US financial institutions see peer-to-peer fraud and other digital fraud as the biggest cybersecurity concern in 2023.

It was cited by 29% of respondents in a survey by Computer Systems Inc. (CSI), followed by data breaches (23%), ransomware (20%) and a breach at a third party (15%). 

Industry respondents also expressed concerns over identity theft at 4%, unavailable or unaffordable cyber insurance at 4%, geopolitical risks at 3%, DDoS attacks at 2% and website defacement at 0.9%, according to CSI’s annual survey of the financial sector. It received responses from 228 banking executives, 171 of them at vice-president level or above. 

To read this article in full, please click here

Read More

ServiceNow Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor’s advanced software composition analysis (SCA) backed by Snyk’s security intelligence—a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.

ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk’s intelligence.

To read this article in full, please click here

Read More

Just another obscure warrantless surveillance program.

US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between the US, Mexico and 22 other regions through services like Western Union, MoneyGram and Viamericas. The program covers data for numerous Caribbean and Latin American countries in addition to Canada, China, France, Malaysia, Spain, Thailand, Ukraine and the US Virgin Islands. Some domestic transfers also enter the data set.

[…]

You need to be a member of law enforcement with an active government email account to use the database, which is available through a publicly visible web portal. Leber told The Journal that there haven’t been any known breaches or instances of law enforcement misuse. However, Wyden noted that the surveillance program included more states and countries than previously mentioned in briefings. There have also been subpoenas for bulk money transfer data from Homeland Security Investigations (which withdrew its request after Wyden’s inquiry), the DEA and the FBI.

How is it that Arizona can be in charge of this?

Wall Street Journal podcast—with transcript—on the program. I think the original reporting was from last March, but I missed it back then.

Read More

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Amazon Web Services (AWS) is home to almost a third of the world’s cloud clients and boasts huge cyber security features; yet, even Amazon is not immune to attack. The provider has been beset with outages this year, with industry authority Network World highlighting the recent Ohio outage, which lasted 75 minutes, as being of particular interest. While the reasons behind these outages will remain a closely guarded secret, they nevertheless raise the discussion of cyber-attacks. Could malicious actors have been responsible? What level of protection is available behind the scenes, and how far ahead of the game is Amazon? Finally, is AWS up to scratch for the next generation of web users?

Making the balance

AWS is an affordable option, but it nevertheless comes with overhead. With belts being tightened all over the USA and the rest of the world, businesses will necessarily be looking towards their web usage to try and generate new savings. For most businesses, optimizing your AWS expenses it’s an effective way to do this, but it’s crucial to find those efficiencies in the right areas.

One area not to cut back on is cybersecurity. AWS is famed for its built-in security, and, as the internet society W3 highlights, that security works at scale. Leaving that in place is crucial. Instead of looking to economize on security, businesses should seek to find efficiencies in changing their billing profile. For instance, by choosing between quota-based demand systems, and more flexible plans that can benefit those businesses. Focusing on demand, and business priorities, rather than security for cutbacks is really important.

Extra layers of protection

There is a strong track record of data protection within AWS, but not necessarily within the wider Amazon setup. Indeed, as one Wired investigation showed, consumer data that is held on the same data centers as AWS assets has been compromised. However, this was not through attacks but from unauthorized internal access.

As such, adding extra layers of protection onto the business side, and making use of enhanced security packages offered by AWS can ensure that data has multiple key levels of protection. This helps ensure that attacks are minimized and any successful breaches are managed immediately.

Ask for the best

Cyberattacks have been ramping up across the world, according to CNBC. As a result, Amazon and Microsoft have been hoovering up cybersecurity solutions and contractors in order to shore up their own defenses for AWS and Azure respectively.

This may result in new solutions being integrated into the AWS system and made available to customers – and you should be proactive in asking for these protections. It’s important that products are well tested and deployed, of course, to ensure their quality, but being at the forefront of the cybersecurity vanguard within AWS will give your business an extra layer of quality and also help to build your reputation as a forward-thinking and well protected enterprise. This can be absolutely crucial in the world of business, especially with cyberattacks becoming ever more frequent.

Data is the lifeblood of the business – when you protect it you protect the sustainability of the business and your future success. AWS does a lot to help with security, but no solution is without its flaws. As such, take a proactive approach to security measures within AWS, and constantly seek to apply new standards to gain advantage against cyber criminals and help to build your reputation as a forward-thinking business. These approaches are crucial in the ongoing fight against cyber-crime.

Read More

Analyst claims only 10% of firms will have a program in place by 2026

Read More