Blog

The fake invoice phishing scam has been around for quite some time and it pops in the wild every once in a while, in a different form. Overall, the nature of all those scams are in the end the same - a clever con to defraud victims. In January 2018, we saw a new version of fake invoice phishing scam wreaking havoc; this time targeting a large number of Italian organizations. In itself, the modus operandi of this attack was quite simple and did not require much sophistication from the.

For some time now, authorities have been worried that their critical infrastructure will be shut down or severely compromised. Some institutions experience thousands of attempted attacks on a daily basis by hackers, cyber criminals and rival nations. According to the US Department of HLS, especially the following critical infrastructure sectors are at risk:  Chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy,.

Professional cybersecurity staff are hard to find - and it only gets worse! For more than a decade, I have been working as a security professional at several companies of various sizes and in different industries. Over the years, I have noticed a worrying trend - lack of skilled security professionals to keep the hackers at bay. As a result, organizations kept being exposed to cyberattacks. In their desperation, organization scramble to hire staff as quickly as possible, often compromising on.

Following the news, you are quite likely awed by the boost in cryptocurrency, especially Bitcoin has made the (financial) headlines. Founded in 2009, it has risen to levels we have seldom seen before. Needless to say, many other cryptocurrencies jumped on the bandwagon and are now catching up with Bitcoin. As detailed in the Global Cryptocurrency Benchmarking Study 2017 of the University of Cambridge, other cryptocurrencies have gained many followers and are traded much higher than ever before.

On Monday December 18, 2017, the White House released a strategy document, calling for stronger defenses against hackers working for criminal enterprises and nations such as Iran, North Korea, China and Russia. In this document, the White House stated that threats targeting cybersecurity pose a threat to the stability of the United States. As outlined in our blog post from November 2 this year, countries such as Iran are boosting their offensive cyber capabilities and spreading their cyber.

SOX Compliance Includes Cybersecurity - Let Cymulate Help You To Navigate The Waters The Sarbanes-Oxley Act (known as SOX) went into effect in 2002 to protect shareholders and the general public from accounting errors and fraudulent practices of organizations. It was also tailored to improve the accuracy of corporate disclosures. SOX was drafted to improve corporate governance and accountability following a number of financial scandals that occurred at Enron, WorldCom, and Tyco as shown below.

On October 31, Major General Nadav Padan stated at the Reuters Cyber Security Summit that Iran has been launching an increasing number of attacks on Israel. Padan, who heads the IDF’s C4I and Cyber Defense Directorate, added: “Iran has been responsible for many of the thousands of daily cyberattacks on Israel”. It’s no secret that Iran has been a major villain in our neighborhood for the last couple of decades. Since Iran has a weak conventional.

Organizations of all shapes and sizes are fighting the war against cyberattackers. As we have seen in recent years, cyberattacks are becoming more and more sophisticated, which makes it harder to detect and mitigate them. As cyberattacks evolve, so does security technology and the security assessment methodologies used to detect and fight these attacks. For over a decade, the main methods that organizations were using to verify that their infrastructure and data were secured, consisted of .

In March 2017, the New York State Department of Financial Services (NYDFS) issued a new regulation, the much discussed 23 NYCRR part 500. Considered to be one of the harshest cybersecurity regulations ever to impact companies, it consists of a new set of standards and requirements for banks, insurance companies, and other financial services organizations. It means that all businesses licensed by the New York DFS and "operating under or required to operate under a license, registration, charter,.

The ISO/IEC 27000 family of standards was developed to help organizations with keeping their information assets secure. Of all the ISO 27000 standards, ISO 27001 is the best-known. It is a specification for an information security management system (ISMS), which is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes. As ISO points out, ISO 27001 was developed to "provide a model for.