Author: rescue@crimefire.in

On Tuesday, January 17, the Pepperdine School of Public Policy, in partnership with the Heritage Foundation, hosted a panel discussion called Cybersecurity and the Quad: Opportunities and Challenges Abound as part of a three-day conference titled “Connected and Secure in the Indo-Pacific: Challenges, Threats, and Opportunities for Quad Cyber Security.” Kiron Skinner, the Taube Professor of International Relations and Politics at the School of Public Policy, and visiting fellow at the Heritage Foundation’s Kathryn and Shelby Cullom Davis Institute for National Security and Foreign Policy, was instrumental in bringing the two organizations together to organize the conference.
“The Quad” is the common name for the Quadrilateral Security Dialogue, an organization described by the Australian Department of Foreign Affairs and Trade as “a diplomatic network of four countries [India, Japan, the United States, and Australia] committed to supporting a free and open Indo-Pacific that is inclusive and resilient.” The Quad focuses on the region’s most pressing challenges, including infrastructure, critical and emerging technology, cyber security, and counterterrorism.
All four member nations were represented on the discussion panel, which featured Gulshan Rai, a distinguished fellow at the Vivekananda International Foundation and former national cyber security coordinator for the government of India; Mihoko Matsubara, chief cyber security strategist for the NTT Corporation in Tokyo and a member of the Japanese government’s cyber security research and development policy committee between 2014 and 2018; Patrick Hallinan, Australian minister counsellor for home affairs and regional director for the Americas with the Embassy of Australia; and Vice Admiral T. J. White of the US Navy (retired), former commander of the US Fleet Cyber Command/US Tenth Fleet/US Navy Space Command and commander of the US Cyber National Mission Force/USCYBERCOM. The discussion was moderated by Jeff M. Smith, director of the Heritage Foundation’s Asian Studies Center.
The panelists discussed a worldwide increase in the number and scope of cyber attacks in recent years, particularly through the use of ransomware that has targeted government and other public institutions, business and industry, education and research facilities, and even private citizens. After a major cyber security breach in Australia, Hallinan shared, “my wife’s personal data was hoovered up. The rubber is very much hitting the road for regular Australians [regarding the importance of cyber security].” Matsubara stressed the importance of “the protection of critical infrastructure and rais[ing the] resiliency of cyber security.”
All panelists emphasized the need for cooperation between the Quad member nations, including sharing best practices to protect against cyber attacks. Vice Admiral White remarked that the Quad countries have “shared interests, shared values, and shared problems,” while later in the discussion, Rai stated, “Mutual cooperation is very, very important between countries.”
310.506.4000
Copyright © 2023 Pepperdine University

source

Walmart’s ongoing cyber security investment  CNBC
source

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

The report shows cybersecurity risk has been elevated to the most senior levels of corporations around the world. 
The potential threat of ransomware and data breaches has gained the attention of worldwide corporations. Companies confront the potential loss of control over customer data or proprietary customer secrets, and the impact of an attack on their brand reputation. 
The cost of cybercrime reached about $1 trillion worldwide, the equivalent of about 1% of global GDP, the report said. Cyber incidents are considered the top risk in 19 countries, including France, Japan, India, the U.K. and Canada. 
Data breaches remain an increasing concern, in part due to the tighter regulations surrounding the protection of customer data. In addition, ransomware has become a much more serious concern, particularly as threat actors engage in double and triple extortion against companies in a way that threatens to do reputational harm. 
“So whether that’s customers, whether that’s other people in the supply chain, we see this now as the norm that those attacks will not only impact the company itself, but anyone else along the value chain,” Shanil Williams, a board member and chief underwriting officer corporate at Allianz Global Corporate & Specialty, said Tuesday during a media presentation.
Get the free daily newsletter read by industry experts
Everyone wants to stay on good terms with their employer. Threat actors know this too, and they exploit this weakness accordingly. Don’t fall for it.
The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Get started ➔
Everyone wants to stay on good terms with their employer. Threat actors know this too, and they exploit this weakness accordingly. Don’t fall for it.
The ubiquity of the cloud has left security gaps for organizations, leaving them to navigate a complex vendor landscape and defend their technology supply chain
The free newsletter covering the top industry headlines

source

Image via Pixabay
A 2022 State of Ransomware report was released by Datto on January 17. The report surveyed nearly 3,000 IT professionals in small to medium-sized businesses across eight countries: the United States, Canada, the United Kingdom, Germany, the Netherlands, Australia, New Zealand and Singapore. The report shows that SMBs are aware of increasing cyber threats and allocating resources and investing in areas such as network and cloud security.  
Key takeaways from this year’s survey include:
Only three in 10 of SMBs have a best-in-class recovery plan in place, with 52% of them claiming they have a standard recovery plan in place. MSPs can help their clients improve their disaster recovery plan by building out their security and backup offerings or requiring clients to have cyber insurance. Cyber insurance can offset the risks of potential breaches, something which became increasingly more important when many SMBs accelerated their digital transformation efforts during the COVID-19 pandemic.
Additional insightful findings:
For the past seven years, Datto has surveyed IT professionals worldwide to gain insight into industry trends so that knowledge can then be shared with the IT community to better understand and service customers.   
Click here to download the full report.

