Your monthly update of ICT continuity news and information

FEATURE ARTICLES

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/itcnewsoct2017.html

Daisy

The importance of ‘Report Responsibly’ for information security
Many security breaches are enabled by a lack of prioritization given to patching and updating. In this article Adesh Rampat explains why adopting a ‘Report Responsibly’ system will enable organizations to take better strategic and tactical decisions when it comes to vulnerability management.
Read the article
• World

Mission command: how to empower employees to act fast in a crisis
The ability of an organization to respond almost instantaneously to a crisis or potential crisis affects whether the event is manageable or escalates into something more serious. In this article Rob McAllister investigates how a philosophy of mission command can help organizations create a crisis management system that is fit for the digital era, where swift decision-making by effectively empowered people is vital.
Read the article
• UK / World

How to ensure that IT security is not a brake on business agility
Implementing a lifecycle approach to network security policy management can speed up application deployment, whilst strengthening security and compliance says Joanne Godfrey…
Read the article
• World

ClearView

Key trends in business continuity invocations
Each year Sungard AS publishes a summary of its business continuity service invocations, providing useful insights into incident trends. Here Daren Howell presents four key trends from the most recent data.
Read the article
• UK

Business continuity in 2018
Every year Continuity Central conducts a survey looking at the changing trends and challenges in the business continuity profession. We have now launched the latest survey in the series and would like to invite all business continuity professionals to take part.
Take part in the survey
• World

Capital Continuity

Industrial robot hacking: what is the scale of the threat and what can be done about it?
Users of industrial robots from manufacturing to healthcare are unprepared for the real risk of a hacking attack, warns a cyber security expert.
Read the article
• UK / World

How to diffuse the IT blame game following an incident
Network visibility is often the root cause of difficulties during information security incidents. Keith Bromley explains why this is the case and what organizations can do about the issue.
Read the article
• UK / World

Work area recovery insights: Modern options for work area recovery
Fortress has made available a report which looks at the subject of work area recovery covering the following:

The recovery position

The day to day operation of many firms has changed from physical office space to a much more fluid, remote and online existence. Martin Allen Smith asks what this means for work area recovery and the need for back-up facilities should the worst happen.

Building resilience
We all know that teams work better in engaging work environments, being more creative, making faster and better decisions. This dynamic does not need to change in times of crisis. Andrew Lawton explains how.

More details
• UK

NEWS ARTICLES

Continuity2

Europol-ENISA conference reviews the security challenges of IoT
While it has many positive effects, the threats and risks related to the Internet of Things (IoT) are many and they evolve rapidly. For this reason, ENISA and Europol joined forces to tackle these security challenges by organising a dedicated two-day conference on 18th and 19th October 2017.
Read the article
• Europe

Security has to be a top priority as organizations consider transforming technologies
Over the next five years, the top three technologies that are set to move from the fringes to the business mainstream are Artificial Intelligence (AI), Blockchain and the Internet of Things, according to CBI research. In fact, half of businesses think AI will soon fundamentally transform their sector.
Read the article
• UK

Warning issued about advanced persistent threats targeting critical infrastructure
US-CERT has published alert TA17-293A: ‘Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors’. This alert is the result of analytic efforts between the US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).
Read the article
• US / World

eBRP

Many business leaders still in the dark about new data protection rules: IoD
A survey of business leaders has revealed that there are still a worrying number of companies across the UK that are not aware of the costs, complexities and responsibilities associated with the new GDPR rules.
Read the article
• UK

Cyber risk rises to top of corporate agenda: Marsh survey
Cyber risk has been elevated to the top of the corporate agenda for organizations doing business in Europe according to a survey conducted by Marsh. The European Union’s General Data Protection Regulation (GDPR), which takes effect in May 2018, is one of the key drivers of this rise.
Read the article
• Europe / World

Top companies are losing control of their digital attack surface
Unpatched web infrastructure and de-centralised web management practices are leaving UK organizations vulnerable to cyber attacks and high profile data breaches, according to new RiskIQ research which reveals a loss of control amongst the FT30, expanding their digital attack surface and opening doors to cyber criminals.
Read the article
• UK

Perpetual Solutions

WPA2 weakness means that every modern Wi-Fi network may be subject to attack
Researchers have identified 'serious weaknesses' in WPA2, a standard protocol that secures all modern protected Wi-Fi networks. If exploited, an attacker can use key reinstallation attacks (KRACKs) to read information that was previously assumed to be safely encrypted.
Read the article
• World

