#CyberFLASH: Organization’s cyber security can have an effect on acquisition, says report

krawczyk01.jpg.size.xxlarge.letterboxThere are three common reasons cyber security has to be among the top priorities for the C-suite: To maintain confidence of partners, customers and investors. Loss of confidence by any of those groups could undermine corporate revenues.

A new report suggests there’s another reason: To keep up the value of the company for a possible merger or acquisition.

“Virtually all acquirers must implement a rigorous diligence process when considering M&A targets,” says the report by West Monroe Partners, a U.S.-based business and technology consulting firm. “The nature of cyber threats is also changing constantly, requiring a nimble approach to due diligence.”

How big an issue is it? According to a survey of 30 senior executives at corporate and private equity firms that frequently conduct M&A transactions 80 per cent said cybersecurity issues are highly important in doing due diligence on potential deals. The other 20 per cent who said they are somewhat important.

Just over three quarters said said the importance of cybersecurity in potential deals had increased significantly over the last 24 months.

These numbers reflect the rapid growth of risks related to cybercrime and the growing number of costly data breaches, says the report.

Read more here

 

#CyberFLASH: Only you can prevent your personal info from spreading online, say experts

40690232f3b4efcbe7b9bacebecfb3ebIt was enough to make the milk in their cappuccinos curdle.

Customers at a coffee shop in the U.K. learned they could get a free drink if they liked its Facebook page. They reacted with bemusement when baristas handed them drinks with data like their names, ages, jobs and living addresses written on the cups.

That information was gleaned by not-for-profit Cifas, which filmed their reactions with hidden cameras.

Granted, not every coffee shop’s Facebook page has a small army of data experts combing the internet while a barista steams some milk.

But the message is clear: many people’s personal information — probably more than they realize — is online and searchable by anyone from nosy neighbours to co-workers to identity fraudsters.

Apps aren’t really free

Anita M. McGraham, a professor at the Rotman School of Management at the University of Toronto, says the video is a good reminder of how much personal information we give out in order to use social media and other modern apps.

“In exchange for all these quote-unquote free services, such as the ability to stay in contact with our friends on Facebook, that freedom isn’t really free,” she told CBC News. “What you’re paying with is information about your identity.”

Read more here

#CyberFLASH: Canadian companies far from cyber-security ready

gv_20140408_biv0108_140409938.jpg__0x400_q95_autocrop_crop-smart_subsampling-2_upscaleA recent survey of 2,200 companies across 18 countries found that Canadian companies are some of the world’s least equipped to deal with cyber threats.

The study ranks 18 countries based on the percent of business that are adopters of effective modern cyber security procedures and technology. On a list of 18 Canada was No. 15, beating only the Netherlands, Japan and the United Arab Emirates.

“We’re moving from theft, which is costly, to potential catastrophe,” Steve Duplessie, founder and senior analyst at computer consulting firm Enterprise Strategy Group, said in a press release. “There are forces at play now that aren’t satisfied with just stealing your money, they want to destroy your entity. You can either start taking these threats seriously, or start looking for a hole to crawl into. Ignorance is no longer bliss.”

The technology market research firm Vanson Bourne was contracted by the data storage company EMC to perform the study. Vanson Bourne surveyed 100 Canadian companies and found that the majority were “laggards” when it comes to adopting cyber security technologies.

Vanson Bourne found that 52% of Canadian companies surveyed had suffered unplanned system downtime some time over the last 12 months. On average, the unplanned downtime cost Canadian companies $414,000 per incident.

Read more here

#CyberFLASH: State-of-the-art intelligence centre aims to thwart cyber attacks

montreal-que-june-28-2016-robert-masse-partner-cybe1The huge “threat detection” screen at the front of the Montreal Cyber Intelligence Centre is ablaze with blinking lights, but none of the eight or so Deloitte employees manning the restricted centre seem particularly alarmed. Cyber attacks are routine for this gang of cybersecurity specialists, who try to keep the world safe from Internet thugs while hunkered down in their state-of-the art facility in downtown Montreal.

Another jumbo screen is monitoring brute-force logins as it keeps track of the “cyber kill chain” that aims to identify and prevent cyber intrusions. Despite the violent terminology casually shared between the co-workers, the room hidden behind a facial-recognition security system in the professional services firm’s gleaming new downtown tower houses an unflappable team of hackers and risk experts hired to minimize casualties.

For there is no doubt about it, this is a modern-day war room in a cutting-edge battle that the general says we are losing. Badly.

That would be Robert Masse, leader of Deloitte’s cyber risk services in Montreal and the incident response team across Canada, who spends his days trying to outsmart the increasingly sophisticated cyber criminals who are ready to pounce when they detect any vulnerabilities in the system.

“Companies are being attacked all the time,” Masse said in an interview during a tour Tuesday which offered a glimpse into the workings of a cybersecurity centre. “We are really on the front lines of a cyber war.”

