shutterstock_490960141-1

Industry News: ESG5

Mitsubishi Electric Develops Cyber Defense Technology for Connected Cars

2019-01-22

Globalbankingandfinance: Mitsubishi Electric Corporation announced that it has developed a multi-layered defense technology that protects connected vehicles from cyberattacks by strengthening their head units defense capabilities. The technology will help realize more secure vehicle systems in line with the increasing popularity of vehicles that are equipped for connection to external networks...

Read more...

Huawei Director and Polish Cybersecurity Expert Arrested Over Spying Accusations

2019-01-11

tvnz: Poland has arrested a director at the Chinese tech giant Huawei and one of its own former cybersecurity experts and charged them with spying for China, authorities said Friday. The development comes as the US is exerting pressure on its allies not to use Huawei, the world's biggest maker of telecommunications network equipment, over data security concerns...

Read more...

Davos Leaders Urge India, US to Join Coalition Against Cyber Threats

2019-01-24

BusinessLine: Emphasising that cybersecurity is crucial to keep the world safe, global leaders have urged India and the US to join an international coalition against cyber threats. “The world’s biggest democracy needs to stand with the world’s other great democratic nations. The world needs India,” Microsoft’s President and Chief Legal Officer Bradford L Smith said here at the World Economic Forum Annual Meeting 2019...

Read more...

Business Failing to See Strategic Value of Cyber Security

2019-01-24

ComputerWeekly: UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed...

Read more...

Mergers & Acquisitions: Privacy and Security Considerations

2019-01-22

BankInfoSecurity: How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into the various cybersecurity, data breach and compliance issues that can potentially doom a business deal...

Read more...

Cyber Threats for Oil and Gas

2019-01-24

IOT: Hackers always try to target sectors which have weak cybersecurity shields. Since enterprises like banks, insurance companies and airways are fully aware of consequences of a small cyber breach. They have learned great lessons in past decades and have an understanding that cyber security is their ultimate responsibility. Hackers are also fully aware of this, so they have turned to easier targets, and one potential client for them are oil and gas companies...

Read more...

Why Cyber-Security Should Be Top Priority For Banks That Want to Rehabilitate Their Reputations

2019-01-23

CSOAre cyber-attacks an inevitability in the financial services industry, given the wealth of personal data – and funds – entrusted to the keeping of banks, insurers and other players in the sector? Management consultancy PwC thinks so. Its Top Financial Services Issues of 2018 Report divided financial services organisations into two categories – those that have faced a cyber-attack and those that will... 

Read more...

Know Your Breach: BlackRock

The target: Investment Management firm BlackRock.

The take: Three separate spreadsheets, containing names, e-mail addresses, and assets invested in iShares ETFs for about 20,000 financial advisers.

The attack vector: The spreadsheets were accidentally made publicly available on the firm’s website for more than a month, prompting concerns that if harvested, the data could be a goldmine for phishing campaigns and targeted attacks.

Read more...

Know Your Breach: U.S. Securities and Exchange Commission

The target: The SEC's EDGAR filing system

The take: Nonpublic 'test filings' containing earning results and other material data were obtained and used to make profitable securities trades before the information was publicized. Seven individuals and two organizations were recently charged by the SEC in connection with the hack and are reported to have profited to the tune of $4.1M from the scheme.

The attack vector: An undisclosed software vulnerability reportedly allowed attackers to bypass the system's authentication controls.

Find out more...

Cybercrime Could Cost Companies US$5.2 Trillion Over Next Five Years

 2019-01-17

Business Wire:  Companies globally could incur US$5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to a new report from Accenture.

Read more...

Fake BBC News Page Used to Promote Bitcoin-Themed Scheme

 2019-01-17

BBC: The spoof page references a Bitcoin-themed documentary broadcast by Panorama last year, but links on the page direct visitors to a site promising to make them a millionaire. Reports indicate that the fake page is being spread via emails sent from hacked accounts. A spokesman for the BBC said it is looking into how best to respond.

Read more...

