Industry News: ESG5

2021-10-07

EIB: The European Cyber Security Organisation (ECSO) and the European Investment Advisory Hub, a joint advisory initiative of the European Investment Bank (EIB) Group and the European Commission, announced their participation in a feasibility study on the design and set-up of a European Cybersecurity Investment Platform (ECIP).

Read more...

2021-10-07

Help Net Security: The National Cybersecurity Alliance and CybSafe announced the release of a report which polled 2,000 individuals across the U.S. and UK. The report examined key cybersecurity trends, attitudes, and behaviors ahead of Cybersecurity Awareness Month this month.

Read more...

2021-10-06

The United States Department of Justice: Deputy Attorney General Lisa O. Monaco announced the creation of a National Cryptocurrency Enforcement Team (NCET), to tackle complex investigations and prosecutions of criminal misuses of cryptocurrency, particularly crimes committed by virtual currency exchanges, mixing and tumbling services, and money laundering infrastructure actors.

Read more...

2021-10-06

Yahoo Finance: The bicameral Ransom Disclosure Act, drafted by Sen. Elizabeth Warren and Rep. Deborah Ross, would mandate companies and organizations — though not individuals — to provide the U.S. Department of Homeland Security data on ransomware payments, including the amount and type of cryptocurrency demanded and the sum that was paid.

Read more...

2021-10-05

Money Marketing: Financial firms must start taking cyber security more seriously, as it is something the UK regulator is likely to get tough on, Financial Technology Research Centre founder and director Ian McKenna has warned.

Read more...

2021-10-05

Private Equity Wire: Over the past 18 months, the shift towards working from home has exposed private equity firms to a far higher threat of cyberattacks, and many have wanted to review their cybersecurity options to ensure good defences against cyber-attack, says George Ralph, Global Managing Director and CRO of business IT consultancy RFA, who specialise in cloud, data, and cybersecurity solutions.

Read more...

2021-10-04

California News Times: A Bank-backed initiative to test cyber defenses in the UK financial sector is open to financial services companies of all types and sizes on Monday with the most extensive exercises of its type.

Read more...

The target: Portpass, a private proof-of-vaccination mobile application.

The take: Exposure of potentially 650,000 records of personally identifiable information including: email addresses, names, blood types, phone numbers, birthdays, and driver's licences

The attack vector: Portpass stored user profiles on their website, accessible to the public, which exposed the above information to anyone visiting the site. This data not encrypted and was stored as plain text.

Use of industry standard authentication protocols is an integral part of maintaining a rigorous cybersecurity posture, and it is critical to employ robust practices of credential management, user authentication and validation, around all points of access, especially public facing ones, in a firm’s IT network. This breach also highlights the important of encryption as a method to improve the security of stored data, which can still protect the exposed information.

Read more...

2021-09-30

Cision: AdvIntel, a leading cybersecurity threat prevention and loss avoidance company with a unique and unparalleled ability to detect and disrupt ransomware and KPMG LLP, the global audit, tax and advisory firm, today announced an alliance around AdvIntel's "Andariel" Threat Prevention & Loss Avoidance Platform.

Read more...

2021-09-30

ZDNet: The NSA and CISA have released a detailed guide on how people and organizations should choose virtual private networks (VPN) as both nation-states and cybercriminals ramp up their exploitation of the tools amid a global shift to remote work and schooling.

Read more...