ISMS.online News Roundup – 20th February 2020

Welcome

Puerto Rico’s government loses $2.6 million to scam email; MGM breach exposes personal data to 10.6 million guests; how the cloud will boost your business continuity planning; is Huawei really a risk to the UK; and much more in this week’s edition of ISMS.online’s Information and Cyber Security News Roundup!

ISO 22301:2019 Security and Resilience — Business Continuity Management Systems

Our fantastic new page details the key information you need to know about ISO 22301:2019, the International Standard for Business Continuity Management Systems, whether you are a total beginner or already familiar with the standard. As well as how to get started with ISO 22301 certification and guidance to make business continuity management easier.

Read the full article here.

Protect Your Organisation Whatever The Threat With Business Continuity Management Tools

ISMS.online offers a dynamic and intuitive set of Business Continuity Management tools that help you prepare for the unexpected, then respond well to it. With our range of business continuity management tools, you can pull together all your ISO 22301 and Business Continuity Management System (BCMS) related work. ISMS.online enables you to do a stand-alone BCMS or you can integrate all your ISO 22301 with ISO 27001 requirements.

See how we can help you here.

Puerto Rico government falls for $2.6 million email scam

According to media reports, the government of Puerto Rico has lost more than $2.6 million as a result of an e-mail scam requesting a change to a bank account linked to remittance payments, leading to the transfer of money to a bank account run by scammers, in this brilliant article by Graham Cluley for Tripwire.

Read the full article here.

MGM hack exposes personal data of 10.6 million guests

This excellent BBC article details how the personal information, including names, addresses and passport numbers, of 10.6 million guests who stayed at MGM Resorts hotels was breached last summer. The hack was confirmed on Wednesday when the stolen data was posted to a forum this week.

Read the full article here.

Mac Adware Infections Increased by 400% in 2019

According to a recent report, in 2019 Mac adware attacks rose by 400 per cent compared to 2018, even with a growing number of users running antivirus software. Mitch Bowman goes on to discuss the implications of these results for Motherboard in this fascinating article.

Read the full article here.

ISS World: Hack leaves half a million employees without computers

In this excellent BBC News article, Joe Tidy explains how a cyber-attack impacted all of the international facility company ISS World’s 500,000 employees, as well as affecting its websites that have been down since 17th February, while 43,000 employees still do not have email access.

Read the full article here.

Overcoming the complexities of healthcare security

In this excellent article for the Open Access Agency, Matt Walmsley explains how security teams within the healthcare industry lack oversight and control over medical devices connected to the network and what can be done to improve this. This is the result of new research showing that 67 per cent of healthcare organisations in the United Kingdom have experienced some sort of security breaches in the last 12 months.

Read the full article here.

IRS Issues New Tax Season Warning: This Easy Step Could Prevent Data Theft

The U.S. Internal Revenue Service has issued warnings to accountants and taxpayers that critical measures must now be taken to prevent manipulation of data. Kate O’Flaherty discusses how this has occurred in the wake of nearly two dozen allegations of stolen data over the past two months as the tax season begins, in this wonderful article for Forbes.

Read the full article here.

Finding Stability in The Cloud During Uncertain Times

In this thought-provoking article for Singapore Business Review, Kevin Fitzgerald discusses how the growth of cloud technology has allowed companies to enhance their business continuity strategies, including allowing more flexible working arrangements as well as other factors.

Read the full article here.

Should you still pay for antivirus software?

In this brilliant Toms Guide article, Emily Long discusses how now that free antivirus is better than ever, particularly as Windows built-in antivirus can hold its own among the major players, but there are still a few important reasons to pay for it.

Read the full article here.

How financial services can stay secure in the cloud: A guide

In this excellent article for CloudTech, Chris Hill discusses how the introduction of cloud technology helps financial services companies to have a real chance of improving their industry from where it stands. This comes after a recent report on the financial services sector reported a 21 per cent rate of hybrid cloud adoption among financial services organisations, exceeding the global average of 18.5 per cent.

Read the full article here.

Understanding the data security threats & trends that will matter most in the compliance era

2019 saw nearly 4,000 data breaches, leaking 4.1 billion records, and a 54% and 52% rise respectively year-over-year. The data environment at the start of 2020 has not changed significantly. In this brilliant article for ITProPortal, Isaac Kohen discusses the top five risks facing organisations today.

Read the full article here.

Implementing ISO 27001 and unsure where to start? Our Assured Results Method (ARM) takes all the pain out of implementing your ISO 27001 Information Security Management System for fast and effective success regardless of your starting point. ARM offers you a realistic and pragmatic approach to your first application of the ISMS by laying the foundations for information security management success.

Cyber-warfare may be imminent, but defender power is on the rise

Companies seem to be adjusting to the new reality of continuous cyber attacks as according to a study, 31 per cent of UK companies reported having been hit by malware in 2019. In this excellent article for ITProPortal, Tom Kellermann discusses what other risks organisations should be prepared for and how to defend themselves.

Read the full article here.

‘Voatz’ e-voting app may be riddled with vulnerabilities

This interesting Engineering and Technology post explains how, since there has been a growing interest in online voting (whether by email or apps), MIT researchers have found many security flaws in the voting system used in mid-term elections in 2018 that is likely to be more commonly used in upcoming US elections.

Read the full article here.

SMBs relying on free cybersecurity tools, or none at all

Sead Fadilpašić discusses how small businesses are at serious risk of cyberattacks that could destroy their entire operation, but many remain vulnerable due to the complexity of corporate cybersecurity solutions. This is according to a new report that claims that a fifth of US and UK SMBs have no cybersecurity solution set up at all, in this wonderful post for ITProPortal.

Read the full article here.

Scottish Armed Forces veterans get retrained in cyber security

In this great article for The National, Hannah Carmichael explains how, launched on the 16th, a joint project between Skills Development Scotland, SaluteMyJob, Abertay University, IBM and tech start-up Skillzminer was launched with the goal of bridging the shortage faced by employers across the country by retraining veterans of the Scottish Armed Forces in cybersecurity.

Read the full article here.

‘Perfect 10’ Critical Security Vulnerabilities Revealed: Are You Affected?

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued new critical security vulnerabilities that are impacting Adobe, Belkin, Bosch, D-Link, Dell, Qualcomm, WordPress plugins as well as other services. Davey Winder details the eleven security vulnerabilities rated as the perfect 10 for criticality, in this excellent article for Forbes.

Read the full article here.

Cybersecurity check-in: How airports are innovating against cyberattacks, security breaches and failing tech systems

Orion Cassetto explains how even before a passenger arrives at an airport, there are many ways applications that contribute to making the experience more efficient, but they also to pose a risk to your data. They continue to explore what these threats are and how to improve your security, in this brilliant it ITProPortal article.

Read the full article here.

Is Huawei really a threat to the UK?

James Gordon discusses how the controversial decision by the United Kingdom to grant Huawei a limited role in constructing its 5G network may not be the worst decision, as security issues go beyond this and the banning of companies like this may not be the solution as well as other factors, in this fascinating article for Raconteur.

Read the full article here.

Are You Prepared for Gen 6 Cyber Attacks?

Duncan MacRae discusses how cyber-attack mechanisms have rapidly developed over the decades, making it increasingly difficult for businesses and individuals to defend themselves in the digital world as cyber criminals move faster than organisations can strengthen their defences, in this wonderful role for Digit.

Read the full article here.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.