Climate Change and Cyber Attacks Named as Biggest Global Security Threats

Climate change is seen by more countries as a top international threat, but many also name ISIS and cyberattacks as their top security concern, according to a new survey by the Pew Research Center conducted among 27,612 respondents in 26 countries from May 14 to Aug. 12, 2018.

The Intergovernmental Panel on Climate Change released a report last year expressing serious concerns about the possible impacts of climate change, both in the near and distant future. Broadly speaking, people around the world agree that climate change poses a severe risk to their countries. Since 2013, worries about the climate threat have increased significantly. The biggest increases have been in France (up 29 percentage points) and Mexico (up 28 points), but there have been double-digit rises in the U.S., U.K., Germany, Spain, Kenya, Canada, South Africa and Poland as well.

When it comes to cybersecurity, states are the weak link

Every year, we receive the same news: Cyber threats against the United States are on the rise. This year, though, we have some good news: Federal government officials are finally taking these threats seriously. These officials are committed to developing a cyber strategy and working hard to shore up the nation’s virtual defenses. Congress is exploring ways to reorganize its own technology research capabilities. The military is figuring out how to put Silicon Valley to use.

Governments at the state level, however, are lagging.

Cybersecurity suffers from the weak-link problem: Weaknesses in one area can put entire systems at risk. With cyberattacks affecting state and local governments every day, the United States cannot afford to let state-level cybersecurity go unaddressed.

The Legal Implications of Digital Privacy

A June 2018 decision rendered by the Supreme Court of the United States established an interesting principle on digital privacy in a case related to a criminal proceeding.

The decision stated that the government must obtain a warrant in order to collect historical cell site location information (CSLI) of customers held by the cellphone companies. The case’s decision is based on whether police must require a warrant in order to access information from users generated by cellphones of a suspect in a criminal investigation. This decision implies that in the future, law enforcement authorities will not have an “unrestricted access to a wireless carrier’s database of physical location information” (From the majority by Justice John Roberts).

Cyber ‘Intrusion Campaigns’ Increasingly Target Utilities

Cyberattacks increasingly target and succeed inside energy and utility companies’ IT networks, rather than their critical infrastructure, according to a new report from cybersecurity firm Vectra.

In the past, the energy and utility industry’s cyber efforts have focused on preventing disruption of power availability via industrial control networks.

But the Department of Homeland Security issued a technical alert in March warning the industry of a “multi-stage intrusion campaign” originating in Russia targeting IT networks in the U.S. energy sector.

How California Is Improving Cyber Threat Information Sharing

The California Cybersecurity Integration Center alerted its partners to the Thomas Fire along Interstate 5, before the largest wildfire in the state’s modern history was phoned in last December.

Someone had taken to Twitter to first report the blaze, and Cal-CSIC’s media scrapers—which plug into its automated threat feed—noticed.

Cal-CSIC, pronounced “cal-sick,” was created by Gov. Jerry Brown’s executive order in August 2015 to prioritize cyber threats to public sector agencies and expand into the private sector.

U.S. Seeks More Cooperation with Private Sector to Fight Cyber Attacks

The U.S. Department of Homeland Security on Tuesday said it will bolster collaboration with the private sector to defend the nation against cyber attacks by working more closely with industry to combat emerging threats.

Homeland Security Secretary Kirstjen Nielsen unveiled plans to set up a national risk management center where the government will initially work with financial firms, energy companies and telecommunications providers to help identify industry security weaknesses, develop response plans and run cyber drills.

The Two Biggest Disruptions To Cybersecurity Since The Invention Of The Firewall

One might consider the firewall the most significant invention in cybersecurity in the last 30 years. The firewall has certainly evolved since its inception in 1988 as simple packet filters, launching with stateful filters, then upgrading to its third-generation application layer firewall and more recently upgrading again to the next-generation firewall (NGFW).

While NGFW is certainly part of the cybersecurity stack, NGFW is no longer revolutionizing the way we protect our critical business assets.

Today’s cybersecurity strategies have been disrupted by two new models: the Zero Trust model and DevSecOps.

What Cyber Exposures and Coverage Gaps Keep Risk Managers Up at Night

Risk managers are very concerned about the cyber risks facing their companies and are heavily investing in protection against cyber attacks with the blessings of their boards and CEOs, a major shift from even just 10 years ago when convincing a company to worry about cyber was a big challenge for risk managers.

However, the new challenges for them include getting the right coverage from the insurance market and ensuring their companies have enough coverage in the event of a major breach, three risk managers on a recent panel at Advisen’s Cyber Risk Conference in San Francisco said.

Developing a Cyberattack Response Plan

Right now, somewhere in the United States, a cyberattack is happening. In fact, many cyberattacks are likely happening—which is why cybercrime damage costs are estimated to hit $6 trillion annually by 2021. Risk management professionals and executives are not only challenged by the volume of cyberthreats, but by their growing complexity as well.

Ransomware attacks, for example, were predicted to exceed $5 billion in 2017—up more than fifteen-fold from 2015—as organizations grapple with how to not only prevent these attacks but mitigate the financial losses and downtime they cause. Yet despite the trends, more than half (52%) of organizations that suffered successful cyberattacks in 2016 indicated in a Cybersecurity Ventures report that they would not make any changes to their security in 2017. And even for those that do update their cybersecurity plans, cyberattacks have become an inevitability for most organizations. As a result, developing a complete response plan for cyberattacks is essential to protecting your business and customers.

Pages

Subscribe to RSS - Cyber Security