You must have JavaScript enabled to enjoy a limited number of articles over the next 30 days.
Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.
ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe. 
The John F. Kennedy Center for the Performing Arts is home to some of the nation’s largest events, from the Kennedy Center Honors to the Mark Twain Prize and high-caliber theatrical and symphonic performances.
 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 
Copyright ©2023. All Rights Reserved BNP Media.
Design, CMS, Hosting & Web Development :: ePublishing

source

DUBLIN–(BUSINESS WIRE)–The “Cyber Security Market by Component, Security Deployment Mode, Organization Size, Vertical – Global Opportunity Analysis and Industry Forecast 2022-2030” report has been added to ResearchAndMarkets.com’s offering.

Cyber security market size was valued at USD 197.4 billion in 2021, and is predicted to reach USD 657.02 billion by 2030 with a CAGR of 12.8% during the forecast period, 2022 to 2030.
Rise in number of cyber-attacks from hackers and data miners, which can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks is thus expected to fuel the Cyber security market share.
However, high cost for small and medium size enterprises hinders the cyber security market trends. On the contrary, introduction of blockchain cybersecurity is expected to create ample opportunities for key players operating in the cyber security industry during the coming decade.
Market Dynamics
Drivers
Restraints
Opportunities
Segment Overview
The global Cyber security market is segmented on the basis of component, security, deployment mode, organization size, vertical, and region.
Regional Analysis
North America market is projected to hold a dominant share by 2030.
North America dominates the Cyber security market share and is potently expected to remain dominant throughout the forecast period. This is attributed to high adoption of cyber security solutions owing to surging cases of cyber-attacks in North America, especially in government and education sectors propel growth of the market. For instance, in February 2020, the economy ministry of Mexico detected an intrusion on some of its servers, but no sensitive information got leaked as some Internet Service Providers (ISPs) temporarily isolated their networks and servers.
In addition, introduction of various laws and regulations to prevent cybercrimes in the region further increases growth of the market. For instance, in June 2022, the government of Canada introduced Bill C-26, an Act Respecting Cyber Security (ARCS). This proposed legislation protects Canadians and bolster cyber security across financial, telecommunications, energy, and transportation sectors, which in turn drives the cyber security market growth.
Key Market Players
Emerging and efficient key players in the cyber security industry research include companies such as:
Recent Developments
September 2022
Norton LifeLock announced its commitment of Cybersecurity Awareness Month campaign, It’s Easy to Stay Safe Online. Cybersecurity Awareness month will provide access to resources that help keep people safe and secure online. These resources are available to all consumers, small and medium-sized businesses, corporations, educational institutions, and young people worldwide.
April 2022
Fortinet Inc announced the launch of Security Awareness and Training service for companies for protection of their security posture by advancing their employees’ cybersecurity skillsets and knowledge.
June 2022
IBM aquired cybersecurity platform Randori, as Randori helps in identify external-facing assets, both on-premise or in the cloud, that are visible to attackers. The company also announced that by this acquisition the company will strengthens its portfolio of AI-powered cybersecurity products and services.
May 2022
Microsoft launched three new cybersecurity services for businesses in an effort to provide more support in the battle against ransomware and other online threats. The three new services will be placed under an umbrella service category that also includes Microsoft’s pre-existing security services such as Microsoft Security Services for Incident Response.
May 2022
Cisco System Ltd launched a cybersecurity assessment tool to enable small and medium-sized businesses (SMBs) in the Asia Pacific for understanding their overall security posture. The new online assessment tool assesses the cybersecurity readiness of each organization through the lens of Zero Trust, the concept that all attempts to access an organization’s network architecture is not granted until trust can be verified.
Key Topics Covered:
1. Introduction
2. Cyber Security Market – Executive Summary
3. Market Overview
4. Market Share Analysis
5. Global Cyber Security Market, by Component
6. Global Cyber Security Market, by Security Type
7. Global Cyber Security Market, by Deployment Mode
8. Global Cyber Security Market, by Organization Size
9. Global Cyber Security Market, by By Vertical
10. Global Cyber Security Market, by Region
11. Company Profiles
For more information about this report visit https://www.researchandmarkets.com/r/ow5ufj
About ResearchAndMarkets.com
ResearchAndMarkets.com is the world’s leading source for international market research reports and market data. We provide you with the latest data on international and regional markets, key industries, the top companies, new products and the latest trends.
ResearchAndMarkets.com
Laura Wood, Senior Press Manager
press@researchandmarkets.com
For E.S.T Office Hours Call 1-917-300-0470
For U.S./ CAN Toll Free Call 1-800-526-8630
For GMT Office Hours Call +353-1-416-8900
ResearchAndMarkets.com
Laura Wood, Senior Press Manager
press@researchandmarkets.com
For E.S.T Office Hours Call 1-917-300-0470
For U.S./ CAN Toll Free Call 1-800-526-8630
For GMT Office Hours Call +353-1-416-8900