DNS attacks: telecoms industry is the top target
EfficientIP has published its latest report on cyber security in the global telecoms industry. The report states that telecoms organizations face the most DNS-based attacks, and each attack costs companies an average of £460,000 to remediate.
Read the article
• World

New NIST guidance focuses on recovering from ransomware attacks
The National Cybersecurity Center of Excellence (NCCoE), a part of the US NIST, partnered with Tripwire to develop NIST SP 1800-11 ‘Data Integrity: Recovering from Ransomware and Other Destructive Events’.
Read the article
• US / World

Cyber criminals increase attacks on remote working technologies
UK businesses were subjected to more than 600 cyber attacks a day during the third quarter of 2017, according to new data from Beaming. Between July and September, the average UK firm experienced 55,314 attempts by hackers to access their data or take control of IT systems.
Read the article
• UK / World

Panel discusses strategies to enhance the cyber resilience of Singapore's financial sector
At its inaugural meeting on 5th – 6th October, The Monetary Authority of Singapore's (MAS) Cyber Security Advisory Panel (CSAP) discussed strategies to enhance the cyber resilience of Singapore’s financial sector.
Read the article
• Asia Pacific

Cyberattacks bringing down the electric distribution grid is a growing threat
Almost two-thirds (63 percent) of utility executives believe that their country faces at least a moderate risk of electricity supply interruption from a cyberattack on electric distribution grids in the next five years.
Read the article
• World

Businesses need to adopt ‘continuous adaptive risk and trust’ says Gartner
As businesses transform due to the digital revolution, approaches to security risk management will also need to change and, according to Gartner, continuous adaptive risk and trust assessment (CARTA) will be an important new development in this area.
Read the article
• World

New network security standards aim to protect Internet routing system
Electronic messages traveling across the Internet are under constant threat from data thieves, but new security standards created with the technical guidance of the US National Institute of Standards and Technology (NIST), will reduce the risk of messages being intercepted or stolen.
Read the article
• US / World

Study highlights IT professionals lack of confidence in their company's cyber security
A Ponemon study of IT professionals in the UK, US, Germany and Australia, shows that less than half of global IT professionals are confident they have the ability to prevent, detect and resolve data breaches.
Read the article
• Various

Manufacturing companies bear the brunt of ICS computer attacks
In the first half of the year, manufacturing companies were the most susceptible to cyber threats: their industrial control system (ICS) computers accounted for about one third of all attacks, according to the Kaspersky Lab report ‘Threat landscape for industrial automation systems in H1 2017’.
Read the article
• World

‘Woefully inadequate’ IT processes for managing user accounts and access are creating risks
One Identity has released study results showing significant gaps in how organizations manage accounts used to access IT infrastructure, systems, and data—gaps that could result in major security and compliance risks.
Read the article
• World

Information Security Forum publishes GDPR implementation guide
The Information Security Forum (ISF) has announced the launch of the ISF GDPR Implementation Guide, which presents best practices for guiding a compliance program ahead of the European Union’s General Data Protection Regulation (GDPR).
Read the article
• Europe / World

Survey reveals trends in corporate security and protection
Unpreparedness is still affecting many corporations according to Rave Mobile Safety’s Trends in Corporate Security survey; and lack of clarity about where responsibility lies may be at the root of the problem.
Read the article
• US

Survey shows strong cyber security helps businesses to grow
A new cyber security report from Vodafone, ‘Cyber Security: The Innovation Accelerator’, highlights a strong link between how cyber security is used and business success, with 86 percent of high-growth companies seeing information security as an enabler of new business opportunities.
Read the article
• Various

Business Continuity Institute publishes information security benchmarking report
The Business Continuity Institute, in association with Mimecast, has published the BCI Information Security Report 2017. The report provides a benchmark of how organizations handle sensitive data and how resilient they are when it comes to data protection.
Read the article
• UK/ World

Survey finds that GDPR is still confusing global organizations; and preparations are lacking
With the GDPR (General Data Protection Regulation) deadline set for 25th May 2018, a global survey shows that many organizations are ill-prepared due to uncertainty about the criteria for compliance.
Read the article
• World

Quantum computers threaten to destroy Internet security as we know it
Researchers are in a race against time to prepare new cryptographic techniques before the arrival of quantum computers, as cryptographers Tanja Lange (Eindhoven University of Technology, the Netherlands) and Daniel J. Bernstein (University of Illinois at Chicago, USA) describe in a paper in the journal Nature.
Read the article
• US / World

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

This email was from:
Portal Publishing Ltd, PO Box 1393, Huddersfield, HD1 9TN, UK, Tel: +44 1484300750