AccumeView: Executive Cybersecurity Pulse

October AccumeView: Executive Cybersecurity Pulse Newsletter

What is Threat Intelligence?

Threat Intelligence is a commonly misunderstood security term. In general terms, it is information gathered from internal and external sources that is used to inform the organization about risks to their information systems and business operations. Information is gathered from external sources such as new articles, vendor and security organization alerts and reports from your SEIM. Information gathered from these sources are analyzed for content and possible risks, determining what actions, if any need to be taken by the institution and its users.

September AccumeView: Executive Cybersecurity Pulse

India’s Cosmos Bank was hit with a coordinated attack using cloned ATM cards and an attack against the SWIFT system.  Of note, the attack involved money mules in 28 different countries and 15,000 transactions over a seven-hour window of opportunity.   The SWIFT transaction involved moving $1.93m to an account at a bank in Hong Kong.  While analysis is still underway, a group linked to North Korea is the current suspect.

July AccumeView: Executive Cybersecurity Pulse Newsletter

On June 28, 2018, California enacted the California Consumer Privacy Act of 2018 (CCPA), which provides what is arguably the most restrictive privacy law in the U.S. and would likely have some effect on most businesses across the country. The CCPA, which shares many common requirements as the new European Union General Data Protection Regulation (GDPR), will take effect on January 1, 2020. The time to prepare is now. Accume is developing a white paper on this topic, and developing solutions based on what we have learned through GDPR project implementations.

June AccumeView: Executive Cybersecurity Pulse Newsletter

In April, the Federal Financial Institutions Examination Council (FFIEC) published a joint statement on the potential role of cyber insurance in financial institutions’ risk management programs. It is important to note that the FFIEC pointed out that the statement does not contain any new regulatory expectations and, therefore, there is no requirement to purchase cyber insurance.

May AccumeView: Executive Cybersecurity Pulse Newsletter

In a recent survey, Nearly Half of IT Execs interviewed stated that they don’t rethink or retool their approach to security after an attack, almost ensuring another attack in the near future. A critical step in the remediation of a security incident is determining what elements require change so that the incident won’t repeat itself. A mature IT organization will ensure that this step is never skipped: immature organizations are destined to have history repeat itself.

April AccumeView: Executive Cybersecurity Pulse Newsletter

A new type of malware has been discovered that has been hidden for years, which spreads across routers instead of servers and workstations. Researchers believe that this exceptionally complex program can only have been designed by a nation-state. In the security-world, controlling the router is the same as having the keys to the kingdom. Its primary purpose appears to be espionage: for now businesses should not worry, but we’ll be keeping tabs on it’s activity.

March AccumeView: Executive Cybersecurity Pulse Newsletter

ATM Jackpotting has finally hit the US. In previous briefings, we have highlighted attacks in Asia, South America, Africa and the EU. In all reported cases, the bad actors physically compromised the ATMs using specialized tools to inject malware into the device. This is a good reminder that physical security barriers such as locks only slow down determined attackers – the root cause needs to be addressed wherever possible.