An investigation into this summer’s Twitter hack by the New York State Department of Financial Services (NYSDFS) has ended with a stinging rebuke for how easily Twitter let itself be duped by a “simple” social engineering technique — and with a wider call for key social media platforms to be regulated on security.
In the report, the NYSDFS points, by way of contrasting example, to how quickly regulated cryptocurrency companies acted to prevent the Twitter hackers scamming even more people — arguing this demonstrates that tech innovation and regulation aren’t mutually exclusive.
Its point is that the biggest social media platforms have huge societal power (with all the associated consumer risk) but no regulated responsibilities to protect users.
The report concludes this is a problem U.S. lawmakers need to get on and tackle stat — recommending that an oversight council be established (to “designate systemically important social media companies”) and
Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous problems for organizations. Not only can companies suffer serious service disruption and reputational damage, but the loss of personal data can also result in huge fines from regulators.
Take British Airways as an example. In 2019, the airline was fined more than £183m by the UK’s Information Commissioner’s Office (ICO) after customer data was compromised in a cyber-attack. Customer details, including name, address, logins, and payment card, were harvested by hackers – affecting half a million customers in total. The fine, which amounts to around 1.5% of British Airways’ global 2018 turnover, was the first proposed by the ICO under the new General Data Protection Regulation (GDPR).
Cyberattacks like this are hitting the headlines with increasing frequency. But
Bottom Line: Flint Brenton’s vision for the future of Centrify and cybersecurity, in general, prioritizes the need for privileged access management to become core to the multi-cloud architectures and DevOps environments he sees pervading customers’ enterprises today.
Every new cybersecurity company CEO is writing their vision of the future by their decisions and the priorities they are based upon. From tech dominance to sales success, each CEO has their own long-term strategy and idea of what they and the company need to excel at to succeed.
Defining Cybersecurity As A Core Part Of DevOps
It is always fascinating to speak with new CEOs at cybersecurity companies and see what their vision for the company is after they’ve been there a few months. I recently had the opportunity to sit down and talk with Flint Brenton, who joined Centrify as President and CEO in July of this year. Flint leads
California is a beacon for global innovation, home of Silicon Valley and a center for space tech. Its economy outpaces many nations, beating both the Russian Federation and Italy for gross domestic product. Big name enterprise players, the U.S. military, and government all vie for top talent; and there isn’t enough to go around.
“There’s over 37,000 vacancies that we know of in California just alone in cybersecurity,” said Stewart Knox (pictured), undersecretary at the California Labor and Workforce Development Agency.
And demand is forecast to grow. As aerospace innovators break business free of the confines of gravity, the need to secure satellites and space-based operations is going to boom.
Knox spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the Space & Cybersecurity Symposium. They discussed how California is addressing the skills gap in cybersecurity. (* Disclosure below.)
First and foremost, I want to let readers know this will be my final Tech Talk column for Seacoast Media Group. For the last 14 years, I’ve tried to share timely and informative columns about technology that will help businesses and individuals better take advantage of the incredible capabilities that technology provides us all.
Can you imagine navigating the current pandemic without technology? No remote work, no remote learning, no virtual events, no family Zoom or FaceTime. The list goes on and on.
I hope you’ve benefited from what I’ve shared over the years. I appreciate the feedback and questions I’ve received from many of you. I also want to thank the editorial team at Seacoast Media Group, specifically Rick Fabrizio for always keeping me on track and supporting this column. Lastly, I want to thank all of you for reading. It’s been my pleasure to share my passion with
RESTON, Va., Oct. 7, 2020 /PRNewswire/ — ORock® Technologies, Inc., a hybrid cloud service provider, announced today the availability of five solutions available on CyberXchange, the innovative new ecommerce marketplace dedicated to cybersecurity and compliance. For the first time, CIOs, CISOs and IT professionals can find and buy ORock’s solutions mapped to the major cybersecurity frameworks such as SOC 2, PCI, CMMC, and NIST bringing unprecedented visibility and efficiencies in addressing cybersecurity requirements.
Built on CyberXchange’s proprietary mapping engine and AI platform called Harmony, ORock’s solutions are available now at: cyberxchange.apptega.com/company/orock-technologies.
According to a recent study by PwC, 91% of all enterprises are following at least one cybersecurity framework, which mandates hundreds of requirements to quickly satisfy by sorting through a flood of 5,000+ disjointed security products and services currently on the market. Until CyberXchange, there was no easy way to find a product or service mapped to
I have been in the cybersecurity space since 2008 when I joined McAfee (through the acquisition of Reconnex) and have been enjoying this space since then. (Fun fact: I joined Reconnex the same day it was acquired by McAfee.)
This year the cybersecurity space is quite healthy considering the global uncertainty in the world. I took a look at the space, digging into data across the industry and came across a few trends:
1. Stocks have been on the upward trend.
2. Hiring trends look promising.
3. Acquisitions are still thriving.
4. Security startups are slowly being founded in 2020.
Having said that, some cybersecurity companies are showing flat growth and many cybersecurity startups that are facing a hard time to raise funds and are struggling to survive this year.
Banks and other financial institutions could be forced to cut ties with cloud providers and other technology suppliers under a draft European Union regulation that aims to limit cybersecurity risks to the sector.
National regulators in EU countries could require banks to stop using external technology services if their providers fail to fix cybersecurity problems identified in government inspections. The bill goes beyond existing European legislation mandating cybersecurity rules for the finance sector by requiring technology suppliers to also undergo regulatory scrutiny.
Under the proposed rules, authorities can recommend cybersecurity changes to technology providers, which must respond within 30 days on whether they plan to follow the recommendations. Regulators would then monitor whether financial firms have taken those risks into consideration, and can require them to suspend or stop using a company’s services.
“It could be a massive, massive headache,” said Richard Parlour, chief executive of law firm Financial Markets
Seattle startup Strike Graph raised a $3.9 million seed round led by Madrona Venture Group.
The company, founded less than a year ago and spun out of Madrona Venture Labs, helps customers prepare for the cybersecurity certification process.
Most B2B organizations need to pass cybersecurity audits to ensure their service meets security and privacy standards. StrikeGraph says its customers can earn a SOC 2 Type 1 certification in 45 days and save $50,000 in consultant fees thanks to automation and customization features.
The 5-person startup is led by CEO Justin Beals, a veteran of NextStep, Koru, Roundbox Global, and other startups, along with Brian Bero, who previously co-founded Seattle tech stalwart Apptio and recently sold security startup Greytwist to SmartRIA.
The idea for Strike Graph came about after Beals struggled with the SOC 2 process as the CTO
Fresh off an investment round that netted the company $15.5 million, Ann Arbor cybersecurity firm Censys Inc. has a new executive running innovation and technical strategy.
The company announced Monday that Derek Abdine, a veteran of cybersecurity companies, had been hired as the company’s new chief technology officer. Abdine, 37, will remain based in Los Angeles but travel to Ann Arbor quarterly once the COVID-19 pandemic subsides.
“I joined Censys because companies still face significant challenges securing systems despite a robust cybersecurity industry and there is a shared belief that one of the core issues for this stems from problems with internet-facing configuration and computing infrastructure,” Abdine said in a news release. “Censys is one of the few companies I’ve seen that is truly innovating in cybersecurity, and their team is loaded with some of the brightest, focused people in the industry.”