Cyber Crimes Unit

The rise of big data

The rise of big data, Schneier declared, is inevitable due to the cost of saving data being so cheap. “It’s easy and cheaper to search than sort”, he said. “The collection of data is being aggravated – mainly so the companies doing it can make more money… Companies like Apple, Amazon and Google are all competing to be the company that monetises your data”.

Schneier spoke of the lack of control that users have over their smartphones and portable devices. “I can’t do things as a security professional on my iPhone. Apple doesn’t give me the same access control that I have on my personal computer”, he said.

Ill-conceived regulations from law enforcement

Schneier named ‘Ill-conceived regulations from law enforcement’ the second biggest risk. “Mostly, what they propose is dumb”, he declared. “There is an honest desire to make the internet safer”, but the tactics used in this quest “use fear to pass legislations”. Schneier also denounced companies that use manipulation to encourage a law which serves their business model.

His advice to protect your privacy online included using skype and securing data by deleting it.

“I worry that we’ll be forced to design an internet kill-switch – I imagine it as a big red switch on Obama’s desk. The problem is, I don’t trust it would be possible to make this only available to the President”.

Schneier also declared the concept of ‘no anonymity’ a more expensive, and less secure, proposal. “You can’t eliminate anonymity”, he stressed.

Cyberwar arms race

Schneier’s third and final security threat was what he terms ‘cyberwar arms race’, which he insisted is now in the early stages. “There’s a lot of hype about cyberwar. It’s talked about, worried about, and nations are preparing for it with both defensive and attack technologies.”

“The US is stock piling cyber weapons”, he declared, using HBGary as an example. “We are in the early years of a cyberarms race and it’s very destabilising. There is a lot of money in cyberarms at the moment and the results will be instability, more government control, more money poured into standards and less security for us all”, he said.

Schneier expressed concern that decisions regarding cyberarms are made at a lower-level, “when they should be the decision of Obama”.

Schneier confessed his early reluctance to buy-in to the concept of APT attacks, but admits, “I’ve come around to APT, and I now think it captures something really important. If they’re good, they never fail”.

Schneier concluded with his information security predictions for the near future:

• The fundamental problem of security won’t go away
• Less information security products sold to consumers and more sold to companies like Facebook
• More government work
• Increased secrecy

Schneier concluded his session with a plea to the audience: “We all need to get involved”. Oh, and a plug of his new book.

Article source: http://www.infosecurity-magazine.com/view/24200/rsa-2012-schneier-reveals-three-biggest-information-security-risks-in-2012-/

/EINPresswire.com/ IT Governance Ltd, the global leader in ISO27001 and cybersecurity information, books and tools, warns that cyber attacks could be the largest threat to businesses this year.

It is a mandatory requirement for UK public sector organisations to inform the Information Commissioner’s Office of a data breach. Although the same legislation is not currently enforced in the UK private sector, commercial organisations are increasingly required to meet certain information security standards in order to win the trust of their customers and stakeholders and be able to tender for certain projects.

Advanced Persistent Threats (APTs) are a major concern for all company boards. APTs represent co-ordinated cyberactivities of sophisticated criminals and state level entities. APTs are usually targeted on specific government or private sector organisations (recently Google, Citigroup, the IMF and RSA) with the objective of stealing information or compromising information systems. The goal of an APT is not usually to bring down a business, but to stay embedded and to suck information out of it at a slow, undetected pace. Visit this page for more information: www.itgovernance.co.uk/Advanced-Persistent-Threats-APT.aspx.

Cyber attacks have become more sophisticated and some hacking groups such as ‘Anonymous’ have gone as far as to announce a successful hack on Twitter, sometimes before the victim organisation are aware themselves.

Given the presence of social media in our day-today lives, companies can no longer hide cyber attacks. As soon as a cyber attack is announced on Twitter, the media will ensure customers are aware.

Organisations shouldn’t try to ignore cyber threat, they should fight it. The best way to do this is to align their information security management system to ISO 27001 – the world’s only recognised cyber security management system standard. By not taking any action, the least organisations risk is negative publicity and loss of brand loyalty. More serious consequences include shareholder and financial losses. Read more information on the ISO27001 standard here: www.itgovernance.co.uk/iso27001.aspx.

