News emerged this week of an alleged data breach at the Qatar National Bank. On the face of it, it’s yet another large multi-national with inadequate security getting hacked and exposing the details of its customers. But on closer inspection the details revealed in the data dump tell us more – that the hacker was using the breached bank data to build up profiles on specific individuals in order to launch follow-on attacks.
It’s another fascinating insight into the shadowy world of cybercrime which should remind us all, businesses and individuals, that personal information is a valuable online commodity that should be protected at all times. Continue reading →
One of the things you’ll hear some CISOs grumble about from time to time is how tricky it can be sometimes persuading the business to release more funds. The skill of the good security chief, of course, is in translating highly technical concepts into a language the board will understand. But even so, it can be a tough sell when the end result of thousands of pounds of investment is … precisely nothing. With cyber security you’re effectively buying insurance against a damaging breach.
So it was interesting last week to see Sony declare that it spent a whopping $15 million on investigation and remediation after major cyber attack last year. It gives just a small insight into the potential financial impact of failing to adequately ‘insure’ your organisation against attack. Continue reading →
The data breach at Sony Pictures has become one of the biggest cybersecurity stories of 2014. Following the exposure of approximately 100TB of corporate data, the movie “The Interview,” scheduled for Christmas release in theaters, has been pulled under apparent political pressure from the attack’s perpetrators, a group calling itself the Guardians of Peace. Continue reading →