Each week, IRM gathers up (what we think) are the most interesting and important reads from the cybersecurity industry. The weekly roundup will include good and bad examples of cybersecurity practice and thought pieces from across the globe – all summarised in one handy place for your regular news top-up.
British Airways apologises for “illicit” breach
Anyone reading The Metro this morning would have seen the front page news that British Airways revealed yesterday that over 380,000 card payments had been compromised in a data breach of their website and app.
The breach is said to have affected customers who made bookings between 10.58pm on August 21 until 9.45pm on September 5. Whilst the stolen data did not include travel or passport details, British Airways have confirmed that bank and credit card details were compromised.
British Airways acted quickly to inform customers and have advised them to contact bank and credit card providers to ensure their data security. A further investigation has been launched by the airline after an apology was made by the chairman and chief executive.
Universities highlight online retailers as a priority for cybersecurity
A new initiative, “GM Cyber Foundry” has been set up by Manchester Metropolitan University, Manchester University, Lancaster University and the University of Salford in an effort to protect Greater Manchester’s small and medium-sized companies from cyberattacks.
The universities have highlighted the trend in the use of “malware phishing and stolen credentials”, with cyber-attacks currently posing a £860m risk to North West businesses (according to Lloyd’s City Risk Register).
The new Foundry will run sessions with businesses to provide cybersecurity support and guidance such as only storing necessary information, authentication processes, staff training and software management.
National Australian broadcaster website blocked from China
China has blocked access to the website of Australian Broadcasting Corp (ABC). According to the BBC, Users in Chinese were reportedly ‘abruptly’ blocking from visiting the website and apps two weeks ago. The Chinese regulations informed ABC that the site had breached Chinese laws, but didn’t specify details.
As part of their internet censorship regime, it is well-known that China often blocks access to foreign content if they do not want people to see it. Despite this, ABC have not been able to confirm the reason for the ban.
ABC is not the only website not available in China at the moment. Other websites include New York Times and BBC News.
Met risks cyber security with “unfortunate” cuts.
According to an advocate for AlienVault, cuts made by the Metropolitan Police’s budget puts its cybersecurity at risk.
The Met Police has declared it’s at “breaking point” in terms of finances, despite selling off £1 billion worth of property over the past six years.
The security advocate explains that cybersecurity skills should be priority and the force requires the right skillset to ensure they can maintain the requirements for security.
The article also highlights the impact of lack of cybersecurity skills on company CTOs in general. A recent study by Ponemon revealed that only 35% of enterprise representatives said that their staff had adequate cyber security skills. Without any upcoming investment into the skills, nothing is likely to change anytime soon in this area.
Opinion piece: Cybersecurity a major concern but ‘a great business opportunity’ according to Forbes
Increased internet connectivity has allowed for productivity and profitability opportunities across the globe. The drawback is that this also leads to cyber-attack vulnerabilities.
There have been 23 million signification global security breaches in 2011 which has risen to a shocking 30 million by 2013. This number of incidents is set to approach 100 million by this year, highlighting the big issue that sophisticated IT applications have introduced.
This trend, therefore, makes it no surprise that organisations are turning “enthusiastically” towards cybersecurity firms to spend their money. In the US, cybersecurity spending has risen from $40 billion in 2013 to $66 billion in 2018.
There has been some trend of abated figures in the US but Forbes describes the battle as being “far from won”. Cyber-attackers are shifting their expertise from areas where efforts are being focused to ensure they can stay on top of their game and achieve their criminal goals. The answer to this growing issue? Continue to follow the efforts of cyber-attackers to maintain safety and security for the foreseeable future.
Got any questions about cybersecurity practice after reading this week’s news pieces? Feel free to contact us via our website form.