UpGuard Blog

Prime Day: How Amazon Handles Cybersecurity

Tuesday July 12th is online retail giant Amazon’s self-styled “Prime Day,” and the potential deals mean a surge in online shopping. Designing systems and applications to handle the amount of traffic a site like Amazon sees day to day, much less during promotions like Prime Day, can be difficult in and of itself. Throw in the complexity of cybersecurity and it becomes clear why so many online retailers have trouble keeping up. Amazon itself has relatively good security, but what exactly does that mean for customers? We’ll look at what measures Amazon has in place, what they mean, and a few simple steps to tighten security even further.

Read More

Topics: security, CSTAR, webscan, cybersecurity

All Bets Are Off on Casinos and Cybersecurity

You've seen enough empty Hollywood blockbusters about casino heists to know that today's gambling institutions are constantly in the crosshairs of attackers—online and off. In the digital realm, however, better malware tools and access to deep funding make today's cyber criminals more than a bad movie, especially when lucrative payloads are for the taking.

Read More

Topics: malware, CSTAR, vulnerabilities, data breach

When it Comes to Security, Knowing is Only Half the Battle

Since 2000, the nonprofit Center for Internet Security (CIS) has provided the public service of creating and distributing hardening guidelines for common operating systems and applications. Alongside documents describing what configuration to check, how they should be configured, and how to fix them, CIS also offers a software solution that can analyze a system for compliance with the CIS benchmarks. Despite those resources, and their criticality for information security, the fact remains that becoming and staying secure is a persistent problem. Why is system hardening so hard?

Read More

Topics: security, compliance, cybersecurity, CIS

Just How Risky is Crowdfunding?

There are really only a few ways to get funding: an individual such as a venture capitalist or billionaire, a partnership or strategic investment by a corporation or state agency and getting a large number of people to give you a very small amount of money. Crowdfunding websites claim to offer a platform for the latter, giving inventors, artists and small businesses a method by which to propel themselves on the merits (or popularity) of their ideas, without needing inside connections or extensive business acumen as the other methods usually require. But because all of the transactions involved in crowdfunding take place on the internet, cybersecurity should be a number one concern for both users and operators of these websites. We used our external risk grader to analyze 7 crowdfunding industry leaders and see how they compare to each other and other industries.

Read More

Topics: security, CSTAR, cybersecurity, crowdfunding

Is Symantec's Latest Failure the End of Enterprise Security?

Cybersecurity news items are usually one of two things: your "run-of-the-mill" data breach announcement or vulnerability alert, usually software-related. This week's Symantec fiasco falls into the latter bucket, but it isn't your average vulnerability alert. In fact, this is the one that most enterprise security professionals have been dreading and horrified to hear: that your security defenses are not only ineffective—they can be used against you by attackers.

Read More

Topics: CSTAR, vulnerabilities, cybersecurity

Can Fast Food be Bad For Cybersecurity?

No, we aren't talking about your burger-inhaling operator passing out on the job, leaving your precious IT assets unattended. You've probably guessed that we're referring to the latest Wendy's data breach announcementon June 9th, the international fast food chain disclosed that its January 2016 security compromise was, in fact, a lot worse than originally stated—potentially eclipsing the Home Depot and Target data breaches. 

Read More

Topics: malware, CSTAR, vulnerabilities, data breach

Buying a Computer Online Soon? Acer Data Breach Highlights Retail Danger

A few days ago, Taiwanese computer manufacturer Acer disclosed that "a flaw" in their online store allowed hackers to retrieve almost 35,000 credit card numbers, including security codes, and other personal information. Most of the major personal computer retailers have online stores like Acer's, allowing people to buy directly from the manufacturer, rather than through a reseller like Amazon. But how secure are these digital outlet stores, and what are the chances that if you use them you'll end up like Acer's customers? We examined seven industry leaders with our external risk grader to see how they stacked up, and unfortunately, Acer wasn't alone in its security practices.

Read More

Topics: security, CSTAR, IT security, data breach

Is Employee Happiness Affecting Cybersecurity?

Glassdoor's 2016 Employees' Choice Awards Highest Rated CEO List includes household names like Marc Beniof, Mark Zuckerberg, and Tim Cook—CEOs of companies that also score high marks for strong security. Is there any correlation between a company's cyber risk profile and its CEO employee approval rating?

Read More

Topics: vulnerabilities, cybersecurity, data breach

Why Should I Care About Cyber Risk?

The term cyber risk is often used to describe a business’ overall cybersecurity posture, i.e., at how much risk is this business, given the measures it has taken to protect itself. It’s often coupled with the idea of cyber insurance, the necessary coverage between what a company can do security-wise, and the threats it faces day in and day out. Cybersecurity used to belong exclusively  in the realm of Information Technology, one of many business silos that while important, was only a small piece of the business and as such, often delegated to a C-level manager who interfaced with other executives as necessary. Today’s businesses have outgrown this model, as what used to be considered information technology has grown to encompass business itself, permeating every aspect of it, governing its speed, its range, its possibilities. As a CEO or CFO, the way your business handles information technology, more specifically cybersecurity, reflects the way you think about your company and its place in the contemporary market.

Read More

Topics: insurance, cyber risk, cybersecurity, data breach

ATM Skimming and The Future of External Threats

A routine fill-up at the local gas station or ATM withdrawal might cost you dearly these days. With the recent surge in ATM and gas pump skimming attacks, you certainly wouldn't be alone—in fact, the odds are one in three that you'll fall victim to identity theft once your financial data is swiped. Is there any hope in an increasingly hostile landscape rife with external threats?

Read More

Topics: vulnerabilities, data breach

UpGuard Customers