New Cybersecurity Trends Aggravate CISO’s Stress
Take a glance at the most discussed cybersecurity news of the week. Check out new cybersecurity trends that make CISOs hardly keep on their toes.
Formjacking may seem a new cybersecurity trend and the fifth horseman of the Apocalypse for online retailers. The others are human error, phishing, malware, ransomware, and cryptojacking. We have warned you that love is a dangerous game, especially when it comes to the security of dating applications. Here is a piece of evidence.4,800 compromised sites per month. Meet formjacking!
Dark Reading on February 20, 2019
Be ready to add a new term to your cyber-dictionary. Formjacking may seem a new cybersecurity trend and the fifth horseman of the Apocalypse for online retailers. The others are human error, phishing, malware, ransomware, and cryptojacking.
Actually, formjacking attacks are simple: attackers input malicious code onto a victim’s website and lift customers’ payment credentials. Thus, the only thing cybercriminals need is a small piece of JavaScript. According to the Symantec report, stolen records from each compromised website could generate up to $2.2 million profit to malefactors.
Moreover, the report reveals the number of formjacking attacks blocked by Symantec in 2018 – it reaches 3.7 million cases (we also raised our eyebrows). And the one-third of those took place during November and December when customers’ activity soared due to the holiday shopping. Experts emphasized that small and midsize businesses are most vulnerable to this form of new cybersecurity trends in cybercrime.
American cybersecurity idol
Information Age on February 14, 2019
Cybersecurity workforce gap is no more one of the new cybersecurity trends. The problem is identified. What about the solution?
Only in 2018, nearly 40,000 staff were employed in the UK’s cybersecurity sector, with more than 800 companies providing cybersecurity products based in the country. In terms of that, businesses need to build effective strategies to ensure that talent is being directed into their workforce.
First, organizations should pay attention to government policy. Not so long ago, a new Cyber Security Council was established and, taking into account the ongoing work of the Cyber Security Body of Knowledge, those initiatives will help set professional standards.
Second, the statement that not everybody in cybersecurity is a hacker or coder is still relevant. For instance, the recently published UK Government Cyber Security Skills Strategy emphasizes the importance of attracting individuals from a range of areas.
Unhappy Valentine’s Day for dating apps (and their users)
Wired on February 15, 2019
We have warned you that love is a dangerous game, especially when it comes to the security of dating applications. Here is a piece of evidence.
During this year Valentine’s Day fever the dating apps OkCupid, Coffee Meets Bagel, and Jack’d all failed to secure their users’ data. However, the failure of the last one seems to be the most disappointing. The Jack’d service had exposed all photos on the site, including those marked as “private,” to the open internet. By the way, the application has about a million downloads on Google Play and nearly 5 million users overall.
Dating sites are designed by default to share a ton of information about you; however, there’s a limit to what should be shared. And often these dating sites provide little to no security, as we have seen with breaches going back several years from these sites.
David Kennedy, CEO of the Binary Defense Systems
Cybersecurity professionals are under increasing pressure
Information Age on February 14, 2019
Do you find your job stressful? We guess, almost everybody would answer “Yes”, as stress is an essential part of our work. Life would be rather boring without constant deadlines, strict bosses, or broken coffee machines. However, CISOs’ stress is far different from common hardships.
According to the Nominet Survey, nearly 90% of the interviewed CISOs work more than 40 hours a week, while the fifth of the respondents is available 24/7. The US cybersecurity professionals approved the difficulties with disconnecting: 89% said they never have a break for two weeks or more from work.
Furthermore, nearly a third of all questioned CISOs believed that, in the event of a breach, they would be fired or get an official warning. Therefore, it is unsurprising that a significant part of the respondents (over a quarter) admitted that new cybersecurity trends cause stress, impacting their mental and physical health.