Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Guest Blog Post

 

GUEST ESSAY: 6 unexpected ways that a cyber attack can negatively impact your business

By Mike James

Cyber crime can be extremely financially damaging to businesses. However, if you believe that money is the only thing that a cyber-attack costs your organization, you would be wrong. In fact, a recent academic analysis identified 57 specific individual negative factors that result from a cyber-attack against a business. Here are six ways, worth considering, that a attack can affect your organization.

SEO rankings

James

There are a number of issues that will occur in the aftermath of a cyber-attack that can have enormously negative consequences for your search engine optimisation (SEO). Hacked sites, for example, will by flagged in the rankings with a warning sign which can put off visitors. It is also worth noting that when a site is hacked it can start receiving bad reviews on Google’s review section – these can both begin to see you dropping in the rankings and losing traffic.

A large number of sites also have their content altered when they suffer a breach, and given the importance of content to the way that your site ranks, this can clearly play a huge role.

Legal and compliance issues

It is not just cyber-criminals that you have to worry about when you are calculating the costs of a cyber-attack. In the modern world of data protection and industry regulators, there are now powers to heavily fine businesses that fail to take adequate steps to protect their customers.

Related: Poll shows SMBs struggle dealing with cyber risks

Under the General Data Protection Regulation (GDPR) for example, regulators now have the power to fine businesses up to €20 million or 4 per cent of annual global turnover (whichever is greater), if they suffer a data breach and have failed to be in compliance with the regulation. This shows you just have expensive the concept is. …more

Comment | Read | July 15th, 2019 | Best Practices | Guest Blog Post | Imminent threats | Top Stories

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

By Steve Kaufman

There’s oil in the state of Maryland – “cyber oil.”

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.”

Related: Port Covington cyber hub project gets underway

That’s because Maryland is home to more than 40 government agencies with extensive cyber programs, including the National Security Agency, National Institute of Standards and Technology, Defense Information Systems Agency, Intelligence Advanced Research Projects Activity, USCYBERCOM, NASA and the Department of Defense’s Cyber Crime Center. Within these government labs and agencies, taking place is a groundswell of innovation in deep technology cyber disciplines to the tune of billions of dollars annually over the past three decades.

In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. The state counts approximately 109,000 cyber engineers.

Not only does the advanced development at these government agencies contribute to the success of cybersecurity in the state, but also so do many Maryland-based cybersecurity companies. Two notable examples are Sourcefire, acquired by Cisco for $2.7B and Tenable, which went public in 2018 with a market capitalization of approximately $4 billion.

Maryland and environs, including Virginia and Washington D.C., has also attracted a powerful and growing flow of venture capital to the region – about $1 Billion in 2018 and growing at an incredible pace.

Such bona fides led to the inaugural private “by invitation”  Global Cyber Innovation Summit (GCIS) in Baltimore in May 2019.  GCIS was a Davos-level conference with no vendors and no selling, where scores of chief security information officers (CISOs), top CEO’s, industry and government thought leaders and leading innovators discussed the myriad challenges in and around cybersecurity and possible solutions in today’s environment.

All this represents the early phases of a foundation-building process that is on track to eventually create a grander landscape. In the eyes of many cyber pros and investors, Maryland is becoming such a fast-growing cybersecurity hub that many believe it will replace the cyber component of Silicon Valley, hence becoming “Cybersecurity Valley,”  within the next five years. …more

Comment | Read | June 4th, 2019 | For technologists | Guest Blog Post | Top Stories

GUEST ESSAY: Only cloud-based security can truly protect cloud-delivered web applications

By Vivek Gopalan

Web applications have become central for the existence and growth of any business. This is partly the result of Software as a Service, or SaaS, becoming a preferred mode of consumption for software services.

Related: AppTrana free trial offer

Most companies today own a web application and if that application is an integral part of their business, then they cannot afford to think of website security risk as an afterthought.

In a lot of cases, pure SaaS vendors such as an online e-commerce company, the website/app itself is the reason for the existence of the business. And, increasingly,  their customers are questioning them about the security of sensitive personal and business data.

This rising trepidation, with respect to web app security, should come as no surprise. Technology research firm Gartner estimates that over 70% of security vulnerabilities exist at the application layer – and 75% of security breaches happen at the application layer.

Meanwhile, the National Institute of Standards and Technology says that 92% of reported vulnerabilities are in applications, not networks; and NIST pegs the cost of fixing such bugs in the field at $30,000 vs. $5,000 if the bug is fixed during coding.

