FixNix Blog

Adding Cyber Security to Corporate Risk Management

Dec 17, 2014 11:43:07 PM / by Shanmugavel Sankaran posted in fixnix, Governance, information security, IT security, security threat, Blog, compliance, Corporate Risk Management, cyber, cyber attack, cyber security, cyber threat, risk

0 Comments

Corporate boards and senior management like to focus on business. They love the numbers, the strategy and the success of a business operation. They have a passion for it and that is why they are sitting on board or managing a global company.

Read More

RHSB’s Jones Receives Cyber Risk Management Leadership Award

Nov 24, 2014 1:14:25 AM / by Shanmugavel Sankaran posted in fixnix, information security, IT security, Risk Management, Blog, cyber, Cyber Risk Management, cyber security, cyber threat, RHSB

0 Comments

http://media.merchantcircle.com/20678814/RHSB%20Logo_full.jpeg

Douglas R. Jones, senior vice president and principal at Texas-based Roach Howard Smith & Barton, was presented with the Cyber Risk Management Leadership Award 2014-15 at the annual Cyber Risk Management Boot Camp held in Atlanta, Ga., and hosted by INSUREtrust.

The Cyber Risk Management Leadership Award is given to select independent agents that demonstrate expertise in cyber risk management, have addressed their own firm’s cyber risks, and have shown proficiency in delivering cutting-edge cyber risk insurance products to their clients. The recipients have taken appropriate steps to earn the trust of their clients and partners with respect to privacy and security risk management.

Jones has 20 years of risk management experience with all types of technology companies. He works with emerging as well as large international and publicly traded companies. Since technology firms were the earliest adopters of cyber insurance, he is a pioneer in placing this coverage. He has made some of the largest placements and handled some of the most significant and complex claims.Prior to joining RHSB, Jones served as executive vice president at a Dallas-based insurance agency, where he headed the Technology and Directors & Officers Liability divisions.

Jones has 20 years of risk management experience with all types of technology companies. He works with emerging as well as large international and publicly traded companies. Since technology firms were the earliest adopters of cyber insurance, he is a pioneer in placing this coverage. He has made some of the largest placements and handled some of the most significant and complex claims.

Prior to joining RHSB, Jones served as executive vice president at a Dallas-based insurance agency, where he headed the Technology and Directors & Officers Liability divisions.

source : insurancejournal.com

Read More

Protiviti and ISACA Study Reveals Disparity Between Growth of IT in Business and Auditing of IT Risks

Nov 19, 2014 11:23:29 PM / by Shanmugavel Sankaran posted in information security, ISACA, IT Audit, IT Audit Risk assessment, IT governance, audit management, Blog, compliance, cyber security, cyber threat, Protiviti

0 Comments

http://www.lmuaccountingsociety.com/wp-content/uploads/2012/12/Protiviti-logo.jpg

Although organizations have made strides in establishing best practices for the IT audit function, many are struggling to keep pace with global IT risks amid rapidly changing technology environments, according to a joint survey from global consulting firm Protiviti (www.protiviti.com) and global IT association ISACA (www.isaca.org). The fourth annual IT Audit Benchmarking Survey examines how organizations are assessing and mitigating critical business and technology risks. The global survey reflects the sentiments of more than 1,300 IT audit executives and professionals worldwide.

Read More

Thomson Reuters: Corporate boards exposed to cybersecurity risk

Nov 4, 2014 11:00:07 PM / by Shanmugavel Sankaran posted in fixnix, Governance, grc, information security, Risk Management, Thomson Reuters, asset management, audit management, BCM, Blog, compliance, cyber threat, risk

0 Comments

http://talkingbiznews.com/wp-content/uploads/2014/09/Thomson-Reuters.jpg

Thomson Reuters, the world’s leading source of intelligent information for businesses and professionals, released its board governance survey for 2014, which shows that despite a slight decline in the amount of board information being produced each year, corporate boards are increasingly exposed to cybersecurity risk.

Read More

Hackers attack five US banks including JPMorgan Chase

Aug 29, 2014 1:20:43 AM / by Shanmugavel Sankaran posted in hackers, information security, IT security, J.P.morgan, malware, security, security threat, US banks, Blog, cyber, cyber attack, cyber security, cyber threat

0 Comments

 

Read More

Forget Passwords: A Look at the Future of Logging In

Aug 27, 2014 6:26:15 AM / by Shanmugavel Sankaran posted in hackers, information security, IT security, LOGIN, Blog, cyber crime, cyber insurance, cyber security, cyber threat, password

0 Comments

Good news: you're not forgetful, your passwords are just too hard to remember. Now, researchers across the world are working on a whole raft of solutions to make a password-less future a reality.

