Tag Archives: cyber security

70% of financial companies suffer cyber security incident in last 12 months

New research conducted by data security company Clearswift reveals that 70% of financial companies have experienced a cyber security incident in the past year, highlighting the serious threat that both data breaches and malicious attacks pose to the UK’s financial sector.

The research, which surveyed senior business decision-makers within enterprise financial organisations in the UK, found that almost half of the incidents reported over the past 12 months originated from employees failing to follow security protocol or data protection policies. This threat was biggest in mid-sized financial companies (with 3,000-4,999 employees) with 52% of respondents citing employee failure to follow corporate data protection policies as their biggest issue.

In addition to this, it was found that further causes of cyber security incidents within the financial sector included the introduction of malware and viruses via third party devices, including USBs and Bring Your Own Device (32%), file and image downloads (25%) and employees sharing data with unintended recipients (24%).

UKFinanceCyber

“The financial sector is the lynchpin of the UK’s economy and a vital part of our nation’s Critical National Infrastructure, so it’s alarming to see such high numbers of security incidents within financial organisations,” said Dr Guy Bunker, CTO at Clearswift. “Unfortunately, in this day and age it’s a case of ‘when’ not ‘if’ a firm is breached so the financial sector needs to shift gears and speed up the innovation and deployment of effective data protection and threat mitigation strategies.”

The numbers associated with security incidents are in stark contrast with further findings from the survey which revealed less than a quarter (23%) of respondents had an adequate level of budget allocated to cyber security within the firm. Unsurprisingly, 73% of respondents would like to see some – if not a significant – increase in their organisation’s cyber security spending.

Bunker added: “Whether it’s an inadvertent mistake, a malicious insider or an external threat actor that causes a security incident, the ramifications of data loss are extremely serious for any organisation. For those organisations who hold citizen data and their financial information, there’s a need for extra vigilance to protect that data no matter where it’s stored, how it’s processed or what digital collaboration channels it flows through. Understanding the latest threats and the potential consequences from next generation attacks will help drive the business case for investment in new technology to mitigate the risks.”

He continued: “Cyber security needs to rapidly evolve and the budgeting process should take this into account. The threat which can bring down a company may not have existed three months ago. Financial organisations need to be able to respond immediately in order to protect their reputation. While many areas of securing a company’s data can be improved by educating employees and developing clear policies and processes, technology plays a key role in mitigating today’s biggest threats through automating and enforcing security protocols. This requires investment. Great information security is a positive business differentiator and a driver of growth.”

Advertisements

Leave a comment

Filed under Risk Xtra

Orange completes 515 million Euros acquisition of SecureLink to reinforce cyber security operations in Europe

Orange has completed the acquisition of 100% of SecureLink, the leading independent cyber security player in Europe. Since signing a binding agreement with the investment fund Investcorp back in May, Orange has obtained approval from the relevant authorities enabling the business to complete the transaction for an enterprise value of 515 million Euros.

With more than 660 employees, SecureLink reported revenues of 248 million Euros in 2018. The company serves more than 2,100 customers from a wide range of industries. SecureLink offers its customers specialist services in cyber security consulting, security maintenance and around-the-clock support from its Cyber Security Operations Centres (CyberSOCs), as well as advanced incident detection and response capabilities.

Thanks to SecureLink’s strong presence in Europe, Orange is significantly strengthening its ability to support customers across their regional footprints, while also developing a unique scale in the industry.

OrangeSecureLinkDealFINAL

SecureLink’s teams based in Sweden, Belgium, the Netherlands, the UK, Germany, Denmark and Norway, along with its four CyberSOCs, represent a key asset for Orange Cyberdefense in its ambition to become the European leader in this market, where ensuring a local presence is now essential for customers.

In the face of increasingly sophisticated and global threats, cyber security has become a critical issue for businesses and institutions. It’s a growing market that requires both a critical size to respond to the complexity of attacks and close proximity to customers.

Orange reported more than 600 million Euros in pro forma sales in 2018 and boasts over 2,100 cyber security experts within its ranks.

Leave a comment

Filed under Risk Xtra

IDIS determined to focus on video cyber security at IFSEC International 2019

Network security and the threat of ‘cyber loopholes’ should be a top priority for video surveillance users, IDIS will tell visitors at IFSEC International. Launching a cyber security advisory video ahead of the show, the IDIS team at ExCeL in London from 18-20 June will also be on hand to demonstrate and explain how IDIS technology goes a step further to strengthen the resilience of traditional surveillance network processes.

IDIS will be highlighting the dangers of cyber attacks and the common vulnerabilities found in many surveillance set-ups – as well as showcasing a full range counter-measures – on Stand IF1110.