source

Rise in cybersecurity concerns: In a Forum survey, 91% of respondents said they believe a catastrophic cyber event is at least somewhat likely in the next two years. Image: Pexel/Tima Miroshnichenko
Listen to the article
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
A weekly update of the most important issues driving the global agenda

You can unsubscribe at any time using the link in our emails. For more details, review our

privacy policy.
Water security is a national security issue: What's needed now 
Maha Al Qattan
February 8, 2023
These are the key takeaways on jobs and skills that came out of Davos 2023
Kate Whiting
February 7, 2023
5 ways in which the workplace could serve young people better
Natalie Pierce and Laurent Freixe
February 2, 2023
Here's what experts said about the energy transition in Davos
Kate Whiting
January 30, 2023
Davos 2023 Open Forum: Underrepresented voices for climate justice take centre stage
Katherine Docampo
January 27, 2023
The 5 calls-to-action from youth and young people at Davos 2023
Katie Hoeflinger and Natalie Pierce
January 26, 2023
About Us
Events
Media
More from the Forum
Partners & Members
Language Editions
Privacy Policy & Terms of Service
© 2023 World Economic Forum

source

The campaign for Sen. Jerry Moran (R-Kan.) revealed a “cyber-criminal” stole nearly $700,000 from the campaign in November. 
Moran campaign’s treasurer, Timothy Gottschalk, wrote a letter to the Federal Election Commission last month to report that the campaign learned on Nov. 14, about a week after the election, that it made two payments totaling $690,000 for fraudulent invoices. 
The payments were for $345,000 each and happened on Oct. 25 and Nov. 9. 
The letter states that the campaign reported the incident to the Republic County Kansas Sheriff’s Office on Nov. 16, and the case was then transferred to the Kansas Bureau of Investigation and the FBI. 
It states that the campaign office was notified by Astra Bank on Nov. 23 that $168,184.03 was recovered from the Nov. 9 wire transfer from Wells Fargo Bank. 
The theft was first reported by Raw Story, a progressive, investigative news site.
The Kansas City Star reported that a spokesperson for the campaign said cybercriminals targeted the accounting firm that the campaign used and had money wired to fraudulent accounts. They said the campaign is “pursuing all avenues” to recover the money, and the FBI’s investigation is ongoing. 
Moran easily won reelection to a third term in the Senate, winning by 23 points over his Democratic opponent in a reliably red state.
— Updated 10:42 p.m.
THE HILL 1625 K STREET, NW SUITE 900 WASHINGTON DC 20006 | 202-628-8500 TEL | 202-628-8503 FAX
© 1998 – 2023 Nexstar Media Inc. | All Rights Reserved.

