Security News
Outside hackers were to blame for most data thefts last year, while in-house drama contributed to only a fifth of total computer security incidents, Verizon reckons. In its 13th Data Breach Investigations Report, which probed some 4,000 intrusions and network breaches in 2019, Verizon found that the online world is still a fairly bad place if you're not tooled up enough to defend yourself and your customers from external miscreants hoping to make bank.
Outside hackers were to blame for most data thefts last year, while in-house drama contributed to only a fifth of total computer security incidents, Verizon reckons. In its 13th Data Breach Investigations Report, which probed some 4,000 intrusions and network breaches in 2019, Verizon found that the online world is still a fairly bad place if you're not tooled up enough to defend yourself and your customers from external miscreants hoping to make bank.
The purpose is to discuss the role of CISO, and what it takes to be a successful CISO. Today we talk to Chandra McMahon and Bill O'Hern from the communications sector. "I don't know that the CISO needs to be on the board," said O'Hern, "But at a very minimum the CISO needs to participate with the board. I think it is important that today, the board of directors understands the cyber risks that face the company and is well-versed in the programs, the posture, and how it gets executed within the business. I believe that in today's environment the CISO role has really evolved to be a true member of the C-suite, someone who sits at the table with the board of directors at least on a routine basis to continually update them on the posture of the organization."
As a result, thousands of events around the world are being canceled, postponed or turned into online-only events in the wake of the coronavirus and the looming threat of COVID-19. Shopify Unite 2020 developers conference was set for May 6-8 in Toronto and now the in-person portion is canceled and it will be an online-only event.
Verizon has slung out a new, privacy-focused search engine in an effort to win over customers who prefer not to have their browsing habits tracked by ad-slingers and the like. Three years ago, it bought Yahoo! and two years before that, AOL, in a ham-fisted effort to woo millennials away from Facebook and Google - which it later rebranded as Oath and then the Verizon Media Group.
Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.
Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.
Companies subject to PCI DSS security requirements are audited once per year, yet many of these companies continue to be breached. It is not that PCI DSS fails, but that companies fail to maintain...
Many companies around the world that accept card payments are failing to continually maintain compliance with the PCI Data Security Standard, according to the new Verizon 2019 Payment Security...
Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation RCS messaging service that is meant to replace SMS and has the...