ISMS.online News Roundup – 26th March 2020

Welcome

Infosec professionals volunteer to secure medical institutions during the COVID-19 crisis; cyber security guidelines for remote work; hackers target WHO as cyber attacks spike; hospital IT workers deemed essential; and more in this week’s edition of ISMS.online’s Information and Cybersecurity News Roundup!

All hands on deck: Infosec volunteers to protect medical organizations during COVID-19 crisis

In this brilliant article for CyberScoop, Sean Lyngaas explains how information security experts are stepping up to volunteer their time to prevent cyber criminals from targeting hospitals and other medical organisations through exploiting fears surrounding the COVID-19 crisis.

Read the full article here.

Cyber security guidance for remote working

As more and more of us work from home, the potential for cyber attacks is too. in this wonderful post for TechSpark, Geraint Evans offers tips on how to follow good cyber security practices when working from home, including only operating on secure networks and enabling multi-factor authentication.

Read the full article here.

Can your server keep a secret?

Chris Edwards explores how cloud technology has allowed for rapid innovation as it allows for software engineers to be able to update and patch any faults with the system in the fraction of the time in comparison to silicon, in this fascinating article for Engineering and Technology.

Read the full article here.

Infosec Industry Shows Compassionate Side Amid #COVID19 Pandemic

The current pandemic has brought about an unprecedent impact on lives around the world, while remote working has also brought fresh challenges to organisations that have never done so before. Coupled with increasing threats to cybersecurity, there is a lot of uncertainty. Michael Hill from Information Security Magazine writes about the response from companies involved in infosec, highlighting their offer to help others in such a difficult time.

Read the full article here.

COVID-19: Getting Ready for the Next Business Continuity Challenge

Steve Winterfeld discusses how business continuity planning helps companies to prepare for emergencies, such as coping with a large portion of the workforce getting sick at the same time, so that you can remain in business as usual, in this interesting article for DarkReading.

Read the full article here.

4 ways to fight back against coronavirus phishing and malware attacks

With every major news story, comes an opportunity to exploit it. With the widespread media coverage of the Coronavirus, malicious attacks are making their way into inboxes and phone messages as a means to capture victims. As per usual, businesses are affected while malware scams wreak havoc. Will LaSala for Techradar offers some advice to mitigate the impact.

Read the full article here.

The Shield: the open source Israeli Government app which warns of Coronavirus exposure

In this fantastic blog post, Graham Cluley discusses how the Israeli Ministry of Health published a mobile app on Sunday in an effort to evaluate whether the user might have been exposed to the COVID-19 virus by taking location data from user phones as well as exploring the privacy implications of this.

Read the full article here.

Elite hackers target WHO as coronavirus cyberattacks spike

Senior agency officials for the World Health Organisation have detailed to Reuters that they have experienced a more than two-fold increase in cyberattacks this month in the light of this pandemic, as elite hackers try to exploit this crisis by hacking into their systems.

Read the full article here.

Coronavirus: Under surveillance and confined at home in Taiwan

In this fascinating article for BBC News, Milo Hsieh describes his experience with phone surveillance in Taiwan. This article raises interesting points about whether it is ethical to violate an individuals information privacy rights in order to prevent the spread of the coronavirus.

Read the full article here.

Tech Giant GE Discloses Data Breach – Experts Reaction

General Electric have disclosed that the personally identifiable information of current and former employees was exposed in a security incident experienced by one of its service providers. In this fascinating article for InformationSecurityBuzz experts comment on the impacts of this as well as what should have been done to prevent this.

Read the full article here.

Are you looking to improve your organisations Business Continuity Management? Having an ISO 22301 compliant BCMS demonstrates to stakeholders that your business continuity capability is appropriate to the scale and scope of your organisation. Business continuity is also an integral part of an Information Security Management System, particularly if you are already working to achieve ISO 27001 certification.

Pull together all your ISO 22301 and BCMS work in one place with ISMS.online’s pre-populated ISO 22301 add-on and range of Business Continuity Management tools. It couldn’t be easier to combine the work you already have done for your ISO 27001 certification project and expand on it, as well as making it possible to do a stand-alone BCMS.

Is the CIO’s focus on cybersecurity stalling innovation?

Digital innovation and cyber security are intertwined, yet there has been a emphasis put onto cyber security by CIOs. In this wonderful article for Tech HQ, Jia Jen Low argues that attention should not be paid to one without considering the other.

Read the full article here.

With cyberattacks becoming more common security now needs to take priority

In the past 12 months, several sectors have put growing focus on digital innovation, but cybersecurity threats that took place in 2019 have made businesses reconsider their security strategies. In this excellent ITProPortal article, Ross Penman discusses what companies can do to improve their security?

Read the full article here.

5 key takeaways from the recent RSA Conference

At the end of February, 36,000 security experts came to San Francisco for the 29th annual RSA Conference (RSAC), making it one of the most popular annual meetings for online security. Sam Bocetta details the key themes of the event, in this superb article for SecurityInfoWatch.

Read the full article here.

Macy’s Faces Class Action Lawsuit After October Data Breach

A data breach case against Macy’s has been brought before federal courts. In this wonderful article on LawStreet, Emily Ashcraft details how the complaint claims a breach of data security had taken place at the beginning of October last year, during which hackers stole personal consumer information from Macy’s website as well as the response from the retailer itself.

Read the full article here.

6 best cybersecurity practices for your business

This fantastic article by AZ Big Media offers 6 of the best cybersecurity strategies that you can put in place to prevent becoming a target, as the number of cyber crimes that have been found in the business world has risen, as well as the major financial threat they present to your company.

Read the full article here.

Hospital IT staff considered ‘essential’ by Department of Homeland Security

With health services across the globe in need of as much support as possible as a result of Covid-19, the Trump administration has declared hospital IT staff as “essential employees”, with guidance stating that work can be carried out remotely. Mackenzie Garrity for Beckers Hospital Review, provides the full story.

Read the full article here.

Cybersecurity Crisis Management During the Coronavirus Pandemic

In this outstanding article for IoT World Today, Brian Buntz discusses how the coronavirus pandemic is the first time that a biological virus has had a major effect on the security industry, as cyber criminals will target weaknesses in the technology defences of medical facilities, homes and factories.

Read the full article here.

Understanding the Impact of the Skills Gap on the Infosec Market

In this terrific episode of Tripwire’s Talking Cybersecurity podcast, Tim Erlin talks to Anthony Israel-Davis and Onyeka Jones on the cybersecurity skill gap that is effecting many organisations, as well as exploring the history of this issue and what the industry is doing to combat this.

Read the full article here.

This Week in Tweets

Here are our top tweets of this week from the #infosec and #cybersecurity twitterverse.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.