About the Review


Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.


Latest news 


  • Apple Pressured to Pay Ransom by Hackers Threatening to Remotely Wipe iPhones

    March 22, 2017

    Apple is currently under pressure to pay a ransom to a group of hackers who are threatening to remotely wipe iPhones. It seems the hackers are identifying themselves as “Turkish Crime Family.” Taking into account just how big Apple is and how deep its pockets go, the hackers only demanded $75,000 in Bitcoin or Ethereum, another ...

  • New Spam Campaign via Necurs Botnet Tries to Manipulate the Stock Market

    March 21, 2017

    The Necurs botnet is known as the largest spam botnet in the world, particularly for distributing Locky ransomware and Dridex. Now, it looks like Necurs is taking on a new role as someone tries to manipulate the stock market. The discovery was made by Cisco’s threat intelligence organization Talos, which notes that after being offline for ...

  • Cyber Firm at Center of Russian Hacking Charges Misread Data

    March 21, 2017

    An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election. The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with ...

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...

  • Personalized spam campaign targets Germany

    March 20, 2017

    A spam campaign Symantec observed in January 2017 targeting people who live in Germany appears to be, once again, using detailed, real personal information to enhance the believability of the messages. Victims who open the message attachments are likely to have their Windows computers infected with malware that steals banking information. First seen in the UK Symantec ...

  • China’s Quest for Cybersecurity Causes Headache for Foreign Companies

    March 18, 2017

    “There is no national security without cybersecurity,” declared President Xi Jinping at the inaugural meeting of the Central Leading Group for Cybersecurity and Informatization in February 2014. His words acted as the starter’s gun for a cyberspace regulation marathon in China. Since then, Chinese authorities have tightened the state’s control over all things cyber: from ...

  • Three Quarters of UK Firms Reported Data Breaches or Infections in 2016

    March 17, 2017

    Security issues among British companies are extremely high, with 75% of firms admitting they have experienced a data breach in the last year. The data comes from a research ordered by Cyren, a cloud-based security company, and indicates that when it comes to businesses with 1000 or fewer employees, the figure rises to 85%. “There is a ...

  • Government Cybersecurity Contractor Hit in W-2 Phishing Scam

    March 17, 2017

    Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks. On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that ...

  • ABTA hack sees personal details of 43,000 people exposed

    March 16, 2017

    Yahoo, Adult Friend Finder, LinkedIn, Tumblr and Daily Motion all have something in common: in 2016, details of massive hacks perpetrated against the companies were disclosed. The firms represent a handful of the companies and public bodies around the world that suffered at the hands of hackers last year. Data compromised usually included names, emails, ...

  • Why is incident response automation and orchestration so hot?

    March 16, 2017

    I couldn’t attend the RSA Conference this year, but many cybersecurity professionals and my ESG colleagues told me that incident response (IR) automation and orchestration was one of the hottest topics in the halls of the Moscone Center—through the bar at the W hotel and even at the teahouse on the garden at Yerba Buena. Was ...

  • The Fast-Growing Job With A Huge Skills Gap: Cyber Security

    March 16, 2017

    Behind every new hack or data breach, there’s a company scrambling to put out the fire. That’s good news for job seekers with cyber security skills. Employers can’t hire them fast enough. The ISACA, a non-profit information security advocacy group, predicts there will be a global shortage of two million cyber security professionals by 2019. Every ...

  • What’s In Shodan? Analyzing Exposed Cyber Assets in the United States

    March 15, 2017

    The United States is home to millions of unsecured and exposed cyber assets. By “unsecured” and “exposed” we don’t necessarily mean that these devices have already been compromised. Rather, this means they are vulnerable to cyber attacks due to inadequate security or poor configuration. Some cyber assets may even have remote access enabled for troubleshooting ...