source

It’s no secret that cyberattacks in the U.S. are increasing in frequency and sophistication. Since cyber crime impacts millions of businesses and individuals, many look to the government to see what it’s doing to anticipate, prevent and deal with these crimes.
To gain perspective on what’s happening in this area, the U.S. government’s budget and spending plans for cyber is a great place to start. This article will explore how much the government is spending, where that money is going and how its budget compares to previous years.
In June 2022, the U.S. announced new spending bills for the fiscal year 2023, including an allocation of $15.6 billion for cybersecurity. The majority of the money — $11.2 billion — will be appropriated for the Department of Defense (DoD), and $2.9 billion will go to the Cybersecurity and Infrastructure Security Agency (CISA).
The money going to the DoD will be used in a variety of ways. For example, Paul Nakasone, commander of the U.S. Cyber Command, has discussed plans to grow five Cyber Mission Force teams. Approximately 133 of these already exist and focus on carrying out defensive cyber operations.
Clearly, the majority of funds in the new budget will go to government agencies. However, the government also plans to invest in the private sector and has discussed the importance of strengthening relationships with companies and private organizations.
One key area here is information sharing; after all, cybersecurity is a team sport. However, the government has faced criticism in the past for expecting detailed data from companies while failing to provide adequate information on their end. Recently, government agencies have spoken more about working towards more open and two-sided information sharing, but only time will tell how successful that strategy will be.
U.S. lawmakers have asked the defense secretary to work more closely with CISA and the private organizations within it, especially in areas related to Russian and Chinese activity. CISA has also received $417 million more in funding than was initially requested by the White House.
Compared to the previous few years, investment in cybersecurity is gradually increasing. 2021 saw $8.64 billion in spending, followed by a slight increase in 2022.
It’s a positive trend that signals the government is taking the issue seriously. But are state and local governments keeping up?
The data shows that the government is also investing in cybersecurity in non-financial capacities at the local and state level. In 2021, for instance, state legislative sessions saw more than 285 pieces of cybersecurity-related legislation introduced, and in 2022 that number increased to 300.
In addition, President Biden introduced the Infrastructure Investment and Jobs Act in 2021, which allocated $1 billion in grants to bolster cybersecurity at the local, state, tribal and territorial levels. The government will distribute this amount over four years until 2025.
It adds up to a promising development for local and state governments, who are finally gaining the resources to protect their communities more effectively. Plus, it demonstrates a growing understanding of the importance of cybersecurity at the federal level and, hopefully, a more informed approach in the future.
While cybersecurity funding is one truly positive sign, there are more reasons to be hopeful — such as the appointment of the USA’s first-ever National Cyber Director, Chris Inglis.
Looking to the future, the U.S. will need to constantly readjust its cyber defense posture and adapt to this ever-changing landscape, especially as cyber crime becomes not only more common but also more challenging and complex. It costs money to do that effectively, so the government must prioritize cyber funding for the foreseeable future.
Of course, individual organizations will need to take responsibility for their own security, too.
IBM can help — with solutions like the Security QRadar XDR, you get a suite of tools and powerful features to help you defend your organization against attacks and keep your teams focused on what’s important. Find out more here.
Mark Stone is a Hubspot-certified content marketing writer specializing in technology, business, and entertainment. He is a regular contributor to Forbes Bra…
4 min read – As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting…
3 min read – You’re likely familiar with the names of common malware strains such as MOUSEISLAND, Agent Tesla and TrickBot. But do you know how new malware threats get their names? As a cybersecurity writer, I quickly add new strains to my vocabulary.…
9 min read – James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks…
One of this year’s biggest positive cybersecurity events comes from the National Institute of Standards and Technology (NIST). For the first time since 2017, NIST is updating its digital identity guidelines. These new guidelines will help set the course for best practices in handling digital identity for organizations across all sectors. What is Digital Identity? To grasp the update’s importance, it helps to understand the role of digital identity in an organization’s security posture. In its 2017 guidelines, NIST defines…
After Congress approved his nomination in 2021, Chris Inglis served as the first-ever National Cyber Director for the White House. Now, he plans to retire. So who’s next? As of this writing in January of 2023, there remains uncertainty around who will fill the role. However, the frontrunner is Kemba Walden, Acting Director of the National Cyber Director’s office. Walden is a former Microsoft executive who joined the National Cyber Director’s office in May. Before her appointment, Walden was the…
On December 21, 2022, President Biden signed the Quantum Computing Cybersecurity Preparedness Act. The risk of quantum-powered password decryption is increasing exponentially. The new legislation is designed to help federal agencies proactively shift to a post-quantum security posture. Agencies have until May 4, 2023, to submit an inventory of potentially vulnerable systems, and the Act directs the Office of Management and Budget (OMB) to prioritize the adoption of post-quantum cryptography standards. For businesses, government efforts to address emerging quantum risks…
The Pentagon is taking cybersecurity to the next level — and they’re helping organizations of all kinds do the same. Here’s how the U.S. Department of Defense is implementing zero trust and why this matters to all businesses and organizations. But first, let’s review this zero trust business. What is Zero Trust? Zero trust is the most important cybersecurity idea in a generation. But “zero trust” is itself a bit of a misnomer. It’s not about whether a person or…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

