Safely move on from COVID-19

ISMS.online News Roundup – 9th April 2020

Welcome

NHS at risk of a big cyber attack; demands for a single EU Coronavirus monitoring app; Zoom criticised for security issues; half of US workers don’t know what to do in a Ransomware attack; and much more in this week’s edition of ISMS.online’s Information and Cyber Security News Roundup!

NHS at risk of major cyber attack while it deals with coronavirus, experts warn

In this brilliant article for the Independent, Andrew Griffin explains how experts for the Chatham House think tank cautioned that the NHS is at risk of a significant cyberattack as it battles against the coronavirus outbreak. This is because the health service is stretched to a breaking point and needs additional resources to ensure that it can stay safe from any potentially catastrophic hack.

Read the full article here.

Coronavirus: Call for single EU tracking app with data protection

As countries are creating surveillance apps to avoid the spread of COVID-19, privacy advocates for Europe’s Data Protection Watchdog have called for a single coronavirus app to be used in the EU to minimise possible data privacy issues that such applications can cause in this fantastic report for BBC News.

Read the full article here.

The Need for Enhanced Risk-Based Information Security Policies with a Remote Workforce

Since some time, organisations such as NIST have acknowledged that a one size fits all strategy is not realistic from an information security point of view and have advised businesses to adopt a risk-based approach. In this fascinating article for JDSupra, Kevin Pomfret discusses how remote workers pose information security threats, as well as suggestions for steps that you can put in place to preserve your security.

Read the full article here.

Nearly Half of Employees Don’t Know What to Do When Ransomware Hits

David Bisson explains how a recent survey of North American business employees found that 45 per cent of respondents, in general, did not know the best steps to take in response to a ransomware attack in this excellent TripWire post.

Read the full article here.

Innovation Within Financial Services Starts With Data

Services such as mobile banking and application-based finance platforms provide a wide range of opportunities for the financial services industry to gain the upper hand in a competitive environment. Mark Walker discusses how these innovation initiatives are often faced with a number of security challenges, particularly as companies face persistent resource and regulatory constraints in this incredible article for the Fintech Times.

Read the full article here.

How vulnerable is digital health amid the coronavirus crisis?

While today’s increasingly advanced medical tools are making significant advances in treatment, the Internet of Medical Things (IoMT) is also paving the way for new cyber-attack vectors. In this superb article for Med-Tech News, Natali Tshuv discusses the threats posed to digital health in the middle of the Coronavirus crisis.

Read the full article here.

COVID-19 and The California Consumer Privacy Act (CCPA)

In this excellent article for JDSurpra, Sarah Anand and Aloke Chakravarty explain how the California Attorney General’s Office should not postpone the application of the CCPA in the event of a pandemic. It comes after the implementation of the CCPA began this week as the regulations is finalised.

Read the full article here.

Remote working has increased risk of a cyber breach, say businesses

According to new data, 71% of business leaders believe that shifting to remote work throughout the Covid-19 crisis has increased the risk of a cyberattack, in this insightful article for SME Web

Read the full article here.

Employee error the most significant threat to data security

In this marvellous article for ITProPortal, Sead Fadilpašić discusses the results of the 15th annual Global Encryption Trends Study. These include how 54 per cent of business leaders have fears about accidental insider attacks, compared with just 29 per cent worried about hacking.

Read the full article here.

How crucial is security to the future of 5G?

Although mobile operators have been advocating for 5G over the past few years, many unknowns remain as to how 5G will operate in practice and how new security risks will arise as a result of 5G adoption. Through this excellent article for ITProPortal, Pradeep Bhardwaj discusses how to imagine a 5G future; businesses need to take action to ensure the security of their data and network.

Read the full article here.

ICO statement on investigating coronavirus scams

The ICO also made a statement about how it wants to assist companies keen to keep in contact with consumers during the Covid-19 pandemic by helping businesses use people’s data wisely while attempting to meet new and existing consumers and staying in line with data protection standards.

Read the full article here.

