Safely move on from COVID-19

ISMS.online News Roundup – 13th February 2020

Contents

Welcome

Cybercrime revenues amount to $3.5 billion; Microsoft patches security flaws being successfully exploited; the fight on space hackers; why the healthcare industry is still so poor with cybersecurity; and much more in this week’s edition of ISMS.online’s Information and Cybersecurity News Roundup!

NHS Professionals had two objectives: achieve UKAS certified ISO 27001 quickly and improve their ongoing management of information security.

Read the full case study here.

With complex IT systems that span across multiple platforms, Laura Ashley wanted an all-in-one platform to manage their ISMS and GDPR projects.

Read the full case study here.

Cyber-crime profits reached $3.5bn in 2019, says FBI

According to the Internet Crime Complaints Center (IC3) database, cyber criminals acquired $3.5 billion in cybercrimes reported to the FBI in 2019 alone. This insightful BBC News storey discusses the implications of the study and how it contrasts the reports in recent years.

Read the full article here.

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

In this brilliant article by Graham Cluley for his blog, he details how Microsoft has published one of its biggest patches ever. The update includes patches for 12 security vulnerabilities with the highest critical severity level, as well as a workaround for a zero-day Internet Explorer bug that has been successfully abused in targeted attacks.

Read the full article here.

Dutch university paid $220,000 ransom to hackers after Christmas attack

A Dutch university hosted a press conference at which it acknowledged paying a 30 bitcoin ransom to hackers who had infiltrated the network before Christmas 2019. In the press conference, the university explained the effects of the attack and the main takeaways in Graham Cluley’s blog article.

Read the full article here.

Coronavirus: HIPAA Compliance Issues

In this thought-provoking article for GovInfo Security, Marianne Kolbasuk McGee explores how U.S. regulators are reminding organizations about their HIPAA compliance duties involving patient privacy, including permitted data disclosures for public health activities as practitioners prepare to treat patients afflicted with coronavirus.

Read the full article here.

The war against space hackers: how the JPL works to secure its missions from nation-state adversaries

In this excellent TechCrunch post, Jon Evans explores how NASA’s Jet Propulsion Laboratory has started to invest heavily in information security to protect its infrastructure from threats aimed at exfiltration of secret data and proprietary technology, as well as possibly undermining billion-dollar missions.

Read the full article here.

Digital security requires reaction and vigilance

In this brilliant article for Telekom, Christian Fischer speaks to Thomas Tschersich about how security conditions for this year are likely to be much the same as in 2019, and how the absence of rapid change can have harmful effects.

Read the full article here.

Company Confidential: Reimagining Security as a Business Enabler

In this wonderful article for CBR, Ed Tagett discusses how the A CBR Dining Club event for CISOs and other IT and technology executives explained that protection should be seen as an enabler and as a company manager for the Chief Information Security Officer (CISO), as well as how CISOs should be based on results, not costs.

Read the full article here.

Blockchain: The revolution that hasn’t quite happened

Blockchain technology has been widely talked up for more than a decade but has seldom been used. Chris Baraniuk discusses why Blockchain has struggled to find meaning, beyond energising cryptocurrency like Bitcoin, as well as how it was used and why it didn’t take off, in this interesting BBC News report.

Read the full article here.

Safer Internet Day: 7 top tips for staying secure online

Since Tuesday marked Safer Internet Day, Raj Samani explores how to improve your online security hygiene as well as giving you seven tips to protect yourself online, from being sick of public free wifi, to ensuring that your systems are updated regularly, in this fantastic article for ShinyShiny.

Read the full article here.

Huawei: Senior Tories want Huawei ‘ruled out’ of 5G plans

Senior Conservatives have written to Members of Parliament to voice concerns over the government’s decision to invite Huawei to have a part in the UK’s 5G network. This interesting BBC article details the substance of the document, including the proposal for an option to the company and high-risk suppliers to be removed.

Read the full article here.

All You Need Is Love (And Security Controls)!

