20 Jul 2017

Cyber Crime 2nd Most Reported Economic Crime, Most Companies Unprepared

(Threatcare) Cybersecurity is one of the fastest growing fields out there, and for good reason: cyber crime is on the rise, and just about anyone or any company can quickly become a target. The WannaCry outbreak took down over 300,000 computers across the world – and that’s only the beginning. PWC recently collected and analyzed data from 2016, and found that cyber crime had increased so dramatically, it was the second-most reported type of economic crime.

The survey from PWC also revealed that an overwhelming majority of companies did not seem to have a security team capable of dealing with this ever-expanding threat. Just 40 percent of survey respondents said that they had employees “fully trained” on how to be a “first-responder” to a cyber threat, and only 37 percent had a fully operational response plan.

In other words, 60 percent of companies do not have a single employee that’s well-versed in responding to cyber attacks, and 63 percent didn’t even have a workable response plan to such threats.

Has the rise in cyber crimes really been so fast and so dramatic that companies simply haven’t been able to respond in time? Probably not. More likely, it seems that the value and importance of reliable cyber security is simply underestimated. Many cyber crimes,often go unnoticed – which can tend to people to believe that they don’t have any reason to be concerned. But, as sources say, the average cost of a security breach averages out to around $7 million.

Marcus J. Carey, the founder of Threatcare, states that the rising rates of cyber crime should never really come as a shock. “Constant rise in cyber crimes shouldn’t be a surprise to anyone; essentially everything has either already moved, or is in the process of being moved, to the cyber realm,” he explains. Carey notes that virtually any and every device is going to need a layer of protection, especially as we move towards an increasingly technological world. “Cybersecurity is going to have to get to a pEx-Pentagon aide: US Cybersecurity in need of “rapid repair” lace where it’s built into all devices. There will be proliferation of the IOT (internet of things),” Carey explains.

The sad truth is that while cyber defense is a rapidly evolving field, so is cyber crime. Keeping up the pace is a difficult task, which is why cybersecurity is growing so quickly. People need professionals who know what they are doing in order to protect themselves and their businesses.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
20 Jul 2017

 Ex-Pentagon aide: US Cybersecurity in need of “rapid repair”

(Threatcare) At a recent subcommittee hearing, two witnesses testified to the fact that US cybersecurity is “in a severe state of disrepair,” and that this gaping oversight has left the nation compromised and susceptible to cyber attacks from enemy hackers.

In fact, the witnesses told the Senate Foreign Relations Subcommittee on East Asia, the Pacific, and International Cybersecurity Policy that the threat of an attack on the US was virtually imminent, unless serious steps are taken to beef up cyber defense efforts. Some countries that may pursue the US’s vulnerabilities include North Korea, Russia and China.

Eric Rosenbach, who was chief of staff to former Defense Secretary Ashton B. Carter said that he believes an attack from North Korea is looming in the near future, adding that it’s “likely to happen within the next year, if current trends continue.”

Samantha Ravich, who advised the George W. Bush White House on national security, described China’s cyber warfare as very aggressive and “just as terribly destructive as a bloody war, but in which no blood is actually shed.”

Currently, the government’s cybersecurity system is over six-years-old, rendering it essentially useless, and lawmakers are begging for a more up-to-date version.

Founder of Threatcare Marcus J. Carey, says that the state of US cybersecurity may be pitiful, but that the internet itself was never “secure” to begin with.

“I could be sarcastic and say the defense was never there to begin with. The internet itself wasn’t designed with security in mind. Security as we know it is just a ‘bolt’ onto the internet as we know it,” he explains.

