INsig2 LawTech Europe Congress 2016 Generates Valuable Insights from Its Cyber Security Track

INsig2 LawTech Europe Congress, an annual event on electronic evidence, digital forensics, and cyber security, is pleased to publish valuable insights from its 2016 distinguished expert speakers.

During its 2016 event, INsig2 LawTech Europe Congress (LawTech) has continued its mission of bringing inter-related industry leaders together to broaden their scope of learning and awareness. In furtherance of its mission, LawTech has included valuable insights from speakers within its Cyber Security Track.

“According to the speakers within our Cyber Security Track, strong policies, cooperation, and the use of technology are essential to minimising risk and to minimising the impact of a breach,” said Frederick Gyebi-Ababio, Director of INsig2 LawTech Europe Congress. “One notable comment is the suggestion of launching cyber counterattacks to discourage further attacks.”

LawTech 2016 speakers provided the following suggestions and observations.

“For some time now, I have been debating this issue, can we hack back the hackers? … I argue that this is the legal equivalent of self-defense. … In my opinion the way to discourage hackers from attacking your valuable assets and businesses is by launching cyber counterattacks….” Alan Sadeghi, Independent Cybersecurity Advisor

“In an era when a cyber breach can be a survivability defining event for a business, Mobile Device Security is more critical than ever…. But it all boils down to two things, real-time visibility of mobile device security events, and the people element, specifically a mature culture throughout the business backed by strong enforceable policies and controls surrounding information security and best practice.” David Carvalho, OCS Group

“Don’t lie to insurance companies, else you give them grounds to deny paying out. … Any security or privacy officer who is not insuring for calamity is doing a poor job of managing their largest risks.” Özkan Demiröz, Demiroz Consultancy

“…cybercrime is to be considered a ‘wicked problem’, meaning that every attempt in dealing with cybercrime requires a multi-disciplinary and multi- or intra-agency approach as no single organisation can solve the problem all by itself.” Rafael Rondelez, Federal Computer Crime Unit

“…the main challenge of the [energy] sector remains its vulnerability to cyber-attacks which could cause loss of life and massive environmental damage.” William De Riemaecker, Buyle legal

“According to [one] theory, the motivation of the [cybercriminal] depends on three main factors: the attractiveness of the catch, weak asset protection, and the ability to avoid punishment. [O]ur society is now in a time where personal information is no longer personal.” Sergey Martynov, MS Business Security Consulting Oy

Direct Feedback “remains one of the most effective means of fighting corruption and detecting fraud: established and well-communicated Helpline.” Moldir Abdikerim, Riscomp

For more information about the event, please visit www.lawtecheuropecongress.com

(95)

Share

E-Discovery Market – Global Forecast to 2021

E-Discovery Market by Solution (Legal Hold, Early Case Assessment, Data Processing, Data Production), Service (Consulting, Implementation, Training & Support, Managed), Deployment Type (CLOUD, On-premises), and Vertical – Global Forecast to 2021

“The global increase in litigations is driving the growth of the E-Discovery market”

MarketsandMarkets estimates the global E-Discovery market to grow from USD 7.89 billion in 2016 to USD 22.62 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 23.4%. The E-Discovery market is growing rapidly as the business environment is getting increasingly litigious, due to global increase in difficult conditions for businesses. However, factors such as lack of awareness about E-Discovery is the major restraint in the overall growth of the market.

“Data processing solutions to have the largest market size in 2021”

Data processing solutions segment is estimated to have the largest market size in 2021, owing to the increase in data production around the world. Massive data growth rates result in an increase in the amount of electronic documents being generated, which are used during litigations. The growth in data processing would also be due to the massive increase in social media communication resulting in data proliferation. Other factors responsible for its largest market share include benefits such as reduction in document maintenance costs, as well as simplification and consolidation of a variety of document formats.

Get More Details on this Report and a Full Table of Contents at E-Discovery Market – Global Forecast to 2021

“Managed services type to have the highest growth rate during the forecast period”

Managed services provide end-to-end E-Discovery support to organizations, which is the main reason for its high adoption. The managed services type is gaining traction in the E-Discovery market as it helps organizations to leverage the advantages of technology-enabled E-Discovery solutions setup off-premises, which helps in reducing storage infrastructure costs. This segment is expected to witness the highest CAGR during the forecast period.

