Why cyber insurance should be your last line of defence

Data breaches are proliferating, and the associated costs are exploding. According to the Ponemon Institutes’s “2014 Cost of Data Breach Study: United Kingdom” study, the average cost of a data breach has reached in the UK increased from £2.04 to £2.21 million.

Businesses’ general liability policies don’t cover those costly data breaches, which points to cyber insurance being a wise choice.  In fact, AON PLC, the world’s largest reinsurance broker, claimed in October 2014 that the cyber insurance market was at the time growing at 38% annually.

However, as a case in the US a bit earlier this year has shown, cyber insurance should not be relied upon as your first line of cyber defence.  […]

NIST releases new ICS security guidance

The National Institute of Standards and Technology (NIST) has released an updated version of its “Guide to Industrial Control Systems (ICS) Security.”   The 247-page document provides ICS operators guidance on securing supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). […]

Information Security

Cyber Essentials with CS Risk Management

CS Risk Management have recently obtained the accreditation to provide the full suite of Cyber Essentials certification body services.  Over and above Cyber Essentials Plus certification, this also now includes verification of Basic Cyber Essentials self-assessment submissions and issuing of Basic Cyber Essentials certificates to those customers who meet the requirements set out in the scheme. […]

UK Government chooses not to renew XP support

UK newspaper, The Guardian, reports that the UK government is not going to renew support for their aging and now unsupported Windows XP desktop infrastructure. Microsoft withdrew its extended support programme for Windows XP, its 14-year-old operating system, in April 2014. Given the number of Windows XP PCs still being used in government and businesses Read more about UK Government chooses not to renew XP support[…]

Microsoft to support SSH in Windows #InfoSec # Crypto

Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project. While SSH has been a popular tool for remote login and command execution on many Unix and linux systems for years, Windows has not supported SSH by default, for a variety of reasons. Microsoft has Read more about Microsoft to support SSH in Windows #InfoSec # Crypto[…]

Information Security

IC3 Issues Internet Crime Report for 2014

Original release date: May 22, 2015 The Internet Crime Complaint Center (IC3) has released its Internet Crime Report for 2014, indicating that scams relating to social media — including doxing, click-jacking, and pharming — have increased substantially over the past five years. US-CERT encourages users to review the IC3 Alert for details and refer to Read more about IC3 Issues Internet Crime Report for 2014[…]

Information Security

Google Releases Security Update for Chrome

Original release date: May 19, 2015 Google has released Chrome version 43.0.2357.65 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome blog entry and apply the necessary Read more about Google Releases Security Update for Chrome[…]

Information Security

Cisco Releases Security Advisories for TelePresence Products

Original release date: May 14, 2015 Cisco has released two security advisories to address multiple vulnerabilities in TelePresence products. Successful exploitation could allow an attacker to bypass system authentication, execute arbitrary code with elevated privileges, or cause a denial-of-service condition. Users and administrators are encouraged to review Cisco Advisories cisco-sa-20150513-tc and cisco-sa-20150513-tp and apply the Read more about Cisco Releases Security Advisories for TelePresence Products[…]

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Original release date: May 12, 2015 The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition or steal sensitive information. Available updates include: Firefox 38 Firefox ESR 31.7 Thunderbird 31.7 US-CERT encourages users Read more about Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird[…]