“Cybersecurity itself is a generally new field that has only been around for twenty years,” Carey added. Even so, if the cybersecurity for the United States government is so severely lacking, what about the rest of us? Security deficiencies are not just a government problem. As Massachusetts Sen. Edward J. Markey pointed out, many private companies could also be at risk of being attacked by foreign governments. A key example of this would be power and utility companies. Russia’s attack on Ukranian power grids in 2015 was cited as an example of what could happen if American utility companies don’t tighten their “bolts” as well. There are many paths cyber attackers could try to take, and not all of them require hacking the government. Every industry should be prepared.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
20 Jul 2017

Singapore Hunting, Identifying Talented Students For Government Cyber Defense Systems

(Threatcare) Singapore’s Ministry of Defense (Mindef) is on the hunt for young people to serve their national service requirements in the realm of cyber defense systems. To accomplish this, Mindef will be working with the nation’s educational institutions to identify students with technological chops to make the cut.

Second Minister for Defence Ong Ye Kun explains that students who are chosen to try out for Mindef’s brand-new Defence Cyber Organization will be selected from school-wide cybersecurity competitions and camps. Only the best will be offered the opportunity to serve in the new cyber defense program.

Mr. Ong also noted that past winners of these competitions currently working in the industry may also be considered to serve on the Defense Cyber Organization in some capacity.

As the fifth Cyber Defenders Discovery Camp at the Singapore University of Technology and Design drew to a close, Mr. Ong said that he would like for Mindef’s newest cyber defense program to mirror that of their “elite combat forces,” noting that they should be selective and that the demands of the team will intense.

Winners from the five-day camp were given awards from Mr. Ong, as well. The camp is designed for pre-college students to help spark interest in the field of cyber defense.

Defence Science and Technology Agency director for cybersecurity Tan Ah Tuan commented that what they hope they cyber security camps will “create awareness and nurture interest in cybersecurity among bright young minds with us today.”

You really have to admire Singapore’s novel approach to addressing the need for more cybersecurity professionals. Clearly, other nations need to step up their game. “The United States needs to find a better way to identify cybersecurity talent. In the military, the ASVAB test is used to identify people who are likely to be successful in certain career fields,” Marcus J. Carey, the founder of Threatcare commented.

“Creating a way to properly identify Americans for cyber defense systems could level the playing field for people that are generally excluded from high tech jobs as well,” Carey added.

Will the US adopt a similar technique to engage today’s youth and get them interested in cybersecurity? Given the increasing need for such professionals, it might not be a bad idea.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
19 Jul 2017

Upcoming Shortage Of Cybersecurity Professionals Coming …Numbering In The Millions

(Threatcare) The world of cybersecurity and the increasing demand for qualified cybersecurity professionals is growing at an even more rapid pace than previously predicted. New estimates from the (ISC)2 survey released have shown that the industry will have 1.8 million unfilled positions within the next five years. That’s a staggering 20 percent increase in empty job slots since 2015; something most people would say is a rather remarkable feat.

(ISC)2’s Global Information Security Workforce Study surveyed 19,000 cybersecurity professionals from around the world, and what they found was that an astonishing 66 percent said that they felt they did not have enough employees to keep up with the rising number of threats being thrown at them.

In 2015, just 62 percent of cybersecurity professionals had the same response – which just goes to show that the need for cyber defense is increasing at an an incredible rate.

While there are many areas in which cybersecurity professionals are beginning to feel short-staffed, the issue of finding qualified security professionals tops the list. Forty-nine percent of survey respondents said finding competent workers was their greatest concern, but in North America, the percentage of professionals with that concern was even higher, at over 50 percent.

But, there could be a simple solution to this growing problem.

As Marcus J. Carey, the founder of Threatcare, explains, the need for specialized security professionals could be reduced by increasing cybersecurity awareness across the board. “I believe cybersecurity should be part of the job for everyone in information technologies, instead of treating it as a separate discipline. Since cybersecurity falls into its own branch, it’s causing people to write bad code and build insecure networks that can be hacked,” he said.

“By leveraging the means of IT professionals that already exist in the workforce, we can drastically reduce the number of required dedicated cybersecurity professionals,” Carey added.

