Amanda M Rossetti

Banks cite cyber security and outsourcing as operational risk concerns grow

November 28, 2017 by Amanda M Rossetti 2 Comments

Research from the European Banking Authority (EBA) says that the majority of EU banks believe their operational risks will increase. Many of them are pointing to to cyber risks and data security to explain why they believe this. Another large contributor they point to is outsourcing, but I wonder if these are really the same reason. Many large breaches have come from someone getting into a vendor and then making their way into the company’s systems.

https://www.finextra.com/newsarticle/31379/banks-cite-cyber-security-and-outsourcing-as-operational-risk-concerns-grow

Accenture latest firm caught with lax cybersecurity

November 7, 2017 by Amanda M Rossetti 2 Comments

https://www.consultancy.uk/news/14433/accenture-latest-firm-caught-with-lax-cybersecurity

On the heels Deloitte’s security vulnerability coming to light another company large in the cyber security space reportedly suffers from lax cyber security themselves. The article explains that Accenture had a large cache of sensitive information on their cloud stage without it being password protection. It is believed that the information is now secure without incident but I think it is probably too soon to be sure that it wasn’t accessed by someone with malicious intent. Like with Deloitte, it draws into question Accenture’s credibility in that they recommend to their clients best cyber security practices but fail to follow them themselves.

EU to Declare Cyber-Attacks “Act of War”

October 31, 2017 by Amanda M Rossetti 1 Comment

https://www.infosecurity-magazine.com/news/eu-to-declare-cyber-attacks-act-of/

Members of the European Union have drafted a document stating that cyber attacks by foreign nations could be considered an act of war. They say that members of the EU may respond to cyber attacks with conventional weapons ”in the gravest circumstances”. NATO had previously established cyber a military domain. The document is pretty vague and largely symbolic in nature but highlights the fact that state sponsored cyber attacks are at the forefront of many politicians minds.

A New IoT Botnet Storm is Coming

October 24, 2017 by Amanda M Rossetti 1 Comment

https://research.checkpoint.com/new-iot-botnet-storm-coming/

Researchers at Check Point Research are warning that they have found a new Botnet, IoTroop. It users IoT devices similar to the Mirai botnet from last year that shut down the internet mostly for the eastern US, but it is moving at a faster pace and has a larger potential damage. The article goes into detail about the vulnerabilities that IoTroop is exploiting and where it is being seen.

Cyber Security Is A Business Risk, Not Just An IT Problem

October 17, 2017 by Amanda M Rossetti 1 Comment

My article this week discusses the business risks associated with cyber security. It lists many statistics about how many organizations are attacked and the amount of money and reputation lost as a result of these attacks. I don’t disagree that it seems like every day we hear more and more attacks and new vulnerabilities being exploited. I do, however, disagree with the conclusion that the author has drawn as a result of the increased focus on cyber security. The author asserts that cyber security is just now becoming a business risk instead of an IT issue and that executives now need to focus on it more. I think that cyber security has always been a business risk and not just an IT issue, but executives are just now starting to listen to what IT professionals have been telling them for ages. IT is often part of the solution to fix cyber security vulnerabilities, but organizations have always been wrong to classify cyber security as a solely IT issue and I think they are finally starting to realize this as a result of the impact on businesses we have seen from cyber incidents.

Do you agree with me or the author of the article? Has cyber security always been a business risk or is it now becoming a business risk because of the increase in the frequency and severity of cyber incidents?

https://www.forbes.com/sites/edelmantechnology/2017/10/11/cyber-security-is-a-business-risk-not-just-an-it-problem/#1c064ba77832

5 worst cybersecurity habits with catastrophic consequences

October 10, 2017 by Amanda M Rossetti 2 Comments

https://www.csoonline.com/article/3231669/backup-recovery/5-worst-cybersecurity-habits-with-catastrophic-consequences.html

My article discusses the 5 worst cybersecurity habits. The 5 it identifies are: having a lax attitude, not protecting their email, clicking hyperlinks in emails, poor password practices, and not backup up data. These are all things I ‘ve seen discussed in a corporate setting but the article focuses on personal cybersecurity. Do you do any of these bad practices? It recommends using 2 factor authentication for emails, which I personally don’t do but I think I don’t have the other bad habits.