Get beyond Covid-19 secure with our path to certainty

ISMS.online News Roundup – 30th April 2020

Welcome

Why data protection in healthcare matters; Cybersecurity staff repurposed despite a rise in attacks; NHS opts for a centralised contact-tracing app; 66% of Remote Staff in the UK lack cybersecurity training; and much more in this week’s edition of ISMS.online’s Information and Cybersecurity News Roundup.

Why effective data protection in healthcare matters

Despite the COVID-19 pandemic data protection for healthcare organisations is still extremely important because there is a vital need to concentrate on protecting information to keep patient information, crucial research, and processes secure and operational. In this excellent article for ITProPortal, Martin Sugden discusses five steps to look at while enforcing successful data security.

Read the full article here.

Cybersecurity professionals are being repurposed during the pandemic

In this fantastic article for ITPro, Sabina Weston explains how a new study found that 47 per cent of security professionals have been reassigned from some or all of their usual duties during the coronavirus pandemic. The research comes as professionals assist workers with certain IT-related activities, such as supplying them with the appropriate equipment to operate from home, even as the number of cybersecurity incidents in some organisations has doubled.

Read the full article here.

Microsoft Teams Patches Flaw to Stop GIF-Based Attacks

PC Mag’s Michael Kan discusses in this fascinating article how researchers used an internet meme to steal user data from users on Microsoft Teams, including messages sent over the platform, and Microsoft has since patched the bug.

Read the full article here.

New Decade, New Identity Verification and Authentication Methods.

In this wonderful article for The Fintech Times, Robert Prigge discusses how ongoing data breaches continue to reveal personal information – like usernames, passwords, payment details, and health records – on the dark web, enabling fraudsters to log in to user accounts and commit account takeover fraud.

Read the full article here.

How the C-suite can fight cybercrime

In this brilliant article for Raconteur, Davey Winder discusses how in an age where cyber threats are continually changing, and all business leaders have to be security experts, what role should each C-suite member play in protecting the company.

Read the full article here.

What is the Cyber Essentials Certification and How Can it Help Your Business?

Neil Harvey details everything you need to know about the UK Cyber Essentials scheme, in this marvellous article for Tripwire, released in 2014 to help organisations adopt good information security practises. Harvey details the standard’s history, benefits, inspections and how to get certified.

Read the full article here.

NHS opts for centralised contact-tracing app

This fantastic Engineering and Technology article explains how the NHSX is planning a contact-tracing coronavirus app that uses a different system to the decentralised, power-efficient platform being built by Apple and Google with the help of many of UK’s European neighbours.

Read the full article here.

Zoom surprise: New report says it’s actually safer than FaceTime

Henry T. Casey discusses how, according to a recent study, Zoom meets the same security requirements as other virtual meeting services, such as Google’s Hangouts apps and Skype, and also scores higher than Apple’s FaceTime, in this excellent article for Tom’s Guide.

Read the full article here.

Is the future of information security and tech conferences virtual?

The COVID-19 pandemic has brought many changes to our lives, including the transition to remote work and the inability to attend in-person meetings, industry-specific conferences, events and conventions. Zeljka Zorz discusses the future of events, in this informative article for HelpNetSecurity, and also offers tips for shifting to a virtual space.

Read the full article here.

WHO urges caution after emails, passwords stolen

In this superb SecurityBrief post, Sara Barker discusses how the WHO has released a global call for caution as it reveals a dramatic rise in cyber attacks aimed at its employees and phishing scams against the general public. This statement came after about 450 actives WHO email addresses and passwords were leaked on the internet.

Read the full article here.

Are you looking to improve your organisations Business Continuity Management? Having an ISO 22301 compliant BCMS demonstrates to stakeholders that your business continuity capability is appropriate to the scale and scope of your organisation. Business continuity is also an integral part of an Information Security Management System, particularly if you are already working to achieve ISO 27001 certification.

Pull together all your ISO 22301 and BCMS work in one place with ISMS.online’s pre-populated ISO 22301 add-on and range of Business Continuity Management tools. It couldn’t be easier to combine the work you already have done for your ISO 27001 certification project and expand on it, as well as making it possible to do a stand-alone BCMS. 

170 cybersecurity experts warn that British government’s contact tracing app could be used to surveil people even after coronavirus has gone

In this thought-provoking article for Business Insider Australia, Isobel Asher Hamilton explains how the UK revealed this week that it was foregoing Apple and Google’s contact-tracing API to build its app, which will centrally process user data. Still, experts warn that this might create a database that could then be used to de-anonymize users.

Read the full article here.

Statement in response to details about an NHSX contact tracing app to help deal with the COVID-19 pandemic

Since the announcement of the contact tracing app by NHSX, opinions have been voiced of the protection of personal data and the potential use of the app after COIV-19. In response to these concerns, the ICO has released a statement on this matter.

Read the full article here.

Your Cybersecurity Spring-Cleaning Checklist

Tidying up your digital space for businesses means doing a virtual review of the security procedures of your website and company. Still, it can be easy to overlook certain vital aspects. Neill Feather offers a detailed guide for completing a cybersecurity spring-cleaning this spring in this excellent article for Inc.

Read the full article here.

Cybersecurity Amid The Pandemic: Protect The Crown Jewels

COVID-19 has turned the world inside out in many ways, and many businesses have struggled to adapt to the remoteness of their workforce. Craig S. Smith discusses in this excellent article for Forbes how customers and chief security officials respectively need to become aware of the elevated threat.

Read the full article here.

Autonomous cars: The cybersecurity issues facing the industry

While Tesla and Google are paving the way for autonomous vehicles to become a new norm over the last decade, other manufacturers will slowly be joining them. Although this is going to re-shape the transport industry, concerns still present themselves when it comes to security. Michael Aminzade writes this article for Verdict, exploring the areas which can affect this technology as things progress.

Read the full article here.

66% of Remote Workers in the U.K. Lack Cybersecurity Training: Research

This brilliant CISOMag article explains how, as the boom in remote work has brought a new wave of cyberattacks targeting these workers, new research has revealed that 66 per cent of remote employees in the UK have not been trained in cybersecurity in the past 12 months. However, 77 per cent said they are not worried about safety, although working remotely.

Read the full article here.

Five ways our approach to cybersecurity could change post COVID-19

With COVID-19 forcing many businesses into remote working, employers and employees have to adapt quickly and become reliant on digital and cloud-based technologies to work more effectively. This raises an interesting question, what can you learn that will influence your work when social distancing measures come to an end? Mark Jones for TechHQ writes an informative piece on what some of these new lessons may be.

Read the full article here.

Huawei CSO on 5G Cybersecurity

In a video interview with Tom Field for Bank Info Security, the CSO for Huawei Technologies Canada, Olivera Zatezalo, speaks about the deployment of 5G, the impact of the current pandemic and their role in addressing cybersecurity concerns.

Read the full article here.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.