Users should plan for three specific risks, states the company: data access loopholes, data transmission weaknesses and the integrity of recorded footage.

“IDIS has consistently led the way in addressing cyber security concerns, taking a multi-pronged approach from R&D through to customer installation,” said James Min, managing director of IDIS Europe. “We’ve developed a rich, layered and comprehensive set of technologies and features to ensure maximum protection for end users.”

IDIS IFSEC Stand 2019 (1)

Visitors will see how IDIS DirectIP – the cornerstone of the IDIS Total Solution – closes-up widespread vulnerabilities and serves as a proprietary mutual authentication system for all IDIS IP products. IDIS DirectIP speeds up implementations and streamlines cyber security by eliminating the need for engineers to manage multiple IP addresses and associated passwords during implementation. It therefore mitigates human error and the common malpractice of saving passwords in vulnerable spreadsheets.

Using peer-to-peer technology, IDIS’ ‘For Every Network’ technology also lets engineers deploy and configure secure, multi-site surveillance solutions that use centralised monitoring and control without in-depth knowledge of routing or networking.

IDIS will also highlight the cyber security essentials for transmission and recording together with its own patented and proprietary technologies which prevent activities such as snooping, modification and the destruction of data.

James_Min_IDIS_Europe_MD

James Min

In addition, visitors to Stand IF1110 will learn how IDIS ensures the integrity of video recording, with its advanced ‘Chained Fingerprint’ technology authenticating footage such that it can be submitted to the police and the courts as evidence.

“Combined with these technologies, our industry-leading training programmes are helping installers and integration partners to work knowledgeably with devices and networks to ensure maximum cyber security for our end users,” concluded Min.

Leave a comment

Filed under Risk Xtra

Cyber security firm Foregenix scoops Queen’s Award for Enterprise

A cyber security firm has picked up the Queen’s Award for Enterprise. Foregenix, which celebrates its 10th Anniversary this month, received the award for its work in international trade and is believed to be the first cyber security consultancy with a determined focus on protecting the payment and finance industries to pick up the accolade.

Headquartered in the UK, Foregenix has generated around 60% of its revenue from international sales over the past four years, helped by new offices in Boston servicing North America, Frankfurt, Europe, Sydney, Australasia and São Paulo, Brazil and a new base in Singapore in 2019.

Foregenix offers a range of services including managed detection and response, digital forensics, compliance and risk. It’s one of the leading certification companies for payment systems on PCI point-to-point encryption and an authority on ATM ‘cash-out’ attacks.

The Queen’s Award for Enterprise follows on from recognition by The Sunday Times as one of the Top 100 SME exporters in 2017 and 2018.

ForegenixPaulHumpageAndrewHenwoodBenjaminHosack

Left to Right: Paul Humpage, Andrew Henwood and Benjamin Hosack of Foregenix

The Queen’s Awards have recognised the achievements of British businesses since 1965. Around 200 businesses receive the accolade each year.

Co-founder and CTO Andrew Bontoft commented: “It’s testimony to the brilliant work and dedication of our global team that we’ve received this prestigious award. We’re very proud of what the team has achieved and grateful for the recognition this award signifies. We would also like to thank our clients and suppliers for helping us to achieve this honour.”

CEO Andrew Henwood added: “Foregenix aims to protect businesses and organisations from criminals who attempt to endanger people’s livelihoods and futures for their own enrichment. It’s a cause that resonates with our customers. We offer them practical advice and solutions for baked-in security and real risk reduction.”

Leave a comment

Filed under Risk Xtra

NTT Security Corporation signs definitive agreement to acquire WhiteHat Security

NTT Security Corporation has signed a definitive agreement to acquire the privately-owned concern WhiteHat Security, the application security provider committed to securing applications that run enterprises’ businesses. Post-acquisition, WhiteHat Security will operate as an independent and wholly-owned subsidiary of the NTT Security Corporation.

As a result of this acquisition, NTT Security will “provide the world’s most comprehensive end-to-end cyber security solutions”. Together, andworking hand-in-hand, the two organisations will address enterprise security needs that range from IT infrastructure through to critical business applications covering the full lifecycle of digital transformation.

This acquisition expands NTT Security’s portfolio, allowing its customers and partners to benefit from WhiteHat Security’s cloud-based Application Security Platform. For their part, WhiteHat Security’s customers and partners will have access to NTT Security’s consulting and advisory services, along with its next generation platform-based Managed Security Services.

WhiteHatSecurityLogo

“NTT Security’s overarching goal is to provide comprehensive, game-changing cyber security solutions that address the broader needs of digital transformation,” explained Katsumi Nakata, CEO at NTT Security. “WhiteHat Security is recognised globally as a leader and pioneer in the field of application security cloud services and DevSecOps spaces. By bringing WhiteHat Security into our portfolio, we are now well positioned to deliver on our vision of securing a smart and connected society by providing comprehensive security solutions for enterprises undergoing digital transformation.”

