how more than a billion Android devices are at risk of being compromised because they are no longer secured by security updates and the flaw may put users across the globe at risk of data theft as well as guidance about whether your device is vulnerable.

Read the full article here.

University of Hertfordshire avoids inquiry over emailed student data

The University of Hertfordshire mistakenly posted the identities of around 2,000 students in an email. This fantastic BBC News report explains how the ICO was informed and offered advice when reviewing the case but did not take any further measures.

Read the full article here.

New York SHIELD Act FAQs

Over the past few months, companies across the US have concentrated on the California Consumer Privacy Act, but now that attention is turning east as New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) is operational in less than two weeks. This informative article is by Jackson Lewis P.C. for the National Law Review, explains everything you need to understand about the SHIELD Act, including when it comes into effect, who it will have an effect on, and how it applies to other standards.

Read the full article here.

T-Mobile falls victim to another cyberattack

In this excellent TechRadar story, Anthony Spadafora discusses how hackers have been able to access T-Mobile workers and customer data. This is the second time that US company have confirmed a security breach in the last six months. T-Mobile responded by sending SMS alerts to all affected users.

Read the full article here.

Coronavirus map used to spread malware

Graham Cluley discusses how cyber criminals have been exploiting the concerns around the Coronavirus crisis, as security researchers believe they have discovered malicious code hiding behind a website that appeared to display a heatmap of Coronavirus the latest global information in this wonderful blog post.

Read the full article here.

Italy is under partial lockdown. Some big companies say it’s ‘business as usual’

As Italy has come under quarantine over the COVID-19 pandemic, this interesting CNN article discusses how this has impacted certain institutions as well as how some claim to be running as usual due to having strong business continuity plans in place.

Read the full article here.

UK businesses still vulnerable despite huge IT spend

Sead Fadilpašić discusses how, despite UK companies investing heavily in security solutions and training in a move to become and stay compatible with data protection regulations, experts claim that these measures are being compromised by a lack of attention to simple IT values in this fantastic article for ITProPortal.

Read the full article here.

How NYC Tech is Making Sure Business Goes On in the Wake of Coronavirus Panic

The fantastic article for AlleyWatch points out what some of the technology companies in New York are doing to minimise disruption of company processes with planning and preparation in the wake of coronavirus panic.

Read the full article here.

Are you looking to improve your organisations Business Continuity Management? Having an ISO 22301 compliant BCMS demonstrates to stakeholders that your business continuity capability is appropriate to the scale and scope of your organisation. Business continuity is also an integral part of an Information Security Management System, particularly if you are already working to achieve ISO 27001 certification.

Pull together all your ISO 22301 and BCMS work in one place with ISMS.online’s pre-populated ISO 22301 add-on and range of Business Continuity Management tools. It couldn’t be easier to combine the work you already have done for your ISO 27001 certification project and expand on it, as well as making it possible to do a stand-alone BCMS. 

Cyber Resiliency, Cloud & the Evolving Role of the Firewall

When more systems migrate to cloud and hybrid computing settings, so will the risks and malicious actors that permeate today’s enterprises. In this excellent essay for DarkReading, PJ Kirner discusses that modern strategies must be innovative both in isolating risks and segmenting environments to deter attacks.

Read the full article here.

Holistic Cybersecurity a Must for the Healthcare Industry

In this article for SecurityInfoWatch, Colin Bastable discusses how the healthcare sector manages some of the most important personal data, and the latest attempts to protect confidential data does not adequately protect it, as most medical professionals typically do not realise that a significant portion of their data is available globally.

Read the full article here.

5 Data Security Errors That Can Break Your Business

In the era of data breaches, information protection is becoming increasingly challenging for businesses, but there are professionals with valuable guidance, and violation attempts can be avoided. In this insightful article for Business2Community, Rakesh Soni discusses the data protection vulnerabilities that companies create, such as human error, and how they can be avoided.

Read the full article here.

How Australia can and should defend against foreign interference

The scale of spy networks working in Australia is alive and well, with foreign interference hitting unprecedented heights of concern as recent research reveals that Australians report cybersecurity breaches every 10 minutes, costing Australian companies $29 billion a year. Within this insightful CSO article, Matt Bunker discusses the scope of spy networks in Australia, as well as five main principles and techniques to protect against cyber threats.

Read the full article here.

Gender Equality in Cybersecurity Could Drive Economic Boost

Following Sunday marking International Women’s Day, this fascinating article for Dark Reading discusses how a new report showed that, if the amount of women in technology matches the number of men, the US and UK economies could receive an increase of $30.4 billion and $12.6 billion, respectively.

Read the full article here.

Justice Department Issues Guidance on Online Intelligence Gathering for Cybersecurity

On 27 February, the Cyber Security Division of the Department of Justice published a guide containing guidelines on Legal implications while gathering online cyber threat information and obtaining data from unauthorised sources. In this excellent article for JDSupra, Jonathan Cedarbaum and Benjamin Powell discuss this guideline, presenting a range of best-practice suggestions that could be beneficial.

Read the full article here.

Hackers Hacking Hackers – Cybersecurity Specialist Insight

Recent findings have shown that cybercriminals are trojanising several hacking methods, which in turn gives the attackers complete access to their targets system. In this interesting article for InformationSecurityBuzz, specialists reflect on this method of embedding malware into malware.

Read the full article here.

Four Common Types of Cybersecurity Attacks You Need to Protect Against in 2020

While technology has become ever more sophisticated, so have the attack strategies that cyber attackers use to receive unauthorised access to networks. In this superb article for SecurityScorecard, Negin Aminian lists the most pressing cybersecurity threats that you need to defend against in 2020.

Read the full article here.

This Week in Tweets

Here are our top tweets of this week from the #infosec and #cybersecurity twitterverse.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.