#BIGITIDN17

The digital universe carries its indistinguishable existence into the physical world, which has been growing its size and visibility of data. This phenomenon enables and unleashes a new wave of business opportunities for people around the world. With the exponential global growth in digital data, companies are expected to adapt with the mounting competitive pressure to meet the rising demands of their customers.

The 2nd Big Data & CEM World Show is a two-day conference held from 1 – 2 March in Jakarta, Indonesia, which ultimately delivers itself as an interactive platform for global technologists to spark interesting discussions and exchange innovative ideas. The event expects the participation of over 20 prominent and adept speakers to furnish the conference with thought-provoking topics on modern Big Data and CEM topics. These topics include the emergence of digital commerce, mobile technologies, social media analytics, and cloud computing.

Acquire fundamental and thorough knowledge on Big Data implementation into business operations, and gain insights in making intelligent and better-informed decisions for improved user experience and customer engagement. Join alongside our sponsors: Cloudera (Gold) and Halodata (Silver) and expect inciting discussions about digital transformation strategies from industry leaders and experts around the world.

For more information on how you can be part of this event, contact enquiry@bigittechnology.com or call +603-2261 4227 and visit the website for the latest info.

(39)

Share

IoT Investors Day – connects the world!

The goal of IoT Investors Day is to contribute to the market development by organizing international business conference that will take place in Bangalore, India on 9th of December 2016.
More than 500 attendees and 12 best experts across the IoT space will gather in order to discuss the latest IoT market trends and to identify ways of its further development.                            Professionals from around the world will meet in the city, which is the business center of one of the fastest developing countries in the field of IoT.
A special feature of this conference is there Start-up Pitch Deck where 10 teams with the most innovative ideas will come out. The culmination of the day will be determination of the most promising idea; as a result,
the team will receive a grant from our investors for its implementation.
Besides this, everyone can explore the IoT technologies that recently was possible only in science fiction books. In a specially equipped demo zone, leading companies will present the latest innovations of M2M
market.
Enter the new era of technology development with IoT Investors Day!
For more information visit http://www.iot-investorsday.com or contact info@iot-investorsday.com

(18)

Share

Cash machines can be hacked to steal money

Londoners are being warned to be careful when using cash machines after a spate of crimes involving malware-laden ATMs. Criminals have been hacking into cash machines to install malware that would then allow large amount of money to be stolen without needing to enter a card. Commenting below is Stephen Gates, chief research intelligence analyst at NSFOCUS:

“It seems these days that no matter where you use your credit/debit cards, the likelihood of the transaction processing devices being hacked is getting higher and higher. Maybe it’s time for a new method of authenticating globally that does not involve cards. Most don’t know the concept of using plastic cards for purchases, deposits, and withdrawals was developed way back in the 1960’s. The only major change in half a century is that now many cards have EMV complaint chips in them. This helped stop criminals from making their own duplicate cards, but other than that, it has not stopped fraud caused by POS/ATM malware, physical skimmers, and the like. The financial industry has to do a better job. One suggestion is to work with researchers focused on developing a new method of authentication. If not, the losses will just continue to grow.”

(90)

Share

Hackers can gain access to your Mac’s webcam

Following the news that hackers are using Mac webcams to surreptitiously record video, here is a comment from Richard Patterson, Director of Comparitech.com:

“Hacking webcams, or camfecting, has been around a while and really the most fool-proof, low tech and simple way to make sure no one can see what you’re doing through the lens of your webcam is to cover it up. You can test that it’s completely covered by getting on Skype or whichever video chat you use to see that it’s been effective and close your laptop when it’s not in use. You can also buy webcam cover cheaply online (under £10 on Amazon) if you don’t want to stick tape to your expensive device. Another good practice is to scan your webcam for malware and viruses- there are plenty of free options available. For those who use an external, standalone webcam, please, if you do nothing else – change the default settings it comes with from the manufacturer by accessing the software and resetting the password.”

(123)

Share

Hackers Descend on the G20 Summit in China, Conducting Over 133,000 Malicious Cyber Attacks

Cybersecurity discussions were a top priority at the G20 Summit 2016, a global economic leadership forum attended by world leaders from 20 major economies; yet the event itself encountered a staggering number of attempted cyber attacks between September 3-6. NSFOCUS, a global provider of intelligent hybrid security solutions, was commissioned by China’s Ministry of Public Security to provide 24×7 cybersecurity protection for networks and applications associated with the G20 Summit – successfully defending against 133,254 attacks targeting the G20 network.

