cybersecurity
Only 20% of the Cybersecurity Workforce is Represented by Women
Women represent around 20% of the global cybersecurity workforce, according to a report released by Cybersecurity Ventures. This comes a mere two years after Frost & Sullivan pointed a menacing finger at the 1.8 million vacant cybersecurity seats by 2020 and the dearth of skills and people within an incredibly critical industry. There is a lack of female representation within this industry and a lack of actual skills needed to populate the growing number of requirements from organisations facing a rising cyber threat. The answer, according to Anna Collard, MD of KnowBe4 Africa, is to encourage women to cross-skill and expand into cybersecurity roles and to make the industry more welcoming as a whole. “Cybersecurity isn’t just ones and zeros, it’s the people factor, it’s understanding t...
Twitter says passwords spared in yesterday’s attack
Twitter says it has “no evidence” user passwords were accessed as part of yesterday’s massive attack targeting the company’s internal tools, but it is still working to restore access to locked accounts. The updates were shared as part of a series of tweets posted Thursday afternoon. Yesterday, attackers hijacked the accounts of some of the most-followed people on Twitter, including President Barack Obama, Vice President Joe Biden, Elon Musk, Bill Gates, and Kanye West, to post bitcoin scams. The company made the decision to lock many accounts last night as a precaution to reduce further damage from the attacks, and it provided more detail about why accounts were locked in this afternoon’s tweets. “Out of an abundance of caution, and as part of our incident response yesterday to protect peo...
Massive Rise in Cybersecurity Awareness Across Nigeria, Kenya and South Africa
Sourced from IDG Connect Nearly two thirds (66%) of remote workers in Nigeria, Kenya and South Africa say they are more conscious of their organisation’s cybersecurity policies since the lockdown began – according to a new study from Trend Micro. However, it might be too early for businesses to breathe a sigh of relief, as the results also found that lockdown does not necessarily apply to employee cybersecurity habits, as risky behaviours persist. The study – which questioned over 13,000 remote workers across 27 countries, including 508 respondents from Nigeria, Kenya and South Africa on their attitudes towards corporate cybersecurity and IT policies – indicates that there has never been a better time for companies to take advantage of heightened employee cybersecurity awareness to crack d...
60% of South African Organisations Fall Victim to Cybersecurity Incidents
Sourced from Forbes Six in ten (60%) organisations from South Africa experienced a public cloud security incident in the last year – including ransomware (25%), other malware (28%), exposed data (28%), compromised accounts (27%), and cryptojacking (26%) – according to The State of Cloud Security 2020 from Sophos. Globally, organisations running multi-cloud environments are greater than 50% more likely to suffer a cloud security incident than those running a single cloud. Europeans suffered the lowest percentage of security incidents in the cloud, an indicator that compliance with General Data Protection Regulation (GDPR) guidelines are helping to protect organisations from being compromised. India, on the other hand, fared the worst, with 93% of organisations being hit by an attack in the ...
New Malware Steals Facebook Credentials from African Mobile Users
Sourced from Republic Title Anti-fraud firm, Evina has revealed that a certain malware uses javascript to retrieve the login credentials of Facebook users. The company confirms that social media users in Africa are amongst those who have been targeted. This malware launches a browser that loads Facebook at the same time a mobile user is trying to open the platform – by displaying in the foreground, the user believes the fraudulent browser is legitimate. Malware and ransomware that targets hundreds of millions of mobile users worldwide can have devastating personal, productivity and financial consequences. “This new malware is particularly dangerous as it could effectively ruin your online and offline life by making off with the credentials of one of your most valued pieces of digital real ...
New POPI Act Regulations – Here’s Everything You Should Know
Sourced from Europa EU. Progress is being made to promote the protection of personal information in South Africa. President Cyril Ramaphosa has announced the commencement of parts of the Protection of Personal Information Act (POPIA). The remaining provisions of the Act will be addressed once the Information Regulator assume its powers, functions and duties in terms of the Act. The sections that will commence today, 1 July 2020 and include the conditions for processing personal information, procedures for dealing with complaints and provisions regulating direct marketing by means of unsolicited electronic communication. Sections 2 – 38, 55 – 109, 111 and 114 (1), (2) and (3) commences on 1 July 2020 and Sections 110 and 114(4) will commence on 30 June 2021. What does this mean? According t...