In other words, if more people in technology were to participate in cybersecurity measures, the need for specialized cybersecurity professionals can be mitigated. As Carey already pointed out, simply having people that know enough about cybersecurity to build stronger networks and better code would be a huge step forward.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
17 Jul 2017

Even After Large Breaches, Many Companies Are Failing To Take Cybersecurity Seriously

(ThreatcarePanelists at the MIT Sloan CIO Symposium agree: One of the top issues that plagues the cyber security industry is helping business leaders understand the value of protection — especially after recent large breaches. This can be enormously difficult, because many people tend to view cyber attacks as something that “doesn’t happen.” While it may seem that your data isn’t valuable or that your business’s network not yet been compromised, the truth is that it happens far more often than many realize. In fact, statistics show that approximately 70 percent of all cyber attacks go completely unnoticed. There are actually upwards of 90 million hacking events each year – or roughly, 400 new cyber dangers developing every minute.

Often with large breaches there’s a pretty good chance you’ve been hacked and you didn’t even notice.

Because cyber attacks are often silent, and the threats they pose are hard to quantify, it can be hard for business leaders to understand the full scope of cyber security.

Sometimes, a little bit of math can go along way to show the true weight of a cyber attack. For example, vice president and CISO of Fannie Mae, Christopher Porter, notes that if the credit data for just one million customers, the costs to the company for credit monitoring alone can easily be in excess of $20 million.

But putting a cash value to your business’s information isn’t always so easy. As Marcus J. Carey, the founder of Threatcare notes, “There are still many companies who think that an attack could never happen to them, that they have nothing of enough value to be targeted.” But the truth is, there is always a use for something. And as Carey notes, the fact that bigger companies are struggling with cyber defense should actually be a red flag for others to take heed now, before it’s too late.

“The fact is that many big name brands with cybersecurity budgets and well-trained staff of defenders are getting compromised. This should be an indicator to everyone that it isn’t easy to be protected; if companies with large security measures in place can get breached, you can easily as well,” Carey explains.

While the concept of cybersecurity can be hard to grasp, the bottom line is anyone and everyone could be at risk of being hacked. But, taking the necessary precautions can help to manage and reduce these risks.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
29 Jun 2017

Not properly protected: Hacker forces hospital to turn away ambulances, cancel surgeries

(Threatcare) If one thing is for sure, the WannaCry ransomware revealed that many industries are not nearly as protected as they think they are. The WannaCry attack on the NHS has certainly left little doubt about that; the ransomware even caused a hospital to turn away ambulances and cancel surgeries. Now, after the recent Petya ransomware attack, it’s hard to believe that anyone could be safe.

Hospitals may be especially at risk, due to how high the stakes are. Security experts say that the healthcare industry, among others, really need to step up their cyber defense efforts if they want to maintain the trust of their clients and keep their confidential information where it belongs. The threat of cyber attacks will not be going away any time soon – and in fact, the danger only grows stronger as time trudges on. As an organization’s security methods grow outdated, hackers grow more sophisticated and capable. You can see where problems with security and data breaches can easily become overwhelming.

Josh Corman, a cybersecurity industry veteran now working on related issues at the Atlantic Council and a member of a healthcare security task force established by the U.S. Congress, estimates that 85 percent of US healthcare institutions do not have staff members that are competent in basic cybersecurity duties like separating networks, patching software or even monitoring for threat advisories.

Again, the case of the NHS being invaded by WannaCry and Petya rings a bell. And according to Threatcare founder and renowned cybersecurity expert, Marcus J. Carey, the severity of the NHS breach could have been easily avoided. “This is certainly a case where I believe networks should be air gapped and separated from the internet,” he commented. “It makes no sense that someone can receive a fake Nigerian Prince’s email, and it takes out a whole hospital. At minimum, these networks should be highly segmented,” Carey added.

Clearly, if hospitals and other industries took the time to learn their vulnerabilities and invest in cyber defense, the intensity of a cyber attack can at the very least be mitigated, if not avoided all together. As the saying goes, “An ounce of prevention is worth a pound of cure.”