How To Find Out If Your Email Was One of The 773 Million Exposed In Massive Data Breach

 2019-01-17

Fortune: Security experts have discovered what very well could be one of the largest data breach of all time, a collection of 772,904,991 unique emails and 21,222,975 unique passwords. Called “Collection #1,” the breach was initially reported by Troy Hunt and seemingly comes from many different sources, not a single corporate entity. And it’s an especially dangerous one as he says it creates 1.16 billion “unique combinations of email addresses and passwords”...

Read more...

Cybersecurity Market Worth Over $300bn By 2024: Global Market Insights, Inc.

2019-01-16

PR Newswire: The cybersecurity market is expected to grow from USD 120 billion in 2017 to USD 300 billion by 2024, according to a 2019 Global Market Insights, Inc. report. The market is propelled by the increasing need among enterprises to minimize security risks. As enterprises are rapidly embracing cloud platforms and other networking technologies, they are becoming more vulnerable to various cyber-attacks. The average expenditure on cybercrime has increased significantly....

Read more...

Venture Capital Funding of Cybersecurity Firms Hit Record High in 2018

2019-01-17 

Reuters: Venture capital investments in cybersecurity firms hit a record high last year amid a surge in cyber crime over the last few years, according to a report released on Thursday by U.S.-based Strategic Cyber Ventures. Total venture capital funding in the space totaled $5.3 billion in 2018, up 20 percent from $4.4 billion seen in 2017...

Read more... 

Richey May Launches Cybersecurity Services to Protect Hedge Fund From Malicious Attacks

2019-01-17 

Hedge Week: The program includes an initial maturity assessment, which is designed to cost-effectively assess a fund’s current posture related to information security and privacy. A report is delivered to fund management that highlights risk areas and gaps identified during the assessment, as well as recommendations for addressing and mitigating key risks through the use of technology, enhancements to policies and procedures, and training...

Read more...

US Shutdown Plays into Hackers’ Hands

2019-01-11

infosecurity-magazine: More than 80 US government websites are currently operating with expired SSL certificates, and that number will only grow the longer the situation drags on, resulting either in a completely inaccessible services (if security features are correctly implemented) or opening up the possibility of man-in-the-middle attacks as individuals attempt to access web-based service portals...

Read more...

Know Your Breach: Germany

The target: The German Government. 

The take: The personal data of hundreds of politicians in Germany were exposed. The hacked data includes contacts’ email addresses, private chats, mobile numbers, photographs and credit card details, which were all published on Twitter.

The attack vector: The prime suspect in the case indicated that he had acted alone, and it is believed he would not have been able to obtain the personal data had it not been for his target's use of weak passwords on their personal accounts.

Find out more...

EU Eyes Tougher Scrutiny of China Cyber Security Risks

2019-01

FT:  The EU is looking to toughen scrutiny of potential security risks with Chinese technology companies in the wake of growing concerns about cyber theft and cyber espionage allegedly linked to Beijing. Brussels wants to step up efforts to map Chinese electronic infrastructure in the bloc, after pressure from Washington and growing unease in capitals from Berlin to Tokyo.

Read more...

Cybersecurity Put Under Investor Microscope

Pensions and investments: Institutional investors are increasingly checking the data security practices of their service providers to make sure their data doesn't fall into the wrong hands, as is the case with the $57.1 billion Los Angeles County Employees Retirement Association, Pasadena, Calif., which is examining its relationship with its Boston-based custodian State Street Bank and Trust Co. after it experienced three documented data security incidents last year, board meeting documents reveal...

Read more...

Law Firm Duped out of €97,000 in Cyber Scam

2019-01-08 

Irish IndependentA law firm transferred €97,000 to cyber criminals after its email system was hacked. The fraud occurred after an email sent by a solicitor to the firm's bookkeeper, containing instructions for the making of a payment, was intercepted and bank account details were changed. Details of the attack...

Read more...

