Amazon

Amazon Primed: Surveillance Drone Patent Granted, Planes And Platform Shopping Spree

'Amazon Primed' is a short recap of the larger stories that dominated the headlines this week surrounding everyone's favourite cardboard abuser, Amazon. If you want the full, deep look at what Amazon is doing every week, subscribe to 'What Did Amazon Do This Week ' newsletter (called 'Obsessive...in the
/
Cisco News

Cisco and IBM Cloud Announce Hybrid Cloud Partnership

In the current day journey towards application modernization, enterprises have a growing need to not only bring together the agility of newer microservice architectures and application development platforms like Kubernetes, but also align those capabilities with their existing middle-ware, databases, and processes. Trying to meet
/

Security Incident Response Team

The incidences of modern cyber-attacks are growing, along with their sophistication. Every single weakness, whether technological or human, is being constantly exploited, and the interconnectedness of computers means that a break-in, theft or infection on one system has far-reaching consequences with customers, suppliers and the general public.

Network Security

Network security is an industry created out of necessity. Company decision-makers must recognize that the sheer variety of attack vectors is something that requires constant vigilance, and that not only preparedness, but post-attack response strategies, too, are a critical part of doing business.

security-breach

MetricStream is a global organization that focuses on Governance, Risk, and Compliance (GRC) for modern and digital enterprises. Their recent white paper, entitled The Important Role Of A Cyber Security Incident Response Program, and authored by Vibhav Agarwal and Dr. Michael Redmond, presents a comprehensive assessment of the damage that hackers can cause, the value of deploying a Security Incident Response Team, along with some fascinating case studies and a wealth of highly actionable preventative steps.

Here is an excerpt:

We live and do business in a whole new world; one marked by increasing cyber attacks, and all new rules. Beyond the increase in frequency of attacks, we also face an increase in the types of organizations that have become targets. Today, it goes beyond banks and government-related institutions, to include healthcare providers, retailers, and essentially any entity that owns or has access to the assets and information of its consumers.

Organizations require more focused awareness to bolster their security policies and practices as the foundational structure of an overall risk-management strategy. Furthermore, organizations need to ensure compliance with new laws and regulations that govern how they protect information assets.

It’s also critical that organizations buy into the fact that network and systems administrators alone cannot protect corporate systems and information assets – it must be an organizational team effort. A Cyber Security Incident Response Team (CSIRT) is a must in today’s world.

In April 2012, a server hack was responsible for a HIPAA violation by the Utah Department of Health, where over 780,000 people were compromised in the server attack at the authentication level, permitting hackers to hijack Social Security Numbers and personal health records. It was determined that a vulnerable server was not properly configured as per normal procedure, allowing hackers to gain access into the computer network. Added to that, in January and February 2012, nearly 1.5 million individuals were affected by hackers who successfully infiltrated and gained access to the payment processing system of Global Payments Inc. On December 14, 2014, it was reported that the Dutch government suffered a website outage due to a cyber attack. Allegedly, hackers crippled the Dutch government’s main websites for most of the day, rendering back-up plans and contingencies largely ineffective. All of this goes to show the serious loopholes in our current infrastructure and back-up plans.

While organizations cannot always prevent a breach, a quick response to a security event can go a long way when it comes to minimizing the financial damage and most importantly, protecting the business and its reputation. In order to reduce the costs associated with increased call center activity, customer education and awareness programs, brand repair campaigns, legal and compliance fines, and expenses associated with any customer settlements, organizations should adopt a proactive approach with timely stakeholder communication.”

Pandora’s Box

Of greatest significance in the paper is the recognition that attacks have incalculable costs. Data breaches and thefts unleash a Pandora’s box of additional problems. One compelling case study describes a data break-in to a state Revenue agency that resulted eventually in the filing of hundreds of fraudulent tax returns. It is precisely because no organization can know everything that must be known, that an alliance with governance, planning and response organizations is essential. To review the entire paper, visit Metricstream

By Steve Prentice

Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.

Using the Digital Transformation Journey Workbook to Deliver “Smart” Spaces

Using the Digital Transformation Journey Workbook to Deliver “Smart” Spaces

Key points of this blog include: Digital Transformation sweeps aside traditional industry borders to create new sources of customer and ...
The Digital Economy: Embracing The Latest Technological Advancements

The Digital Economy: Embracing The Latest Technological Advancements

The Digital Economy As you would expect, for any business to achieve successful growth and meet its objectives, it must ...
Four Cloud Security Mega Trends

Four Cloud Security Mega Trends

Cloud Security Trends Last year was a big year for the cloud. Cloud adoption continued to grow at a rapid ...
Open Source Tools

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
Verizon

Top 100: Verizon’s new structure enables strategy

/
Verizon has fit the definition of a company in motion this decade with its acquisitions of AOL and more recently in 2017 the core Internet business of Yahoo that set ...
Cloud Infographic

New 2019 Cloud Security Research Reveals Key Challenges for Security Professionals

/
Data Loss and Leakage, Unauthorized Access Top List of Cloud Security Concerns SAN ANTONIO--(BUSINESS WIRE)--Security professionals continue to face a number of major challenges as more organizations move legacy IT ...
ISC2

Cybersecurity Falls Short in Organizations Undergoing Digital Transformation

/
While C-level executives understand the need for cybersecurity as their organizations undergo digital transformation, they aren’t prioritizing it enough, according to a recent Deloitte report based on a survey of ...