In late May, online security firm Trusteer, an IBM company, raised alarms about a new online banking Trojan it calls Zberp. According to Trusteer, more than 450 global banking institutions in the U.S., the United Kingdom and Australia have been targeted by this malware strain, which combines features from Zeus and Carberp, two well-documented banking Trojans. Just days earlier, global cyber-intelligence firm IntelCrawler warned of new point-of-sale malware known as Nemanja, which had reportedly infected retailers in nearly 40 countries. And news about recent evolutions in the mobile malware strain known as Svpeng also has caused concern. In May, Svpeng was found to have evolved from merely a banking Trojan to a malware strain equipped with a dual ransomware feature (see New Ransomware Targets Mobile). But with so many alerts about new and emerging malware strains and attacks, how should banking institutions respond? It's a growing challenge for information and security risk officers because one of the keys to mitigating cyber-risks is differentiating new threats from older ones.

The above is the theme from a Toronto Glob editorial, see the ice storm: Why you want the lights to go out, sometimes in the piece they call attention to the fact that you can't mitigate every risk.  The costs to do so would be too high.  Thus, the focus on risk management: Dyman & Associates Risk Management Projects: Cyber Security "What is risk? You can look here; it is the odds of suffering a loss in the future. It is a cost. And what about the reduction or elimination of that risk? Also a cost. In deciding whether to pay the price, utilities - and all of us - end up having to weigh three factors: the size of the possible damage, the likelihood of its occurrence, and the price of mitigation." Risk management will become a greater part of the discussion as we move forward and the warming climate starts to impact our communities in varying ways.  This will be a good discussion for communities to have.  One way to reduce risk is to disperse it in the entire community (whole community).  If individuals are better prepared than the costs for organizations can be lessened, and costs of single entity preparedness reduced. Check out the post right here…