2017 was a big year for malware, hacks, and data breaches. Voting machines proved to be easily hackable, Uber was caught paying off cybercriminals, and of course, Equifax experienced a breach that affected 140 million Americans. On the latest episode of Decoding Security, security analysts Jessica Ortega, Ramuel Gall, and producer/security analyst Topher Tebow count down the top ten cybersecurity issues of the past year.
Category: Data Breach Page 1 of 4
Ecommerce sites can look forward to overstuffed stockings this holiday season. Holiday sales are expected to increase by at least 4 percent this year, for an anticipated total of $1.04 trillion – and for the first time, online spending is expected to exceed in-store sales. In fact, consumers plan to spend 51 percent of their holiday shopping budget online, compared to 42 percent in stores.
Despite these trends, a recent study by SiteLock shows that nearly one in three online shoppers do not plan to shop online at all during the holidays.
Nicknamed “Equihax,” the recent Equifax breach is one of the largest data leaks in history, affecting millions of people. There has been a lot of discussion about proper incident response, and whether Equifax is following acceptable procedures.
In the debut episode of Decoding Security, SiteLock Website Security research Analysts Jessica Ortega and Michael Veenstra go beyond the cause of the breach to discuss what consumers can do to protect themselves now. And, even more importantly, what consumers can do to protect themselves going forward.
Listen to Decoding Security Episode 101: EQUIHAX
If you enjoyed this week’s episode, visit Decoding Security on your preferred podcasting service to leave a review and subscribe so that you don’t miss future episodes!
In a recent security report, researchers revealed an unsecured archive of US voter data collected by Deep Root Analytics, a data firm connected to the Republican National Convention (RNC). The exposed data — which included full names, addresses, and phone numbers of 198 million registered voters — was uncovered by a security researcher in an internet-accessible database with no password protection or any other security measures. The database has been secured at the time of this writing, but it remains unclear how long this data was exposed to the internet.
It may be easy to assume exposures of this nature are an inevitability. After all, a data analytics firm associated with a major political party sounds like a clear target for bad actors. However, the data was discovered by a researcher performing unrelated searches through Amazon’s S3 infrastructure for any unprotected data, not targeted attacks against Deep Root Analytics or even voter data in particular. This fact underscores a critical necessity of the Internet: prioritize the security of your data at all stages of its life cycle. Your data needs to be secure where it’s stored, during network transit, and when it’s in the hands of third parties. This data leak in particular was the result of the RNC failing to properly ensure the security of their data in the hands of a third party contractor.
The legal industry finds itself in the upper echelons of companies when it comes to the fiscal impact of a cybercrime. However, many are ignoring this risk. According to the American Bar Association’s (ABA) 2015 Legal Technology Survey, about half of firms said they had no response plan in place to address a cybersecurity breach.
Furthermore, Cybersecurity Ventures predicts the costs associated with a cyberattack could balloon to $6 trillion globally by 2021. To put that in perspective, if cybercrime were a country, the number would represent the fourth highest Gross Domestic Product (GDP) in the world.
To better understand the costs associated with cybercrime it is helpful to group the expenses in two buckets, direct and indirect.
Every business understands their website is a vital building block to establishing an online market presence. However, when it comes to website security, few understand the need or simply feel their company is not at risk.
To make a business case for web security, one must define the target, detail the impact of a hack, outline the mitigation cost and examine any additional benefits of proactive website security. This article will examine those areas to help assist in making a business case for cybersecurity.
Regardless of whether you’re a registered Democrat or Republican, your voter data could be in jeopardy of being compromised by cybercriminals. The 2016 Presidential election has brought on cyberattacks in 20 states, leading to two successful data breaches. Learn why 34 percent of voters believe this election will be or has been hacked.
The new school semester has begun and is off to a great start. Your students are engaged, prepared and full of spirit. Ready for their first test, they log in to their online student portal to access the exam. Just as the test is about to begin, the website crashes. Panic ensues among the students, who instantly turn to twitter and email for help.
Here’s what happened: The school did not have proper website security in place and consequently was the target of a data breach that shut down its website. Higher education institutions are attractive and lucrative targets to cybercriminals. In 2015, the education sector was among the top three sectors breached, behind healthcare and retail. College campuses store a wealth of confidential student and faculty data, including medical records, financial information and intellectual property for products and prescription drugs. Some of the most common attacks cybercriminals use to breach higher education institutions are hacking, malware and DDoS attacks.
Talking about cybersecurity is equivalent to addressing the elephant in the room. It needs to be addressed, but the issue often gets pushed to the backburner. Studies show that 70 percent of Americans shop online at least once a month. However, over 30 percent of consumers say they hesitate to make those purchases due to security concerns, like credit card data theft.
As an online retailer, it is time to address the elephant in the room by addressing your customers’ fears. To get you started, we cover four basic—yet essential—website security tips to protect your eCommerce site.