Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials

In this 2017 academic paper, a consortium team of researchers from the University of California Berkeley, the International Computer Science Institute and Google, present their findings around the risks of stolen credentials.

They highlight the first measurement study of the underground ecosystem fuelling credential theft and assess the risk it poses to millions of users.

Read the full document by clicking the button below.

Closing the gap – insuring your business against evolving cyber threats

This is a detailed report by Lloyd’s of London outlining the current cyber risk landscape.  It highlights the underlying trends in the threat sources as well as the general attack patterns and statistics emerging across industry sectors.

It provides a lens into the cyber risk domain, as at 2017, which may help organisations form more discerning decision around improving their cyber risk management efforts.

Read the full document by clicking the button below.

Smart Grid Cyber Security Report

A december 2016 report by Eurolectric (a sector association which represents the common interests of the electricity industry at pan-European level) covering recent efforts in advancing the cyber security agenda around electric power networks in europe.

Customers’ need for electricity is growing as the number of devices connected to the electricity network increases rapidly. The electricity sector is at the beginning of a new era for cyber security. The energy sector is also going through a major digital transformation, with an increase of complexity within its technological environment and an escalation of interconnected equipment.

As the traditional system and business is changing, the energy sector is at one of its most challenging times. Customer driven initiatives such as microgeneration, decentralised power sources and the integration of electric vehicles (EVs)as well as the 2020and 2030 European-wide climate change objectives will bring new and complex challenges to network operators.

This new paradigm is supported by a complex and highly critical information technology infrastructure, which facilitates the advanced grid and market functionalities, but also increases the exposure of network operators to cyber threats and vulnerabilities, and can present serious risks to customers, businesses and society. These risks can only be mitigated by a well-executed cyber security strategy.

Read more by clicking the button below.


How to Hack a Credit Card in 6 Seconds, Experts Reveal


Patients’ Privacy: Lessons learned from major health care data breaches

The Brookings Institution for research in the USA has recently issued a very informative and layman friendly report about the state of information security and privacy in the health-care sector.  Whilst the report is US centric, its key findings and recommendations apply almost universally in the developed world.

Recent leaps in technology toward health care digitization have resulted in unprecedented amounts of personal health data being collected, shared, and analyzed on an everyday basis. Due to this proliferation in data, there are now more reasons to be concerned about patient privacy than ever. Despite public concerns and government’s efforts, the frequency and magnitude of privacy breaches have been on an upward trend and data breaches are more likely to happen in the health care industry than any other sector. In this new report, Niam Yaraghi examines the recent privacy breaches in the health care system. He uncovers underlying factors leading to these incidents, documents lessons learned, and examines how to prevent similar breaches in the future.

Yaraghi identifies and explains several reasons that the health care sector is particularly vulnerable to privacy breaches:

  • Health care data are richer and more valuable for hackers;
  • Too many people have access to medical data;
  • Medical data are stored in large volumes and for a long time;
  • The health care industry embraced information technology too late and too fast;
  • The health care industry did not have strong economic incentives to prevent privacy breaches; and As Yaraghi illustrates, medical data breaches can be especially catastrophic because they contain information that cannot be changed.