"With passwords, you are required to use a different one for every site, it can't be a dictionary word or a name, it must have a long enough mixture of lowercase, uppercase, digits and symbols, you are not allowed to write it down, etc... but, if they get hacked, then they get blamed for not having followed the rules." University of Cambridge Computer Laboratory's Frank Stajano told CNBC via email.

Forget passwords: This is the future of logging in

Image credit: Shutterstock

Stajano's elegant solution to this problem is the Pico, a small electronic gadget that remembers your login credentials on your behalf.

Instead of typing a password, you scan a code with your Pico and this initiates a cryptographic protocol that logs you in.

Pico only works in "an aura of safety" created by proximity to a set of even smaller gadgets, called Picosiblings, that can be carried on your person or embedded in clothing. This makes it difficult to steal, as the device locks outside of its aura of safety.

It also backs itself up every time you recharge it meaning you don't lose access to your services if you lose the device.

"Pico aims to eliminate the requirement to remember any secrets in order to log in, be they passwords, PINs, passphrases, images, finger squiggles or whatever," says Stajano.

Stajano's is not the only solution in the pipeline: across the world other security companies are rushing to solve the password problem.

A space age handwriting match

A good example is Sweden-based BehavioSec, a security company that has created software that can identify you by how you type your password.

The idea has gained traction with European banks, as an unobtrusive way to validate whether the user is authentic or not.

"We're looking for the rhythm of how they type, not exactly what they type but how they do it." BehavioSec CEO Neil Costigan told CNBC in a phone interview. "We then compare that to how you've used your computer or device in the past."

Any anomalies are then flagged up, which starts a further validation.

The system, which has a 99.7 percent accuracy rate at identifying users, makes it very difficult for hackers to use a stolen password.

"Consumers are quite comfortable with pins and passwords and things like our technology makes those more secure" says Costigan.

 

Less is more

Another possible solution is a zero-interaction authentications (ZIA) system, where users do not need to interact explicitly with a machine or system in order to authenticate their credentials.

A team of researchers at the University of Alabama, led by Nitesh Saxena, an associate professor in the Department of Computer and Information Sciences, is working on safe and easy to use a ZIA system that they hope will eliminate the need for passwords.

Their system gives users a security token -- such as a mobile phone or a car key -- using an authentication protocol over a short-range, wireless communication channel, such as Bluetooth. It eliminates the need for a password and diminishes the security risks that accompany them.

"Given the usability and security advantages of our ZIA mechanisms, we believe that they may serve as an attractive alternative to traditional password-based authentication, if not completely eliminate it." Saxena said.

In their system a user need only be in close proximity to the device that requires log in credentials to be allowed access, which is rather handy, if it turns out that you are forgetful, after all.

Read More

China bans Apple products from government purchases: Report

Aug 6, 2014 9:43:07 AM / by Shanmugavel Sankaran posted in ipad, macbook, apple, Blog, china, cyber security, cyber threat

0 Comments

BEIJING: China has prohibited government agencies from purchasing Apple Inc hardware products due to security concerns, Bloomberg News reported on Wednesday, citing government officials familiar with the matter.

Read More

'IoT' is full of major security holes for hackers to find

Aug 4, 2014 11:53:51 PM / by Shanmugavel Sankaran posted in security threat, web connected devices, web devices, Blog, cyber, cyber attack, cyber threat

0 Comments

The surge of Web-connected devices -- TVs, refrigerators, thermostats, door locks and more -- has opened up huge opportunities for cyberattacks because of weak security, researchers said Tuesday.

Read More

India digital Security market to grow 8% in 2014

Jul 31, 2014 2:38:57 AM / by Shanmugavel Sankaran posted in grc, security, security vendor, smb, Blog, cyber, cyber threat

0 Comments

Delhi: Digital security vendor revenue (hardware, software and services) in India will grow from $882 million in 2013 to $953 million in 2014. Security spending will continue to grow to in 2015 when revenue is projected to reach $1.06 billion. Security services revenue accounted for more than 55 percent of this total revenue in 2013 and this trend will continue into the foreseeable future, says a Gartner report.

Read More

Hacking experts build device to protect cars from cyberattacks

Jul 26, 2014 12:36:29 AM / by Shanmugavel Sankaran posted in hackers, intruders, Blog, car hacking, cyber attack, cyber security, cyber threat

0 Comments

BOSTON: Two security experts who a year ago exposed methods for hacking the Toyota Prius and Ford Escape say they have developed technology that would keep automobiles safe from cyber attacks.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

see all

Recent Posts