UNM4SK3D: Bitcoin, Financial Services, and Smart Meters
While playing the Stock Market may not be for you, you may want to reconsider when it comes to digital currency. The worth of Bicoin is on the rise, with it’s value surpassing $1,000 for the first time since November 2013.
“Who wants to be a mystery Millionaire?” except instead of Regis Philbin asking, it’s users of Bitcoin. Bitcoin is a universal, internet currency that can work on any computer or mobile phone and does not require a credit card, bank account or the sharing of any personal identification to use or acquire, which means your transactions are anonymous. It also uses the concept of a blockchain, the innovation of a decentralized public ledger that tracks every transaction in bitcoin’s history.
The uptick in value for this currency may indicate a growing, global distrust of financial systems. Likewise, current events may have played their part. In China, there was a 7% annual drop in the value of the yuan in 2016, which is the Chinese currency’s weakest annual performance in over 20 years. Meanwhile in India, the Prime Minister removed high-denomination banknotes from circulation, causing a lean toward a cashless economy with help from Bitcoin, as well as the Bharat Interface for Money (BHIM) app, among others.
Over 100,000 companies worldwide now accept bitcoin for payment -International Business Times
It seems like the concept of digital currency may be starting to catch on. If you’re curious what security risks it comes with, read this 0P3N post on the Cashless Economy.
Doesn’t matter if you’re a Mets or a Yankees fan, the Empire State is sliding into home with new cyber security rules. This month, the New York State Department of Financial Services proposed one of the first programs mandating companies to implement cyber security programs to protect customers.
Generally speaking, cyber security rules are nonexistent at the local level, so this display by New York could set the precedent for other states down the line. For now, these rules will “require financial service companies, banks and insurance providers to establish and maintain a cyber security program designed to protect consumers.” Something that has consumers saying “it’s about time.”
The updated proposed regulation will be finalized following a 30-day comment period, during which time additional revisions can be made. Companies hesitant to adopt the rules have already pushed for leniency and are still pushing back, which resulted in the initial regulation delays. While the rules provide a 2 year timeline for compliance, those who don’t oblige will face serious consequences: scrutiny from the FTC.
New Yorkers must be confident that the banks, insurance companies and the other financial institutions that they rely on are securely handling and establishing necessary protocols that ensure the security and privacy of their sensitive personal information -Maria Vullo, the Financial Services Superintendent
If you’re in the financial services industry, or curious how institutions like banks are safeguarding your information, read ‘Privileged User Management for Financial Services Companies.’
At the Chaos Communications Congress in Hamburg, Germany, researcher Netanel Rubin shocked the audience with claims that smart meters use weak encryption and rely on easily pwned protocols. Oh, and that they can explode, too.
Smart meters can communicate with networked devices inside homes, such as air conditioners, making them interconnected as a means of convenience. He says, “ If an attacker could hack your meter, he could have access to all the devices connected to the meter. The smart meter network in its current state is completely exposed to attackers.” His warning comes in light of a global movement for people to install the meters in their homes for energy saving purposes. If Rubin’s claims are proven to be true, hackers could potentially control other devices and appliances, unlock doors, and cause fires. So although you may have always wanted a fireplace for your home, you probably don’t want your home to simply become one.
In other related news, The U.S. Federal Trade Commission has announced a prize competition with a reward of $25,000 for creating a software or hardware-based solution with the ability to auto-patch vulnerable Internet of Things (IoT) devices. The winning tool could be a physical device, an app or a cloud-based service that, at a minimum, will “help protect consumers from security vulnerabilities caused by out-of-date software,” said the FTC.
The European Union wants to replace more than 70 percent of electricity meters with smart versions at a cost of €45 billion. There are already some 100 million meters are installed globally
In the spirit of competition, we’ll share an article from Huntress Labs in which a particular vulnerability illustrates how the existing patching process for Internet of Things devices creates an ideal breeding group for auto-propagating viruses.
We know preparation for the CISA exam is extremely tough, but we wanted to help with an additional study tool.
The CISA certification is for individuals who have an interest in information systems audit, control and security with minimum of 5 years of professional information systems auditing, control or security work experience.
Despite your hands-on work experience, the test can still be tricky, with the 5 domains of knowledge tested on. Don’t let that discourage you though, Cybrary provides supplemental materials to make test prep a breeze!
More than 115,000 professionals have earned the CISA certification since it was established in 1978 -ISACA
If you want to hone your skills in one specific domain, or use the skill certification tests as practice for the full length exam, the domains are now offered in digestible chunks from the skills certification courses and corresponding tests. We recommend trying out: Information Systems Acquisition, Development, and Implementation, Information Systems Operation, Maintenance, and Support, or Protection of Information Assets.
Use code OBLOG50 for half off your next test.
This issue of UNM4SK3D was originally posted on the Cybrary.it blog and has be republished with permission. To access the original version, click here.
Olivia Lynch (Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.
Now Reading Milk and Honey by Rupi Kumar