“Securing an event of the size and prominence of G20 is an enormous undertaking,” said Dr. Richard Zhao, SVP of Global Threat Research, NSFOCUS. “Cybercrime is evolving with hackers moving beyond traditional attacks to more advanced threats, and geopolitical conferences are always an ideal target for malicious activity. In order to combat these threats and ensure the security of the summit, NSFOCUS took a holistic approach and implemented an integrated and layered security solution to protect the G20. As a result, the event carried on as planned, and the striking number of incoming attacks did not disrupt activities.”

During the event, NSFOCUS secured 12,728 web applications and key pages linked to the G20 Summit, while at the same time defending 359,830 other critical business systems owned by NSFOCUS customers. This is a testament that NSFOCUS is well prepared to protect these types of global events, while simultaneously protecting their own customers. The company provided 28 systems that delivered attack traffic scrubbing, intrusion prevention, and web application security, all of which were continually updated with NSFOCUS global Threat Intelligence. The NSFOCUS solutions included next generation IPS, anti-DDoS systems, remote security assessment systems, web application firewalls, and WebSafe SaaS, a cloud-managed service for web servers.

NSFOCUS noted further details of the cyber attacks, which include:

  • Beginning Sep. 1, NSFOCUS mitigated more than two million web attacks, including, 133,254 attacks targeting the G20 network.
  • NSFOCUS mitigated an additional 1.9 million attacks targeting organisations who provided other services to the G20 summit.
  • NSFOCUS defended against 1,984 DDoS attacks targeting the G20 network, protecting against 41.2 TB of total malicious traffic.
  • NSFOCUS guarded against 169,919 web attacks on G20 and G20-affiliated networks, and discovered 611,356 vulnerabilities, of which 190 were high-risk, prior to the start of the summit.
  • Attacks originating from the U.S., Russia, and Brazil were the most prevalent.
    “During the course of the conference, NSFOCUS protected G20 assets and customers against a non-stop barrage of attacks,” Dr. Zhao continued. “Hundreds of thousands of attacks executed over the course of several days presents a significant danger to even the most secure network. It’s worrying, but not surprising, to see such a force unleashed on the summit. NSFOCUS is proud to have defeated these attacks on a key leadership forum like G20.”

NSFOCUS has a longstanding history of securing major global events such as The World Internet Conference, 29th Olympic Games, the Big Data Expo, and IAAF World Championships in Athletics.

 

(83)

Share

NSA government contractor ‘stole classified files’

A National Security Agency contractor has been arrested, accused of taking top secret information, officials say.
Harold Thomas Martin III is charged with theft of government property and unauthorised removal of “highly classified” materials.
The 51-year-old had a top secret national security clearance and faces 10 years in prison.
Mr Martin’s lawyer said there was no evidence he had betrayed the US, a country he very much loved.

The Justice Department said he worked for Booz Allen Hamilton, the same contractor that employed NSA leaker Edward Snowden.
Six of the documents found in Mr Martin’s possession were classified as top secret, “meaning that unauthorized disclosure reasonably could be expected to cause exceptionally grave damage to the national security of the US”, the Justice Department said.
According to a warrant, Mr Martin was arrested two days after his Glen Burnie, Maryland, home, garage and vehicle were searched on 27 August this year.
The FBI said Mr Martin at first denied taking the documents, but later admitted removing documents and digital files.
James Wyda, Mr Martin’s lawyer, told the Baltimore Sun his client has yet to be proven guilty of the charges.
“There’s no evidence that Hal Martin has betrayed his country,” Mr Wyda said.
“What we do know is that Hal Martin loves his family and his country. He served this nation honourably in the US Navy and he has devoted his entire life to protecting his country.”
Mr Martin faces up to 10 years in prison for the theft of government property, and up to one year for the removal of classified materials.
The New York Times, which broke the story, said Mr Martin was suspected of taking the NSA’s “source code” used to hack into the systems of Russia, China, Iran and North Korea.
“A large percentage of the materials recovered from Martin’s residence and vehicle bore markings indicating that they were property of the United States and contained highly classified information of the United States,” FBI Special Agent Jeremy Bucalo wrote.
“The disclosure of the documents would reveal those sensitive sources, methods, and capabilities.”
John Carlin, the Justice Department’s top national security official, said the arrest underlined the threat posed by insiders.

For the full article: http://www.bbc.co.uk/news/world-us-canada-37568879

(66)

Share

Reports of issue with replacement Samsung Note 7 could damage firm’s reputation

With news breaking of a potential issue with a replacement Samsung Note 7 emitting smoke on an American plane, Mark Johnson, an Associate Professor of Operations Management at Warwick Business School who has researched product recalls, has made the following statement:

“Samsung may now be stuck with an expensive and reputation denting second recall. Having a second recall will be costly and may result in the electronics giant cancelling the phone.

