Cyber Connections News Roundup: August 13
Get the latest cybersecurity news from leading companies, news outlets and blogs.
Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.
August 13, 2019
New Symantec Report Highlights Challenges in Cloud Security
A new report from cybersecurity firm, Symantec, titled “Adapting to the New Reality of Evolving Cloud Threats,” says that enterprises that are in the process of transitioning to the cloud must realign or reinvent their security programs. Symantec talked to 1,250 security decision makers from 11 countries to understand the changing cloud security landscape and to gauge the maturity of security practices. Software-as-a-Service (SaaS) application usage is proliferating, the report says, and workloads are increasingly migrating to IaaS platforms like AWS and Azure, on-premises applications, storage, and private clouds persist. The resulting hybrid IT environment, according to the report, is leaving organizations scrambling to keep up. Read more.
NCC Group Researchers Determine that Office Printers Are Cybersecurity Risk
A recent article on www.forbes.com highlights the research findings of Daniel Romero Pérez and Mario Rivas Vivar of the NCC Group, who have discovered vulnerabilities in name-brand printers that could create long-term backdoor access into companies’ data. Rivas and Romero conducted a six-month project to identity vulnerabilities and exploitations relating to devices made by six of the largest enterprise printer makers in the world. Their efforts uncovered weaknesses that opened devices to Denial of Service (DoS) attacks, but of much more concern is the potential for those devices to be used as entry points into corporate networks. Read more.
New Synopsis Report Highlights Security Challenges in the Financial Services Industry
A new report commissioned by the Synopsys Cybersecurity Research Center (CyRC) and conducted by the Ponemon Institute called “The State of Software Security in the Financial Services Industry” highlights the financial services industry’s security posture and its ability to address security-related issues. The study found that more than half of the surveyed organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology. The study also found that many organizations are struggling to manage cybersecurity risk in their supply chain and are failing to assess their software for security vulnerabilities before release. Read more.
Lessons Learned from the Capital One Breach
A recent article on www.cyberscoop.com takes a look back on the Capital One breach, disclosed on July 29, and examines what went wrong, but also notes that things could have been worse. “When taken at face value, the Capital One breach looks awfully similar to other massive security failures. But there are some in cybersecurity circles that see a silver lining in the way the bank has handled the incident,” the article says. Some security experts believe that while the breach was severe, actions taken by the bank prevented this breach from becoming another example of extreme corporate cybersecurity negligence. Read more.
How AI Can Help with Cybersecurity
To keep up with the bad guys, companies will need to employ advanced tools, like artificial intelligence (AI), to prevent, detect and remedy potential threats, according to a recent report on www.forbes.com. For example, AI can be used to combat malware. Over time, artificial intelligence should be able to learn and automatically detect unusual patterns in web-traffic environments in an encrypted way, therefore providing a decisive help to all network security defenses. AI can improve efficiency by freeing up time for IT professionals to focus on more high-level tasks. Read more.