Your monthly update of ICT continuity news and information

FEATURE ARTICLES

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/itcnewsmar2020.html

ClearView

World Backup Day: comments from various professionals
World Backup Day takes place on March 31st each year and 2020 is no exception. Despite the majority of organizations being occupied with pandemic planning, strategies, and survival it is important not to take the organizational eye of the ball when it comes to business continuity fundamentals. World Backup Day provides a timely reminder of this. Here various industry professionals offer some points to consider…
Read the article
• World

Ransomware against the machine: how adversaries are learning to disrupt industrial production by targeting IT and OT
Daniel Kapellmann Zafra, Keith Lunden, Nthan Brubake, and Jeremy Kennelly provide an update on ransomware which targets industrial production and critical infrastructure organizations.
Read the article
• US / World

Network misconfiguration risks and how to avoid them
Network misconfigurations not only can cause downtime they can be serious security threats. Avivi Siman-Tov discusses the misconfiguration errors that plague businesses and what strategies they can use to prevent them.
Read the article
• World

Daisy

Back to the future: why tape still has a role in business continuity
Peter Faulhaber, President and CEO, FUJIFILM Recording Media USA, Inc. and Chairman of The Active Archive Alliance, explains why tape shouldn’t be considered as an outdated technology.
Read the article
• US / World

Critical data protection steps you may be missing
If it sometimes feels like cyber threats are approaching your organization from all angles, it’s because they are. To protect yourself, you need to secure as many threat vectors as possible. Andy Swift highlights two critical data protection steps everyone should take, and yet many organizations seem to miss.
Read the article
• UK / World

Case study: how to respond to the reputational aspects of a cyber incident
While hardly a global brand, a recent cyber attack on Dundee and Angus College provides a good example of how to deal with a cyber incident. Charlie Maclean-Bristol looks at the lessons that can be learnt from the response.
Read the article
• UK / World

Assurance Software

COVID-19: five points to consider when implementing remote working arrangements
In response to the growing concerns around COVID-19’s potential to develop into a global pandemic may organizations are rapidly developing remote working strategies. Point B highlights five areas that need to be thought about during this process…
Read the article
• US / World

A new way to boost business continuity: DR with smart endpoints and a software-defined perimeter (SDP)
The benefits of the cloud as the prime location for disaster recovery backups are well known and accepted by many organizations, but what is often missed is the associated reliance on VPNs, a technology that’s not really designed for the cloud says Don Boxley…
Read the article
• World

Cyber security - Do you know your SOC from your SIEM?
Organizations need to be prepared. Now is the time to define a response strategy to ensure a security incident doesn’t turn into a business disaster. Do you know your SOC from your SIEM and more importantly where security compliance and regulation fit in?
Read the article
• UK / World

NEWS ARTICLES

Capital Continuity

Research looks at organizational backup and restore processes
A research study by Dimensional Research, commissioned by StorageCraft, shows that many organizations’ IT decision makers are not sufficiently prepared for recovery should the need to restore from their data backup arises.
Read the article
• World

2020 Cyber Security Breaches Survey results published by UK Government
The UK Department for Digital, Culture, Media & Sport has released the results of the annual survey of cyber security breaches across UK organizations. The Government surveyed UK businesses and charities to find out they approach cyber security and help Government learn more about the cyber security issues faced by industry.
Read the article
• UK

Academic case study looks at ‘The Effects of Information Security on Business Continuity’
In a detailed case study, Rodney L. Liggett, from the University of Phoenix, has analyzed the effects of information security on business continuity.
Read the article
• US / World

Fortress

DDoS attacks increased 180 percent in 2019 compared to 2018
Neustar, Inc., has announced that its Security Operations Center (SOC) saw a 168 percent increase in distributed denial-of-service (DDoS) attacks in Q4 2019, compared with Q4 2018, and a 180 percent increase overall in 2019 vs. 2018.
Read the article
• World

100 percent of 4G networks may be susceptible to denial of service attacks and 5G is also at risk
Positive Technologies has published its ‘security assessment of Diameter networks’ report. The Diameter signalling protocol is used to authenticate and authorise messages and information distribution in 4G networks. The vulnerabilities in the protocol means 5G networks built on top of previous generation networks will also inherit the same threats - such as tracking user location, obtaining sensitive information and in some cases downgrading users to insecure 3G networks.
Read the article
• World

New guidance on integrating cyber security and enterprise risk management
The NIST Computer Security Resource Center (CSRC) has published a draft guidance document looking at how organizations can integrate cyber security and enterprise risk management processes.
Read the article
• US / World

Risk Logic

NIST provides information resources for secure teleworking
As people around the world transition from an office environment to home working, maintaining cyber security is imperative. For organizations establishing telework security policies, remote access solutions, etc., NIST has developed a comprehensive telework resource guide that provides information on securing enterprise telework, remote access, and bring your own device (BYOD) solutions.
Read the article
• US / World

US survey reveals gap between business continuity plans and some of the technologies required to implement them
AvidXchange has polled senior leaders at 500 different US businesses looking at their business continuity planning. This research shows that just over 60 percent of businesses have continuity plans in place, but highlights some gaps in the technologies required to implement the plans.
Read the article
• US / World