Emergency Text and Email Service Hacked, Thousands Receive Warning Messages About Their Personal Data

 2019-01-07

ABC (Australia): A hacker has been able to send messages via text, email, and landline to tens of thousands of people across Australia after an emergency warning alert service, used by councils, was hacked. The message sent from the Early Warning Network on Friday night warned "EWN has been hacked. Your personal data is not safe. Trying to fix the security issues"...

Read more...

Sebi Brings Cybersecurity Framework for Mutual Funds and AMCs

2019-01-10 

Economic Times: Markets regulator Sebi Thursday put in place a robust and stricter cybersecurity framework for mutual funds and asset management companies (AMCs) to guard against breaches of data leak...

Read more... 

A Look Back at The Israeli Cyber Security Industry in 2018

2019-01-06

Tech Crunch: The Israeli cybersecurity industry has long been recognized as a hotbed for innovative solutions, and 2018 to be yet another strong year. Early stage companies raised more money than ever before to tackle emerging security threats like protecting the proliferating number of internet-connected devices and enabling blockchain technologies to thrive in more secure environments.

Read more...

Prepare for the New Royal Wedding of IT: AI and Cyber Security

2018-12-24

Information-age: Phishing, cyber bots, multi-cloud strategies, zero trust, diversity in cyber and blockchain and cyber: we are set to enter a tumultuous period for cyber crime: but AI and cyber security will become the partnership that both cyber security and cyber criminals will put their faith in...

Read more...

Know Your Breach: Starwood / Marriott

The target: The reservation database for Marriott hotel chain’s recently acquired Starwood subsidiary was compromised from 2014 until September of 2018.

The take: 170 million customers had only names, addresses & e-mail addresses stolen, while 327 million more lost some combination of name, home address, e-mail, date of birth, gender, and passport numbers. Marriott have confirmed that over 5 million unencrypted passport numbers were accessed by attackers.

The attack vector: It is suspected that the merging of information systems after the Starwood acquisition created the vulnerabilities that were exploited by suspected state actors. Marriott hotels are often the preferred hotel of US government and military officials.

Find out more...

Cyber Attack Hits U.S. Newspaper Distribution

2018-12-29

Reuters: A cyber attack caused major printing and delivery disruptions at the Los Angeles Times and other major U.S. newspapers, including ones owned by Tribune Publishing Co (TPCO.O) such as the Chicago Tribune and Baltimore Sun.

Read more...

Are Financial Planners Taking Cybersecurity Precautions?

The Globe and Mail: Cybersecurity is top of mind for Canadian financial planners as firms adapt to evolving threats from hackers, phishers and ransomers.

While the financial services industry has long been a target, cyberattacks are growing more sophisticated and frequent. Last year, Statistics Canada reported more than one-fifth of Canadian businesses experienced a cybersecurity incident that impacted their operations.

Read more...

Central Bank Ups Ante on Outsourcing as Risks Mount

2018-11-19

The Irish Times: The Central Bank plans to pile pressure on financial institutions to get to grips with mounting cybersecurity, Brexit and other risks related to their outsourcing arrangements, as it found in a survey that many boards have little understanding how others manage these crucial functions.

Read more...

New Research from eSentire Finds Only 30 Percent of Firms are Confident They Can Avoid a Major Security Event in the Next Two Years

2018-11-14

Financial Post: eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, today unveiled Cybersecurity FutureWatch 2018, a new research report that explores security evolution and maturity amid emerging technology adoption and evolving business needs. The report, which is based on a survey of more than 1,250 senior executives, management and security practitioners in the U.S., U.K. and Canada, found that only 30 percent of respondents are confident their business will avoid a major security event in the coming two years and 60 percent believe an attack will hit in the next few years.

Japan's Cybersecurity Minister Admits he has Never Used a Computer

2018-11-15

The Telegraph: The Japanese minister for cyber security was accused of making a mockery of his new role after he admitted he has never used a computer.

Yoshitaka Sakurada, 68, faced a wall of laughter from fellow legislators when he made the admission in a car-crash response to questioning in parliament.

Read more...