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
29 Jun 2017

Merrill Lynch: Cybersecurity is one of the top global risks

(Threatcare) A recent report by the analysts over at Bank of America Merrill Lynch has revealed that cybersecurity is one of the top global risks today – and that it should also be one of the top focus areas for investors. The analysts say that cybersecurity is part of the five categories that they describe as “A Transforming World.” While many people are still just beginning to learn about cybersecurity, the fact is that it’s already become one of the most important industries around. Virtually any industry could be at risk of a cyber attack, and the longer companies wait to acknowledge the growing threat of hackers and cyber attacks, the more at-risk they’ll be.

According to the report, there are 90 million cyber attacks every year, if not more, and approximately 400 new threats pop up every single minute. A staggering 70 percent of attacks are carried out undetected, which means that many times, companies may not even be aware that they are at risk and their systems have been compromised.

Cybersecurity concerns strike every industry; whether you’re in finance, healthcare and insurance, manufacturing or retail, cyber defense should be one of your top priorities according to the analysts from Merrill Lynch.

Sources say that cyber crime takes about 20 percent of all internet commodities’ worth. This means that by 2020, a staggering $3 trillion in value could be at risk.

“If you think about how fast WannaCry malware spread — and how it affected hospitals — it would be hard to argue how it’s not a global threat,” Marcus J. Carey, the founder of Threatcare explains. The vulnerabilities of weak cyber defense don’t end with just hospitals, however. Many industries and even the government is at risk of being attacked by malicious hackers.

“In European and Asian countries software piracy is out of control, which leads to machines that can’t be updated. Some of these machines are used in government and healthcare, which is frightening,” Carey notes.

Clearly, it’s easy to see why Merrill Lynch analysts have identified cybersecurity as one of the top places to invest, in addition to being one of the top concerns corporations should have.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Share this
10 Jun 2017

Why are executives underinvesting in cybersecurity, even when they are the most vulnerable?

(Threatcare) Cybersecurity is an industry unlike any other; hackers are quickly evolving creatures, and many times you may not even know a hacker or their malicious software is in your company’s network — until its too late. Often, people think of cyber security as a “fortification process” of firewalls and turrets, or they may fall into the trap of believing that because no attack (that they are aware of) has happened yet, there’s no need for further investment. There is a very real problem with executives underinvesting in cybersecurity, even if it’s required for cybersecurity compliance requirement purposes.

The return on investments (ROI) is notoriously difficult to measure, and that can complicate the choice to invest in cyber defense. Regardless of whether you’re talking about training staff or an authentication manager, the challenge of quantifying what financial benefits a company will reap from these endeavors remains. In industries like health care, the financial cost of a data breach at least comes with a set penalty. However, this is actually only a small part of the ROI, even for that industry; there are many other facets of cybersecurity and the threats the industry fights against to take into account.

Cybersecurity is a rapidly changing world. Not only is it hard for organizations to keep up with increasingly sophisticated threats, it is hard for the industry itself to estimate what the potential success rate of an attack may be – or what the cost of a successful attack may be.

Especially as a new and growing industry that many people know little about, the true ROI of cybersecurity can be elusive to even the most competent executives. Executives underinvesting in cybersecurity can be worse than they could have ever imagined after a significant attack.

Marcus J. Carey, the founder of Threatcare and renowned cyber defense expert says, “Many executives fail to understand the actual impact of a breach. They don’t have a good way to understand the losses that can occur when they’re hacked. Quantifying digital loss to financials is quite a hard thing, and even the best struggle with it.”

“Ideally, executives would be able to factor in the cost of a security control, versus the loss they will incur — when they are breached, he added.”

Personal judgement is what many people rely on when making decisions regarding cybersecurity. New insights have shown that the thought processes many individuals rely on for making choices when it comes to security may not hold water in this budding industry. One of the key themes is that many individuals view cyber security as a finite process, like putting a lock on a door. But that’s not really the case; as mentioned before, cyber defense and the threats it protects against are both constantly evolving. As soon as you close one door, hackers are coding their way through another. Hopefully the future will bring an end to the trend in executives underinvesting in proper security.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 

 

Give Threatcare a test drive today.

