August 2016

Business

How I improved Co-op Banks security without getting dressed and still couldn’t get satisfaction.

It’s half ten, I’m working from home, an 0345 number comes up on my phone, I answer.
Me: Hello.
Bank: It’s Nancy* from the Co op bank, can I speak to Mr XYZ** please?
Me: That’s me.
Bank: Thank you, before I continue, I do need to ask some security questions. Can I take the 1st and 3rd digit of your 4 digit security code please?
Me: Sorry but No. I don’t actually know that you’re from the Co op bank so I’m not going to give you my security code. Because if I do, and you defraud me, it’s my liability.
Bank: Ah, but it’s OK, because I only need two of your 4 digits, so I can’t access your account with those. It’s just for security.
Me: Yes, I understand that, but if you also ring tomorrow and ask for the 2nd and 4th digits, you’ll then have all four. Which gives you full access to my account.
Me: And as you are ringing me, it’s me that needs to be validating who you are, not the other way round. I should be asking you the security questions.
Me: At least one security question, a password that I give you, so when you call me, I can ask you for it, before we even begin. Otherwise how do I even know you’re from the Co-op Bank? Prove it.
Bank: Ok, we can do that, we can set up a password once we are in your account. We do that for some other people.
I concede that this probably is the Co-op Bank, they’ve been using this same totally insecure way of contacting me for 5 years now. The first time they did it I was honestly left wondering if I should call the police. But by now I’m familiar with their quirky backward ways. One day I’ll even get a contactless card from them.***
I give Nancy my 2 digits, and we set up a password enabling the bank to identify themselves when they phone me. In this one step I’ve just made the Co-op Bank security vastly more secure, basically protecting myself against inbound phone fraud. I do have a few questions for Co-OP Banks as a result.
1./ Why did I have to figure this security solution out for myself? It’s not rocket science.
2./ Why don’t you offer it to your customers? They might appreciate it.
3./ Why are you not taking reasonable steps to protect your customers from fraud? And before a PR agency spits out “we take security most seriously baaa”, can I suggest that it isn’t reasonable to expect the customer to have to figure out the weakness in the Banks process and then figure out a fix for that weakness and then have to ask specifically for that fix to be implemented. What say thee FCA?
*Not her real name
** That’s not my real name either
***Unlikely.

The post How I improved Co-op Banks security without getting dressed and still couldn’t get satisfaction. appeared first on VentureBreak.

Business

Translating Cyber-Threats into Business Risks

Aside from the relentless barrage of cyber-attacks, one of the key challenges for IT security professionals is getting the rest of the business on board with efforts to keep these threats at bay.

There is great potential for things to get lost in translation when cyber-threats and remedies for protecting the organisation are communicated with non-security professionals.

Well-publicised breaches at Target, Ashley Madison, The US Federal Office of Personnel Management (OPM) and TalkTalk show that it is much easier to raise awareness if you define risks in everyday terms. A £10 million fine, a tarnished reputation or lost customers is far more impactful to business leaders and frontline staff than general references to “non-compliance” or data leaks.

The magnitude of the impact of these breaches is catapulting cybersecurity right up the business risk register, but there is still work to do. Ponemon research found that board members are increasingly aware of cybersecurity, but lack an understanding of the issues, which must limit their ability to evaluate situations and respond appropriately. The US NACD found that directors are dissatisfied with the information and clarity of cyber risk information they are given. This must be rectified before cyber-threats can be tackled effectively.

Tell Them Why They Should Care

One challenge in bridging the communication gap is that cyber-threats mean different things to different people and invariably impact different elements of the business. If the link between a cyber-threat and its ramifications are not clear, risks to the wider business can be obscure. To change this, security professionals must translate cyber-threats into business risks; presenting each part of the business with understandable and relevant information. This means stating not what the threat is, but providing intelligent metrics for cyber-risk. Impacts must be tuned to the specific mandate of the individuals – a CFO will be more concerned with financial impacts than a CEO who would focus on reputational and strategic impacts.

Turn Everyone Into a Cyber-Risk Sentinel

Aside from dealing with the difficulty of translating between technical and business issues, there is a need for greater collaboration in the security and compliance processes. There are more useful ways to approach compliance than seeing it as an annual tick-box activity. It must become a continuous, real-time process; with inbuilt quality improvement. Businesses need intelligent metrics for cyber-risk that show live, up-to-date security and compliance status of key systems and processes. This enables instant identification of problems and allows them to be dealt with before they become serious. Becoming fluent in risk means information is presented in a common and meaningful language across the business, so its importance is clear to everyone.