“The latest in a long line of incidents affecting the Samsung Note 7 indicates that there may be much more at fault with the phone than just faulty batteries from a supplier.

“Samsung is probably paying the price for trying to rush the Note 7 to market before the iPhone 7 was released. As such many of the challenges that are ironed out in extensive product testing may not have been found.”

(61)

Share

TalkTalk receives record £400,000 fine for security breach

An expert comment has been made on the news TalkTalk has been fined a record £400,000 for a security breach that led to the theft of personal data of nearly 157,000 customers, Mark Skilton, a Professor of Practice at Warwick Business School and an expert on cyber security, has made the following statement:

“Although this may be called a record fine at £400,000, it is insignificant to the turnover and customer base of TalkTalk and little more than a sting to TalkTalk’s finances.

“Even by factoring in the reported numbers of 157,000 personal details and, of those, the 16,000 who had bank details stolen, it still only equates to £2.50 per head or £25 per person who lost banking data. The fine seems to be ‘proportionate’ to the impact, but shows little regard for the possible risks and lack of due diligence of a company with 4 million subscribers.

“Even if liability insurance may have covered the possible losses of those customers, it still raises questions over digital risk governance and how necessary it is for corporates to take it seriously.

“The money from the £400,000 fine could have been invested in better security staff in the organisation and further investment in cyber monitoring and response detection, but it raises the question over current legal punitive measures that focus on specific losses as opposed to corporate responsibilities.

“TalkTalk seem to have got off lightly here even if their argument is that the millions of customers were not at risk: a strong message and fines approach needs to be in place for corporates to manage and treat cyber security as a real corporate risk and not just a customer data mismanagement issue.”

(76)

Share

Cyber Security Challenge UK tests cyber skills in virtual reality in latest competition

Cyber Security Challenge UK has hosted the final face-to-face competition of 2016, which saw 24 candidates use their cyber security and coding skills to rescue the CEO of a fictitious energy company, who’s company had been held ransom by cyber criminals. The competition saw candidates battle against the clock and enter virtual reality using VR headsets to track down the perpetrator of the crime.

The attack mimicked one of today’s most prevalent cyber vulnerabilities – the insider threat. Candidates were tasked to piece together suspicious activity to form a picture of the crime which involved using iPads to scan and create a 3D environment and look for artefacts and clues that would reveal who was behind the attack. Their abilities were also tested as they investigated the code around compromised systems, and performed digital forensics and network analysis; proficiencies that are much sought after by the cyber security industry.

In this scenario, the candidates played the role of cyber investigators and were given the latest tools used by cyber security professionals to analyse the network of a fictional energy company called Acme Engineering, whose CEO had received a ransom email which indicated Acme’s new product had been sabotaged. The fictional criminals demanded one million bitcoins in order to guarantee a safe launch of the product, disruption of which would result in huge financial and reputational harm to the company.

The event, supported by National Grid and held at its headquarters, was the latest in the 2016 series of competitions for Cabinet Office-backed Cyber Security Challenge UK, to find and nurture the country’s cyber prodigies and encourage them into the industry. The winners of this competition have progressed to the Masterclass final in November.

The winning group was team Margaret Sale, which consisted of Ben Caller, Callum Curry, Timothy Fletcher, Matthew Pickford, Steven Woodhall and Jack.
The top fourteen performing candidates from the competition have qualified for masterclass, including George Osborne, 17, from Reading, who was the day’s top scorer and joint youngest contestant at the event.

“I’m delighted to have won the competition today. I really enjoyed the mix of technical and soft skills that we were tested on, and thanks to National Grid for hosting such an incredible event. I’m looking forward to see what Masterclass has in store!” said George Osborne, 17, from Reading.

The candidates were closely monitored by a team of assessors from the Challenge, National Grid and a range of top cyber security organisations, who judged the candidates against industry-agreed criteria to see if they demonstrate the skills required to join professional organisations.

The select group of challengers were chosen after becoming top performers in qualifying games, hosted on the Challenge’s Play-On-Demand platform (PoD). The PoD system allows those interested in cyber security to test their skills and knowledge using a pool of games designed by industry experts.

Stephanie Daman, CEO at Cyber Security Challenge UK said: “The range of skills the cyber security industry requires continues to grow, and our competitions always aim to test candidates on the latest skills that professional organisations require. These competitions can only take place with the support of our sponsor community, all of which are looking to hire the most outstanding talent. The industry is suffering from a skills gap, and it’s through competitions like these that security teams can directly meet and potentially recruit the talented individuals out there.”

