The Challenge Of Insider Threats

Companies are not identifying Insider Threat blind spots according to the latest findings by Dtex Systems. The new report reveals that 90% of assessments discovered that negligent employees were transferring company data to unencrypted and unauthorized USB devices, with 91% indicating that negligent employees were expanding the phishing attack surface by accessing personal web mail accounts on company machines – a behavior up 4% in the last 12 months. IT security experts commented below.

Beware the Black Axe Gang: Business Email Compromise Campaigns Observed in 2017

Over the past 12 months, CrowdStrike, the leader in cloud-delivered endpoint protection, has typically observed two different types of Business Email Compromise (BEC) scams: Wire transfer attempts and compromises that have led to follow-on spam campaigns. Regarding fraudulent wire transfers, the criminals typically get caught on the initial attempt, or they get caught on the second attempt, which usually involves a much larger amount than the first attempt.

‘Bring your own device’ linked with cybersecurity risk for six in 10 UK SMEs – a week before GDPR

With a week until GDPR hits, new research from Paymentsense  ( reveals a correlation between ‘bring your own device’ (BYOD) schemes and increased cybersecurity risk in small businesses. Six in 10 (61%) SMEs have experienced a cybersecurity incident since introducing a BYOD policy, according to the study from the merchant services provider*.

Cyber News Rundown: Chili’s PoS Breached

Reading Time: ~2 min.

Chili’s Restaurant Reveals Payment Card Breach

In the last week, officials have discovered a data breach that affects an unknown number of the chain’s 1,600 restaurants across the country. It is believed that the breach could affect customers who visited the restaurant between March and April of this year, and likely includes all payment information, though Chili’s doesn’t retain any additional customer data.

Weekly Update 87

We’re on a beach! It’s the day after 3 pretty intense days of NDC conference and the day before Scott heads back to the UK so beach was an easy decision. The conference went fantastically well and, in all honesty, was the most enjoyable workshop I think I’ve done out of ~50 of them these last few years. NDC will be back on the Gold Coast next yet, plus of course it will be in Oslo in a few weeks’ time then Sydney in September where we’ll both do it all again.

DHS Strategy For Cybersecurity

The Department of Homeland Security has unveiled a new national strategy for addressing the growing number and scope of national cyber security risks the nation confronts, and bringing new security and resiliency to the Internet. Its 30+page US DHS Cybersecurity Strategy details some specifics and also offers broad goals aimed at addressing these threats, including to: