News Recap: World Federation of Stock Exchanges to Combat Cyber Attacks

By | December 13th, 2013|Uncategorized|

Stock Blog PicIn light of cyber attacks over the past twelve months, the world’s largest exchanges have formed a committee to prevent against cyber attacks. The purpose of the committee will be to establish and communicate global best practices regarding information security.

Michelle Price reported in the Wall Street Journal, “Nasdaq OMX’s chief information security officer, Mark Graff, is to chair a new working group that’s been set up by the World Federation of Stock Exchanges to try to combat the rise of cyber attacks on financial market infrastructure.” Price noted that the group was established after research found “53% of exchanges had suffered a cyber-security attack during the previous 12 months.”

In Bloomberg Businessweek, Nandini Sukumar reported that “hackers have targeted computers at exchanges including CME Group, the world’s largest bourse operator, and Nasdaq.” Fox Business reporter Matt Egan wrote that this level of disruption “on a major exchange like the New York Stock Exchange would mark a major coup for cyber actors.” He recounted a recent exercise in which “white hat” hackers were assigned to find and expose cyber vulnerabilities of the U.S. equity markets. They succeeded and even found a way to impact market performance. Cyber security professionals, Egan reported, believe ”the committee announced on Thursday is long overdue.”

Do you agree this committee is a step in the right direction? What other actions should world exchanges or this committee be focusing on? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

News Recap: Financial Industry More Concerned With Cybersecurity Than Ever

By | November 18th, 2013|Uncategorized|

financial blog picWith a considerable rise in cybersecurity threats over the past few years, organizations across industries have responded by moving information security concerns from the operational level all the way to top-tier leadership. Congruently, lobbyists from the financial industry have resurrected a push for legislative action from Washington.

In his article in Forbes, Tom Groenfeldt quotes EY cybersecurity financial services leader Chip Tsantes as saying, “The number of threat actors is increasing and each has a different high value target… Five years ago it was protecting money, but now threat actors, nation states and activists are looking to disrupt, embarrass, steal IP or help their domestic industries. The number of targets has increased, techniques have gotten better and they are going after a wide array of targets.”

Ryan Tracy of the Wall Street Journal’s Washington Wire writes, “Top financial-industry lobbyists pressed senators to move forward with cybersecurity legislation, part of an effort to re-energize a campaign that has lost steam amid revelations about the National Security Agency’s extensive domestic surveillance.” Tracy continues by saying, “The industry’s main concern is liability: Will private-sector firms expose themselves to lawsuits if, in responding to cyber-threats, they share customers’ information with the government or halt certain financial transactions?”

Do you agree that cybersecurity should be a C-Suite concern versus operational? Should Washington be more concerned about cybersecurity threats in the financial industries? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

U.S. Cyber Security By The Numbers

By | October 30th, 2013|Uncategorized|

IBM recently published the 2013 IBM Cyber Security Intelligence Index, a report detailing the global threat landscape across 3,700 IBM clients in 130 countries. The report analyzed the most affected industries and the most comment types of attacks, motivation behind attacks, how human error comes into play and suggestions on how to create a strong cyber security defense. The findings? Cyber threats are increasingly becoming more opportunistic as human fallibility creates vulnerabilities within an organization.

Affected Industries

To get a better understanding of who and what cyber criminals are targeting, researchers took a look at the industries that were most affected. The manufacturing and finance/insurance industries took the lead, accounting for nearly 50 percent of all security incidences. Researchers were not surprised to find that these industries were the most affected, but their interest piqued when seeing a rising number of cyber attacks focused on sabotage compared to the number of espionage cases within these industries. The report shows that attacks are often “aimed at causing physical damage, disruption and safety issues – rather than accessing information.” Why? Because vulnerabilities within organizations often leave attackers with opportunities to cause damage.

The depth of human error

More than 49 percent of the attackers surveyed claimed that existing vulnerabilities or weaknesses were their main motivator to attack in the first place. Having strong defenses in place can be a major deterrent to a cyber attack. However, human fallibility can greatly attribute to a company’s vulnerabilities. According to IBM’s report, humans can account for roughly 80 percent of company breaches.

Reduce vulnerabilities and build awareness

In order to reduce vulnerabilities within a company’s cyber security, IBM provides 10 ways to better protect against cyber attacks. Here are a few recommendations from CSID:

  1. Continue to educate your employees on cyber security risks. Keep employees aware of the types of risks they should look out for and have an open door policy for employees to contact your IT team. Here is a list of the top 10 internet and email scams of 2013 for employees to be aware of.
  2. Build and enforce a strong social media policy. The blurred lines between personal and professional social media use can serve as a weak link in a business’s armor of defense. We recently held a reputation management webinar on this topic – see what our expert panelists suggest when it comes to employee social media use.
  3. Encourage strong passwords and require employees to change them frequently. Employees should never use the same passwords for work and personal use.

Are you surprised at these report findings? How can businesses reduce the amount of human error in cyber security? Let us know what you think on Twitter, Facebook and be sure to check our Tumblr for daily news updates.


Cyber security by the numbers

Load More Posts
WordPress › Error

There has been a critical error on this website.

Learn more about troubleshooting WordPress.