The number of U.S. data breaches tracked in 2016 hit an all-time record high of 1,093, according to a new report by the Identity Theft Resource Center (ITRC) and CyberScout. This represents a substantial hike of 40 percent over the near record high of 780 reported in 2015. This raises the question: are there actually more breaches or is it because more states are making this information publicly available? “For the past 10 years, the … More
Source: helpnetsecurity

Technology providers and their customers are joining forces to advance a standard format for vendors to disclose cybersecurity vulnerabilities. The work of the new OASIS Common Security Advisory Framework (CSAF) Technical Committee will enable greater interoperability among products and ensure that structured, machine-readable security advisories can be produced and consumed much more broadly. “Defenders need to be able to quickly and automatically assess the impact of a security vulnerability on any of the products they … More
Source: helpnetsecurity

Less complexity, an active defense, transformative research, and institutionalized cybersecurity should be nuclear industry’s key priorities to stem the rising tide of cyber threats. The advice comes from an international group of ICS security experts, researchers and consultants, polled by the nonprofit Nuclear Threat Initiative (NTI). “Cyberspace provides a new opportunity for determined adversaries to wreak havoc at nuclear facilities – possibly without ever setting foot on-site,” they noted in a recently released report. “Cyberattacks … More
Source: helpnetsecurity

When the FBI announced the arrest of a Russian hacker in October, it was notable – but maybe not for the reason you’d expect. Yevgeniy N., who was picked up in Prague, is implicated in the 2012 megabreach at LinkedIn. That cyberattack exposed the usernames and passwords of 117 million people, and led to a fire sale of login data on the open market. The size of the hack was extraordinary, but the arrest of … More
Source: helpnetsecurity

Deloitte has uncovered a shift in business priorities from “business performance” to “customers,” with 57 percent of chief information officers choosing “customers” as their top priority, compared to only 45 percent last year. “Customer” remained the top priority for eight of the 10 industries represented in the survey. Only 45 percent of CIOs stated their information technology organization is involved in delivering customer experience through IT capabilities, and 28 percent of CIOs feel their IT … More
Source: helpnetsecurity

By now, it’s pretty much an accepted reality that it’s only a matter of time until an organization – any organization – gets breached by cyber attackers. But system penetration does not mean game over for the defenders, as attackers still have to do other things to achieve their goal (steal business information, login credentials, intellectual property, etc.). This means there are many other opportunities and ways to stop an attack from succeeding. How to … More
Source: helpnetsecurity

In a survey of over 1,900 consumers crossing the US and UK, Computop found 76 percent planned to shop online this holiday season. However, 62 percent of those respondents overall don’t plan to shop on Cyber Monday. When asked about purchasing products online from retailers outside of their own country this holiday season, 50 percent of respondents said they were not interested in doing this as they have enough options domestically. An additional 22 percent … More
Source: helpnetsecurity

Unsurprisingly, the Q3 2016 ThreatMetrix report shows a sharp increase in the number and complexity of cyber attacks. During what is traditionally a slow quarter, researchers analyzed nearly 5 billion transactions, and stopped approximately 130 million attacks in real time – a 40 percent increase over 2015. Top attack vendor trends Mobile transactions grew almost 50 percent over the previous year to represent 43 percent of total network traffic. Cross-border transactions are also on the … More
Source: helpnetsecurity

Businesses are often encouraged to take risks. These can fuel innovation, excite customers and set them apart from competitors. However, while many parts of a business may benefit from occasional risks, security is one area that businesses cannot afford to compromise. While trying something new should be encouraged, this should only be done when it can be assured that company and customer data won’t be exposed. One example is the old-school belief that security is … More
Source: helpnetsecurity