Cybersecurity trends and advice from around the web.

No restriction on cybercrime during COVID-19

There’s a fascinating debate raging around digital privacy during COVID-19 that’s part philosophical, part practical. Have we any other choice than to (temporarily) relax our privacy concerns if it helps to fight a pandemic? In any other circumstances, some of the activity could seem like state surveillance that bears close scrutiny.

Meanwhile, figures such as EU Commissioner Věra Jourová, the WHO’s Dr Michael Ryan and privacy Professor Paolo Balboni have all argued technology’s role in gathering vital information shouldn’t come at the expense of personal freedom. Yet a survey of 1,000 people by the Irish Computer Society claimed that 87% of Irish people would be willing to share personal data or medical records in a public health emergency. Which raises the question: after the crisis, will the world look different through a privacy lens?

A little less conversation, a little more security

Working from home has taken a huge jump as organisations respond to restrictions imposed to slow the spread of COVID-19. Video- and conference calls now fill the working day, not to mention our social interactions. The communications app Zoom was one of the biggest beneficiaries of this trend, but then people started looking closer at its confidentiality and privacy practices. The FBI warned that Zoom and other teleconferencing apps could be at risk of hijacking. To give Zoom credit, the company reacted quickly to address vulnerabilities. BH Consulting CEO Brian Honan shared advice to improve security and privacy when using Zoom. Meanwhile, cybersecurity journalist Kate O’Flaherty suggests five alternative apps for anyone seeking more secure conferencing options.

Fortunately, there are lots of useful and trustworthy resources to help improve security for remote workers. The Data Protection Commission has published tips for individuals and organisations about using videoconferencing tools safely. The Gardai tweeted a handy poster with advice grouped into four Ps: passwords, payments, permissions and participants. The National Cyber Security Centre has published security advice for working from home.

Is privacy patient zero in a pandemic? 

There’s a fascinating debate raging around digital privacy during COVID-19 that’s part philosophical, part practical. Have we any other choice than to (temporarily) relax our privacy concerns if it helps to fight a pandemic? In any other circumstances, some of the activity could seem like state surveillance that bears close scrutiny.

Meanwhile, figures such as EU Commissioner Věra Jourová, the WHO’s Dr Michael Ryan and privacy Professor Paolo Balboni have all argued technology’s role in gathering vital information shouldn’t come at the expense of personal freedom. Yet a survey of 1,000 people by the Irish Computer Society claimed that 87% of Irish people would be willing to share personal data or medical records in a public health emergency. Which raises the question: after the crisis, will the world look different through a privacy lens?

BH Consulting COO Valerie Lyons has also shared her thoughts on this debate.

Unwelcome guest at Marriott as hotel operator admits to a second data breach

Still dealing with the fallout from a 2018 breach involving 382 million records, Marriott suffered another such incident this year. The latest breach involved 5.2 million guest records including contact details, gender and birthdays. Reuters reported that the perpetrators may have accessed the data using logins belonging to two employees. Marriott discovered the breach in February but believes the activity began in January.

The hotel chain claimed no passport or payment information leaked out. Nevertheless, the latest news pours more misery on Marriott, which faced a £99 million fine from the UK ICO after its previous breach. The company sought and obtained an extension to the process until June 2020.

Links we liked

Is your business resilient to incidents like ransomware? Take this test and find out. MORE

The Ultimate Security Budget Plan and Track Template. You’re welcome. MORE

Free access to the Academy of European Law’s e-presentations on data protection. MORE

Network forensics training resources from ENISA. MORE

Developing an effective security strategy in Ireland (a longread post). MORE

The story of how a company discovered a hacker and tricked them into being arrested. MORE

Recommendations for public and private sectors to build a cyber resilient Europe. MORE

A profile of Whit Diffie, the man who made mainstream encryption possible. MORE

Conspiracy theories spread as quickly as viruses, and that’s by design. MORE

The fallacy of the information security skills shortage. MORE

 

Have you signed up to our monthly newsletter? Every month we send out the latest cybersecurity and data protection news, trends and advice from around the globe. Sign up here