Your monthly update of ICT continuity news and information

FEATURE ARTICLES

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/itcnewsmar2017.html

Daisy

A weak information security culture means your organization is vulnerable
Organizations normally understand that employees are key to improving information security, but often focus on awareness of policies and procedures. Chantelle van Wyk explains why this approach is ineffective and looks at what else organizations should be doing to strengthen the information security culture.
Read the article
• S.Africa / World

Many organizations are struggling to manage mobile working risks
A new survey has identified mobile working as a major area of risk, with many companies uncertain about how to enforce adequate security policies and having no viable strategies in place. Jon Fielding presents the results of the survey and draws out some lessons.
Read the article
• UK

ClearView

Are business continuity and information security converging?
Is the increasing organizational focus on information security having an effect on the traditional demarcation lines between business continuity and information security management (ISM)? Continuity Central recently conducted an online survey to find out.
Read the article
• World

Information: not always secure and not always available? Some simple solutions
Availability and security are crucial and interconnected when it comes to business continuity management. Charles Boffin looks at the questions that organizations should ask their suppliers about both these areas and provides some useful tips.
Read the article
• UK / World

LogicNow

The Amazon Web Services outage: business continuity implications and actions
On Feb 28th 2017 a four-hour outage impacted one of Amazon Web Services’ (AWS) largest cloud regions, US-EAST-1 in North America. Since many enterprises rely on AWS this outage, many times longer than the expected annual downtime for the S3 cloud storage system where the issue occurred, is highly concerning and requires a rapid review by business continuity managers.
Read the article
• US / World

Managed cloud with an emphasis on the ‘managed’
Using a managed cloud service can help reduce risks in this area; but it is an important strategic decision that organizations need to get right first time. Jake Madders provides a checklist to help those taking this step.
Read the article
• UK / World

Continuity2

Security policies matter for disaster recovery
Replicating the production security infrastructure at a disaster recovery site can be a problem: Professor Avishai Wool looks at how organizations should approach security policy management in their disaster recovery planning.
Read the article
• World

Hunting cyber threats: telltale signs and protocols
The quest to seek out cyber threats can seem an impossible task; but, like any mission, ultimate success begins with methodical planning and taking an intelligence-driven approach. It requires both patience and a determination to search where others may not think to look. By Tim Bandos.
Read the article
• World

Crisis Solutions

Encryption without operational compromise
Traditional encryption has compromised network performance and troubleshooting, however this doesn’t have to be the case. In this article, Paul German explains the role that 'stealth' encryption is playing in delivering data security without operational compromise.
Read the article
• UK / World

The what, how and why of the cyber security threat landscape
David Emm, principal security researcher at Kaspersky Lab, describes the cyber security threats that are emerging and why these trends are occurring.
Read the article
• World

Eight steps to determine if hyperconverged is the right solution for your organization
Hyperconverged technology is a new trend, but it is not suitable for every organization. It is important to assess any proposed implementation carefully to ensure that it doesn’t become a business risk in its own right.
Read the article
• US / World

NEWS ARTICLES

Capital Continuity

Organizations say regular storage capacity shortage is biggest issue when managing backups
An independent survey commissioned by Cohesity has revealed that 73 percent of IT decision-makers in the UK and Germany regard the regular need for additional storage capacity as their greatest challenge when it comes to managing their backups.
Read the article
• UK / Europe

Enterprises are making detection and response the top information security priority
Enterprises are transforming their security spending strategy in 2017, moving away from prevention-only approaches to focus more on detection and response, according to Gartner.
Read the article
• US / World

Researchers find that sound waves could be the next cyber attack vector
Sound waves could be used to hack into critical sensors in a broad array of technologies including smartphones, automobiles, medical devices and the Internet of Things, University of Michigan research shows.
Read the article
• US / World

eBRP

Australian companies are a long way from cyber resilience: report
Cyber security can no longer legitimately be considered the domain of IT alone, according to the new MinterEllison 'Perspectives on Cyber Risk Report 2017'. The report's findings also show that Australian companies are being too slow to take the necessary action to mitigate and manage cyber risk.
Read the article
• Australia