With Valentine’s Day just around the corner, love is undoubtedly in the air, but is it being harnessed correctly? Ray Pompon explores the highest-recommended security measures for 2020 that cover most of the risks faced by a typical organisation, in this superb article for Information Security Buzz.

Read the full article here.

Infosec Buzzword Bingo: 2020 Edition

In this excellent report for Motherboard, Kelly Shortridge outlines the key buzzwords around information security to help you better understand and navigate around the confusion of the infosec market.

Read the full article here.

ISMS.online’s all-in-one platform speeds up implementation and makes ongoing management of your ISMS much easier for your team. Additionally, our platform includes actionable ISO 27001 policies and controls documentation you can quickly adopt, adapt and add to as well, offering progress of up to 77% towards the standard, the minute you log on.

New recognition for Canada’s top women in cybersecurity

This brilliant article by IT World Canada details how the Women in Security & Resilience Network, in partnership with IT World Canada, is launching a new appreciation campaign for women in Canada who have made a significant contribution to the cyber security sector, calling for nominations on the International Women’s Day of 8 March 2020.

Read the full article here.

OCIE Publishes Cybersecurity and Resiliency Observations

The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission has released its Cyber Security and Resilience Observations. This brilliant article, published by The National Law Review, discusses the specifics of the report.

Read the full article here.

The 10 Best Cybersecurity TED Talks For Practitioners

This excellent Solutions Review article has compiled a list of the best cybersecurity TED talks that all professionals should see from industry experts on how important they are to the world of cybersecurity and the value they can bring to your business.

Read the full article here.

Why is the healthcare industry still so bad at cybersecurity?

In this interesting article for ArsTechnica, Yael Grauer discusses the security issues facing the healthcare industry after this year’s CyberMed conference. The conference discusses what is at stake in a fragile medical environment.

Read the full article here.

Security professional calls for ‘kumbaya’ approach to information sharing across sectors

Samantha Ann Schwartz discusses how cybersecurity is largely the same between the public and private sectors, but national governments are not exploiting the intelligence capabilities of corporations and how the response times to ransomware threats have declined due to its availability in this brilliant article for CIO Dive.

Read the full article here.

Fintech Innovation vs. Cybersecurity Concerns

According to the current bi-annual First American Real Estate Sentiment Survey, homebuying becomes becoming digital and more effective as homebuyers and real estate practitioners are rapidly adopting new fintech technologies, but this increases the risk of cyberattacks. In this terrific post for DSNews, Krista F. Brock discusses what this entails.

Read the full article here.

The five vital steps to improved cyber-resilience

2020 has already seen a steady stream of data breaches, critical bug disclosures, and ransomware attacks, so its no wonder why organisations are increasingly looking beyond cybersecurity to focus on cyber resilience. James Spiteri explores five ways in which you can improve your cyber resilience, for IT Pro Portal.

Read the full article here.

The People Factor: Understanding The Psychology Of Cyberattacks

In this brilliant article on Information Security Buzz, Richard McLoughlin discusses what makes a successful cyber attack and explains how cyber criminals use a wide range of tools and strategies to gain access to their target networks as well as to manipulate people’s behaviour in the organisations they threaten.

Read the full article here.

5 Ways Small Businesses Can Improve Cybersecurity

As the number of cyberattacks in the UK rises, small businesses need to be proactive in their approach to cybersecurity, Robert Wright has brought together best five recommendations on how to execute a cyber protection plan in this brilliant post for the Global Banking and Finance Review.

Read the full article here.

Three Cybersecurity Bills Blocked by Senate Majority Again

The fascinating article for MSSP Alert, DH Kass describes how the Senate majority has thwarted three bipartisan election protection measures, the underlying fears of the intelligence community and the bill supporters that foreign interference in the forthcoming presidential elections has already started and will intensify.

Read the full article here.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.

GET IN TOUCH

Phone:   +44 (0)1273 041140
Email:    enquiries@isms.online