IT Security

IT and Cyber Security related information

Managing ICT Risks May 11th

 

When you think about risks posed by IT today, your concerns go way beyond what’s happening in the data centre or the IT department. Information and Communications Technology is an essential part of virtually every business process. As a result, managing Technology Risk now means much more than protecting data.  It means protecting the heart of the business itself. 

 

Today's Wikileaks revelations are just the start

Verdant looks at the issues the Wikileaks scandal has thrown up

The Wikileaks story is surely going to be as painful as the MP’s expenses scandal with a drip feed of information as the journalists analyse and read material.

Ensuring infrastructure resilience in an online world

 
Contributed article
 
The Internet is a wonderful tool when it works, but we are increasingly at a loss when it encounters a problem. Steve Durbin, Global VP at Information Security Forum (ISF), looks at what organisations should be doing to minimise the risks and boost their Business Continuity , as a growing proportion of commercial transactions are performed online.
 

ISF announces 10 future threat scenarios in Threat Horizon 2012 report

 
Globalisation, cultural change and infrastructure weaknesses all underlying drivers

The Information Security Forum (ISF) has announced its predictions for the 10 most likely threat scenarios that organisations face in the future.  According to its new Threat Horizon 2012 report, the rapid adoption of cloud computing, increasing use of mobile devices, growth of cybercrime and online espionage, and the merging of home and work life, all have a role to play in future risk management and contingency planning.

Data Centres get CPNI Guidance to boost resilience and security

Business Continuity Forum

It is rare these days to find any organisation which does not rely in some way on computer data. From the very largest corporate through to the very smallest business the need to maintain access to information is absolutely vital. This seems pretty straightforward and it could be said almost simplistic, obvious even. Maybe so, but what about the data that has been removed from your direct control, that exists on the huge banks of servers and hard disks that are located across commercial data centres both in the UK and internationally.

White Paper: Building a Security and Risk Strategy for emerging technologies

 

High Performers & Foundational Controls: Building a strategy for Security and Risk Management 

 

This Enterprise Management Associates White Paper discusses building a strategy security risk management.

 

With all the attention given to the increasing sophistication of threats, and the security implications of technology trends such as virtualisation and cloud computing, our enterprises ready for tomorrow's security risks? These are the questions being addressed in this white paper.

 

The White Paper concludes that for many organisations the answer is no!

BC Management in an IT security landscape

 

A plethora of articles have explored the challenges of managing systems in a market downturn. The one common message is that information security professionals have to do more with less - to balance the rise in vulnerabilities and threat vectors with a fall in budget. Hence the increasing requirement to work smarter and develop holistic, sustainable approaches to information security management.

FIRE, COCKUP AND VIRUS CALAMITY VEX STORAGE MANAGERS

Fire, computer viruses and human error are viewed as the main threats to corporate data by European businesses, according to a survey by storage specialists Hitachi Data Systems. The latest edition of HDS’s bi-annual Storage Index reckons that low-tech 'old fashioned' threats pose the greatest risk of upsetting the operations of European corporates.

Computer passwords 'up for grabs'

Half of IT managers employed by large-sized companies believe it would be relatively easy to gain the core passwords for their computer systems.
That is the warning of a survey by IT security firm Cyber-Ark. It said that 10% of firms never changed their central administrative passwords.

A further 5% did not even bother altering the manufacturer's default password that came with the system.

Security by the numbers

The issue of security continues to be a major industry topic and understandably, especially as this is is one area of BCM that tends to have the highest profile . Many of the issues are closely linked to the increasing complexity and interoperability requirements of applications across a wide variety of Platforms. These problems are also compounded by the generally poor practices of many IT departments and internal users who continue to be a very weak link in the security chain.

Thousands targeted by computer hacker

US Hacker strikes thousands in the UK 

THOUSANDS of computers in the UK have come under attack from a hacker in the US stealing credit card details and personal information. The Metropolitan Police's Computer Crime Unit has launched an investigation into material recovered on an American computer found to contain personal data accessed using a computer virus. 

More than 2,300 computers in the UK are thought to have been targeted and some 83,000 files affected. Email addresses and other confidential data have been recovered, including passwords, credit card numbers and information about on-line transactions. 

Banks could face prosecution over Indian call centre leak

The security leak was discovered following an investigation by a newspaper reporter from The Sun, who was able to buy bank account, credit card, passport and driving licence details of UK bank customers for just £4.25 each.

The call centre worker in New Delhi also told the reporter he could supply confidential data from 200,000 accounts per month. The newspaper handed a dossier with all the details to the City of London police.

Detective Inspector Oliver Shaw of the economic crime unit at City of London Police said in a statement: "Unfortunately we have no jurisdiction to prosecute in the UK so we have passed it through Interpol to the Indian authorities."

Online service foils ransom plot

Extortionists attack business through DoS 

It has become common practise for extortionists to target net firms and threaten to cripple their websites with deluges of data unless they pay a ransom. Not all the e-criminals are able to follow through on their threats but when the Nochex site went down at 8pm it was time to sit up and take notice.

"We get quite a few, maybe once a month so we don't always take it too seriously," he said.

In this instance though Mr Malik did contact his service provider Pipex. "They told us we were being flooded by a zombie attack," he said.

Hackers attack IT conference

Security experts attending the Wireless LAN exhibition found that anonymous hackers in the crowd had created a website that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.

Phishing emails soar

source SC Magazine

Phishing email reached a new high in July, according to email security company Postini, which tracked more than 19 million phishing attempts last month. That number is the highest monthly total since Postini began tracking phishing in January.

July's total breaks June's record of 16.7 million phishing emails, the company said. While phishing attacks increased, the number of emails containing viruses decreased in July by 20 percent compared to June, Postini said.

The amount of spam remained stable at 88 percent of the total number of emails sent. The company processed more than 14 billion emails last month. Directory harvest attacks decreased 8 percent from June.

Gartner researchers have estimated that online debit card fraud, perpetrated via phishing and keystroke logging attacks, has resulted in $2.75 billion in losses in the past year.

END 

If you would like to know more about how your organisation can get involved and benefit from working with the Continuity Forum, please email us HERE! or call on + 44 (0) 208 993 1599.

 


Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...