News You Can Use: Watch These Security Flashpoints

Many small and mid-sized businesses – a core market for solution providers – are having trouble with their cash flow and with disputed payments. Can you help with any of your offerings?

DEVOPS WITHOUT SECURITY DOESN'T ADD UP IN FINANCIAL SERVICES

Financial services organizations may be among the most security-intensive, but when they quickly trot out new functionality through DevOps, a substantial minority – about three of every eight – struggle to enforce security policies for their DevOps environments, according to a study by machine identity protection vendor Venafi. The study of cryptographic security practices of DevOps teams in the financial services industry found that many organizations have fairly strong cryptographic security policies in their production systems; but they often fail to enforce those same measures in their DevOps environments. Venafi says cryptographic security risks are amplified in DevOps settings, where compromises in development or test environments can spread to production systems and applications. The vendor says this is a particular issue for financial services organizations, which have been early DevOps adopters.

YOU REALLY DON'T HAVE CYBERSECURITY INSURANCE?

If you're a regular reader of this site or CRN.com, you're well aware of the increased threat of cyberattacks. But you may find it a bit mystifying that half of U.S. executives say their firms don't carry cybersecurity insurance, compared with just 40 percent in other countries, and 36 percent in Canada, according to a survey by research and consultancy firm Ovum for Silicon Valley analytics firm FICO. Further, 27 percent of U.S. execs say their companies have no plans to take out insurance, despite the fact that 61 percent believe the volume of attempted breaches will rise over the next year. The upshot? If you have clients that plan to steer clear of cyberinsurace or won't insure themselves adequately, address that with them as you come up with the best possible technology solution to repel potential attacks.

WILL GDPR GIVE MOBILITY A BOOST?

Keep your eyes on the coming arrival of the General Data Protection Regulation (GDPR) in Europe. More employees in four of the world's most industrialized countries – including the U.S. - are using a widening array of mobile devices, and businesses are keeping pace by embracing mobile and incorporating it into their businesses, according to Strategy Analytics. But 29 percent of the companies surveyed – in the U.S., U.K., France and Germany – say that more than half of corporate-liable smartphones are unlocked, and those devices may struggle with GDPR, which will take effect in European Union countries in May 2018, if businesses don't install proper mobile security or enterprise mobility management solutions, Strategy Analytics said in a statement. GDPR places significant requirements on companies on how they handle customer data, with the goal of greater data privacy and protections for consumers.