Welcome to This Week in Cloud, a roundup of the latest headlines in cloud and cybersecurity. In this installment, we feature the aftermath of different data breaches and the latest developments in Russian state-sponsored hacking.
Yahoo Fallout Begins
The largest data breach in history does not just go away. Victims are already feeling the consequences of Yahoo’s data breach, which impacted 500 million user accounts. Fraudsters are targeting breach victims with fake offers in the first of what will likely be years of fallout. The real risk for companies is the threat of password reuse and phishing attacks that may ultimately allow hackers to gain a foothold within the enterprise.
Yahoo Hack Raises Fresh Fraud Concerns | Jack Detsch, Christian Science Monitor
Database Breaches: An Alarming Lack of Preparedness | John Moynihan, Darkreading
A High Price for Data Breaches in the UK
The breach of UK telecom company TalkTalk affected 157,000 customers in 2015. Now, the Information Commissioner’s Office (ICO) has hit TalkTalk with a record fine of 400,000GBP, on top of reputational damage and lost customers. Experts applaud the regulator’s firm response. With the new data privacy law set to take effect in 2018, firms should prepare for stricter enforcement. Meanwhile, UK consumers are imposing their own sanctions on high-risk applications. 36 percent of consumers are more reluctant to use applications because of security concerns, signaling to providers that product security should be a priority.
Consumer Cybersecurity Concerns Cost UK Economy Billions, Study | Robert Abel, SC Magazine
ICO Hits TalkTalk with Record Fine | James Nunns, Computer Business Review
Cybersecurity on the International Stage
Cyber espionage has been a fact of life in the digital era, but grey area surrounds state-sponsored hacking since governments rarely openly blame each other. The US government took a rare step by blaming Russia for recent attacks on US political organizations, claiming Russia has crossed a line with hacking designed to interfere with US internal politics. The relatively bold statement fell short of specifying consequences, leaving the situation open to further negotiations. While nation state hacking has created diplomatic tensions, attacks on financial services organizations have brought world powers together against cybercrime. A successful attack on Bangladesh’s central bank followed by reports of additional attempted threats shook confidence in the global financial system’s cybersecurity. Now, the G7 countries have put their heads together to establish a framework for banks to implement cybersecurity best practices.
US Officially Blames Russia for Political Hacking Attempts | Christine Wang, CNBC
G7 Boost Banking Cybersecurity as New SWIFT Threat Emerges | SecurityWeek
By the Numbers
The number of ransomware attacks per day since the start of 2016, an increase of 300 percent year over year.
The predicted increase in the number of job openings for information security analysts through 2024, the third greatest of all tech jobs.
The number of people trained by the IAEA to improve nuclear cybersecurity in the wake of a growing international threat.
CASB Magic Quadrant 2019 is here – McAfee a Leader for third consecutive year
CASB RFP Template: 200+ Common Questions Enterprises Are Asking
9 Cloud Computing Security Risks Every Company Faces
Office 365 Security Concerns: Download Definitive Guide to Office 365 eBook
51 AWS Security Best Practices