Read more here

#CyberFLASH: Passwords often a ‘weak point’ for consumers in cyber security

image-6TORONTO — This month, the University of Calgary paid $20,000 to regain access to its email system after a so-called ransomware cyber-attack.

A year ago, Ashley Madison, a website that facilitates extra-marital affairs, lost customers’ personal information to hackers, who have also recently accessed personal information held by online retailer eBay, Sony and LinkedIn, among others.

Cyber-security experts say businesses of all sizes can be vulnerable to attacks and hackers can manoeuvre their way into any site if the proper controls aren’t in place to detect their snooping.

But as cyber-attacks increase in frequency, there are measures consumers can take to protect the information they hand over to companies online.

“Cyber-risk is becoming a huge business problem,” said Rocco Galletto, leader of managed security services at Deloitte Canada from the company’s Toronto Cyber Intelligence Centre, which helps clients thwart and respond to cyber attacks.

The centre responds to about 1,000 cases annually, he said, though each one isn’t necessarily a full-fledged attack, but could be a lower-priority vulnerability being exposed.

“Consumers are concerned. Organizations are concerned,” he said.

BlackBerry, the Canadian mobile and software company, also entered the cyber-security service business this year, citing a burgeoning industry expected to grow to $23 billion a year by 2019.

Read more here

#CyberFLASH: Six reasons why you really should care about your kids’ online privacy

Children Interacting With Tablet TechnologyOnline privacy is a little like your weird Uncle Bob. He’s hard to understand, and you really only miss him when he’s gone.

And just like Uncle Bob, online privacy can sound a little paranoid. Internet predators. Online safety. Data mining. These issues are far-ranging and murky, so they’re easy to brush aside. What you or your kid posts or fills out online can wind up in the wrong hands, affecting your kid’s future, safety, and reputation.

It may be hard to care about Uncle Bob, but here are six reasons why you really should care about online privacy.

Your kid’s identity could be stolen.
Internet-enabled toys and kids’ devices store information about your kid “in the cloud” (which is just a cool name for servers). As the 2015 data breach of Vtech’s InnoTab Max uncovered, hackers specifically target kids because they offer clean credit histories and unused Social Security numbers.

Your kid could get hurt.
Sharing whereabouts on location-aware social media such as Twitter, Kik, or Facebook reveals kids’ physical locations to all their contacts – plenty of whom your kid doesn’t know personally. Imagine a selfie that’s location-tagged and says “Bored, by myself, just hanging out looking for something fun to do.”

Read more here

#CyberFLASH: Polytechnique launching new degree in cybersecurity

bestpix-computer-hackers-gather-for-annual-ccc-congressForced to fight off such enemies as headless worms, hidden ghostware and — straight out of Terminator — machine-to-machine (M2M) attacks, the billions of connected devices in the world have created a cyber battlefield so dangerous to navigate that virtually no one is safe from a cyberattack.

As information and communication technology (ICT) has become integral to almost every facet of modern society, cybersecurity has become one of the hottest fields around. With a goal of boosting supply and expertise in the burgeoning field, Polytechnique Montréal and Deloitte have teamed up to educate a new crop of cybersecurity experts.

The engineering school, which is part of Université de Montréal, and the professional services firm are joining forces to fight cybercrime by expanding and upgrading Polytechnique’s cybersecurity program — and creating a state-of-the-art curriculum that will meet current market needs.

They aim to create the first bachelor’s degree in cybersecurity — which will be offered in English next year as well — by offering three cutting-edge certificate programs in cyber investigation, online fraud and IT network computer security.

“This is unique in the world,” said Gervais Ouellet, Polytechnique’s coordinator of certificates in cybersecurity. “There is a huge need for this. Students will be getting a very practical training and they will find a job at the end of it.”

He says there are three to five job openings for every graduating student, and the most in-demand positions include cybersecurity analysts and consultants, identity-management specialists and online fraud investigators.

Read more here

#CyberFLASH: University of Calgary calls cyber insurance invaluable

computer-laptop-keyboard-852The University of Calgary is urging other institutions to purchase cyber insurance, saying in their case, it has paid off.

Officials dissected a recent malware attack, the school’s response — and the changes they’ve made — at a well-attended campus town hall Friday afternoon.

Linda Dalgetty, vice president of finance and services, says the school bought cyber insurance last year and although it didn’t cover the $20,000 ransom the school paid, it was invaluable in other ways.

“In fact one of my messages coming out of this to my peers, both in Alberta and across Canada, is this is a good thing for you to have,” Dalgetty said.

“And again not just becasue it’s that monetary recovery, it’s the value that we had from helping us going through a difficult time with this malware crisis.”

She says the insurance came in handy hours after the school bought it.

“It was quite interesting, we made the decision to buy it, it went live on I think a Friday morning at 12:01 a.m., and our first phishing attack was at 2 a.m. that day, so it was very coincidental,” she explained.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.