“Asia-Pacific (APAC) is expected to have the highest growth rate during the forecast period”

APAC includes economies, such as India, China, Japan, Singapore, and others, which are rapidly deploying E-Discovery solutions and services. This is mainly due to the rise in outbound investment from countries such as India and China, which integrates APAC economies with foreign economies and as a result drives cross-border litigations and disputes. The North American region is expected to be the largest revenue generating region for E-Discovery solution and service providers in 2016. This is due to the high focus on innovations obtained from research & development and technology adoption, especially in the developed economies of North America.

In-depth interviews were conducted with CEOs, marketing directors, other innovation and technology directors, and executives from various key organizations operating in the E-Discovery market place.

-By Company: Tier 1: 34%, Tier 2: 40%, and Tier 3: 26%
-By Designation: C-level: 72%, Director-level: 18%, and others: 10%
-By Region: North America: 57%, Europe: 17%, APAC: 19%, and ROW: 7%

The report includes the study of key players offering E-Discovery solutions and services: kCura LLC, AccessData, FTI Consulting, Inc., IBM Corporation, Guidance Software, Inc., ZyLAB, Nuix, Xerox Corporation, Hewlett Packard Enterprise Development LP, and Exterro, Inc. are some of the companies profiled in the report.

Research Coverage:

The report includes in-depth competitive analysis of these key players in the E-Discovery market, with their company profiles, SWOT analysis, recent developments, and key market strategies. The research report segments the E-Discovery market by solution, deployment, service type, industry and region.

(102)

Share

Why include compliance from the start?

For many organisations, compliance is simply viewed as a necessary bolt-on. A cumbersome process that is tackled at the end of the project and a common cause of frayed tempers. However, it is possible to turn compliance into a source of competitive advantage; but to do this, it needs to be included in business processes from the beginning.

This modern approach provides a heap of benefits, here’s a few examples:

Development is streamlined

Companies that wait until design and development are completed before requesting compliance support and sign off are simply slowing down project completion. Early compliance input helps organisations avoid unnecessary rework and speeds up final approvals down to a few days, instead of weeks.

Compliance concerns are addressed early on

Early involvement also enables compliance professionals to identify and offer suggestions to address any issues that could impede Customer Communications Management (CCM) compliance approval later on. This way, the design and development team are able to make adjustments and changes for compliance purposes before a communications package gets too far along in the process.

Compliance becomes collaborative and holistic

Getting compliance involved in design and development provides a unique opportunity for the function to become an enterprise-wide collaborative process.

Furthermore, if compliance has a holistic view of all communications, it greatly reduces the risk of ‘errors of omission’; where compliance professionals miss issues as they do not have full visibility in to customer correspondence, only to miscellaneous items which have been submitted individually.

Creating competitive advantage

With customer experience being a source of competitive advantage for companies, a more streamlined and responsive customer communications compliance process is of critical importance. By maximising compliance flexibility, design and development teams will find it easier to innovate within existing compliance frameworks. Instead of railing against the barrier of compliance, organisations have the ability to integrate compliance requirements by building them into the design of communications materials from the beginning. This enables companies to bring new products to market far more quickly than they otherwise could.

Ultimately, as customer experience becomes the pivotal differentiating factor between competitive organisations, compliance must help and not hinder innovation. This requires a new approach; one that combines compliance and innovation from the very beginning. With the help of the appropriate CCM solutions such as GMC’s Inspire, organisations are able to transform compliance into a driver of business value.

For further information on compliance and innovation, download the whitepaper www.neopost.co.uk/gmccompliance

To discover how GMC’s Inspire CCM software can drive customer retention, visit www.neopost.co.uk/gmc1

(73)

Share

Outsourcing to become vital digital strategy as SMEs face digital skills gap

Small and medium sized businesses that are attempting to adopt and incorporate digital technology face a skills shortage, hampering their growth and slowing the speed of their future development. But, SMEs can still take advantage of digital opportunities by outsourcing their digital needs to professionals and businesses with experience and knowledge of the digital sector, say experts Dorset Creative.

According to a Gartner Inc survey, chief information officers the biggest barrier to achieving digital objectives was identified as an IT skills gap. Respondents highlighted a lack of talent operating in data analytics, resulting in high competition and the individuals with the desired skillset being expensive to hire. With small budget constraints, this presents a significant challenge for SMEs – but outsourcing is a solution.

 Nathan Revill of Dorset Creative, said, “Digital adoption and adaptation isn’t something that just the large companies need to consider. Even customers of small businesses now expect digital services and without it, these businesses can lose vital sales and create damage to their revenue streams. A company’s digital presence is available 24/7 and opens the door to many more opportunities.”