Share this
10 Jun 2017

Luck isn’t a good strategy to fight ransomware, even though it stopped WannaCry

(Threatcare) Should the world really be leaving internet security to chance and a stroke of luck? While a 22-year-old security blogger was able to take down WannaCry, the latest ransomware to strike hundreds of organizations across the globe, it’s important to recognize this is certainly not the end of malware or related security concerns.

As Marcus J. Carey, the founder of Threatcare, a leader in next-gen vulnerability assessment, says, “Organizations should be thanking their lucky stars for Marcus Hutchins. This is a testament to how important independent security research is.”

The UK blogger who figured out how to stop WannaCry goes by the alias “Malware Tech.” Malware Tech says he found the “kill switch” in the ransomeware’s code, but also notes that his finding was, to a degree, “partly accidental.”

In other words, there is a chance he may not have put an end to this malicious software at all. While his discovery cannot undo the damage caused by the ransomeware, at the very least Malware Tech was able to put a stop to this particular strain’s rapid spread. However, security researchers warn that there will be others. As security researcher Troy Hunt notes, “This variant shouldn’t be spreading any further, however there’ll almost certainly be copycats.”

Malware Tech says that it won’t be difficult to just alter the code and start the process over again. He cautions that the next version “won’t be stoppable.”

One of the organizations effected by WannaCry was the United Kingdom’s own National Health Service (NHS). While you would think that such a massive organization would be protected, it’s become clear that there are gaping holes in security across virtually every industry. This is made worse by the fact that as of yet, there is little to no recourse for computers and other devices affected by WannaCry.

As Carey explains further, “It should be easier to patch devices in hospitals; right now many devices, equipment can’t be patched in a quick manner. This needs to change.”

The world of security is a rapidly changing place, and it’s increasingly difficult for industries that aren’t “in the know” to keep up – meaning many people are unwittingly leaving their security to chance, rather than ensuring the safety of their confidential information.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 
Share this
10 Jun 2017

Hollywood under hacker control: What can they do to protect themselves?

(Threatcare) After leaking a stream of unreleased TV programs, the hacker group known as “The Dark Overlord” has an ominous message for show business: “Hollywood is under attack.”

Reports indicate that the hacking collective wrote a message to The Hollywood Reporter to take credit for their misdeeds, and to make it known that they are in this for the money. “We’re not in the business to scare anyone. We’re in the business of earning vast amounts of Internet money,” the hackers purportedly said.

The same group leaked 10 full episodes from the fifth season of Netflix’s popular series about a women’s prison, Orange Is The New Black. But their latest claim to fame is their early releasing of eight episodes of the new reality TV series Funderdome, which was set to debut on ABC in early June.

The Dark Overlord collective claims that they have plenty of other unreleased TV show episodes and moves, from the likes of IFC, National Geographic and others.

While some companies like Netflix have refused to meet the hacking collective’s demands and pay up the ransom, its suspected that many media companies have paid handsomely to keep their unreleased recordings under wraps.

“Bit for bit Hollywood data is the most expensive on the planet,” Marcus J. Carey, the founder of Threatcare notes. “Hollywood is affected by the core tenants of cybersecurity which is confidentiality, availability and integrity,” he added.

Carey explains that Hollywood is especially vulnerable to hackers, due to how valuable their content is and how easy it can be for a good hacker to obtain it. “Hackers can affect the confidentiality by hacking movies, the availability and integrity by encrypting it. Studios should have an air gap. Their productions should not be available through the internet,” Carey says.

The Dark Overlord is just the beginning; while they are perhaps one of the most well-known and ruthless hacking groups out there, it is almost certain there will be others just like them. Hacking is growing industry too, and it’s up to cyber security professionals to be one step ahead to keep threats at bay.

Threatcare is the leader in proactive cyber defense. Threatcare’s platform allows organizations to discover and mitigate risk — because everyone has a right to know if their network is secure. 
Share this

© 2017 Threatcare. All rights reserved.

Click Me