Patch rates decreasing as organizations struggle to keep up
Secunia Research at Flexera Software has published its ‘Vulnerability Review 2017’ report. This presents global data on the prevalence of vulnerabilities and the availability of patches and maps the security vulnerability threat to IT infrastructures.
Read the article
• World

Study looks at zero-day vulnerabilities and what entities do when they discover them
Zero-day software vulnerabilities can lurk undetected for years, leaving software users particularly susceptible to hackers. A new study from the RAND Corporation, based on rare access to a dataset of more than 200 such vulnerabilities, provides insights about what entities should do when they discover them.
Read the article
• US / World

inoni

Organizations need to do more to integrate cyber into risk management
Swiss Re's latest sigma report ‘Cyber: getting to grips with a complex risk’, says businesses need to do much more to integrate cyber security into their risk management initiatives.
Read the article
• World

More than half of UK businesses were impacted by some form of cybercrime in 2016
New research published by Beaming, the business ISP, indicates that 52 percent of British businesses fell victim to some form of cybercrime in 2016. The study, which was conducted by researchers at Opinium, puts the cost of these attacks at £29.1 billion.
Read the article
• UK

CERT looks at how to move from resilience to 'prosilience'
The CERT Division of the Software Engineering Institute (SEI) has set out a vision for organizations to move beyond standard resilience and to become ‘prosilient’.
Read the article
• US / World

Business E-Mail Compromise fraud risk is on the rise, warns the FBI
The FBI is advising companies to be aware of the growing risk of Business E-Mail Compromise (BEC) fraud.
Read the article
• US / World

Nuix Black Report looks at information security from the hackers point of view
The Nuix Black Report presents the results of a confidential survey of 70 professional hackers and penetration testers at DEFCON, the world’s largest hacking and security conference.
Read the article
• US / World

Technology related threats are business continuity managers’ key concerns
The Business Continuity Institute has published its annual Horizon Scan Report, which shows that the top three threats to organizations are all related to technology.
Read the article
• World

Microsoft Office 365 a weak area for UK public sector business continuity
While most UK councils and government departments have stringent backup procedures in place, the majority (96 percent) have no method or procedure to backup their Microsoft Office 365 Deployment, according to a recent Freedom of Information request from UK Backup.
Read the article
• UK

Study quantifies the impact of effective identity and access management on cyber risk
A new Forrester study, commissioned by Centrify, has looked at the state of enterprise security and the impact of identity and access management maturity on breach levels.
Read the article
• US / World

Cyber security skills gap leaves many organizations exposed
According to a new cyber security workforce study by ISACA’s Cybersecurity Nexus (CSX), only 59 percent of surveyed organizations say they receive at least five applications for each cyber security opening, and only 13 percent receive 20 or more.
Read the article
• US / World

Cyber security preparedness examined in Cyber Readiness Report 2017
A study of 3,000 companies in the UK, US and Germany, conducted for specialist insurer Hiscox, reveals that more than half (53 percent) of businesses in the three countries are ill-prepared to deal with cyber attacks.
Read the article
• Various

CERT releases updated version of insider threat guidebook
The CERT Division of the Software Engineering Institute at Carnegie Mellon University has published the fifth edition of its ‘Common Sense Guide to Mitigating Insider Threats’.
Read the article
• US / World

ENISA publishes report on how to protect ICS-SCADA systems
ENISA has released a study on the ‘Communication network dependencies for ICS-SCADA Systems’. The report identifies good practices and recommendations to help the security of ICS-SCADA against cyber threats.
Read the article
• Europe / UK

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

This email was from:
Portal Publishing Ltd, PO Box 1393, Huddersfield, HD1 9TN, UK, Tel: +44 1484300750