The week in security: SMBs struggle on skills as critical Dnsmasq bug exposes infrastructure, IoT

Small and medium businesses are struggling to keep up with their need for security specialists, according to new IDG research.

Time will tell whether new government policy will help address this by promoting the sharing and commercialisation of Australia’s cybersecurity expertise.

In the meantime, one industry organisation head has advised SMBs wanting to improve their skills posture to embrace cloud-based tools ASAP, since they provide rapid access to increasingly advanced capabilities.

Better security practice will also prove beneficial for companies contemplating their cybersecurity insurance position. Recent mass malware hits have spawned a raft of new insurance offerings – but insurers may also be waking up to the reality that financial losses from a breach may be much larger than they ever imagined.

Meanwhile, long-standing bugs in the Dnsmasq open-source tool used in platforms including Android, Linux and Kubernetes created headaches for nearly every device running a Linux kernel.

That includes a lot of Internet of Things (IoT) devices – which is why companies like General Electric are spending a lot of time and effort figuring out how to stem the tide of IoT vulnerabilities. The company’s CISO shared his thoughts about how companies can secure industrial IoT components

It turns out that WhatsApp is the most frequently blacklisted app on BYOD iPhones. Yet administrators may also want to watch out for FormBook – an infection service for data-stealing malware that poses new concerns for those trying to contain potential infection vectors.