About Over 50 Articles Library

RETURN TO LIBRARY INDEX

Content: Services - Computer

Computer Security No 29: Corporate Security

Corporate Computer Security

What is a VRM program & should you have one?

- VRM = Vendor Risk Management

- 63% of ALL data breaches can be attributed to third party vendors.

- Examples of data breaches in 2016 so far:

- Equifax portal - affected Kroger, Stanford University, Northwestern University

- Jokes

The hackers exlpyted he employees default PIN codes to log into W-2Express, an Equifax service. The PIN codes used a common system: employees social security number and date of birth. The hackers stole tax and salary data for a large number of the W-2Express service.

About Over 50 Corporate Computer Security

Healthcare provider Bizmatic - affected over 15,000 healthcare providers

Bizmatic is an ambulatory software and elecronic health records vendor; the hackers used stolen credentials to install malware in the Bizmatic environment. The attack took place in January 2015, but Bizmatic was not aware until late 2015 and an affected provider Vincent Vein Center allerted the US Department of Health and Human Services as late as June 2016. Information included name, address, telephone, DoB, Insurance information.

Acer's third party vendor - affected customers who visited the site from 12 May 2015 to 28 April 2016

Acer suffered a data breach on its e-commerce site through an undisclosed third party. Data compromised includes name, address and complete credit card data (expiration date and security code included).

The list goes on: Wendy's POS systems, doTERRA hosting company, Lawfirm representing Multicolor, etc.

Questions for Directors and Senior Executives:

- Do you manage Vendor Cyber Risk?

- Do you have special provisions in the contracts to mitigate for cyber breaches?

- Do you have a Cyber Strategy that covers the risk posed by Third Party Vendors being breached?

Cyber Survey

About Over 50 Corporate Securtiy

Advisory Boards Group recently partnered with Conscious Governance in offering a Survey in Cyber preparedness for Directors.

The result will be an eBook that you can download from the website or we will email it to you.

According to studies from the Ponemon Institute and various Governments around the world:

- Up to 60% of organizations which experience a breach go out of business within six months

- Ransomware incidents have increased 300% from the previous year

- The average cost of a data breach is four million dollars

Cyber security is now a serious risk management issue; vigilance and ownership from the Board is crucial.

How well does your Board understand cyber security? And what should it know about cyber security?

How well does your Board understand cyber security? And what should it know about cyber security?

To take the Survey (4 questions only = 3 minutes ) please click here:

About Over 50 Corporate Computer Security

About Over 50 Advisory Boards Group

Enquire at:- admin@advisoryboardsgroup.com

Kasperski Labs Threat predictions for 2017

In a nutshell, the Global Research and Analysis Team thinks:

About Over 50 Corporate Securtiy

The compromise of payment systems: as payment systems become increasingly popular and common, the company expects to see this matched by a greater criminal interest.

The commoditization of financial attacks: Kaspersky Lab expects to see the ‘commodification’ of attacks along the lines of the 2016 SWIFT heists in 2016 – with specialized resources being offered for sale in underground forums or through as-a-service schemes.

Growing vulnerability to cyber-sabotage: as critical infrastructure and manufacturing systems remain connected to the Internet, often with little or no protection, the temptation to damage or disrupt them could prove overwhelming for cyberattackers, particularly those with advanced skills, and during times of rising geopolitical tension.

Espionage to go mobile: the company expects to see more espionage campaigns targeted primarily at mobile, benefiting from the fact that the security industry can struggle to gain full access to mobile operating systems for forensic analysis.

The breakdown of ‘trust’ in ransomware: Kaspersky Lab also anticipates the continuing rise of ransomware, but with the unlikely trust relationship between the victim and their attacker – based on the assumption that payment will result in the return of data - damaged as a lesser grade of criminal decides to enter the space. This could be the turning point in people being prepared to pay up.

Device integrity in an over-crowded Internet: as IoT-device manufacturers continue to pump out unsecured devices that cause wide-scale problems, there is a risk that vigilante hackers could take matters into their own hands and disable as many devices as possible.

Jokes

About Over 50 Corporate Security

"Memo: to all personel, effective immediately we will be using the new security standards in all company correspondence, so please remember to use the ecret-say ode-cay"

Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au

RETURN TO LIBRARY INDEX

 

© About Over 50s 2017             website by aml websites online