Off the wire
1st LD: 5.7-magnitude quake hits northeastern Iran  • Zimbabwe's land reform hero, former Chief Justice Chidyausiku, buried  • Suspected ransomware attack at southeast Ireland's healthcare facility  • Iraqi forces paramilitary units push to border areas with Syria  • Extension of oil output reduction pact likely for 6 months or more: Russian energy minster  • Death toll of plane accident in BiH rises to 5  • Feature: An exuberant voyage with serious undertones at Venice art show  • Urgent: 5.7-magnitude quake hits northeastern Iran  • Thousands march through Madrid to demand end to bullfighting  • Feature: African girls display innovation at Transform Africa summit  
You are here:   Home

Slovenian firms warned to take cybersecurity seriously

Xinhua, May 13, 2017 Adjust font size:

Slovenian companies and institutions have been warned to take cybersecurity seriously after the global ransomware attack that hit tens of thousands of targets on Friday.

Slovenian IT experts Gorazd Bozic and Bostjan Kezmah pointed out that in most cases, price wins over quality when security systems are selected, ensuing system vulnerabilities make the work of hackers easier, the Slovenian Press Agency (STA) reported on Saturday.

Kezmah, an ISACA certified information systems auditor, told the STA that big privately-owned companies in Slovenia were more aware of the importance of cybersecurity than the public administration as well as small and medium-sized enterprises.

The ISACA is an international professional association focusing on IT governance, previously known as the Information Systems Audit and Control Association.

According to Kezmah, because it picks security systems via public procurement in which price is the decisive factor, the public administration in particular is at risk, as it ends up picking systems of poorer quality. Tender rules are too lax, he stressed.

Kezmah said that institutions should turn to experts for help in drafting the tender rules so that only companies providing quality protection could apply.

Bozic, the head of the Slovenian Computer Emergency Response Team (SI-CERT), agreed that something should change in the field. For example, insurers should start offering cybersecurity insurance packages.

SI-CERT received eight reports about Friday's attack in Slovenia, including by Revoz, Renault's assembly plant in Novo mesto. The plant had to halt production because its computers were locked and the company was requested to pay 300 U.S. dollors in bitcoins in three days to unlock them.

SI-CERT gets around 4,500 reports of attacks per year, with Bozic pointing to banking as the most high-risk sector because of the vast amounts of money handled by banks. Endit