40 min listen
Unavailable
Currently unavailable
DtSR Episode 165 - NewsCast for October 19th, 2015
Currently unavailable
DtSR Episode 165 - NewsCast for October 19th, 2015
ratings:
Length:
36 minutes
Released:
Oct 19, 2015
Format:
Podcast episode
Description
In this episode...
Standard & Poor's Adding Cybersecurity to Ratings
The headline
In a report issued this week, the rating agency says it could issue a downgrade before a cyberattack if a bank looked ill-prepared, or following a breach that causes significant damage to a bank's reputation or which leads to substantial monetary losses or legal damages.
Behind the curve? Stop.
Michael wrote about it this week - stop calling it gaps…
16 questions… good start?
How long has it typically taken to detect a cyberattack?
What containment procedures are in place if the bank is breached?
How many times was the business the target of a high-level attack during the past year, and how far did it reach in the system?
What's the internal phishing success rate?
What kind of expertise about cyberattacks exists on the board of directors?
How much does the bank spend on cybersecurity, what resources does it devote, and what is the total tech budget this year versus last?
Including security in the ratings - and we’re crying?
Claim this leads to more insurance… how about that…
http://www.bankinfosecurity.com/sps-cybersecurity-warning-late-to-game-a-8556
Crisis Services Top Insurers’ Cyber Claims Payouts; Average Claim at $674K
This is interesting; and it’s a good data point, too -- in contrast to the “costs” we hear about in briefings all the time.
Saw other stories that suggested the insurance is going to get jacked… of course they are.
More insurance, more insight, more claims, more data…. this is all good
http://www.insurancejournal.com/news/national/2015/10/05/383785.htm
New California law requires warrants for online data
Same warrant requirements as files in your filing cabinet
Doesn’t change Federal law capabilities to not have warrant.
Worth remembering: feds can compel your biometric, but not your password
Do you encrypt? policies? practices?
http://www.cnet.com/uk/news/new-california-law-requires-police-to-get-warrants-for-online-data/
Obama administration opts not to force firms to decrypt data (for now)
for now….
opportunity for involvement
great chance to connect with your legal and other groups; what is the best way for your organization to handle it
https://www.washingtonpost.com/world/national-security/obama-administration-opts-not-to-force-firms-to-decrypt-data--for-now/2015/10/08/1d6a6012-6dca-11e5-aa5b-f78a98956699_story.html
Apple removes several apps from store, they could be spying on you
Key issue: root certificates installed
http://arstechnica.com/security/2015/10/apple-removes-several-apps-that-could-spy-on-encrypted-traffic/
Standard & Poor's Adding Cybersecurity to Ratings
The headline
In a report issued this week, the rating agency says it could issue a downgrade before a cyberattack if a bank looked ill-prepared, or following a breach that causes significant damage to a bank's reputation or which leads to substantial monetary losses or legal damages.
Behind the curve? Stop.
Michael wrote about it this week - stop calling it gaps…
16 questions… good start?
How long has it typically taken to detect a cyberattack?
What containment procedures are in place if the bank is breached?
How many times was the business the target of a high-level attack during the past year, and how far did it reach in the system?
What's the internal phishing success rate?
What kind of expertise about cyberattacks exists on the board of directors?
How much does the bank spend on cybersecurity, what resources does it devote, and what is the total tech budget this year versus last?
Including security in the ratings - and we’re crying?
Claim this leads to more insurance… how about that…
http://www.bankinfosecurity.com/sps-cybersecurity-warning-late-to-game-a-8556
Crisis Services Top Insurers’ Cyber Claims Payouts; Average Claim at $674K
This is interesting; and it’s a good data point, too -- in contrast to the “costs” we hear about in briefings all the time.
Saw other stories that suggested the insurance is going to get jacked… of course they are.
More insurance, more insight, more claims, more data…. this is all good
http://www.insurancejournal.com/news/national/2015/10/05/383785.htm
New California law requires warrants for online data
Same warrant requirements as files in your filing cabinet
Doesn’t change Federal law capabilities to not have warrant.
Worth remembering: feds can compel your biometric, but not your password
Do you encrypt? policies? practices?
http://www.cnet.com/uk/news/new-california-law-requires-police-to-get-warrants-for-online-data/
Obama administration opts not to force firms to decrypt data (for now)
for now….
opportunity for involvement
great chance to connect with your legal and other groups; what is the best way for your organization to handle it
https://www.washingtonpost.com/world/national-security/obama-administration-opts-not-to-force-firms-to-decrypt-data--for-now/2015/10/08/1d6a6012-6dca-11e5-aa5b-f78a98956699_story.html
Apple removes several apps from store, they could be spying on you
Key issue: root certificates installed
http://arstechnica.com/security/2015/10/apple-removes-several-apps-that-could-spy-on-encrypted-traffic/
Released:
Oct 19, 2015
Format:
Podcast episode
Titles in the series (100)
DtSR Episode 349 - Verizon 2019 DBIR Double-Live Part 2: Guest: Gabriel Bassett by Backpacking Light Magazine Podcasts