NCSC IT: There’s confidence and then there’s SaaS

The NCSC has released this superb blog post praising SaaS vendors who are contributing to their cloud security principles, and how best you can ensure that the service you use is fully secure.

Read the full article here.

Implementing ISO 27001 for the first time? It’s easy to get overwhelmed, so get an extra helping hand with our Virtual Coach!
Virtual Coach has been put together to help you work at the pace you want, building your confidence and capability. It can make all the difference between success and failure.

 

A Cyber Approach To Coronavirus Containment

In this excellent article for InformationSecurityBuzz, Zohar Rozenberg discusses what insights can be gained by reviewing how we handle cybersecurity and extending it to an anti-coronavirus strategy.

Read the full article here.

Incident Of The Week: Finastra’s Ransomware Attack

Finastra, the world’s third-largest FinTech bank with about 9,000 customers in 130 countries, reported last Friday that it had discovered a ransomware attack on its servers. Within this interesting piece for CyberSecurityHub, Leah Zitter explains how Finastra responded to this, as well as the takeaways from this incident.

Read the full article here.

Automotive Cybersecurity Hacks Made Easy

In this insightful article for DesignNews, John Blyler discusses how low-tech criminals can still hack car key fobs with ease to get hardware software and how poorly designed on-board diagnostic protocol policies make this possible.

Read the full article here.

Viewpoint: Privacy, cybersecurity support essential for small businesses during coronavirus pandemic

Many small business employees are now working remotely, so ensuring that company systems are protected depends on the safety of employees ‘own devices. In this fantastic article for the Washington Business Journal, Stuart N. Brotman explores the challenges of this.

Read the full article here.

iPhone Camera Hacked: Three Zero-Days Used In $75,000 Attack Chain

An ethical hacker found several zero-day vulnerabilities that allowed iPhone cameras to be hacked as part of an Apple bug bounty programme. Through this excellent article for Forbes, Davey Winder discusses how they did so and what happened after the vulnerabilities were found.

Read the full article here.

Zoom under fire for cybersecurity issues

In this excellent piece for Beckers Hospital Review, Mackenzie Garrity examines how the popular Zoom video conferencing platform is struggling to handle the rapid influx of users and privacy concerns as the COVID-19 pandemic pushes more people to work remotely.

Read the full article here.

As video meetings get ‘Zoombombed,’ NFL teams are anxious about hackers and cybersecurity at online draft

As the COVID-19 pandemic drives this month’s NFL draft into a virtual space, teams are searching for a forum that not only offers secure communications during this cycle but also guarantees that meetings are impenetrable. In this brilliant article for Yahoo! Sport, Charles Robinson discusses how the NFL has decided to not use Zoom for this process following an FBI advisory warning on the platform.

Read the full article here.

37% of Businesses Expect to Grow by Investing in Cybersecurity

This great article for AIthority outlines the findings of a recent study that surveyed more than 300 advisors about their company’s investment decisions as well as their views on the economy, the priorities of their business and the overall market environment in which they work.

Read the full article here.

Three Effective Cybersecurity Rules To Live By

Zack Schuler argues that you should view cybersecurity with the same level of emphasis and seriousness as all other forms of security. In this superb article for Forbes, Schuler sets out three principles that cybersecurity professionals live by and consider how they can be applied to your business.

Read the full article here.

Keeping Your Cybersecurity Strategy Agile And Dynamic

Cybercrime has snowballed in the last five years to become sophisticated, creative and organised, posing a significant risk to both government and business. In this outstanding article for Forbes, Kumar Ritesh examines how business and cybersecurity leaders can keep their strategy agile and cybersecurity reliable.

Read the full article here.

This Week in Tweets

Here are our top tweets of this week from the #infosec and #cybersecurity twitterverse.

Want To Receive Up-To-Date Articles, Help Materials And Infosec News?

Subscribe to our mailing list to stay informed about all of our latest updates and articles.

GET IN TOUCH

Phone:   +44 (0)1273 041140
Email:    enquiries@isms.online