Information Age – Top security risks in digital transformation – and how to overcome them

informationagenewTechnology such as cloud, internet of things (IoT) and automation are helping companies to digitally transform, but they also add security risks. What can firms do? And what are the top security risks in digital transformation?

Overall, firms undergoing digital transformation need to look at security in a different way, says Jason Hart, CTO of data protection at Gemalto. “You need to understand what your risks are. People might do penetration testing but for me that doesn’t equate to strong visibility and control around governance and security.”

Hart advises companies as part of the transformation process to ensure data visibility in order to categorise it and control who has access. In addition, says Hart: “Let’s eradicate static passwords and replace with multi-factor authentication.”

To read the full article click here.

Information Age – More regulation, more solutions needed: IoT device breaches continue to put user data at risk

informationagenewAlmost half of companies still can’t detect IoT device breaches, according to a Gemalto study. But, use of blockchain technology might provide a solution IoT device breaches continue to frustrate companies and put user data at risk image
‘With IoT devices continuing to immerse themselves deep within organisations’ networks, it’s frightening to see that so many UK businesses don’t know if and when these devices have been breached.’
The Internet of Things (IoT) is beginning to creep into most aspects of consumer and business life; whether you’re talking about a smart home or smart office.

Jason Hart, CTO of data protection at Gemalto, commented: “The push for digital transformation by organisations has a lot to answer for when it comes to security and bad practices. At times it feels organisations are trying to run before they can walk, implementing technology without really understanding what impact it could have on their security.

“With IoT devices continuing to immerse themselves deep within organisations’ networks, it’s frightening to see that so many UK businesses don’t know if and when these devices have been breached. Although the UK’s new Code of Practice is a great first step toward securing the IoT, it’s won’t truly be effective until these are made mandatory and all organisations are forced to adhere to them. Only once every device, new and old, is given these same standards will the UK see a decrease in successful attacks.”

To read the full article click here.

Information Age – Data breaches compromised 4.5 billion records in the first half of 2018

informationagenewAccording to the latest figures from the Gemalto Breach Level Index, 4.5 billion records were compromised in just the first six months of this year.

“Obviously, this year social media has been the top industry and threat vector for the compromise of personal data, a trend we can expect to continue with more and more sectors leveraging these platforms to reach key audiences, especially political teams gearing up for major elections,” said Jason Hart, vice president and chief technology officer for data protection at Gemalto. “We also expect to see more data breaches reported by European Union countries bound by the new General Data Protection Regulation and in Australia with the new Notifiable Data Breaches law. We should be careful not to misconstrue this as an increase in overall incidents in these areas but rather as a more accurate reflection of what is actually going on.”

To read the full article click here.

Information Age – A CTO guide: Cyber security best practice tips

information-age-logo-text-onlyAs part of Information Age’s Cyber Security Month, we have provided three CTO guides on cyber security: the challengesthe technology and the best practices. This is the last one, and will focus on cyber security best practice tips, with some insights on how CTOs, or CISOs or those in charge of security, can protect their organisation from the growing list of cyber threats, as well as increasing human error.

Jason Hart, CTO at Gemalto suggests that the cyber criminals are exploiting the arrogance of organisations.

“Senior leaders must be situationally aware and ensure that employees only have access to the data that they need at any given point,” he says.

>Read more on Gemalto CTO: Beating ‘cybercriminals at their own game’

“Very few understand the critical importance of knowing the impact of people, data and business processes, and this is the weakness that cyber criminals are exploiting. There are those that are simply ignorant, who just aren’t looking or considering the impact of a data breach and those that are arrogant and believe they know it all, thinking that massive investment in the latest security products will stop a breach. But it’s this very arrogance that makes them vulnerable. In both cases, there is a serious lack of situational awareness.”

To read the full article click here.

Information Age: A CTO guide: The main challenges facing the cyber security industry

information-age-logo-text-onlyIn this guide, five CTOs provide their view on the main challenges facing the cyber security industry, with insights on how to overcome them.

