Things I Hearted this Week, 21st Sept 2018

September 21, 2018 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

Next week I’ll be flying out to Dallas, Texas to attend the AT&T Business Summit. I’ve never been to Dallas before, so hope to check out the sites and maybe even find out who did shoot JR (if you’re born after 1983 that reference probably means nothing to you).

Do Breaches Affect Stock Market Share Prices?

A common question that comes up is whether a breach actually impacts a company’s share price or not. There are varying degrees of opinions and anecdotes, but what we really need is data.

Comparitech has published a very detailed breakdown, complete with methodology and data used. Some of the key findings include:

  • In the long term, breached companies underperformed the market. After 1 year, Share price grew 8.53% on average but underperformed the NASDAQ by -3.7%. After 2 years, the average share price rose 17.78%, but underperformed the NASDAQ by -11.35%. And after three years, the average share price is up by 28.71% but down against the NASDAQ by -15.58%. It’s important to note the impact of data breaches likely diminishes over time.
  • Share prices of breached companies hit a low point approximately 14 market days following a breach. Share prices fall 2.89% on average, and underperform the NASDAQ by -4.6%
  • After about a month, share prices rebound and catch up to NASDAQ performance on average
  • After the first month, the companies we analyzed actually performed better than they did prior to the breach. In the six months leading up to a breach, average share price grew 3.64%, compared to 7.02% following a breach. Similarly, the companies underperformed the NASDAQ by -1.53% leading up to the breach but managed to outperform it by 0.09% afterward.
  • Finance and payment companies saw the largest drop in share price performance following a breach, while healthcare companies were least affected
  • Breaches that leak highly sensitive information like credit card and social security numbers see larger drops in share price performance on average than companies that leak less sensitive info
  • Analysis: How data breaches affect stock market share prices | Comparitech

Europol Internet Organised Crime Threat Assessment 2018

Ransomware continues to be the biggest malware threat to businesses around the world, but mobile threats and cryptojacking are emerging as serious challenges, according to Europol.

The law enforcement organization’s annual Internet Organised Crime Threat Assessment (IOCTA) provides a good snapshot of current industry trends. It reflects the findings of many security vendors: that ransomware is slowing but still the most widespread financially motivate threat out there, ahead of banking Trojans — and will be so for several years.

DDoS attacks were second only to malware in terms of volume in 2017, as infrastructure becomes more “accessible, low-cost and low-risk.”

Ransomware Blanks Bristol Airport Screens

For two days last week, airport officially were using posters and whiteboards to announce check-in and arrival information for flights going through the airport. Which shows it’s good to have a backup system in place.

Run Critical Infrastructure Regardless of Malware

As threats and cyber-attacks on critical infrastructure are expected to intensify in the near future, cyber-security experts believe that companies and government agencies should be prepared to operate networks even if there's malware or a threat actor on the network or not.

The idea is that cyber-attacks should not cause downtime of any form, and networks should be designed in a way that an attacker's presence does not affect the network's availability for end users.

Experts who believe in this approach are Major General Robert Wheeler, retired US Air Force, and former Deputy Chief Information Officer for Command, Control, Communications and Computers (C4) and Information Infrastructure Capabilities (DCIO for C4IIC), US Air Force.

The Big Boys of Tech are Out of Their Depth

I came across this interesting article where the author feels sorry for the big boys of tech, Zuckerberg, Dorsey, and others in similar positions.

In many ways, I agree with the main points that these founders may not be able to fix privacy and security issues on these social platforms - but then again, I don’t think there is a suitable replacement. That’s one of the problems when you enter new realities, there are no real maps to follow. Still, an article worth pondering over.

Other Random Stories I Liked this Week

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL CHAT