Wednesday, May 1, 2024
Font size: A A A
Our events:
Security Twenty
Women in Security Awards
SUBSCRIBE TO THE MAGAZINE ADVERTISE WITH US
Latest Jobs
Post a Job Ad
Cyber

Data Protection Day

by Mark Rowe
Data Protection Day on January 28 aims to raise awareness around the importance of managing and protecting personal data:, such as an individual’s name, number, and email address. Here are some comments, around how it is important for organisations and individuals to recognise the signs, and take the necessary precautions.
Sam Wheeler, SOC Manager at Systal said: “As our daily lives are becoming increasingly attached to the internet, it is imperative to adopt some very basic personal habits to protect our digital data. Updating your passwords regularly and making them strong and unique for each account of yours – such as your email, social media and online banking – are two key measures to keep malicious eyes at bay. Turning on two-factor (2FA/MFA) authentication wherever possible would further help in adding an additional layer of security and keep your devices and applications updated to defend against the latest threats, which are becoming more sophisticated and hostile.
Phishing remains the most prevalent attack method due to its relatively low cost and high success rate, and the advance of AI only furthers this problem, said Niall McConachie, regional director (UK & Ireland) at Yubico. He said: “Unfortunately, organisations aren’t doing enough to upgrade the cybersecurity tools and methods used to protect their staff and customers. As the rate of sophisticated phishing attacks continues to rise, Data Protection Day highlights the critical need for modern, phishing-resistant authentication from businesses and individuals to stay secure.
“It’s clear that traditional username and passwords are no longer sufficient for keeping data secure – but they unfortunately remain one of the most widely used forms of authentication globally. In fact, recent research** has found that 53 percent of employees still use usernames and passwords to authenticate business accounts, putting not only their personal data at risk of phishing attempts but also their organisations’. This can lead to significant reputational and financial damage.
“Basic username and password authentication alone is too easy for attackers to circumvent, allowing unauthorised access to online accounts and personal data. Once a password is stolen, cyber criminals can successfully bypass many forms of legacy multi-factor authentication (MFA) such as SMS-based one-time passcodes (OTPs).”

Just as GDPR set the new data privacy standard more than five years ago, GenAI regulation will establish standards for decades, according to Sylvain Cortes, VP Strategy at Hackuity. “If you cut through the latest investor buzzwords and media doom-and-gloom, the AI threat is simple: at its core, Artificial Intelligence amplifies our data (in)security.

“Wavestone’s CISO Radar 2024 highlights many of these emerging threats, from hijacking AIs to expose their inner secrets, to manipulating their data ingestion. But peel back the layers, and you’ll find that these attacks are often exploiting flaws that have existed in organisations’ architectures for years, now at unprecedented scale.

“AI’s a match to the current cyber wildfire, but does it deserve more blame than the kerosene we’ve been ignoring for more than a decade? That’s the sort of question legislation like the EU’s Artificial Intelligence Act and even less AI-centric regulation like DORA are seeking to answer and remediate.”

Steve Bradford, Senior Vice President EMEA at SailPoint, said: “Organisations need to get on the front foot with protecting their data – not wait to be led by government regulation or red tape. As more data is created, the attack surface grows.

“Ahead of regulation like NIS2 later this year, UK companies are making headway, but three-quarters still need to complete preparations to better protect themselves and their customers. As the threat landscape grows more sophisticated, the stakes have never been higher. The operational downtime, reputational damage, customer loss, and system restoration that follow any data breach can come at a huge cost for businesses. Protecting sensitive information and ensuring access is granted only to those who absolutely need it is essential.”

Charles Southwood, Regional Vice President, Northern Europe, Denodo said: “In an era where data is highly susceptible to unauthorised access and exploitation, there’s a growing concern when it comes to secure data handling. Although data often holds the key to enhancing operations, the sheer amount of data that organisations are expected to deal with on a daily basis can have its challenges, especially when it comes to safeguarding. Globally, data governance is becoming increasingly significant for businesses.”
Meanwhile the data services company Experian has released its 11th annual Data Breach Industry Forecast. Cybercriminals are continually working smarter not harder, said Michael Bruemmer, vice president, Global Data Breach Resolution at the firm. He said: “They are leveraging new technologies like artificial intelligence and applying their talents in different ways to be more strategic and stay a step ahead. Organisations should not ignore even the slightest security abnormalities and be more aware of what global interests may make them a target.”

To access the report, visit https://ex.pn/2024databreachindustryforecast.

Related News

  • Cyber

    CISOs speak in Monaco

    by Mark Rowe

    More than 300 participants and Chief Information Security Officers (CISOs) heard presentations from existing and former UK and US government officials, on…

  • Cyber

    What is Meterpreter?

    by Mark Rowe

    Duqu2, Mosquito backdoor and Shamoon-2 are advanced persistent threats with a common trait: they all leveraged Meterpreter, the flagship payload of Metasploit,…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

News

Products

Explore

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing

Close