Silicon Republic – Cybersecurity trends 2019: What should you look out for?

siliconrepublicAs the year begins, there are a few key areas that cybersecurity professionals should keep in mind.

After the excesses of the holiday period, you are more than likely looking at the blank slate of a new year before you with a sense of optimism and hope for times ahead.

CTO of data protection at Gemalto, Jason Hart, predicts an AI-augmented attack as a real threat. “Creating a new breed of AI-powered malware, hackers will infect an organisation’s system using the malware and sit undetected, gathering information about users’ behaviours and organisations’ systems.

“Adapting to its surroundings, the malware will unleash a series of bespoke attacks targeted to take down a company from the inside out.”

To read the full article click here.

Silicon Republic – How do I protect my accounts? A guide to multifactor authentication

siliconrepublicProtecting your online accounts is an essential part of life on the internet. This guide to multifactor authentication can help.

Data security is a top priority whether you are a CIO of a large company or an individual who wants to keep their emails private.

As cyber-threats evolve and change, a single password system just doesn’t make the safety grade any more. Many people use the same password for multiple accounts but we cannot be reliant on a single form of authentication in an increasingly threatening digital landscape, where phishing and other threats are lurking.

Enter multifactor authentication (MFA). From single-use codes to physical security keys, users and businesses need to navigate the options on offer. spoke to some experts to find out what’s best.

CTO of data protection at Gemalto, Jason Hart, said: “While this technology is still not a standard security process for all organisations, consumers are likely to have come across it, with Facebook, Google and Twitter being strong advocates of the technology to protect users from cyber-criminals [who partake in] brute-force cracking, phishing attacks, or simply guessing static passwords using information shared by the user online.”

This method of MFA is probably the least secure option, as hackers can exploit the underlying SS7 signalling protocol. Curran explained that this could “spoof a change to a user’s phone number, intercepting their calls or text messages”.

Bad actors can also use the tried and true social engineering method of “tricking IT support staff into assigning accounts to ‘dummy sim cards’, thus rendering this form of two-factor authentication [2FA] useless”.

To read the full article click here.

Silicon Republic – Customers fear data breaches but aren’t protecting themselves enough

siliconrepublicA new survey of more than 10,000 customers carried out on behalf of security firm Gemalto found that although people are concerned about businesses keeping their data safe, many are not doing enough on an individual level to keep their information secure.

CTO of identity and data protection at Gemalto, Jason Hart, said: “Consumers are evidently happy to relinquish the responsibility of protecting their data to a business but are expecting it to be kept secure without any effort on their part.” (continues..)

To read the full article click here.

Silicon Republic – Wanted: IT security superheroes to fight cybercrime

siliconrepublicFrom WannaCry to Petya, it’s no wonder the cybersecurity sector is crying out for talent to fight ransomware. Hays’ Carolyn Dickason explores the increasing need for talent in infosec.

“The Breach Level Index highlights four major cyber-criminal trends over the past year. Hackers are casting a wider net and are using easily attainable account and identity information as a starting point for high-value targets,” said Jason Hart, Gemalto’s chief technology officer for data protection, in the report.

“Clearly, fraudsters are also shifting from attacks targeted at financial organisations to infiltrating large databases, such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid.”

To read the full article click here.