Jason Hart, CTO at Gemalto, also says that the biggest challenge facing the cyber security industry is the growing cyber skills gap.

“There’s no shortage of young people capable of pursuing a career in cyber security. But, the trick is to ensure we nurture their skills and guide them towards using their talents for good, rather than acting as black hat hackers. Thanks to institutions such as GCHQ, initiatives are now being run around the UK that are aimed at producing the next generation of cyber security experts.”

>Read more on Gemalto CTO: Beating ‘cybercriminals at their own game’

“As demand for these roles continues to increase in a post-GDPR world, governments, businesses and educators need to invest in these young people. Of course, they also need to train existing staff, use relevant solutions and be situationally aware, to remain secure and continue to comply with regulations now.”

To read the the full article click here.

Information Age: How can you best protect your organisation’s data?

information-age-logo-text-onlyThe number of successful data breaches continues to surge, as hackers get smarter and security solutions struggle.

What is the most effective method of data protection for the enterprise?

This is a question that must plague those in charge of an organisation’s data and security. There are so many solutions out there, and there is certainly no ‘silver bullet’ for cyber security. What is a CTO, CISO or CSO to do?

There isn’t one solution

There isn’t one solution or method to cyber security, explained Jason Hart, CTO of Data Protection for Gemalto.

To read the full article click here.

Information Age – Gemalto CTO: Beating ‘cybercriminals at their own game’

information-age-logo-text-onlyIn today’s business environment, data is king. Protecting this most valuable asset is key to effective security.

Data breaches can ruin careers, and permanently damage the reputation of organisations. Defending against these cyber attacks is a challenge, and a problem that keeps business leaders up at night.

Think like a hacker

Jason Hart – CTO of data protection, Gemalto – believes that in his role, thinking like a hacker has helped him “beat the cybercriminals at their own game”.

“Using business insights and my years of experience as an ethical hacker, I know how cybercriminals think.”

To read the full interview with Jason click here

Information Age – Cyber security failings grow as 2.6BN records stolen or compromised in 2017

information-age-logo-text-onlyThe Gemalto Breach Level Index, released today, has revealed that improperly secured databases in the cloud and internal threats were the fastest growing security risks for companies in 2017.

“The manipulation of data or data integrity attacks pose an arguably more unknown threat for organisations to combat than simple data theft, as it can allow hackers to alter anything from sales numbers to intellectual property. By nature, data integrity breaches are often difficult to identify and in many cases, where this type of attack has occurred, we have yet to see the real impact,” said Jason Hart, vice president and chief technology officer for Data Protection at Gemalto.

To read the full article click here.

Information Age – Data breach prevention is essential to consumer retention

information-age-logo-text-onlyA majority (70%) of consumers would stop doing business with a company if it experienced a data breach, according to a survey of more than 10,000 consumers worldwide conducted on behalf of Gemalto, the digital security compay. In addition, seven in ten consumers (69%) feel businesses don’t take the security of customer data very seriously.

“Consumers are evidently happy to relinquish the responsibility of protecting their data to a business, but are expecting it to be kept secure without any effort on their part,” says Jason Hart, CTO, Identity and Data Protection at Gemalto.

“In the face of upcoming data regulations such as GDPR, it’s now up to businesses to ensure they are forcing security protocols on their customers to keep data secure. It’s no longer enough to offer these solutions as an option. These protocols must be mandatory from the start – otherwise businesses will face not only financial consequences, but also potentially legal action from consumers.”

To read the full article click here.

Information Age – Are businesses over confident in their cyber security capabilities?

information-age-logo-text-onlyGemalto research reveals businesses overly confident about keeping hackers at bay, but less so about keeping data safe.

“It is clear that there is a divide between organisations’ perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, vice president and chief technology officer for Data Protection at Gemalto.“By believing that their data is already secure, businesses are failing to prioritise the measures necessary to protect their data. Businesses need to be aware that hackers are after a company’s most valuable asset – data. It’s important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so.”

To read the full article click here.