- Over a quarter of UK businesses are being hit by more late payments due to the rising cost of living-Barclays
- UK insolvencies to increase by more than a third in 2022-Allianz Trade
- FCA strengthens consumer protection by speeding up removal of firms that do not use their regulatory permission
- UK Finance’s Take Five to Stop Fraud campaign promoted in Tesco stores
- PwC partner with due diligence startup Neotas to combat financial crime
- TransUnion enables free credit education via the new Lowell app
- Carrier billing spend for digital goods to exceed $74bn in 2026-dominated by digital games spend expired
- Q1 2022 has seen 20m first-time crypto apps installed in Europe-BanklessTimes.com expired
- As inflation hits the highest rate in 40 years, how can businesses prepare for the current economic climate? expired
- Ensuring secure and reliable ways to pay for virtual goods will be paramount to making the metaverse a truly immersive experience-ConnectPay expired
- SecurityHQ partners with SentinelOne to enhance global cyber security offerings expired
- A year passes with no inflation-beating savings deals-Moneyfacts expired
2nd August 2019
Capital One breach: Cloud services come with unique security risks, says Vectra
Responding to the news of the Capital One data breach, Matt Walmsley, EMEA Director at Vectra, said:
“Capital One didn’t even know they’d been breached until an external party notified of them on Wednesday 17th July that their customer data appeared to be showing up on GitHub. Yet again we see another big breach where defensive controls fail and detection capabilities are found wanting. In this case it seems that technical configuring mistakes in firewalls provided an opening and a motivated insider within the cloud service provider.
“Cloud services, with all their many benefits, also come with unique security risks to be managed such as attacks directly aimed at Cloud PaaS using stolen credentials, which would remain invisible to workload and cloud instance-centric security controls. Pervasive visibility across the enterprise, agnostic of environment type, is fundamental to security success.
“The task of quickly spotting the attacker behaviour, particularly when they are using legitimate tools and services for nefarious means, is beyond the speed and scale of humans alone. AI is now being used to combat cybersecurity adversaries by analysing digital communications in real time and spotting the hidden signals to identify nefarious behaviour whether they’re in the cloud or operating in your local infrastructure.
"AI can also ‘tie together’ the weak signals from the cloud and local infrastructure to identify the developing attack and enable security teams to quickly identify and stop cyberattacks before they’re able to wreak havoc.
“Given the recent fines Equifax have just been hit with, Capital One should expect deep and extended inspection, and putative fines if found to be culpable in the breach.”