Nathan added, “The skills gap presents SMEs with a problem, but by choosing to outsource, small businesses can access all the talent and skills they require without the need to make a costly hire or a long-term commitment. It’s understandable that some businesses are wary of working with outside organisations but if they pick the right one, their company benefits by being able to fully implement their digital strategy at an expert standard.”

To find out more visit https://www.dorsetcreative.co.uk/

(74)

Share

The holly and the 5G

Bournemouth’s Christmas tree, lights and decorations have been included by Ordnance Survey (OS) in the intelligence of its ground breaking planning and mapping tool that will be instrumental to the national rollout of 5G technology – the next generation of wireless communications needed to bring Internet-connected devices into everyday life. The tool, which is being created by OS, the Met Office and 5G Innovation Centre, aims to be a digital twin of Bournemouth that changes with the seasons. As well as including the lifecycle of plants, the foliage of which can affect the ability of 5G antennae (access points) in relation to their broadcast range and reliability, Bournemouth’s festive decorations have also had to be factored into the planning tool.

Richard Woodling, Client Delivery Manager at Ordnance Survey, says: “In creating this digital twin we have to consider every detail that will affect 5G signals and build these into the model. An interesting lesson we have already learned from our work in Bournemouth is that we need to be aware that in the run up to Christmas, lighting and other seasonal decorations can block signals. This level of knowledge will be invaluable to the creation of a 5G network in Great Britain.”

Networked sensors and beacons will depend on seamless access to the 5G network. The higher frequencies typically offered by 5G in urban areas delivers significant increases in bandwidth that these devices will demand. Higher frequencies have a shorter range, and so a huge amount of equipment is needed to support the network and make it robust. Industry sources have suggested thousands of sites will be needed with higher frequencies to assure widespread national 5G coverage.

Higher frequencies also mean much larger amounts of data can be sent and received than at current mobile frequencies. This ability to transfer large amounts of data is important for meeting the increasing demand for bandwidth brought about by the growth of the Internet, and it is vital to the future success of new tech concepts, including Smart Cities, the Internet of Things (IoT) and driverless vehicles.

One issue with the rollout of a 5G network is that details such as different construction materials can markedly reduce the capability for radio signals to travel, and at very high frequencies even raindrops and the leaves of a tree can interfere with the radio signals. To make 5G a success, access points and network equipment must be deployed where the impact of the built and natural environment has minimal effect. Hence why OS is including Christmas decorations in the planning tool.

OS Commercial Director, Andrew Loveless, says: “The purpose is to deploy 5G quickly and efficiently. The increased bandwidth of a reliable 5G network will be necessary to enable Smart Cities and the Internet of Things to reach their potential. Our role is to take away the surprises for network planners and to identify how 5G can work reliably in built environments for years to come. “

For further information https://www.ordnancesurvey.co.uk/business-and-government/smart/5g.html

(189)

Share

Domino’s Pizza warns customers to change their passwords

Pizza Delivery firm emails its customers urging to create new passwords for My Domino’s accounts to prevent hacker attacks. Following the news, below are comments from Lee Munson, security researcher at Comparitech.com:

“Domino’s pizza has taken the unusual step of advising its customers to change their passwords, despite not being breached in any way.

“This unlikely scenario has probably arisen in response to recent high profile breaches, such as the one at Yahoo, which has likely seen a billion sets of usernames and passwords released into the wild.

“Given how likely it is that Yahoo users have reused those credentials across a number of accounts, this move by Domino’s is a good one, though users should still be proactive about ensuring they use a unique password for every account they have elsewhere on the web (pro tip: use a password manager to make this task much simpler).

“Concerned internet users can check whether their email addresses have been compromised by checking them on sites such as HaveIBeenPwned which will indicate any breaches they are associated with.”

(65)

Share

TB Forum 2017

Oil, Gas and Industry: Meeting with integrators and security directors at TB Forum 2017

New features at TB Forum powered by Intersec 2017 include Oil & Gas and Industry Clusters, bringing thousands of safety and security professionals in touch with integrators, end-users and key decision makers in this field.

In these sectors vendors from overseas gain the biggest market-share and have leading positions. Security Directors from PJSC “RusHydro”, PJSC “Gazprom Neft”, PJSC “NC” Rosneft “, PJSC” Gazprom “, PJSC” Transneft confirm that procurement of the security systems in large volumes is still relevant to them and the budgets are available. $164 million totally will be spent for security and safety at Oil&Gas in 2016.

