There’s an almighty tug-of-war going on between the telcos and the Web companies over Net Neutrality rules. It’s a contentious issue that divides two continents. The current US administration favors the telcos, while the EU wants an Internet that continues to encourage Web company innovation and protects consumer privacy rights. The stakes are high. Should the current rules change, then telcos and ISPs will no longer be obliged to treat all web content equally. It will mean Web companies may have to pay more to distribute their choicest content while the surfing habits and purchase histories of ordinary customers could be sold to the highest bidder. For customers who value their privacy, VPNs are a great way to avoid website traffic analysis and preserve secure Internet connectivity.
When WannaCry dominated the headlines, manufacturers fell over one another to make a statement. On the whole, the comments can be divided into two groups. Some reminded customers that not patching software is negligent and others claimed that it simply would not have happened with their software/hardware/service. How true is this? One can hardly imagine that organizations such as hospitals or Deutsche Bahn would not have any protection software, employ incompetent administrators, or have not heavily invested in security technology. Security products and services were almost certainly available to the affected organizations; however, they were unable to neutralize this threat.
The ATM celebrates its 50th anniversary this year. Some of the oldest cash machines still in use today date back to an era when network security was relatively unsophisticated. Protecting connections between large numbers of disparate ATMs and the banks’ processing centers using VPNs is relatively straightforward. Yet, some banks have not yet taken adequate protective measures. As the Internet of Things gathers pace, the need to protect machine-to-machine communications is becoming urgent. Cybercriminals’ recent success in carrying out remote attacks on ATMs is a timely reminder of how important secure remote connectivity has become for M2M environments.
Data protection is considered important, the Federal Data Protection Act is well established and German companies really should be absolute experts in data protection by now. However, a quick reality check shows that data protection is not quite as advanced as it might seem either due to lack of knowledge or deliberately ignoring data protection and profiting from selling customer data. Some readers may however take comfort that data protection is taken somewhat more seriously in Germany in comparison to the rest of the world where privacy and data protection issues are not even considered by decision and policy makers.
People are often quick to adapt – now we don’t seem to blink an eyelid when we read news about another hacked server and the loss of a few million records of personal data. Only the most spectacular cases often attract our attention such as an attack on a high profile target like the German parliament or incidents where vast amounts of data were stolen, for example the Yahoo breach. And the bar is constantly being raised of what needs to happen to catch our attention. News which used to grab headlines throughout the media is now limited to specialist magazines or blogs. Nevertheless, companies are paying attention to such threats as a high priority. A study by PriceWaterhouseCoopers lists cybercrime as the second most reported economic crime. In the study, 32 percent of companies said they had already been victims of cybercrime and 34 percent expected an incident in their company over the next two years. Analysing the development of cybercrime in the last few years reveals interesting trends. A infographic on Bestvpn.com lists the 10 most serious incidents according to the impact or the quantity of stolen data. Although the list is based on incidents in America, the findings are impressive. Even the last place begins at 50 million data records stolen from the retailer Home Depot in 2014.
The research and analyst firm techconsult issued a summary of the five major security vulnerabilities in SMEs and public organizations in Germany at the start of 2017. Their annual study Security-Bilanz Deutschland reviews IT and information security based on a representative survey of more than 500 interviews in companies and non-profit organizations. The results are sadly not that surprising each year. Although the organizations surveyed are aware of the problems and have the resources to deal with them, unfortunately they either approach issues through the wrong channels, inconsistently or too late.