.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
Yahoo Finance: According to Cybersecurity Ventures, global cybercrime will reach $10.5 trillion annually by 2025. Tackling this issue requires investment, and the report forecasts that cybersecurity revenues will reach $344 billion worldwide by 2030.
The Target: Samsung, a South Korea based technology company.
The Take: Exposure of internal company documents including: meeting notes and sensitive source code.
The Vector: Samsung employees uploaded sensitive information to ChatGPT, an A.I chat service. ChatGPT takes information provided by users to better answer further questions in the future, and as such, the data uploaded will be provided to third-parties at any time without any controls or user authorization.
This breach is a unique insight into how rapidly the A.I development is proceeding. It is critical that employees be aware of what such services are, and the risks involved. External services like ChatGPT takes information inputted with absolutely no accountability or oversight. Any data sent in this way can be considered open to the public.
Bleeping Computer: March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022.
FundsTech: Global watchdog for the financial services sector, the Financial Stability Board (FSB), has called for greater convergence in the reporting of cyber incidents.
The Guardian: China poses an “epoch-defining” challenge to the west, the head of the National Cyber Security Centre (NCSC) is reportedly to warn. Lindy Cameron, who is the director of the GCHQ arm, will use a speech in Belfast this week to warn the UK and allies of the “dramatic rise of China as a technology superpower”.
US News: The European Commission on Tuesday announced a 1.1-billion-euro ($1.2 billion) plan to counter growing cybersecurity threats, underscoring mounting concerns about a series of high-profile hacking incidents.
Coingeek: The current draft of the United Nations Cybercrime Treaty will require digital asset companies to implement comprehensive surveillance systems, turn over financial information to governments, and restrict access to unregulated decentralized finance (DeFi).
The National Law Review: On March 15, 2023, the SEC reopened the comment period on proposed rules and amendments related to cybersecurity risk management and cybersecurity-related disclosure for registered investment advisers, registered investment companies and business development companies that were proposed on February 9, 2022.
Forbes: As the number of cyber attacks rises, understanding and assessing cybersecurity measures has become critical. Unfortunately, many companies are still ill-prepared to handle the threat.
The Target: NorthOne Bank, a financial technology company based in the United States.
The Take: Exposure of over 1 million financial records of Personally Identifiable Information including: names, email addresses, physical addresses, phone numbers, amounts paid, due date, and some tax information.
The Vector: A misconfigured database was left open and unsecured with no password, meaning anyone with an internet connection could have viewed and downloaded the PDF documents.
This shows how important authentication controls are and that they be purposefully and smartly deployed with security in mind. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy