The week in security: Marriott mega-breach a reminder about ever-present threat

Credit: ID 120599274 © Gunay Aliyevs |

Lines of succession vary from company to company, but new research showed a spread of opinions about who is best qualified to become the next CEO (hint: CIOs are pretty ambitious). But do CISOs have what it takes?

The UK’s GCHQ shared information about how it decides whether to report a security bug or keep it secret.

One security expert was advising that there isn’t much difference between internal and external threats – and that we should stop trying to defend against them as though they are completely separate things.

Semantics like that matter little once the company is hacked, as global hotel giant Marriott has discovered after confidential data on 500m guests was stolen in the latest mega-breach.

The cybersecurity threat climate may not be getting any better, but a growing body of regulation and compliance standards promises to clarify best practices for businesses next year.

Microsoft was launching a review of its Azure security after a series of bugs locked users out of Office 365, most recently for a 14-hour stint that marked the second week in a row the authentication service has had problems.

Health insurer Medibank has also been working on improving its identity management, which formed the third tier of a three-year program of works that has overhauled information security within the company.

The US government charged two Iranians over the SamSam ransomware, which attacked hospitals and agencies.

With ransomware continuing to savage its targets, ransomware remediation is also emerging as a valuable opportunity for those wanting to fight back.

Tags MicrosoftazureMarriottdata breach

Show Comments