news
Duosystem achieves ISO / IEC 27001 Certification for information security
uosystem , a technology
D company , specialised in intelligence and health innovation , has achieved ISO / IEC 27001 : 2013 Certification , an international reference for the management of information security systems .
The certification attests that Duosystem has a high maturity level in its processes . The implementation of the controls recommended by the international standard ensures that
Duosystem securely manages the information assets , such as equipment , networks , processes , intellectual property and customers ’ information .
With this achievement , the company becomes part of a select group of 130 companies that , in Brazil , have valued and invested in information security . In the world , there are about 36,000 certified companies . However , in the health segment , this number is reduced to 410 companies .
Carlos Teixeira , Information Security Manager at Duosystem , said : “ In addition to technical controls , monitoring , transparency for senior management and continuous improvement , ISO 27001 promotes an internal culture of management risk and security incidents prevention .”
Denilson Mascarenhas , CEO at Duosystem , said : “ We believe that security information is part of an important evolution . That ’ s why we promote adjustments in our work processes , develop policies and procedures , seeking to bring transparency , security and information protection collected by our solutions . The certification is an important result of the company ’ s restructuring , focused on the process of hiring specific professionals to review our security and governance models .”
Multiple web app security issues found in all top 10 US credit unions
inancial services are big
F targets for cybercrime and the average cost of a US data breach stands at US $ 8.64 million . As the world shifts from physical to online , credit unions are doubling down on web applications to improve access and ensure vital financial services for their members . But with that comes greater security risks . To examine the security posture of these applications , Outpost24 analysed the web application attack surface of the top US credit unions to evaluate how secure they are . Using Outpost24 ’ s attack surface discovery tool , Scout , the findings revealed that there are 1,224 publicly exposed web applications running over 107 domains with 10 % running on old components that contain known vulnerabilities .
The list of US credit unions was chosen based on a Segmint list of the Largest US Credit Unions by Assets . Each had its public-facing web security environments examined against the seven most common attack vectors used by hackers during reconnaissance , to ascertain the risk score , including security mechanisms , page creations methods , degree of distribution , authentication , input vectors , active contents and cookies ( score 1 – 100 ).
The research uncovered the average score for the top three attack vectors against the US credit unions were active content technologies ( 70 ), followed by authentication ( 23 ) and page creation method ( 22 ).
Overall , the attack surface score for the top 10 credit unions was 16.39 ( out of 58.24 ) however , research showed the worst offender from the top 10 returned a disproportionally higher attack surface score of 34.08 , outweighing everyone else on the list and showing great disparity in the security posture between credit unions .
6 www . intelligentciso . com