Spring Tech News Roundup

Spring Tech News Roundup

There still might be confetti stuck in the corners of the house or office where you celebrated New Year’s Eve, but at the end of March, 2019 will be 25% of the way completed. It’s amazing how quickly time passes and related to that, how quickly the technology industry continues to innovate.

Keeping track of business goals and personal benchmarks might have taken up significant time during the first quarter of 2019. While this is something to be celebrated, it also means that notable stories in the news cycle might have passed by without notice.

That’s OK!

With the 24-hour news cycle who has the bandwidth to stay glued to the screen in order to stay up on what’s happening in the technology sector.

Let us do the heavy lifting! Our technology news digests have become quite popular. We hand-curate popular news stories and give our take on the issues and how they relate to business technology. Since the first quarter of 2019 has been busy, let us help catch you up on what’s been happening in the world of technology news!

127 Million More Records for Sale on the Dark Web

We recently reverse-engineered how data ends up on the dark web. Earlier in February, it was reported that the stolen data from a massive breach ended up for sale on the dark web. This latest batch of booty for would-be cybercriminals came just days after an even larger bundle of stolen data had gone up for sale (620 million data records).

The multi-million set of stolen records went up for a reported asking price of $14,5000 in bitcoin. Although the offer has since been removed, the implications for unsuspecting consumers with their data in the stolen bundle shouldn’t feel safer.

The natural question is what does this mean for the users? An article in Forbes described more about what consumers might be able to expect in the coming weeks:

First there was Collection #1 breach, which saw more than a billion unique email address and password combinations posted to a hacking forum for anyone to see. Then emerged Collection 2-5 taking the total number of hacked user accounts published to a shocking 2.2 billion.

Jake Moore a cybersecurity specialist at ESET, says he wouldn’t be surprised if a “Collection #6-10” emerges over the coming months. “It’s time to act now. We need to take a new approach to protecting our personal cybersecurity. Data breaches are becoming more frequent and until we change our direction, or even culture, this will continue to be a massive problem.”

SMALL BUSINESS TAKEAWAY: We can’t stress this enough - as a consumer changing passwords regularly is the easiest way to ensure that the damage is mitigated if/when data is stolen. Businesses should always keep an eye on their password programs and encourage IT managers or MSP’s to enforce regular password changes for networks that are used company-wide. Complex passwords don’t have to be difficult to generate, but the same password used for multiple systems exposes the user to much more risk.

Outdated Cybersecurity Stretches Beyond the Workplace

Most of us like to think those working in enterprise companies and government entities have the inside scoop on things related to cybersecurity. But assuming anything can be problematic in this regard, no company is immune to digital threats. In fact, large banks and governmental entities have the largest targets on their backs.

Some have a higher risk than others, an article in the Washington Post described four industry sectors that have a high risk of being completely devastated by a cyber attack.

These sectors also happen to hold all records of the world’s debt. The combination of holding a high level of sensitive information and being largely dependent on computers for this data creates an obvious problem from a cybersecurity standpoint.

PWNED: Security researcher Bob Diachenko discovered that Dow Jones's Watchlist database of high-risk individuals was exposed online, TechCrunch's Zack Whittaker reported. The database, which contained more than 2.4 million records, was left on a server with no password by a company that had access to it — it's unclear which company is responsible for exposing the watch list. The database is a tool for companies to screen people with whom it could be potentially risky to do business. “That includes current and former politicians, individuals or companies under sanctions or convicted of high-profile financial crimes such as fraud, or anyone with links to terrorism,” according to TechCrunch.

SMALL BUSINESS TAKEAWAY: Securing data and monitoring a network is a full-time responsibility. Humans will make mistakes, but having multi-factor authentication in place, for example, can help take the sting out of those mistakes. It’s important not to rely on a single line of defense, like an anti-virus program, as the only form of cybersecurity. While the stakes are higher for enterprise businesses and government entities, small businesses are statistically the victims of cyber attacks more frequently.

Brands Violating Customer Trust Find It Difficult to Bounce Back

We usually discuss the technical side of cyber attacks but don’t always get into the nuances of what a data breach or other security event means for a business. After the dust has settled and the full series of events are understood, companies often find themselves struggling to retain customers who have lost trust in the brand.

Trust is a hard quality to define, but it is important to establish between the business and its customers. And while trust might be hard to quantify, it’s easy for a customer to know when that trust has been violated. 11 popular applications were recently called out for sharing user data with Facebook, whether the user had a Facebook account or not.

TechCrunch wrote about the effect this had on users, and why those apps are struggling to regain customer trust:

Whatever the reason, if your users aren’t aware that you are sharing their data in this fashion, and that would appear to be the case, then it’s a gross violation of trust between user and brand. Marc Benioff, co-CEO and co-founder at Salesforce, has often stated that trust is one of the primary components of a healthy brand-customer relationship. If you mess that up, it’s going to be very tough going for you as a business.

He went on to say when companies misuse customer’s data, they are breaking that trust and that could involve losing key personnel or customers. “When you see top executives walking out. When you see customers questioning your privacy practices or how you’re using or misusing their data or how you’re misusing partnerships, you need to listen. You need to wake up. You need to [ask] what is going on. It’s very serious,” Benioff said

SMALL BUSINESS TAKEAWAY: The consequences of a successful cyber attack depend on the business and the industry in which they operate. But the blowback doesn’t always come in the form of legal bills or fines from regulators. At the end of the day, owning up to the customers of the business matters most and if the process is not handled well, it could end up hurting the business the most.

Continuous provides businesses with FREE CYBERSECURITY RISK ASSESSMENT audits which reveal where their networks may be exposed and what they can do to protect their data and their reputation.