Computer Security / Privacy Cloud Computing: Digital Business with Unisys Chief Trust Officer (#238)
Tag Archive for: CIO
French IT monitoring firm Centreon says no customers affected by hacking campaign, IT News, ET CIO
PARIS: French IT monitoring company Centreon said on Tuesday that none of its customers were affected by a hacking campaign described by the country’s cybersecurity agency in a recent report.
Hackers spent up to three years breaking into organizations by targeting Centreon’s monitoring software, French watchdog ANSSI said in the report that was disclosed on Monday.
“It is confirmed by ANSSI that no Centreon customers were impacted,” the French company said, adding in a statement that 15 “entities” were targeted during the hacking campaign through an obsolete open source version of the software.
Centreon did not provide the names of the 15 targeted organisations.
The company’s clients include some of the biggest French companies, such as utility EDF, telecoms firm Orange and Europe’s biggest bank BNP Paribas. The French Ministry of Justice is also a customer.
In its report, ANSSI stopped short of identifying the hackers but said they had a similar modus operandi as the Russian cyber-espionage group often nicknamed “Sandworm.”
The activity against Centreon, a Paris-based company which specializes in information technology monitoring, further highlights how attractive such firms are to digital spies.
ANSSI did not immediately reply to request seeking comment.
Data security in an omnichannel world, IT News, ET CIO
By- Tanya Naik
India’s e-commerce industry is on a phenomenal growth trajectory and is expected to reach USD 99 billion in size by 2014, growing at a CAGR of 27 percent during 2019-24 as per ‘Global Internet: e-commerce’s steepening curve’- a report by Goldman Sachs.
COVID-19 is undoubtedly driving a significant share of the current e-commerce transactions through digital payments, preparing consumers for a long-term shift. The surge in e-commerce and digital payments in 2021 will be consistent across the country. This exponential rise has deepened concerns about potential cybersecurity risks for consumers and businesses, as well as new kinds of data security breaches. More than 900,000 spam messages, 700 malware attacks, and 48,000 malicious domains were discovered in the first four months of 2020, according to an Interpol report — all related to COVID-19.
Online data and payments security, whilst acknowledged, needs laser-sharp focus from e-commerce businesses. Let us first understand the entities involved in e-commerce payments through the following illustrated model:
With important payment information being passed between these entities, data security at every step needs to be managed. Some important security protocols include – TLS encryption through SSL certification, ensuring PCI DSS compliance for encryption and storage, tokenizing card credentials, managing two-factor authentication. Additionally, with India moving to a GDPR equivalent legislation, storage, and usage of critical personal data whilst managing data localization and data transfer restrictions is paramount.
As more and more customers get more comfortable storing card and VPA (Virtual Payment Account under UPI) details online, the security of the underlying database needs to be ensured. Most companies use an online, or cloud, storage system with encryption to store customer payments vault. If these details are compromised thru vulnerabilities, for the average fraudster, buying card details on the dark web is the easiest and fastest way to get card information. The Breach Level Index, a global database that tracks data breaches, reported over 14 billion data records that have been leaked since 2013.
For…
Centre of excellence in cyber security mooted in Hyderabad, IT News, ET CIO
Hyderabad: Society for Cyberabad Security Council (SCSC), the collaborative body between Cyberabad police and information technology industry, plans to set up a centre of excellence in cyber security.
Cyberabad Police Commissioner V. C. Sajjanar said since cyber security is going to be the focus area in view of the threats, a centre of excellence is proposed in Cyberabad commissionerate limits.
A programme organised to celebrate 15 years of SCSC was attended Home Minister Mahmood Ali, Director General of Police (DGP) Mahender Reddy, principal secretary, IT, Jayesh Ranjan, police commissioners of Cyberabad, Hyderabad and Rachakonda and representatives of IT industry.
SCSC, a not-for-profit organization and collaboration between Industry, Cyberabad police and other government agencies works on key focus areas of women safety, road safety, infrastructure, cyber security for a safe and secure ecosystem and supports business continuity for Industry sectors in Cyberabad area.
Some of the key initiatives of SCSC include: CCTV network in IT corridor; QRT vehicles; She Shuttles; plasma drive; Margadarshak programme; SanghaMitra programme; project safe stay; SAFE (Safety Awareness for Employees); Radiant Hyderabad; Traffic Volunteers; DilSeY Program (Digital Literacy to Secure Youth); BCP Coordination for Industry.
To mark the 15th anniversary, SCSC brought out a Coffee Table Book which was unveiled by Mahmood Ali. The book recorded the special moments from the past. He described SCSC as the perfect example of Public-Private Partnership.
DGP Mahender Reddy said SCSC has become a role model for the best collaborative efforts between the industry and the police. An interface of this scale doesn’t exist anywhere in the world, he said.
The police chief said he recently issued orders to all SPs and Commissioners throughout the state to form such bodies
SCSC general secretary Krishna Yedula said in the beginning, SCSC had the vision to enhance the safety and security of Cyberabad, for IT and ITES companies. But in subsequent years, the idea of safety expanded and the mission evolved to include initiatives like road safety, women’s safety and cybersafety.
BVR Mohan Reddy, Executive and Founding Chairman, Cyient,…