The speed factor

There is compelling rationale for companies to take proactive steps to continually improve web application security. For one, compliance with standards, such as section 6.6 of Payment Card Industry Data Security Standard, requires either secure code review or deployment of a Web Application Firewall (WAF.) …more

Comment | Read | May 28th, 2019 | Guest Blog Post | Steps forward

GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value

By Sen. Josh Hawley

Social media consumers are getting wise to the joke that when the product is free, they’re the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants.

Why? Because the social giants have convinced the chattering class that America simply can’t do without them. Confront the industry, we’re told, and you might accidentally kill it ? and with it, all the innovation it has (supposedly) brought to our society.

Related: The cost of being complacent about privacy.

Maybe. But maybe social media’s innovations do our country more harm than good. Maybe social media is best understood as a parasite on productive investment, on meaningful relationships, on a healthy society.

Maybe we’d be better off if Facebook disappeared. Ask the social giants what it is that they produce for America and you’ll hear grand statements about new forms of human interaction. But ask where their money comes from and you’ll get the real truth.

Advertising is what the social giants truly care about, and for an obvious reason. It’s how they turn a profit. And when it comes to making money, they’ve been great innovators. They’ve designed platforms that extract massive amounts of personal data without telling consumers, then sell that data without consumers’ permission.

And in order to guarantee an audience big enough to make their ads profitable, big tech has developed a business model designed to do one thing above all: addict. …more

Comment | Read | May 22nd, 2019 | For consumers | Guest Blog Post | Imminent threats | Top Stories

GUEST ESSAY: How stealth, persistence allowed Wipro attacker to plunder supply chain

By Chris Gerritz

The recent network breach of Wipro, a prominent outsourcing company based in India, serves as a stunning reminder that digital transformation cuts two ways.

Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. However, the flip side is that we’ve also created fresh attack vectors at a rapid rate – exposures that are not being adequately addressed.

Related: Marriott suffers massive breach

We now know, thanks to reporting from cybersecurity blogger Brian Krebs, that the Wipro hack was a multi-month intrusion and likely the work of a nation-state backed threat actor. What’s more, the attackers reportedly were able to use Wipro as a jumping off point to infiltrate the networks of at least a dozen of Wipro’s customers.

Wipro issued a media statement, via its Economic Times division, acknowledging “potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign . . . Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact.”

Wipro did not provide many additional details. However, one has to wonder whether, beyond its customers, …more

Comment | Read | May 10th, 2019 | Best Practices | For technologists | Guest Blog Post | Imminent threats | Top Stories

GUEST ESSAY: Six risks tied to social media marketing that all businesses should heed

By Mike James

While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts.

Related: Defusing weaponized documents

While social media on every platform has benefits, there remains risks that must be addressed so as to keep your companies’ image and data safe.

No matter how large or small your business may be, the ability of social media to help you reach new customers and interact with consumers is unparalleled; however, there are danger areas. Here are five potential pitfalls of social media marketing.

Risk no. 1: Cybercrime

Businesses should always be very aware of the threat of cybercriminals, and social media also poses very real cyber-security risks.

Hackers use social media to learn more about you, and they can be very skilled when it comes to working out your passwords thanks to your posts about your pets, family, or even birthday plans.

When your social media accounts are shared between your personal account and your business pages, then even your own profile pages may be a way for hackers to gain access to company data.

In order to minimize the risks, you need to establish a strong online security culture across every level of your company. Teach your employees about the need for stronger passwords, and how to make use of both password generators and password management systems.

Risk no. 2: Trolls

There are some people online who enjoy attacking strangers on social media, and businesses are not exempt from this unpleasant attention. Whether it’s online bullying on Facebook, attacks to your brand on Twitter, or even leaving unfounded negative reviews online, those trolls cost UK businesses as much as £30k a year. …more

Comment | Read | May 3rd, 2019 | For consumers | For technologists | Guest Blog Post | Top Stories

Cloud computing 101: basic types and business advantages of cloud-delivered services

By Mike James

If you are looking for a simpler method of managing issues such as storage, software, servers and database, cloud computing could have the answers that your business needs. The cloud is becoming increasingly popular around the world, as organisations are starting to understand the organisational and cost benefits to using them.

Related: Using a ‘zero-trust’ managed security service

In this article we will take a look at the different types of cloud computing services available to see whether this might be something suitable for your business.

Four types

Before you can establish whether or not cloud computing is right for your business, it is necessary to understand the differences between the forms of cloud computing that are available to you. Known by the …more

Comment | Read | March 26th, 2019 | For consumers | For technologists | Guest Blog Post | Steps forward

Older Articles »