Tag Archives: New York

Security Never Sleeps- FinTech Regulation, Firewall Tech

New York’s Historic FinSec Regulation Covers DDoS, Not Just Data

“Financial sector gets a cybersecurity overhaul”

Starting August 29th, New York banks and and other financial actors must report any security event that has a ‘reasonable likelihood’ of causing material harm to normal operations to authorities with 72 hours. Until now, most organizations have been able to sweep data breaches and other comparable embarrassing incidents under the rug without reporting them, or mitigating the FinSec information that is released that may affect customers.

Next generation firewalls to become last generation firewalls

“Security needs constant updates”

Increased end-to-end encryption and the rise of affordable artificial intelligence means your business’ security systems need to be evolved to meet the threats that today’s cyber criminals present. While next generation firewalls still provide a critical component in a business’ security solutions, but no longer provide a “one box to protect it all” turn-key protection system. Today, hackers, knowing most businesses have a NGFW, focus on application layer attacks and they utilize transport layer security to obscure their connections. This evades the defenses provided by a NGFW and requires businesses to either proxy connections at an edge gateway or move security down to the endpoint in order to remain secure.

Heading to College? Job 1: Lock Down your ‘Directory Information’

“Some tips to keep your information secure on campus”

Colleges in the U.S. give away personally identifying data on millions of students each year, defined as unregulated “directory information” for the institutions faculty. Job 1 when arriving on campus: opt out and protect your data from these directories. Check out the link to learn more about shielding your data when you go to school and protect yourself from many would-be cyber criminals who prey on unsuspecting students.

Enjoy your read? Check out our other content here.

10Fold Security Never Sleeps- GDPR, Law and IoT

New Trojan malware campaign sends users to fake banking site that looks just like the real thing

“False login ages steal sensitive info”

A credential stealing trickbot banking malware has been engaging in a email spam campaign that gives users a fake webpage that is nearly identical to the original. Online banking users in the US, UK, Australia, and many other countries have been affected, and this number is expected to grow as those developing it have been experimenting with EternalBlue. This was the exploit that allowed WannaCry and Petya to spread so efficiently.

Can U.S. lawmakers fix IoT security for good?

“Inter-connectivity leaves devices vulnerable”

Several U.S. Senators believe they have proposals that will aid in preventing the attacks that have plagued IoT devices in the last few years. The proposed solutions, put forward in the Internet of Things Cybersecurity Improvement Act of 2017. Many expert analyses of the IoT Act reveals that it’s likely a hearty step in the right direction, but it may not be enough to stop the tide of attacks that cause major issues for many people.

How to protect personally identifiable information under GDPR

“New rules grant more rights in PII for consumers”

The GDPR goes into force May 25, 2018, impacting many firms worldwide that process data for EU citizens. Heavy fines and other penalties are due to the companies that do not enforce the more rigorous personal identifiable information (PII) regulations, often up to 4% of a firms yearly revenue. Breaches are also required to reported with three days.

Ex-NSA Analyst Raises $10 Million To Stop Hackers Destroying Power Grids

“Infrastructure targets more popular”

Part of an espionage mission to disrupt critical services began in 2013, when a U.S. dam was targeted by mercenaries hired by Iran’s revolutionary Guard Corps. This relays the importance of national cyber security, recognized by Rob Lee, who was once part of National Security Agency and currently co-founder at infrastructure-focused cybersecurity firm Dragos Inc. The firm has recently raised $10 million in Series A funding for its goals, and a recognition of the seriousness of the situation.

Enjoy your read? Check out our other content here.