To assist businesses with what can be a challenging ISO27001 project, the experts at IT Governance have designed the No3. ISO27001 Comprehensive Toolkit. It provides organisations with all the tools they will need for the implementation of an information security management system (ISMS). It includes copies of the three key standards (ISO27001, ISO27002 and ISO27005), the Risk Assessment Tool (vsRisk™), the Documentation Template Toolkit and manuals that describe in practical detail how each aspect of the ISMS should be tackled. A free demo of the toolkit can be downloaded from here: www.itgovernance.co.uk/products/718

One user of the Toolkit said: “Using the templates was the only way that we could deliver a first edition ISMS in under six months. Our deliverable was a work in progress, but miles ahead of where they would have been without the templates”.

Organisations who buy the No3. ISO27001 Comprehensive Toolkit before 29 February will receive the ICT Strategy Toolkit free. The ICT Strategy Toolkit will guide any organisation through the process of creating an ICT strategy, helping it drive down costs and control risk within an ICT environment.

Organisations can purchase the ISO 27001 Comprehensive Toolkit here: www.itgovernance.co.uk/products/718. Orders can also be made directly with the friendly, helpful IT Governance service centre team on telephone number +44 (0)845 070 1750. Larger organisations can make purchases with a purchase order, either by telephone, or by e-mail to servicecentre@itgovernance.co.uk.

– Ends -

FOR FURTHER INFORMATION
Desi Aleksandrova Marketing Executive
+44 (0) 845 070 1750
daleksandrova@itgovernance.co.uk
NOTES TO EDITORS

IT Governance Ltd is the one-stop-shop for books, tools, training and consultancy for governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.

Article source: http://www.einnews.com/pr-news/704523-an-iso27001-compliant-isms-helps-combat-cybercrime

Norton an Internet security company along with BestPlaces of Sperling a research group recently conducted a survey that shows Manchester (UK) as the most dangerous city with respect to its occurrences of malware attempts and Wi-Fi hotspots, published manchesterconfidential.co.uk dated February 21, 2012.

Additionally, the city has a large number of people who use computers, with access to the Internet, and also visits social-networking websites.

Moreover, during the survey, Norton measured the risk parameters as Internet-crime data obtained from bot-contaminated PCs; trials made in spreading of malware-infections; spamming of Internet Protocol addresses; and Web assaults; each in relation to any one city.

Intriguingly, the Internet-crime data levels in London City fluctuated around 25%, and albeit the city had a low level of Internet-crime data, its large utilization of the Internet, social-networking websites, and a high prevalence of computer usage increased the general risk parameters, thereby ranking it fifth among the top ten riskiest cities.

Astonishingly, Dublin was on No.6 alongside Paris, Stockholm, Amsterdam, Berlin, Rome, Bercelona and Milan.

Elaborating on the situation of Dublin, experts on Internet safety stated that it showed the percentage of smartphone and computer usage as comparatively lower than those of the remaining surveyed cities, while the number of cyber-crime trials and Wi-Fi hotspots was average.

Paradoxically, the results don’t necessarily portend evil about the situations in Dublin, Manchester as also the remaining listed cities, implying that those cities which had the maximum Internet-crime risk parameters didn’t essentially have greater incidences of malware-infection, said the experts. This, added the experts maybe due to consumers who exercised caution towards safeguarding themselves from online-criminals.

Meanwhile, Internet Safety Advocate Marian Merritt of Norton stated that as laptops, tablets, and smart-phones exploded over the recent years along with more number of social networks and software programs, there was a continuous morphing of offline and online lives of the public in manners which didn’t ever happen before. And though consequently, several favorable aspects emerged from the analysis, the point highlighted was the potentially danger prone parameters that were experienced whenever people connected to the Internet, she added. Irishtimes.com published this on February 21, 2012.

» SPAMfighter News – 28-02-2012

Article source: http://www.spamfighter.com/News-17466-Manchester-Ranked-No1-Among-Most-Dangerous-European-Online-Cities.htm