The Cyber Security Challenge UK Masterclass in November will pitch the top 42 candidates from across the competition against each other, to become the ultimate champion of 2016.

(259)

Share

Study Finds Employees, IT Professionals in Germany More Confident About Protection of Important Data Than in US, UK, France

Employees and IT professionals in German organisations are more confident about their ability to resist the growing risks of cyberattacks and insider threats than their counterparts in the US, UK and France. Those are among the findings from a new study of more than 3,000 end-user employees and IT practitioners across the U.S. and Europe.

The report was conducted by the Ponemon Institute and sponsored by Varonis systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks. The new release, “Differences in Security Practices and Vigilance Across UK, France, Germany and US,” compares the responses of IT professionals and end-user employees in these four countries. The total of 3,027 respondents included 1,109 people in the United States, 670 people in Germany, 655 people in the UK, and 593 people in France, who work in organisations ranging in size from dozens to tens of thousands of employees in a variety of industries including financial services, public sector, health care and life sciences, retail, industrial, and technology and software.

Among the key findings:

  • Employees in the UK, France, Germany, and the US all say insiders who are negligent are more likely to put the organisation’s data at risk than external attackers or insiders acting with malicious intent.
  • Fifty percent of German employees say they take all appropriate steps to protect the company data they access and use, compared with 39 percent of UK employees, 37 percent of French employees and 35 percent of US employees.
  • Forty-four percent of German employees say their organisations strictly enforce policies against the misuse or unauthorized access to company data, well above the responses to the same question in the UK (35 percent), US (32 percent) and France (29 percent).
  • Thirty-nine percent of IT professionals in Germany believe their organisations fully enforce a strict least privilege model (which means access to company data only on a need-to-know basis) for file shares and other collaborative data stores, much higher than the confidence levels in the US (29 percent), France (25 percent) and UK (23 percent).
  • Although German IT pros are least likely to say their organisations have experienced ransomware (12 percent compared with 17 percent in the US, 16 percent in France and 13 percent in the UK), they express the highest levels of concern about the threat of ransomware (83 percent very or extremely concerned in Germany compared with 80 percent in France, 77 percent in the US and 63 percent in the UK).
  • Asked if their organisations have experienced the loss or theft of data in the last two years, the highest response among IT people was in the US (82 percent), followed by France (80 percent), UK (76 percent), and Germany (64 percent).
  • In Germany, both employee end users (30 percent) and IT staff (45 percent) are more likely than in the other countries to believe their management would accept a decline in productivity in order to prevent security risks. The same question produced less optimism about this balance in the UK (25 percent of employees, 34 percent of IT), France (23 percent of employees, 35 percent of IT), and the US (21 percent of employees, 30 percent of IT).
  • The top three security threats that most concern IT professionals differ in each country:
    -France: Insiders who are negligent: 67 percent, outside attackers who compromise insider credentials: 53 percent, malicious contractors: 40 percent
    -UK: Insiders who are negligent: 61 percent, outside attackers who compromise insider credentials: 55 percent, malware: 47 percent
    -US: Insiders who are negligent: 61 percent, outside attackers who compromise insider credentials: 55 percent, malware: 47 percent
    -Germany: Outside attackers who compromise insider credentials: 66 percent, malware: 46 percent, malicious contractors: 41 percent (insiders who are negligent ranked fourth: 36 percent)
    Commenting on the findings, Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute, a leading research center dedicated to privacy, data protection and information security policy, said, “Cultural and business norms vary from country to country, especially in the balance between employee privacy and organisational security. This can affect attitudes, preparedness and resistance to insider threats and cyberattacks. The frequency and severity of data loss and theft continue to rise in a disturbing trajectory. There is far greater employee and third-party access to sensitive information than necessary. Monitoring access and activity around email and file systems is an essential part of protecting data. Executive and IT security leadership have an imperative to improve communication so that all employees and contractors understand their roles in contributing to the protection of important and sensitive data.”

David Gibson, Varonis Vice President of Strategy and Market Development, said, “This is a wake-up call about the lack of modern protections and the lack of leadership – both in the executive suite and among IT management. Most high-profile intrusions involve the theft of files and emails that were not protected. Insider threats and outside attackers that compromised insider credentials have caused major damage to those organisations and their reputations. Varonis is helping thousands of organisations around the world address these challenges in ways that not only dramatically reduce risk, but also improve productivity and efficiency.”

(52)

Share