Tag Archives: Symantec

Companies showcased for London’s Cyber MarketPlace to innovate safely online

Academia, private industry and local business leaders joined forces on Thursday 1 June for the pre-launch presentation of the London Digital Security Centre’s MarketPlace at Mitre Passage in North Greenwich, followed by an ‘Evening with an Identity Thief’ with entertainer James Freedman.

Jointly hosted by the Federation of Small Businesses (FSB), the launch of the Cyber MarketPlace marks a key milestone in the Centre’s work to help small and medium-sized businesses in London operate in a secure digital environment.

The 19 companies chosen by the Centre for the launch of the MarketPlace at www.LondonDSC.co.uk are CensorNet, Clearswift, Cybereason, Cyber Rescue, IASME, ISMS.online, Newable, Panaseer, PAV, Rapid7, Securonix, Sims Recycling, Sophos, Symantec, Symphonic, Titania, TrapX Security, Yoti and ZoneFox.

LondonDigitalSecurityCentre

The MarketPlace presents solutions chosen by the Centre to help London’s businesses stay secure from digital crime. It provides SMEs with access to business resilience products and services supplied by private sector organisations who work in partnership with the Centre to enhance their ability to operate in a secure digital environment.

Matthew Jaffa, senior development manager for the FSB, stated: “What the London Digital Security Centre is offering to SMEs is totally unique. Its offering not only free membership, but a service backed by the Mayor of London, the City of London Police and the Metropolitan Police Service. Finding the right solution to improve a business’ online security can be a challenging task. What the Centre has done is take the hard work away and made it easier for businesses to enhance their security.”

Jaffa added: “The MarketPlace is a very useful resource for SMEs. Business owners should visit the Centre’s website to identify and obtain market-leading services that will help them to stay secure as they grow online.”

The Centre’s ‘Evening With’, sponsored by one of the Centre’s MarketPlace partners (namely Yoti) is just one of the events aimed at members to inform and educate on the world of cyber crime and to help prevent future cyber attacks.

James Freedman is widely considered to be one of the world’s greatest pickpockets. An entertainer and an expert on the subject of stealth crime, Freedman’s the only person to have picked the pockets of the Mayor of London, the Chancellor of the Exchequer and the Governor of the Bank of England!

John Unsworth, CEO of the London Digital Security Centre, commented: “Given recent events, our work could not be more timely or necessary. We’re starting to make a real difference to the digital security of businesses and helping to demonstrate that not only is London open for digital enterprise, but also that London’s businesses are at the forefront of ensuring they’re operating securely in the digital age.”

Unsworth concluded: “With the support of our founders, the Mayor of London, the City of London Police and the Metropolitan Police Service, we’ve identified digital security services that businesses need and put them together in one place.”

*For further information on the London Digital Security Centre visit www.londondsc.co.uk or contact John Unsworth via e-mail at: john.unsworth@londondsc.co.uk

Leave a comment

Filed under Risk UK News

“Watering hole-style cyber attacks on the rise” warns High-Tech Bridge

On Sunday 12 February, security firm Symantec released an analysis of a new wave of attacks that has been underway since at least October 2016 and came to light when a bank in Poland discovered previously unknown malware running on a number of its computers.

The bank then shared indicators of compromise with other institutions and a number of those other organisations confirmed that they too had been compromised.

These ‘watering hole’ attacks attempted to infect more than 100 organisations in 31 different countries.

Symantec has blocked attempts to infect customers in Poland, Mexico and Uruguay by the same exploit kit that infected the Polish banks. Since October, 14 attacks against computers in Mexico have been blocked, 11 against computers in Uruguay and two against computers in Poland.

wateringholecyberattack

Preliminary investigations suggested that the starting point for the Polish infection could have been located on the web server of Poland’s financial sector regulatory body, namely the Polish Financial Supervision Authority (www.knf.gov.pl).

Commenting on this news, Ilia Kolochenko (CEO of High-Tech Bridge) said: “We should expect that cyber criminals will find more creative and reliable ways to compromise their victims. Trustworthy websites, such as governmental ones, represent great value for cyber criminals, even if they don’t host any sensitive or confidential data.”

Kolochenko continued: “In the past, hackers used one-off or garbage websites to host malware, but as corporate users become more educated and vigilant, attackers need to find more reliable avenues to deliver malware and enter corporate networks. That’s why Gartner, as well as other independent research companies, continuously say that the risk posed to corporate web applications is very high and seriously underestimated. Spear phishing and watering hole attacks against high-profile websites will grow significantly in the near future.”