source

getty
Data security has been increased for tax returns, credit cards, and other traditional targets of cyber thieves. Now, the online thieves are making sophisticated attacks on employer retirement plans and the accounts in the plans.
Data security at retirement plans varies, and the security can be breached several different ways. The cyber thieves probe to find the most vulnerable point of each plan.
I know of one retiree at a large employer who recently realized his monthly pension check hadn’t been deposited by the usual date. He contacted the retirement administrator who, after some research, found that the bank account designated to receive the deposit had been changed.
The retiree hadn’t changed the account. Instead, an unknown person submitted the request. The change request included all the relevant and accurate information, so it was processed by a plan employee.
Fortunately, neither the retiree nor the plan lost money. The payment quickly was stopped, and the retiree’s financial account was re-designated as the place for the deposits to be made. The plan administrator did a quick check and found that change requests had been put in for several other retirees, with all the payments going to the same bank account.
This retiree avoided being a cyber crime victim by paying close attention to his accounts and recognizing that his monthly payment wasn’t deposited on the usual day of the month. He contacted the administrator quickly and made sure the change didn’t go through.
The hackers are take several general approaches to steal from retirement plans and accounts.
One approach is to try the traditional ways of breaching an email system. The old-fashioned hacking methods still can give access to a corporate email system at times.
More often these days, the cyber criminals use “phishing” emails to trick an employee or a retiree into revealing access information. Usually in a phishing attack the criminals send an email to a targeted key employee or a retiree and make the email appear to be from a real corporate employee (usually a higher-level executive) or an outside vendor.
The phishing email requests specific information and when directed to an employee might request a list of the personal information of a number of employees or retirees. If the email recipient isn’t alert, sensitive information is sent to the criminals.
Another approach is for the cyber thieves to buy personal information about the retirement account owner through the dark web and use that information to access the retiree’s account.
Whichever strategy is used, once the cyber thief has the information it can be used to log into a retiree’s or employee’s account and redirect payments or distributions.
In the recent case I’m aware, the thieves used a combination of new school and old school methods. The information about the retiree apparently was purchased on the dark web. The thieves then downloaded the appropriate form from the retirement plan’s web site, printed it, completed it by hand, and mailed it to the administrator. The administrator routinely processed the paper document.
One way to protect yourself is to know the retirement plan’s security measures. In particular, learn the steps it takes to ensure that any account change request is legitimate. What does it do to verify the identity of the user? Is two-factor authentication used before an account can be accessed online or changes made?
Of course, none of those data security measure matter when the cyber thieves go old school and submit paper requests for change. Ask if the plan administrator takes any additional steps after finding that the information in a paper request is accurate. Does it call the individual to verify the request? Does it send a first-class letter to the individual confirming the request?
The other way to protect yourself is to establish personal cyber security practices.
Most cyber security experts say to assume that vital personal information about you is available for purchase on the dark web. Of course, protect that information as best you can. Don’t give out your Social Security number and other important information unless it’s necessary. But you should assume it’s already out there.
That’s why you must monitor your accounts on a regular basis. If deposits are due on a certain date, check your accounts around that date each month to be sure the deposits are made. If a deposit isn’t made, contact the plan administrator.
Also, log on to your account regularly and review it for any activity. Look for unauthorized changes and transactions. Be sure your address, beneficiary, account to receive transfers, and other information hasn’t been changed.

source

You’ve gotten the calls, the emails, the texts. By now, hackers trying to get your personal information is not new.
“I feel like there’s a few months where I get a lot of them, and then other times when I don’t get any,” said Ben Verdejo. Verdejo said he’s had a few attempts by scammers to steal his social security number.
Jake Epperson has also had his fair share of run ins with these calls. “I try not to answer phone calls I don’t recognize,” he assured.
In early 2020, the United Nations warned that cybercrime was up 600% during the pandemic, and attacks are still on the rise. But many tactics used to target people remain the same. Chris Hartman, founder of Clarion Cyber Security, said there are a few strategies you should always be on the lookout for.
“The main way that hackers are gaining access or compromising systems is through social engineering or phishing emails,” said Hartman.
Hackers often disguise themselves as others in our inboxes. they can pretend to be social media platforms saying your passwords have expired.
“It looks real, and they click on it, and they enter their information,” explained Hartman. “And you just handed everything over to the hacker.”
Sometimes they can even appear as your boss.
“It appears to come from the CEO, or the president and whatever. And so they’re just thinking it’s this person of authority,” Hartman said.
In 2021, 323,972 internet users fell for phishing attacks. With statistics like this, it can seem like just opening your computer is a risk.
But there are things you can do to stay safe like changing your passwords frequently and using strong passwords, using network firewalls, not accessing free public wifi without a VPN, deleting your debit and credit card information from websites, and the biggest one of all — educating yourself and others on the importance of cybersecurity.
“We’re kind of in this scenario where a lot of people are thinking, hey, I’m just in this small town, nobody’s you know, it’s safe, I don’t have to lock my car, I don’t have to lock my front door,” Hartman said. “But as soon as you get online, you’re really opening up yourself to the world.”

source