Cyber Security Talent, App Hack Tops November News
There have been a number of trends in cyber security in 2017, namely an uptick in the size and scale of breaches. What was once an isolated or amateur incident could now be a part of a widespread, coordinated offensive. The culprits, of course, could be anyone, or anywhere. These nameless hackers have wreaked havoc on all types of enterprises.
November, like most months, was chockfull of cyber incidents – some high-profile and mindboggling, while others flew under the radar. What’s more, different defense mechanisms have emerged: more substantive security strategies, discussions on the workplace and recruiting methods, and burgeoning avenues to pursue, such as cyber insurance.
In that spirit, what follows is an in-depth look at the month of November and the cyber security headlines that stole the show.
As the cyber security skills gap widens, methods of recruiting have shifted. It is an attempt by both sovereign nations and private enterprises to raise cyber awareness and ameliorate the ever-growing number of vacancies in the field. So, just what is being done to address the issue?
Earlier this month, security firm Appthority revealed that a coding mistake reportedly affected 685 apps and exposed at least 180 million phones. Developers accidentally coded credentials for accessing sensitive information across various apps. This means data for calling, texting and other services provided by Twilio, Inc. became susceptible to attack. Twilio powers messaging and calls in an application format.
There’s certainly buzz around state governments purchasing cyber insurance to safeguard their interests. But how complicated is it? The coverage could help shield taxpayers from eating costs on significant breaches. If an attack were to transpire, insured enterprises might have to fork over a deductible, but their larger costs would be covered within the plan. This includes remedial steps, forensics investigations and credit monitoring, etc. About a dozen states have already taken the insurance plunge.
How does a practicing cyber security professional handle their day-to-day? Is enterprise security far too extensive? This is where legislation comes into play – and this is a maturing political arena ripe for discourse.
Enter Jamal Hartenstein, the senior program manager for California Public Employees Retirement System’s (CalPERS’) IT Security Roadmap Program. In an interview with Cyber Security Hub, Hartenstein weighed in on the wider state of cyber security and the many threats lawmakers and public servants are attempting to curb or mitigate.
The threat intelligence market is soaring as enterprises look to head off attacks at the pass. A new report from Grand View Research suggests that the threat intelligence market is anticipated to reach $12.6 billion come 2025. As threats evolve and adapt, so must enterprises.