Data overload is creating a threat for UK businesses
More than half (51 percent) of senior decision-makers among UK businesses feel overwhelmed by the data generated within their organization, a number that rises to 61 percent among those working in larger companies with over 1,000 employees, according to new research from InterSystems.
Read the article
• US / World

eBRP

Warning issued to adopt a heightened state of cyber security when facilitating home working
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued an alert to encourage organizations to adopt a heightened state of cyber security when implementing teleworking in response to COVID-19.
Read the article
• US / World

Researchers expose vulnerabilities of password managers
Many organizations allow the use of password managers to help users cope with the multitude of frequently changing passwords that they need to use, however some commercial password managers may be vulnerable to cyber attack by fake apps, new academic research suggests.
Read the article
• UK / World

Link11 warns of an uptick in DDOS attacks, which may disrupt remote working plans
Link11 is warning organizations of an increase in length of DDoS attacks over the past three weeks, which risk disrupting business processes for organizations as they implement large-scale remote working plans for employees following the Coronavirus outbreak.
Read the article
• Europe / World

eBRP

Unfixable vulnerability in Intel chipsets’ data security says Positive Technologies
Intel has thanked Positive Technologies experts for their discovery of a vulnerability in Intel CSME. Most Intel chipsets released in the last five years contain the vulnerability in question which presents a data security risk to users.
Read the article
• World

Survey highlights the reputational and business risks associated with IT failures
New research into the reaction of customers to IT and technical failures in UK banking services shows the wider impact that IT failures can have on business stakeholders.
Read the article
• UK

BCI publishes its annual Horizon Scan Report
BCI has released the 2020 version of its Horizon Scan Report. Sponsored by BSI, the report reflects the concerns of business continuity and resilience professionals when looking ahead to anticipated threats.
Read the article
• World

The State of Data Security 2020
Lepide has released a report that reveals an alarming insight into the risks facing data security in enterprises across the globe, as well as insight into how unprepared most organizations are to mitigate those risks.
Read the article
• World

Enterprise IT service downtime cost and risk transfer in a supply chain
Researchers from the Nanyang Technological University and the RISE Research Institutes of Sweden have published a new paper which describes a new economic model for analyzing enterprise IT service downtime cost. The paper was published in Operations Management Research.
Read the article
• World

Less than half of UK SMEs have an IT disaster recovery plan in place, finds survey
According to research commissioned by full-service IT consultancy ILUX, fewer than half of the UK’s small and medium sized enterprises (SMEs) are prepared to cope adequately in the event of an IT disruption.
Read the article
• UK

Quantum Dawn V after-action report published
SIFMA has released the summary of key recommendations from its biennial Quantum Dawn financial sector cyber security global readiness exercise, which was conducted in November 2019.
Read the article
• Various

Majority of businesses believe that the impact of 5G will be significant but have security concerns
Businesses believe that 5G will be the most revolutionary network evolution yet but still have concerns about the technology’s security, according to the results of a global study from Accenture.
Read the article
• Various

Report reveals impact of GDPR on breach detection rates in EMEA
FireEye, Inc., has published the FireEye Mandiant M-Trends 2020 report, which shares statistics and insights gleaned from FireEye Mandiant investigations around the globe in 2019. The report highlights that GDPR seems to have had a positive impact on security breach detection.
Read the article
• World

Take control of cloud backups or risk loss or non-compliance warns 4sl
Financial services organizations need to pay close attention to how their cloud providers backup data, or risk significant data loss or even non-compliance, 4sl has warned.
Read the article
• World

RMM platforms with integrated backup will be ongoing attack vector for ransomware in 2020 warns Asigra
Asigra Inc., has released a bulletin to the company's global network of managed service providers warning of the growing ransomware threat to remote monitoring and management (RMM) platforms as an incessant stream of insidious malware variants put solution provider and end-customer applications and data at significant risk.
Read the article
• World

Human skill and expertise singled out as the most important element in cyber resilience
More than 40 percent of respondents in the latest poll run by Infosecurity Europe singled out human skill and expertise as the most important element of a successful cyber resilience approach. The aim of the poll was to explore the importance of resilience in cyber security.
Read the article
• UK / World

New threat landscape report highlights cyber risk trends
Imperva, Inc., has published its latest Cyber Threat Index, a monthly report and measurement of the global threat landscape based on data from Imperva sensors across the globe. The report reveals sharp increases in high-risk vulnerabilities and public cloud-based attacks on organizations.
Read the article
• World

Vast majority of IT leaders say insider data breaches are a major concern
Egress has published the results of its Insider Data Breach Survey 2020. The study found that 97 percent of IT leaders say insider breach risk is a significant concern. 78 percent think employees have put data at risk accidentally in the past 12 months and 75 percent think employees have put data at risk intentionally.
Read the article
• Europe / World

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

Read our privacy policy at https://www.continuitycentral.com/index.php/privacy-and-cookies

Continuity Central is a registered trademark