Leave a comment

Filed under Risk UK News, Uncategorized

(ISC)² report reveals women’s perspectives and skills are ‘transforming’ the information security sector

The survey findings show that, despite a severe shortage of women in the information security workforce, females offer the right mentality needed to grow and diversify the security industry.

The new report, entitled ‘Agents of Change: Women in the Information Security Profession’ was authored by Frost & Sullivan and sponsored by Symantec.

This study reveals that women only represent 11% of the information security workforce, despite double-digit annual increases of personnel in the profession, yet they have the academic background and diverse perspective necessary to accelerate change in the information security industry.

The report highlights a severe shortage of woman in the information security industry, and why organisations globally need to shift attention to this critical problem.

Despite a severe shortage of females in the information security workforce, women offer the right mentality needed to grow and diversify the security industry

Despite a severe shortage of females in the information security workforce, women offer the right mentality needed to grow and diversify the security industry

Aspirations towards careers in information security

“The identified shortage of women in the industry only reiterates the importance of our Foundation’s offerings, like the women’s scholarships we award annually to female students aspiring to obtain information security careers, and the Safe and Secure Online programme, which brings (ISC)²-certified cyber security experts into classrooms to teach children how to become responsible digital citizens while introducing them to a career in cyber security,” said Julie Peeler, director of the (ISC)² Foundation.

“(ISC)²’s Chapters are also offering women in security mentoring and awareness programmes within their local communities to recruit more women into the field, but we need a broader and deeper level of education and engagement for women at a younger age before we can realise the level of impact required to solve the workforce shortage.”

Survey respondents were divided into two job title categories: Leaders and Doers. The Leaders (3,466 respondents) category included job titles such as executives, managers and strategic advisors. Doers (2,348 respondents) included respondents with job titles such as security analysts and compliance auditors.

In the Leaders category, more women (34%) were in consultant and advisor job titles than men (26%), and more than twice as many men as women were network security or software architects.

In the Doers category, 38% of women cited security analyst as their job title versus 27% of men. However, a higher proportion of men held security engineer and network administrator job titles.

The 2013 Global Information Security Workforce Study identified ‘security analyst’ as the number one most needed position in the information security industry, leading the way for a strong female presence in the future.

Job tenure, salary and academic background

The report also looks at average job tenure, median and average annual salary and academic backgrounds. In these categories, the report showed only marginal differences between women and men who work in information security fields:

• Women Leaders have spent an average of 13.5 years in the field compared to men at 13.6 years.
• Women and men Leaders both command an annual average median salary of US$105,000 per year.
• 91% of women Leaders hold a Bachelors, Masters or a doctoral degree versus 89% of men Leaders.

The findings revealed that women in information security, as a group, have a more diverse academic background than men, and a collective background with slightly greater emphasis on social sciences and business degrees versus engineering and computer sciences.

“The report data indicates that the perspectives of women offer viewpoints needed to elevate the security industry to the next level,” added Michael Suby, author of the report and vice president of research at Frost & Sullivan.

Key skills sets under examination

While technical skills are integral to developing a strong security posture within organisations, it’s important to supplement the proper skills and perspectives necessary to make impactful businesses decisions.

The report’s findings also demonstrate that the surveyed women believe a successful information security professional should maintain a variety of skills versus surveyed men, who believe technical skills should be the priority.

Women reported the following as the key attributes of a successful information security professional:

• Communication skills
• Broad understanding of the security field
• Awareness and understanding of the latest security threats
• Security policy formulation and application
• Leadership skills
• Business management skills

“Although efforts to fill the information security industry with skilled professionals have increased, the growing number of sophisticated attacks in our cyber landscape are posing an increased threat to organisations in both the public and private sectors,” added Suby.

“Combating these threats requires a community approach to training and hiring qualified security professionals from a variety of backgrounds. As our research reveals, women leaders are the strongest proponents of security and risk management education and training in the industry. This type of mentality is crucial to building standards in the industry and echoes the report’s findings that women are indeed ‘agents of change’ in the future of information security.”

Julie Talbot-Hubbard, chief security officer at Symantec, added: “Symantec believes it’s critical that we bring more qualified women into the cyber security profession. Through our support of this study, and our broader commitment to women in STEM professions, we hope to increase the representation of women in technology. In working with partners such as (ISC)², we are able to bring a greater awareness to this important issue.”

The full study can be found here: https://www.isc2cares.org/

Leave a comment

Filed under IFSECGlobal.com News