Cyber-criminals are always on the lookout for weaknesses in corporate IT systems. Whether these are manifest in human credulity or technical deficiencies, hackers have become past masters at exploiting any chinks in the armour. In this context, the retirement of major software and operating system versions represents a huge opportunity for the ever-agile black hat community. IT security teams should therefore be well prepared for this week’s end-of-support deadline for Windows 7 and Server 2008/Server 2008 R2.
For those companies unable or unwilling to upgrade, however, help is at hand.
Modern organisations are increasingly dependent on their supply chains to meet key business goals. But as partner ecosystems have grown and become more complex, so has cyber risk. Unfortunately, UK firms are still flying blind when it comes to managing this risk. A new Accenture report out this week claims that as many as 70% may be vulnerable to attack because they don’t have enough insight into suppliers.
It’s time organisations treated supply chain security as an urgent priority. That means vetting, auditing and continuously monitoring third parties according to the same high standards as your own company. Continue reading →
Critical national infrastructure (CNI) covers a wide variety of industries. But what most have in common is that they run industrial control systems (ICS) and other operational technology (OT). Increasingly, these are being enhanced by new investments in Internet of Things (IoT) systems, in a bid to improve efficiency. The problem is, as these legacy technologies are brought online and integrated with IT systems, they become exposed to new cyber risks, with potentially major repercussions.
A new global study reveals that 90% of CNI providers have suffered damage to their environment as a result of cyber-attacks over the past 24 months. To support business growth and minimise risk, CNI firms need to improve visibility and control in these OT environments. Continue reading →
CISOs across the globe are worried about cybersecurity industry skills shortages. These concerns have been around for years, of course, as have recruitment challenges. But new research from Trend Micro reveals that organisations are looking to mitigate some of the worst effects of these shortages: through greater use of automated machine learning tools.
Let’s be clear, ML is not a silver bullet. But it could be effective as part of a more holistic approach to security focused around reducing unnecessary threat alerts. Continue reading →