Craig Hinkley, CEO of WhiteHat Security, responded: “WhiteHat Security has been at the centre of application security, providing wide-reaching solutions to its customers and partners, and we will continue to invest in our people and technologies to maintain that leadership. The synergy between our two security-focused companies will enable our partners, customers and prospects alike to benefit from our combined cyber security solutions.”

NTT Security and WhiteHat Security will continue to invest in emerging technologies to secure their customers’ businesses. The acquisition enhances NTT Security’s ability to deliver high-performing and effective application security at a global scale.

Leave a comment

Filed under Risk Xtra

Genetec awarded Platinum Premier status in Mercury Security’s partner programme

Unified security, public safety, operations and business intelligence solutions provider Genetec has announced that Mercury Security (part of HID Global, the global leader in OEM access control technology) has awarded the company the highest status level – ie Platinum Premier – within its successful partner programme.

The Platinum Premier status recognises Mercury Security’s select business partners who demonstrate continued market growth, strong integration with Mercury’s own solutions and a shared interest in the open architecture approach towards access control.

“As a Mercury Security partner and reseller since 2014, we take pride in having achieved Platinum Premier status in just a few short years,” said Georges Tannous, director of strategic alliances at Genetec. “Mercury Security is a key partner in the development of our access control strategy as we’re aligned in our efforts to provide innovative and cyber-secure access control solutions based on an open architecture.”

GenetecLogo

Matt Barnette, vice-president at Mercury Security, responded: “Genetec has demonstrated significant growth with the Mercury Security brand of products over the last several years. This growth, coupled with the business’ continued investment in the open platform philosophy, has driven its well-earned recognition as a Platinum Premier partner. We look forward to working together with the Genetec team to deliver open, scaleable and secure solutions for our collective end users.”

According to the 2017-2018 Access Control Intelligence Database put together by market researcher IHS, Genetec has rapidly risen to become one of the leading developers of access control software with a Top Five ranking in the Americas and a strong global market share growth.

Genetec’s flagship product, Security Center, is an open architecture platform that unifies IP-based video surveillance, access control, ANPR, communications and analytics. Genetec also develops cloud-based solutions and services designed to improve security and contribute towards new levels of operational intelligence for Governments, enterprises and vertical markets including the transport sector.

Founded in 1997 and headquartered in Montreal, Genetec serves its global customer base via an extensive network of resellers, integrators, certified channel partners and consultants in upwards of 80 countries.

Leave a comment

Filed under Risk Xtra

Vanderbilt’s SPC solution accredited to CNPP’s NF A2P Cyber-RTC cyber security standard

Vanderbilt, the state-of-the-art security systems developer, has announced that its award-winning SPC system has been accredited to the NF A2P Cyber-RTC cyber security standard from the CNPP.

The SPC intrusion system was tested by CNPP to ensure that it meets the latest needs for cyber security. This is part of Vanderbilt’s continuous endeavour and commitment to work with approval bodies to ensure both Best-in-Class security and afford end users the confidence that their chosen security system is secure.

“By certifying our SPC intrusion ranges on the latest CNPP NFA2P at Cyber Type 2 and 3 repositories, Vanderbilt provides all of its customers with high-level security for all remote monitoring transmissions, as well as for cloud applications such as our service SPC Connect to combine user-friendliness, availability and security,” stated Hervé Houy, Vanderbilt’s Country Manager for France.

VanderbiltSPC

An IP-ready intrusion alarm system, SPC has been designed with communications and security at its core. Using the FlexC protocol to communicate with AES256-CBC encryption, the communications between SPC and other system are secure and protected. This communication also allows for flexibility using the SPC user models.

The rights and permissions of users protect the user and the system from malicious attacks. Customers can use the system with confidence whether they are on-site or using the SPC Connect to enable cloud services. Their data is secure, while communications are always protected.

Vanderbilt has been working with CNPP for many years to ensure the quality of intrusion products for the French market. This innovative step by the approval body to have a defined standard for cyber is a clear indication of the path of security systems.

“The market is saturated with cyber security standards, but the NF cyber security standard from CNPP is the first specifically developed for intrusion alarm systems,” concluded Nick Pegtol, Vanderbilt’s Country Manager for Benelux, Greece and Cyprus. “It’s a great way to benchmark and improve our SPC intrusion systems,”

*To obtain Vanderbilt’s latest product certifications visit https://vanderbiltindustries.com/compliance-documents. For more information on SPC visit https://vanderbiltindustries.com/spc

Leave a comment

Filed under Risk Xtra, Uncategorized