Alexey Ostrov, OJSC Severneftegazprom

“Servers and workstations have no Russian analogues, and imported surveillance systems are more reliable and more advanced technically in comparison with domestic counterparts. We also purchase Access Control products & solutions from foreign vendors, since the objects have been designed on the systems of such kind. Software however makes an exception, in this segment we prefer local manufacturers. In the security and alarm systems sector priority goes to the domestic vendors”.

BOOK TO EXHIBIT>>>

Meet the people in charge of implementing and purchasing security systems in energy sector and demonstrate the advantages of your equipment and solutions at TB Forum powered by Intersec 2017

For evaluating opportunities please contact:

Anna Zabora

TB Forum powered by Intersec

Project Coordinator

Find on LinkedIn

zabora@groteck.ru

(66)

Share

Groupon users have fallen victim to fraudsters placing orders in their name

Reports have started to surface about Groupon users falling victim to fraudsters placing high value orders in their name.Please see below for commentary from several cybersecurity experts.

Rob Sobers, director at Varonis:

“Today’s news is the result of billions of compromised user accounts from other breaches now being used to gain legitimate access to Groupon user accounts in order to make high-ticket purchases just in time for the holidays. If hackers can co-opt a consumer’s credentials for Groupon, then data security professionals need to be asking themselves if those same passwords can be used to access their organisation’s data.

“Barely a day goes by without us entering at least one password or pin to prove we are who we are before accessing information or resources. Yet, passwords are also one of the things we consistently get wrong because we make them short, common and the same across our various applications. If consumers are simplifying their password authentication practices across their personal applications, then it stands to reason that they may be doing this with their employee access credentials.  A perimeter defence doesn’t matter anymore if someone has the keys to the front door who intends to do the individual user account or the organisation harm.

“Consumers need to take pro-active steps to ensure their own data privacy by first practicing good password hygiene. Troy Hunt, renowned security expert and author of the free data breach service, “Have I been pwned?,” gives the everyday online consumer helpful tips for creating strong and effective passwords in this free online training sponsored by Varonis Systems, Inc.: “Internet Security Basics, 5 Lessons for Protecting Yourself Online.” He suggests that strong passwords need to be at least 8 characters in length of random lower and upper case letters, numbers and non-numeric punctuation. Your dog’s name plus the year is not a random password. Instead a passphrase should be used to create length and randomness. For example, “What’s Roger got for dinner?” can be manipulated with letter substitution and shortened into an acronym. Finally and most importantly to the Groupon example is that a strong password is unique and only used for one application.”

Paul Fletcher, cyber security evangelist at Alert Logic:

“This is the type of secondary impact that can result from security breaches that include personal identifiable information (PII) and specifically, username, passwords and security question information.  It’s extremely important to have good “password” hygiene to lessen the impact of breaches on one system from effective another system.  Part of good “password hygiene” is to NOT use the same password on multiple websites, rotate (change) passwords on a recurring basis and use different security questions on different systems and, when possible, use two factor authentication.”

Richard Meeus, VP technology EMEA at NSFOCUS:

“With the massive data breaches announced last week by Yahoo! – remember it was 1 billion accounts – it has never been more important to use different passwords on every site and use 2FA (2 factor authentication) where possible. 

Using the same username and password on every site should not be happening anymore. We need to change user apathy towards passwords and maybe also get website owners to be more proactive in supporting their customers by checking their user databases against the lists of breached accounts”

Lee Munson, security researcher at Comparitech.com:

“The issues experienced by Groupon customers show how a data breach can have far-reaching consequences that affect more than just the company that was initially attacked.

“The fact that Groupon account holders have seen accounts compromised, and money lost, also says much about the practice of reusing email addresses and, especially, passwords across many different websites.

“Users need to be aware of the risks of recycling login credentials – which means one breach can undermine ALL their accounts – as well as be informed specifically about this incident so they can at least change their Groupon password right away.

“As for Groupon itself, even though it hasn’t been breached, it appears it could still learn a lesson or two about incident response so that its customers can retain the belief that the company has their best interests and security at heart.”

(139)

Share

UX versus User Security: Part four

Part four: Supporting user experience through education  

By François Amigorena, CEO, IS Decisions

The bigger the organisation, the bigger the threats can be — all it takes is one small mistake from an employee and the whole organisation can be put at risk. But at the same time, it’s not practical to be there to hold every employee’s hand and ensure that they always do the right thing. Ultimately you need to empower employees with clear guidance and training about the risks and then trust them to make the right decisions about downloading unsolicited attachments or sharing passwords.

