Imagine your tooling down the freeway in your fancy new car when suddenly it’s being commandeered by hackers, who demand ransom or they will steer you into oncoming traffic. If you try to pull over, you can’t, the steering wheel is no longer under your control. You slam on the breaks, but get no response. This may sound like a script for some futuristic doomsday movie, but it’s more real than anyone would like to imagine. This scenario was actually played out by researchers Charlie Miller and Chris Valasek, who in 2014, hacked a vehicle and took over its operation.
A secret GAO audit of security systems installed to protect government agency networks has revealed the solutions they have in place aren’t working. In particular, the ironically-named Einstein system has been found to have limited capabilities to detect data breaches. While this might seem less than newsworthy, considering how many enterprise industry networks have been breached, the fact that Einstein is a signature-based only detection system is the most baffling part of this story.
High profile data breaches seem to occur in an almost predictable cadence and no industry is immune. This has frustrated organizations who want to believe their security is strong enough to keep them from experiencing the bottom-line-bashing data theft they see in the headlines. The fact that the majority of both business and government functions have gone digital opens up doomsday scenarios of which government agencies, from state and local up to the federal level, are well aware.
A recent article in Forbes Magazine reports that big banks including Bank of America and J.P. Morgan Chase are pulling out all the stops when it comes to their cybersecurity budgets. According to the article, B of A CEO Brian Moynihan has declared that cybersecurity is the only area of his company that has no budget constraints whatsoever. Another financial giant, J. P, Morgan reportedly doubled its budget in 2015 from $250 million to $500 million.
A recent story on siliconangle.com, Cloud Computing Becoming a Core Competency for 2016, covers a survey of IT professionals on the growth of cloud computing. The analyst who helped architect the survey said that “cloud computing is becoming a core IT and business competency.” He explained that cloud computing is not only influencing how companies develop their products, it is having an impact on IT industry functioning in general.
A new article in Infosecurity Magazine, Business Confidence in Cloud Security Grows, concerns research from the Cloud Security Alliance, who surveyed IT professional across a variety of industries and found their attitudes toward cloud computing may be changing.
A recent article in Forbes outlines some major missteps the healthcare industry is making when it comes to data security. In the wake of a record year for data loss with breaches at some the largest healthcare companies, the fact that there are problems with their cybersecurity comes as no surprise. As recently reported, 8 out of the 10 largest breaches across all industries occurred in healthcare. As many experts have explained, healthcare records and insurance numbers are now a more lucrative target than credit card numbers. Yet, healthcare companies from insurers to hospitals and clinics seem ill prepared to thwart today’s advanced exploits. Here’s what the author of this article characterizes as healthcare’s five most urgent vulnerabilities:
According to the US Department of Health and Human Services (HHS), there has been a significant increase in data stealing attacks on healthcare organizations in 2015, as reported in a recent Forbes article. High profile names like Anthem, BlueCross and BlueShield were part of a lengthy list of hospitals, clinics and smaller companies that were victimized in what was a record year for healthcare data theft. HHS reports a total of 235 data breaches involving 112 million health records – a staggering 100 times more than in any previous year. In fact, 8 out of 10 of the largest hacks to hit any healthcare company happened in 2015. Under HIPAA compliance rules, statistics for data breaches of healthcare organizations are required to be posted, which is handled by the Office of Civil Rights (OCR) under the auspices of HHS. This “wall of shame” is actually a website documenting page after page of data thefts large and small.
Many organizations have moved quickly to adopt cloud computing because of the business advantages it offers. On-premises hardware and software solutions can’t compete with the flexibility, scalability and costs savings cloud-based options provide. However, a recent survey of global businesses shows that concerns about cloud computing still persist, especially when it comes to security.