Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 1 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Data Breaches And High-Profile Security Hacks – An Evergreen Story.

by The Gurus
February 20, 2019
in Opinions & Analysis
Data Breaches And High-Profile Security Hacks – An Evergreen Story.
Share on FacebookShare on Twitter

By Richard Whomes, Senior Director, Rocket Software

2018 was a big year for data breaches, with organisations from Cathay Pacific to the Tory party suffering from attacks. But no organisation has hit the headlines quite as much as British Airways. The airline’s first breach occurred in September 2018, when an attack affected 380,000 transactions which had been made over a two-week period. Then came the announcement by BA’s owner, International Airlines Group (IAG), that an additional 185,000 passengers may have had their details stolen. While the airline undoubtedly suffered a deliberate and tailored attack on its infrastructure on this occasion, we’ve seen too many incidents, such asBA’s 2017 IT meltdown or the NHS Wannacry ransomware attack, which were entirely avoidable. This raises broader questions about whether big companies are taking the security of customer data seriously enough.

For any size of organisation, there are a few necessary steps – using the right tools – to keep customers’ data secure.

Processes and procedures

When faced with a security challenge, it’s tempting for anyone in the IT industry to jump straight to the newest and most sophisticated technology. This is important, yes, but pointless if you have humans who are compromising your system at the same time. Wannacry could have been prevented if the NHS had been regularly updating its operating system, and phishing attacks, where unsuspecting staff are tricked into inadvertently handing over sensitive data or enabling access to a system, are still responsible for a high number of breaches.

Encrypt everything

Full encryption – from when data enters a company’s system to when it is stored – is vital. Encryption isn’t a perfect solution – any code can eventually be broken – but it will deter the less focused hackers and make it harder for any who succeed. Where possible, tokenise data and assemble full customer records only for specific transactions.

Protect against malware

According to Risk IQ, the perpetrators of the British Airways hack were from Magecart, a hacker group which specialises in skimming credit card details from unsecured payment forms. A number of tools now exist which can detect and eliminate specific malware such as skimmers from systems.

Securing your development process

Most large organisations will be developing new applications, or updating existing ones, most of the time. While this is crucial to make sure systems are up-do-date, organisations must make sure that when these updates are deployed, there are no ‘holes’ in the newly developed applications, as this could make them an easy target for hackers.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Tip-Off means Fake MetaMask Crypto Malware Pulled From Google Play.

Next Post

ICO Helps Ban Mobile Spam Bosses.

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information