Our guide UX versus User Security features a survey of 500 IT Security Managers from the UK and US which confirms that employees on both sides of the Atlantic generally do feel trusted by their employers, with only 1% strongly disagreeing. However, when asked if they felt empowered to make the right security choices there is a bigger divide of trust — 80% agreeing in the US compared with just 56% in the UK.

Most organisations base their trust in employees on an assumption that if they give staff the right advice that they will take some personal ownership for their part in the organisation’s security. To a certain extent that is true, but it can’t be taken for granted because at end of the day employees have a job to do, so in times of high stress the organisation’s security can easily fall off the priority list.

My advice to help your employees avoid careless mistakes and discourage malicious activities is setting up real-time IT security alerts and notifications to go directly to them if their credentials are being used elsewhere (rather than just the sysadmin). These alerts can be set up alongside admin-controlled restrictions designed to stop careless behaviour on the spot. By giving employees more visibility, they not only feel empowered to show good user security behaviour, but you also defend the organisation against those with malicious intentions.

It is obviously important for organisations to have a way to detect possible compromised credentials. But it is not just about detecting a breach, it’s important to have security protocols in place to help minimise data loss as quickly as possible. And if your employees are trained to notice when something is not right and flag it as soon as possible, it can really help minimise this loss.

(79)

Share

5 effective new year security tips for small businesses

Throughout 2016 we’ve seen a shift in media attention towards cyber security. Data breaches and hacking are now headline news. This year has seen accusations of hacking in the US election, Yahoo admitting to two colossal data breaches with lost user records numbering in the billions, and hacks on small businesses rising dramatically, with SMEs increasingly targeted by ransomware attacks.

The internet of things offers new opportunities to attackers as the network of connected devices grows. These devices – kettles, fridges, baby monitors, etc – are often not as tightly secured as our PCs, phones and laptops.

The threat to small businesses is huge, with reputations on the line and heavier fines to be dished out for those who fail to protect data to an adequate level. Small businesses without dedicated IT staff must take steps to protect the personal data they hold, whether that’s customer data or the personal information of their employees.

As we wind down 2016, UKFast and Secarma CEO Lawrence Jones MBE offers his five key steps for small business owners to take in order to stay safe in the evolving digital landscape as we enter the New Year:

 

1)      Use a password manager

Remembering strong passwords for all the applications you use in your business and personal life is all-but-impossible and many people end up either using weak passwords or re-using them. Instead, use a password manager. There are many around, such as LastPass and KeePass. Be aware that some password managers have had security breaches, so be sure to yours up-to-date.

2)      Check your backups

One of the most damaging attacks, and one of the most frequently deployed against small businesses, is Ransomware. This malicious software encrypts your critical business files; locking you out and demanding payment for release. Imagine the damage that could do to a business.

Ransomware is allowed into Windows systems when users click on malicious links, downloads or attachments in spoofed emails. Users should never open email attachments from sources they don’t recognise. Malicious emails used to be less sophisticated, with basic looking templates and spelling mistakes. Now they are branded with company logos and a forged email address. Attackers often tailor the email for their victim using information they know about your business. Personalised attacks, of course, have a higher success rate.

The frequency of this kind of attack has exploded in the last 12 months because the criminals are getting results. Now’s the time to fight back. Ensure you keep regular backups in a separate location, so that if you’re held to ransom you can recover your critical files without having to pay the attackers.

3)      Beware Internet of Things (IoT) devices

Many IoT devices have been the weak link which led to a security breach, putting your home network at risk. Like any software, you need to keep IoT devices up-to-date.

Think carefully before setting up a “port forward” to allow you to login to devices remotely – if you have a weak password or vulnerable device, hackers will be able to access it too, and if it’s connected to devices you use for work you’ll be leaving your business exposed.

4)      Educate your team

It’s difficult to change human behaviour and break bad habits, so it’s important to get your team together in a group to discuss the risks and how to avoid them.

Show them examples of ransomware attacks and other phishing emails, and give them the stats about what falling for these scams costs individuals and businesses every year. Provide examples of how individual employees have caused irreparable damage to businesses. It may seem farfetched, but it’s important they see just how crucial it is to be aware of the dangers. Ultimately, we’re all responsible.

5)      Use an ad blocker

Many viruses are spread through malicious adverts. Using an ad blocker is a simple and quick win in helping you to reduce your exposure and keep your business safe.

(85)

Share