Ultimately, cybersecurity is not just an IT concern. It is a business-critical issue with ramifications for everyone. The only way to tackle threats effectively is to turn everyone into a business cyber-risk sentinel, so they understand risks relevant to their own role or part of the business.

The post Translating Cyber-Threats into Business Risks appeared first on VentureBreak.

Tech

How the startup economy is replacing the traditional resume

WE ARE HIRING, vector. Card with text in hands. Message on the card WE ARE HIRING, in hands of businessman. Isolation on background. Vector illustration flat design style. Template. A group of five engineers and product people get together, raise some angel funding, build a startup, make little to no money and sell for $10 million. What just happened? Common narratives assert that it’s the tech bubble; it’s a naive acqui-hire; it’s collective irrationality. Maybe it’s something else altogether: a fundamental shift in how we compensate the extreme… Read More

Business

India’s Paytm raises $60 million as launch of its payments bank nears

Https%3a%2f%2fblueprint-api-production.s3.amazonaws.com%2fuploads%2fcard%2fimage%2f196125%2findia-paytm

Feed-twFeed-fb

India’s Paytm has raised another round of funding as it nears the launch of its payments bank. 

The latest investor in digital payments and ecommerce firm is Taiwan’s semiconductor company MediaTekMashable India understands that MediaTek has invested $60 million in Paytm, valuing the Indian company at $5 billion. Paytm is in the process of closing another $240 million in investment from some of its existing shareholders including Alibaba, Ant Financial and SAIF Partners, according to a person familiar with the matter

Paytm said that it will use the fresh capital to expand and scale up its payments and commerce efforts, and also launch its proposed Paytm Payments Bank. “For Paytm, our mission is to bring half-a-billion Indians to the mainstream economy,” said Vijay Shekhar Sharma, founder and CEO of One97 Communications, the parent company of Paytm.  Read more…

More about Commerce, Business, Payments, India, and Startups

Art

Encrusting Flora With Stabilised Crystals

I specialise in botanical sculpture, often encapsulating or suspending my living works. I explore the ephemeral, natural change and preservation allowing my work to evolve as nature takes its course offering the beauty of things imperfect, impermanent and incomplete. Alongside my personal artistic practice, I established Botanique in 2013.

Entertainment

Preen Asks: The Pros and Cons of Instagram Stories and Snapchat

It’s been almost a month since Instagram rolled out their Stories feature and it’s safe to say that many people have been using this a lot―just as much as Snapchat. Even us here in Preen started using it during our many events. Meanwhile, it’s also undeniable that Instagram copped Snapchat’s feature. We use both apps […]

The post Preen Asks: The Pros and Cons of Instagram Stories and Snapchat appeared first on Preen.

Lifestyle

Significant Digits for Wednesday, August 31, 2016

You’re reading Significant Digits, a daily digest of the telling numbers tucked inside the news. It’s Guest Week here at this column, which means a cavalcade of FiveThirtyEight writers has agreed to keep you numerate. Today’s guest writer: @jodyavirgan. 0 percent A new PPP survey has found a 0 percent favorable rating for Donald Trump […]

Architecture

Check Out Kim Kardashian’s Lavish Airbnb in NYC

Kim Kardashian and Kanye West, along with their tots North and Saint are currently staying in New York. Their swanky home, care of Airbnb (and by that, we also mean that the company paid for everything) will be their headquarters during Kanye’s Saint Pablo Tour and of course, NYFW. Just checked into our NYC penthouse. Thanks @airbnb for […]

The post Check Out Kim Kardashian’s Lavish Airbnb in NYC appeared first on Preen.

Fashion

Cop Isabelle Daza’s #Bellechorette Fashion Must-Haves

Unless you took a break from social media this weekend, you surely know how Isabelle Daza celebrated her bachelorette party in Bali. Bea Soriano-Dee, Martine Cajucom, Solenn Heusaff, Carla Humphries, and Nicole Andersson were just a few of her companions as she enjoyed spa sessions and parties in Indonesia. While we’re still experiencing a few […]

The post Cop Isabelle Daza’s #Bellechorette Fashion Must-Haves appeared first on Preen.

Art

People Are Obsessed With This New Hidden Rainbow Hair

There were lots of hair trends in the past couple of years. From pixelated hair to rainbow pastel hair to galaxy hair, and even ‘merman’ hair – we’ve had it all. They may be cool and all, but some of us are just too shy for these bold hairstyles or simply have a more conservative job… If you’re one of those people, you’ll love this hidden rainbow hair that might become the next big hair trend!