.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Help Net Security: Research finds that when one company experiences a cybersecurity breach, other companies in the same field also become less attractive to investors. However, companies that are open about their cybersecurity risk management fare significantly better than peers that don’t disclose their cybersecurity efforts.
The target: SingHealth, Singapore’s largest group of healthcare organizations.
The take: 1.5 million patient records which included: names, prescriptions, medical records, government registration numbers, addresses and dates of birth.
The attack vector: The source of the breach according to early reports was a phishing campaign, however, security researcher’s leading hypothesis was that the attack originated through SingHealth’s failure to keep their software updated. The company used an open source penetration testing application called Ruler. However, they ignored an available patch for Ruler which addressed a known vulnerability, and which led to the hackers gaining access.
Regular and rigorous attention to security updates must be applied to ensure maximum safety of a company’s IT systems – especially where it pertains to tools used to assess the security of internal systems and the effectiveness of technical controls.
Barron's: Wilson would grow up to lead first the National Security Agency’s counterterrorism mission, and later its cyber-exploitation mission. Currently Morgan Stanley Wealth Management’s cybersecurity chief, Wilson talks with Barron’s Advisor about how fraudsters are trying to gain an edge in data theft and how advisors can stay a step ahead. And she reveals how a bunch of cybercriminals “in a basement somewhere in Tehran” drew her to Wall Street.
Independent.IE: Chinese hackers with a history of state-sponsored espionage have intercepted the text messages of thousands of foreigners in a targeted campaign that planted eavesdropping software on a telecommunications provider’s servers, a cybersecurity firm has said.
Global News Wire: Willis Towers Watson (NASDAQ: WLTW), a leading global advisory, broking and solutions company, has launched three new cyber insurance policies for clients across the U.S., Canada, the U.K. and Western Europe. The policies provide innovative, tailored solutions for large enterprise and mid-market clients, enabling them to fully assess, protect and recover losses related to cyber risk.
Tech Crunch: There are two types of enterprise startups: those that create value and those that protect value. Cybersecurity is most definitely part of the latter group, and as a vertical, it has sprawled the past few years as the scale of attacks on companies, organizations, and governments has continuously expanded.
Reuters: A cyber attack on Asian ports could cost as much as $110 billion, or half the total global loss from natural catastrophes in 2018, a Lloyd’s of London-backed report said.
Dark Reading: According to its annual "State of Enterprise Risk Management" report, ISACA found that 29% of the 4,625 risk managers polled identify cybersecurity at the top threat to their business, while 15% consider reputational risks and 13% name financial dangers as most critical...
ZDNet: In total, roughly three million records were exposed, revealing the names, telephone numbers, email addresses, and cities where clients were registered.
The target: Imperva, cyber-security firm based out of California.
The take: A complete copy of their customer information database.
The attack vector: Imperva uploaded a snapshot of its customer database for testing. However, in an unrelated incident, they left one of their internal systems publicly accessible on the internet from which the attacker stole key to the recently uploaded database. Using the key, the hacker was able to download a copy of the customer information.
After Imperva adopted cloud technologies to scale their infrastructure to meet increasing needs, they failed to account for the increased risk of this strategy. Cyber-security diligence applies at all levels of scale including times of expansion and investment in new technology.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy