BreachExchange mailing list archives
Rise in cyberattacks means firms must develop security skills and mindset
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 14 Nov 2013 00:17:39 -0700
http://www.siliconrepublic.com/strategy/item/34758-rise-in-cyber-attacks-means/ The recent spate of data breaches that saw 43,000 Irish people’s credit and debit card details fall into the hands of hackers are a stark warning to public and private-sector organisations to be on their guard. A cyberattack on Ennis-based LoyaltyBuild, which operates loyalty schemes on behalf of Supervalu, Axa and Stena Line, resulted in the credit and debit card details of 43,000 customers being accessed. The breakdown included 39,000 Supervalu customers, 4,368 Axa customers and more than 50 Stena Line customers. It is understood that the CVV numbers on the back of cards required to complete transactions were not stored on the compromised servers. The same spate of attacks affected 102,000 people in Norway and Sweden. The cyberattacks reported this week is a stark warning to all organisations that they need to be better prepared to guard against sophisticated threats that can cripple information technology systems, according to RSA, the security division of EMC which employs 3,000 people in Ireland. Firms need to upskill and develop a security mindset Gerry Murray, EMC’s country manager, said the cyberattacks reported this week was symptomatic of new risks to our IT systems, as cyber-adversaries around the world try to disrupt organisations. “The rate and rise of cybercriminality shows that IT systems have never been more vulnerable and organisations need to take more proactive steps to prevent cyberattacks as part of a new defence strategy,” Murphy said. “With the rise of targeted and sophisticated adversaries, we learn more about weaknesses and we now know that intelligence-driven information security is emerging as the clear pathway for all organisations to protect their IT infrastructure. “That means collecting reliable cybersecurity data and researching prospective cyber-adversaries to better understand risk and learn about why and how attacks occur. “It means developing new skills in the IT team to produce and analyse intelligence and identify normal and abnormal system and end-user behaviour in the IT environment,” Murray added. He said combating advanced threats will require a new security mindset and improved practices for gathering, sharing and acting on cybersecurity intelligence.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Rise in cyberattacks means firms must develop security skills and mindset Audrey McNeil (Nov 14)