The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 2/16 Edition



Data protection jobs, Bitcoin phishing, and Amazon S3 leaks -- catch up on the week's infosec news with this roundup!

1. Data Protection Officers See Job Offers Skyrocket With Looming European Regulation by Salvador Rodriguez

From the Christian Science Monitor via Reuters: a story on the boon the European Union's General Data Protection Regulation (GDPR) has had on the data protection officer job market. How's this for a statistic: DPO job listings in Britain on the Indeed job search site have increased by more than 700 percent over the past 18 months. It’s skyrocketed from 12.7 listings per every 1 million in April 2016 to 102.7 listings per 1 million in December.

2. How a Bitcoin Phishing Gang Made $50 Million With the Help of Google AdWords by Graham Gluley

Another week, another cryptocurrency scam. This was a big one - almost incomprehensible - $50 million stolen by a group based in Ukraine through a phishing campaign. According to Graham Cluley, reporting on Cisco Talos' research for Tripwire, attackers purchased Google Adwords ads designed to mimic the legitimate Blockchain.info website. By poisoning the ads the group was able to rake in $50 million in Bitcoin over three years.

3. How IoT Affects the CISO's Job by Howard Anderson

Not exactly a read but a podcast worth carving 10 minutes out of your day for: John Pescatore of the SANS Institute describes how some CISOs need to refocus their efforts on IoT security. By spending time solely on day-to-day security work, CISOs are overlooking the IoT impact. "When you look at the internet of things devices, it's a very heterogeneous world. There are all kinds of different operating systems and software and communications standards," Pescatore told Information Security Media Group this week.

4. Unsecured Server Exposed Thousands of FedEx Customer Records by Zack Whittaker

These Amazon S3 server leaks are relentless. The latest, containing information belonging to a company bought by FedEx, Bongo International, surfaced Thursday. Data including 112,000 files - like drivers' licenses, national ID cards, work ID cards, voting cards, and utility bills - was floating around in the online ether. Researchers with Kromtech Security Center discovered the exposed data, according to ZDNet, which released an embargoed article in tandem with the firm's research.

5. DHS Developing Supply Chain Security Initiative by Lauren C. Williams

Promising news from the Homeland of Security, which on Valentine's Day said they'd recently launched a new internal supply chain cybersecurity initiative to help determine where government agencies and private companies need to fine tune their security. Jeanette Manfra, who serves as the National Protection and Programs Directorate (NPPD) Assistant Secretary for the Office of Cybersecurity and Communications (CS&C), disclosed the news at a Brookings Institution event. "We need to have improved ability for DHS, [General Services Administration], the intel community to be in a position to help inform procurement decisions by the federal government and other agencies throughout the civilian government. We're working on building those mechanisms and DHS' role in pulling that altogether, and also working with industry experts to refine what are the supply chain risks that we should be concerned about."

Chris Brook

WHITEPAPERS

Stopping Cyber Threats: Your Field Guide to Threat Hunting

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.