Archive for January, 2018
From: The Conversation
The DCMS warned – in rather alarmist language – that “organisations risk fines of up to £17m if they do not have effective cybersecurity measures” in place. There are echoes of the EU’s General Data Protection Regulation (GDPR), by matching its €20m (£17m) maximum penalty level – though the option to charge 4% of turnover for NIS as well was dropped after consultation.
However, exorbitant penalties have been used as a scare tactic by GDPR snake oil salesmen, despite clear statements from the Information Commissioner’s Office (ICO) indicating a cautious regime. Did the DCMS mean to invite overblown headlines about the NIS directive, too?
From: The Diplomat
Is the the long-time threat of APTs to Taiwan a blessing in disguise?
By Philip Hsu
Given overlapping strategic objectives, the United States remains Taiwan’s main security partner. Some U.S. Federal agencies and corporations recognize Taiwan’s unique position in China’s cyber operations. The U.S. Department of Commerce led a trade mission of 20 U.S. companies to Taiwan last June, and American firms have been actively acquiring Taiwanese cybersecurity companies. Intelligence cooperation related to cybersecurity undoubtedly already takes place between Taiwan and the United States, given the presence of the NSA, and possibly the CIA, on the island.
“Insiders” – personnel inside companies or government agencies who stole data – were the second biggest threat agent.
But Enisa noted that nation states were also out to steal information or to blackmail victims, using cyber-espionage, ransomware, malware, botnets, and other tricks.
Huawei and ZTE on the Chopping Board: US May Soon Ban Gov Agencies from Using Their Products Over Security Concerns
By Rafia Shaikh
United States may soon ban the government agencies from using ZTE and Huawei products due to the companies’ alleged ties with the Chinese government. A new bill called “Defending U.S. Government Communications Act” has been introduced that is designed to bring a ban on all the phones, equipment, and services by these companies in the government agencies. The bill cites concerns that these companies could potentially share national security and corporate intellectual property data with the Chinese government.
From: Albawaba Business
As part of its statutory functions and duties towards the regulation and privatization of electricity and related water sectors, the Authority for Electricity Regulation (AER) held a press conference to launch its Forward Work Program for 2018. Reinforcing transparency among stakeholders and in-line with the government policies to ensure consistency of work planned for each subsequent year, the 13th edition of the program will include several priority areas aimed at enhancing the electricity sector efficiency, promoting competitiveness of the local market, and conducting initiatives for renewable energy.
SEOUL (Reuters) – A cybersecurity company said it has found software that appears to install code for mining cryptocurrency and sends any mined coins to a server at a North Korean university, the latest sign that North Korea may be searching for new ways to infuse its economy with cash.
The application, which was created on Dec. 24, uses host computers to mine a cryptocurrency called Monero. It then sends any coins to Kim Il Sung University in Pyongyang, said cybersecurity firm AlienVault, which examined the program.
The Cyber Security Best Practice Guide offers ‘three quick steps to serenity’ for small business operators to understand the risks and how to prevent cyber attacks.
By Asha McLean
The Australian Small Business and Family Enterprise Ombudsman has published a Cyber Security Best Practice Guide, hoping to help small business operators in Australia prevent, or better prepare for, a cyber attack.
Another statistic highlighted by the guide [PDF] is that 87 percent of small businesses believe their business is safe from cyber attack because they use antivirus software.