ICD Brief 57.
09.10.2017. – 15.10.2017.
The ICD 57 brings you 20 updates from the US, Australia, Estonia, China, EU, Iran, Poland, Singapore, UK, Insurance, Features on the Forgotten Women of Early Computer Hacking and an analysis of cybercrime in India for CEO’s.
J.P. Morgan joined the US, the EU, NATO and a growing coalition of corporations and governments calling for global cybersecurity standards, increased information sharing and stronger enforcement.
White House nominates cybersecurity expert Kirstjen Nielsen to lead the Department of Homeland Security.
Iran, not Russia, cyber attacked 9,000 UK Parliament accounts in the Prime Minister and cabinet on June 23. China calls for stricter enforcement laws.
Social Media: Wielding Its Double-Edged Sword is the subject of our interview with Sarah Jones, an award-winning all platform journalist whose passion is to attract young audiences (last count 67,000) aged 13-35 to hard news.
“Governments need to develop global cyber security standards and increase information sharing on cyber threats, Daniel Pinto, chief executive of JPMorgan’s corporate and investment bank, said on Saturday.”
“President Trump introduced his pick to lead the Department of Homeland Security on Thursday, nominating White House staffer and cybersecurity expert Kirstjen Nielsen. “I share the president’s profound commitment to the security of our country,” she said at a brief White House ceremony. “Truly, there is nothing more valuable than to feel safe and secure in your homeland.””
“A bipartisan group of federal election officials, national security advisors and a retired U.S. general have formed a coalition to fight election hacking with the aim of establishing protocols that would keep Russians and other state entities from interfering with the voting process.”
“Boards of directors are getting more involved in cybersecurity efforts at their organizations, and many have boosted spending on such initiatives, according to a new report from accounting and advisory firm BDO USA.”
“The hack into the accountancy giant Deloitte compromised a server that contained the emails of an estimated 350 clients, including four US government departments, the United Nations and some of the world’s biggest multinationals, the Guardian has been told.”
“Australia’s second Joint Cyber Security Centre was officially launched in Melbourne yesterday by the Minister Assisting the Prime Minister for Cyber Security Dan Tehan.”
“Australia has warned small businesses and “mums and dads” of growing cyberthreats, as an Australian company that was contracted for national security projects was breached by hackers last year. The company is only one of over 47,000 cybercrime incidents that the country faced last year.”
“Estonia will become the first country in the world capable of functioning without physical land, it’s been claimed. The technology-savvy nation will create ‘digital embassies’ around the world with a back-up of all its critical data. It is designed to ensure the former Soviet state, close to becoming a wholly digital society, will be less vulnerable to cyber attacks.”
“Earlier this year, the People’s Republic of China enacted its Cybersecurity Law, which granted authorities broad, explicit powers to monitor and investigate activities falling under its purview, along with the ability to penalize violators. Just a few months after the Cybersecurity Law’s implementation, numerous instances of zealous enforcement have been reported. Companies can expect enforcement actions to continue, and should thoroughly review their current procedures to ensure they are in compliance.”
“Earlier this week at the CyberSec European Cybersecurity Forum in Poland, Julian King European commissioner for the security union called for increased collaboration in defending against cyber attacks after revealing more than 4,000 ransomware attacks have taken place every day across the EU since 2016.”
“The cyber world is full of would-be extractors of our bank account data. Banks and their regulators recognised cyber risk as a major threat decades ago and have built an elaborate ecosystem of protections against it. Regulated banks are strictly limited in how they store customers’ data. They are required to have multiple lines of defence against security breaches, subject to independent audit and review by government supervisors. But as the Equifax data breach highlights, other entities, such as credit reporting agencies, reside outside this system. The protection they offer is only as good as their managements’ vigilance, and that is often lacking.”
“Iran carried out a cyber attack on the British parliament during the summer that affected some 9,000 email accounts. The accounts that were hit include those belonging to Prime Minister Theresa May and other cabinet ministers, according to the Times, which based its report on a secret intelligence assessment. The attack, which was initially blamed on Russia, took place on June 23.”
“Polish Prime Minister Beata Szydło has announced a new department of cybersecurity will be set up in her office. She was speaking at the launch of the third “Cybersec” European Cybersecurity Forum in Kraków, southern Poland. The event runs until Tuesday. Szydło said cybersecurity was among the most important challenges for the modern world.”
“Singapore’s draft cyber security laws have a potentially wide reach, and could affect many Australian businesses. Cyber security is one of the major global issues of our time. In September 2017, the Economist’s Intelligence Unit ranked a major cyber-attack as one of the ten most probable and impactful global risks. For a sense of magnitude, risks considered to be lower include a war on the Korean peninsula, multiple countries withdraw from the euro zone and global growth surges.”
“This weekend, Barclays and Cabinet Office-backed security initiative Cyber Security Challenge UK, hosted an immersive competition to test the skills of thirty cyber enthusiasts. The competition required contestants to adopt the role of interns at a fictitious cyber security firm, who had to defend their company from a cyber-attack, triggered by an insider, all while their superiors were on a team-building canoeing adventure.”
“Cyber security chiefs have drawn up a new guide to help small businesses shield themselves from online attacks. Firms are urged to follow the advice to guard against threats that can cost time and money. The tips – compiled by the National Cyber Security Centre (NCSC) – follow research by the Department for Digital, Culture, Media and Sport (DCMS) which found earlier this year that nearly half (45%) of all micro or small businesses identified a cyber security breach or attack in the last year.”
“There are lots of articles on the internet about small businesses not taking cyber security seriously. Just take a look at some recent research on the subject. Even if you have every intention of tackling this in your business, the danger is that it just stays on the to-do list. Too daunting or too scary to delve in to. After all, you’ve been ok so far so what are the chances of a cyber-attack in the future?”
“In the wake of the Equifax breach, many believe a national standard for cybersecurity is needed. But are insurance requirements a better option?”
“As technology advances and businesses become more technology-driven, the rate of cybercrimes is likely to increase exponentially. According to research firm Gartner, in 2017, businesses are likely to spend over $90 billion to secure their systems against potential cyberattacks, which is expected to reach $113 billion by 2020.”
“Through their tenacity at finding holes in enemy systems, the first hackers contributed enormously to U.S. intelligence and to the development of our own cybersecurity apparatus. Their names should be enshrined on government buildings, yet few, in fact, are known. Not coincidentally, a number of them were women.”