South African Organisations Lag Behind Global Average of Cybersecurity Resilience
Email and data security company, Mimecast, unveiled its fourth-annual State of Email Security 2020 report. This report summarises details from 1,025 global IT decision-makers on the current state of cybersecurity. The findings in this year’s report demonstrate that despite high levels of confidence in respondents’ cyber resilience strategies, there is a clear need for improvement. While a large majority (77%) of respondents say they have or are actively rolling out a cyber resilience strategy, only 62% of South African organisations are doing the same. Yet an astounding 47% of local organisations – and 60% of global ones – believe it is inevitable or likely they will suffer from an email-borne attack in the coming year. South African respondents cite data loss (35%), a decrease in employee...
Sony is Offering a $50,000 Reward for Hacking the PlayStation 4
Sourced from Bloomberg Sony has launched a bug bounty hunting reward programme in order to continue to find critical faults with the security of its PlayStation 4 console and the PlayStation Network. Participants in the programme who find exploits and loopholes in the console’s security could be rewarded up to $50,000. This announcement was made by Sony Interactive Entertainment Senior Director of Software Engineering Geoff Norton, who says the company has partnered with a bug bounty platform, HackerOne, for the programme. “At PlayStation, we are committed to providing gamers all over the world with great experiences. I’m happy to announce today that we have started a public PlayStation Bug Bounty programme because the security of our products is a fundamental part of creating amazing expe...
Why Data Management Needs to be a Priority as Cybercrime Explodes
Working from home has become the new normal, and everyone is online, possibly with less secure connections than required. There has also been a huge uptake of cloud-based services in order to support a mobile workforce. This means that digital transformation has seen rapid growth, but it also means that many (possibly distracted) people are now highly attractive targets for cybercriminals. New vulnerabilities mean new loopholes for these criminals to exploit exposed businesses, and the result has been a dramatic increase in cybercrime. As a result, data management is required to curb these increasing threats. Lack of awareness means easy pickings With the need for businesses to rapidly move to a mobile workforce, cloud services are the first port of call. However, the urgency with which th...
5 Steps to Protect Yourself and Employees from Android-Based Cyber Threats
Sourced from International IDEA While nearly 9 in 10 companies not only allow but actually rely on their employees to access critical business apps using their personal devices, according to a recent Fortinet Threat Landscape Report, Android-based malware now represents 14% of all cyber threats. In addition to direct attacks, the number of compromised web sites, email phishing campaigns, and malicious access points continue to grow exponentially, infecting unsuspecting users – regardless of their devices –with spyware, malware, compromised applications, and even ransomware. And whenever a personal device of any of your employees becomes compromised, they can represent an increased risk to your organisation as well. In addition to deploying mobile device management software a...
Google Chrome Users May Have Been Effected by a Spying Campaign, According to Report
Sourced from Forbes. Google Chrome extensions downloaded more than 32-million times were used to spy on the popular browser’s users in a massive global surveillance campaign, according to a new report. The report, published by cybersecurity firm Awake Security, found at least 111 “malicious or fake” Chrome extensions capable of taking screenshots, stealing login credentials and capturing passwords as users typed them. This spying campaign impacted a wide range of sectors across the web including financial services, healthcare and government organizations, the firm adds. Browser extensions, such as the ones for Chrome allow users to add a myriad of new features previously unavailable to them. Extensions such as Netflix Party and Suspicious Site Reporter are examples of popular extensions. A...
5 Crucial Cybersecurity Principles for Businesses
The face of cybercrime has changed, alongside the strategies used. It’s no longer just the teen hacker in their bedroom, it’s a variety of different people with a broadening array of tactics. And what’s more, in the current climate of goodwill it is increasingly easy to get caught up in one of these traps. With this in mind, there’s no harm done in brushing up on five cybersecurity principles that can help you and your business mitigate the more common tricks and attacks used by cybercriminals: 1. Least Privilege Just because you trust everyone in your business doesn’t mean that your receptionist needs the same access levels as your CEO. Give users minimum necessary access and leave your most valuable data vulnerable to far fewer breach points. You wouldn’t give a hotel guest a key for eve...
