Reuters news

Exclusive: U.S. set to give Huawei another 90 days to buy from American suppliers – sources

SINGAPORE/WASHINGTON (Reuters) - The U.S. Commerce Department is expected to extend a reprieve given to Huawei Technologies that permits the Chinese firm to buy supplies from U.S. companies so that it can service existing customers, two sources familiar with the situation said. The “temporary general
/
Cisco News

Monetizing 5G – How Service Providers can get it right

5G will bring much more than unprecedented speed. The 5G architecture will profoundly transform the way we experience our homes and cities, will make enterprises smart, highly efficient and create value in ways never imagined before. Today, consumer expectations for a faster, smarter, more convenient,
/

Learning From Past Mistakes: Predictions For Cybersecurity

Predictions Cybersecurity

From Ashley Madison to the Office of Personnel Management (OPM), hackers did not discriminate between organizations or industries when it came to unleashing cyber-attacks in 2015. This past year, data breaches affected millions of people with headlines of a new hack appearing almost daily. On an individual level, customers’ passwords were compromised, credit card information stolen, and private lives became public to name a few ill-fated scenarios.

On the other hand, the organizations that were hacked lost millions of dollars, trust from their customers, and brand credibility. Many will not recover from such serious blows to their reputations. Businesses can only withstand a cybersecurity hack if they invest the time, effort, and money into response, recovery, and the future protection of the organization and its customers.

With lessons learned from 2015 in mind, here are four predictions related to cybersecurity that will make news in 2016:

1. CEO turnover will increase

In 2016, organizations will come to realize that a cybersecurity breach is inevitable and stakeholders will point to the CEO as the responsible party when they occur. No one is immune to cyber threats and the sooner corporate boards and C-suite executives realize this, the better off their organizations will be.

Because cybersecurity is no longer an issue solely reserved for IT departments, the C-suite, particularly CEOs, will be held responsible for data breaches. The sophistication of cyber threats is unprecedented, requiring executives to evaluate the access of data from employees, customers, partners, regulators and vendors. As such, after a breach occurs, many CEOs will either be forced to step down or be fired.

Additionally, executives must be able to demonstrate they have taken all possible precautions to protect their customers’ data. Public expectations of transparency are likely to increase based on the increasing number of breaches. If CEOs cannot provide evidence of their organizations’ efforts, they will be swiftly replaced.

2. CISOs will be scrutinized more than ever

Corporate boards will scrutinize new CISO hires more than they had previously and more than any other C-suite position. A CISO will be expected to mitigate cyber risk, and ensure the organization maintains the philosophy and practice that compliance does not equate to security. Being compliant is important, but organizations must assume that measures must be taken above and beyond compliance and have strategies in place for identifying areas in need of security improvements.

complience-cloud-risks

Performing penetration tests – tests where third parties are paid to infiltrate an organization’s infrastructure in order to uncover holes in security – will be one way CISOs will help arm their organizations against unfriendly hackers. Having a data breach response and recovery plan will be another way CISOs mitigate risks for their businesses and their customers.

3. Cyber insurance will become more popular

As 2015 demonstrated, data breaches are a very real and pervasive threat. Only by taking preemptive measures and proactively preparing a response and recovery strategy will organizations be able to bounce back when one occurs to them.

Part of this proactivity will come in the form of cyber insurance. Even with executives understanding the need for a cybersecurity strategy, it is difficult to calculate all potential costs involved in a breach. Financial considerations must include both direct and indirect costs. An example of direct costs is the financial reparations paid to affected customers after a breach. Indirect costs can include the legal fees incurred while an organization is sued for these reparations.

By purchasing an insurance plan, organizations will be able to minimalize the out-of-pocket costs of a breach.

4. Mobile device management (MDM) will be critical

Organizations will come to understand the threat that connected devices pose to their enterprises. Individuals are using unsecure mobile devices and cloud-based applications without realizing it, which is why MDM and its providers will play a vital role in maintaining organizational security.

Entry into an organization’s infrastructure via a mobile or connected (IoT) device can be relatively simple if the organization is not prepared. For example, if a person’s cell phone or an application on his or her cell phone is hacked and the device is connected to a company’s wireless internet system, a hacker can gain access to the company’s network.

2016 will inevitably be a year with many more data breaches, but hopefully 2015 has taught us that C-suite proactivity and strategy can minimize cyber risk. Learning from the missteps of 2015 will enable organizations to approach cybersecurity with a top-down approach, making it a priority for employees at every level.

By Larry Jones

Larry Jones

Larry Jones is the chairman and CEO of Coalfire and has over 25 years of experience building, operating and growing public and private companies. Under Jones direction, Coalfire is the leader in cybersecurity risk management and compliance services and is the trusted advisor for the leading brands in the healthcare, retail, financial services and technology industries. Jones has a successful track record as a corporate director and chief executive for companies such as StarTek (NYSE:SRT), MessageMedia (NASD: MESG), and Neodata.  Jones, alumnus of Worcester Polytechnic Institute and Boston University, has more than 25 years of experience building, operating and growing public and private equity backed companies.

Big Data Trends

Ringing The Alarm Bells – Preparing For The Potential Dark Future of A.I

The Future of A.I On Friday 21st October, the world witnessed the largest cyber-attack in history. The attack set a new precedent for the size, ...
ERP Ain’t Got the Same Soul, I Like that Old Time Rock ‘n’ Roll

ERP Ain’t Got the Same Soul, I Like that Old Time Rock ‘n’ Roll

Designing Enterprise Software around People Looking back, business owners talked to their customers and employees in person or by phone. This human contact was more ...
10 Prototyping Tools To Help Build Your Startup

10 Prototyping Tools To Help Build Your Startup

Prototyping Tools We are continuing this week by focusing on startup tools, tips and tweaks that will help you build, design, manage and market your ...
Rise Ransomware

The Rise of Ransomware

Ransomware IT security company KnowBe4 has issued a warning regarding a new strain of ransomware called VirRansom, which “utilizes both ransomware and parasitic virus features," ...
The Verge

US gives Huawei another 90 days before full ban takes effect

/
The United States will once again delay a full ban on doing business with Huawei, saying that rural communications companies needed the extra time to switch their equipment away from ...
ISC2

(ISC)² is Now an Approved Professional Organisation for Tax Relief in the UK

/
There are few certainties in life, with taxes being very much at the top of the list. However, for (ISC)2 members in the UK, we have some good news for ...
AWS

AWS IoT Core Adds the Ability to Configure Quality of Service (QoS) for Republish Action

/
Starting today, AWS IoT Core customers can configure the quality of service (QoS) when publishing messages via the republish action of a topic rule. AWS IoT Core supports QoS levels ...