Creating a culture of Cyber Security is vital to the survival of your business

As security professionals, we are always trying to justify what we do. At the end of the day, the best we can offer is that nothing will go wrong.  No fires, site crashes, hard drive failures, internal and external hackers, viruses, malware, or spam outbreaks, etc.  However, every day we see the threats to organizations increasing from teenagers, to organized crime, as recently described in the annual threat assessment.

Annual Threat Assessment of the US Intelligence Community

This year's annual threat assessment Director of National Intelligence (DNI) reported that the United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness. Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication and is confronted by threats that are both more targeted and more serious.

Cyber Attack "War Garme"

Watch as security experts launch a cyber attack "war game" to test the nation's cyber security defenses.

How Google and Microsoft Can Stop Phishing Scams

Trevor highlighted in his recent post Bad Guys Want Your Payroll how attackers are using malicious software to access business banking accounts. To get the malicious software (malware) onto business systems, attackers are frequently using phishing scams that encourage users to download the software through deceit and misrepresentation. Brian Krebs and his online community have also been discussing the issue to great depth over recent weeks, including in his recent post
Warning About ZeuS Attack Used as Lure.

These attacks are largely successful due to the poor design of modern email systems. As a commodity that has been around for far longer than the browser, email systems have had a remarkably poor rate of evolution by comparison. However, Google and Microsoft have the ability to protect us from phishing scams. But, will they?

Better Business Bureau - Data Security Made Simple

Over the past few years many high profile companies and government agencies have found themselves in the media spotlight because cyber criminals were able to gain unauthorized access to their databases and steal confidential customer information. For fortune 500 organizations, incidents like this can be severely damaging to the company’s reputation and bottom line. For small businesses, a data security breach could mean the end of business, as you know it.

House Passes Cyber Security Bill - A Good Start?

Only a short time ago headlines reported Google’s claim of a cyber attack originating in China. More recently it was National Intelligence Director Dennis Blair and CIA Director Leon Panetta who testified before Congress, warning of increasing cyber threats and vulnerabilities in our nation’s critical systems. And on February 4 the U.S. House of Representatives overwhelmingly passed H.R. 4061, The Cybersecurity Enhancement Act, by a rare bipartisan vote of 422-5.

The Bad Guys Want On Your Payroll

If there were any lingering doubts that criminals were targeting small businesses, a new trojan horse that has been spotted in the wild should put those doubts to rest.

Attention School Districts: You are Being Targeted by Cyber-Criminals

Local school districts across the United States have emerged as a prime target for cyber-criminals. In the fall of 2009, districts in Colorado, Illinois, Oklahoma and Pennsylvania all reported thefts of tens of thousands of dollars each due to a cyber-crime wave. The threat continues: on January 5, 2010, the Duanesburg, New York Central School District disclosed an attempted theft of $3.8 million, about a quarter of the district's operating budget.

Hackers are defeating strong authentication

One-time passwords and phone-based user authentication aren't enough to stop cybercriminals from stealing your money out of your bank accounts.

A new report from Gartner warns that one-time passwords and phone-based user authentication are not enough to protect online banking transactions against fraud.  Increasingly, such measures are overwhelmed by online criminals looking to rob your bank account.  Gartner's warning comes amid a sharp uptick in fraud involving the exploitation of valid online banking credentials.