Cyber Connections News Roundup: October 20

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 20

Recent Barnes & Noble Breach Included Customers’ Personal Information

According to a report on www.securitymagazine.com, Barnes & Noble notified customers on Oct. 10 that it had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems and may have affected customers’ personal information. The company said that customers’ payment details had not been exposed, as it uses technology that encrypts all credit cards. The systems impacted did contain email addresses, as well as billing and shipping address, and telephone number if they were supplied by the users. Read more.

Investigators into Twitter Hack Call for Greater Security Regulation

A recent article on https:// techcrunch.com details how an investigation into this summer’s Twitter hack by the New York State Department of Financial Services (NYSDFS) concluded that the social media giant let itself “be duped by a simple social engineering technique.” The NYSDFS report called for greater security regulation for key social media platforms. In the report, the NYSDFS pointed out how quickly regulated cryptocurrency companies acted to prevent the Twitter hackers scamming even more people, arguing the biggest social media platforms have great societal power but no regulated responsibilities to protect users. Read more.

Why You Need to Know the Difference Between Cybersecurity and Cyber Resilience

It goes without saying that cyberattacks, making headlines with increased frequency, according to a recent article on www.forbes.com, can be devastating to companies large and small, causing service disruption, reputational damage and financial distress. bust the loss of personal data can also result in huge fines from regulators. This is why all companies need to invest in cybersecurity and cyber resilience. In a nutshell, cybersecurity describes a company’s ability to protect against and avoid the increasing threat from cyber crime. Meanwhile, cyber resilience refers to a company’s ability to mitigate damage (damage to systems, processes, and reputation), and carry on once systems or data have been compromised. Read more

Is Employee Cybersecurity Training Working?

The theme of this year’s Cybersecurity Awareness Month is “Do Your Part. Be Cyber Smart” to promote and encourage accountability at the personal and corporate level. However, according to a recent article on https://securityboulevard.com, although many organizations provide cybersecurity training/education, 43% of employees are not aware that clicking on a suspicious link or attachment in an email can introduce malware. The publication, citing the “2020 State of Privacy and Security Awareness Report” by Osterman Research and MediaPRO, offers additional statistics that demonstrate that quite often corporate training is not sinking in. Read more.

Financial Institutions Implement Cutting-Edge Technologies to Keep Customers Safe

Financial institutions average $100 billion in losses due to cyber crime each year with hackers targeting multiple access points to customers’ financial data, according to a recent article on https://securityboulevard.com. The publication offers a detailed overview of the technological advances  financial services companies are implementing to protect user data. On the cutting edge of this security are blockchain, triple-entry accounting, and tokenization systems. Blockchains, for example, invented for and popularized by cryptocurrencies like Bitcoin, are highly encrypted and decentralized networks of data. When it comes to financial security, blockchain brings some of the benefits of cryptocurrency to all transactions. Read more.

2020 Cybersecurity Threats & Detection: An Interview with Two UMGC Cybersecurity Faculty Experts

As we enter the second decade of the 21st century, we enter a world that is more connected than ever before, and developments in technology are progressing faster than our ability to secure them. Michelle Hansen and Valorie King of the School of Cybersecurity and Information Technology at University of Maryland Global Campus offer their insights into the current threat landscape and what cybersecurity professionals need to do to defend against aggressive attacks.

In a recent blog post on http://www.forensicscolleges.com, a comprehensive directory of programs and careers in the fields of digital forensics and cybersecurity, Hansen and King share their insights into the technologies that are vulnerable to cyber attack, the influence of moral reasoning in cybersecurity, and which cybersecurity skills are most in demand.

“Cybersecurity threats and attacks have advanced at scale with the progressions of technology. With every new device and emerging telecommunications development come new vulnerabilities for exploitation.”

— Dr. Michelle Hansen, collegiate faculty, Information Systems Management at UMGC

“Cybercrime has become CaaS or Cybercrime-as-a Service. Exploit packages (pre-written applications used to attack systems and networks) have transitioned towards a Platform-as-a-Service model where attackers can rent time on computing infrastructures that support and deliver attacks.”

— Dr. Valorie King, program director, Cybersecurity Management and Policy at UMGC

Read the full interview.