CAIRO (Reuters) – Suspected militants shot dead at least nine truck drivers in Egypt’s Sinai region late on Thursday when they targeted a transport convoy, setting the vehicles on fire, medical and security sources said on Friday. Egypt’s security forces have since 2014 been battling an Islamic State affiliate in northern Sinai, where militants have mostly hit police and soldiers but also occasionally targeted infrastructure and businesses. Two security sources in al-Arish, the area capital, said armed men attacked the convoy, which was carrying coal to a cement factory.
The bodies of the truck drivers, all shot to death, were taken to the morgue of Suez public hospital, four medical sources said. A military spokesman said there was no official statement . An interior ministry official did not respond to a request for information.
No group immediately claimed responsibility for the attack.
“They have threatened us repeatedly, asking that we don’t work for the army’s companies . We informed the factory management of the threats and asked them for more protection,” one local truck driver, Ismail Abdel-Raouf, told Reuters. Hundreds of police and soldiers have been killed since the insurgency quickened pace in northern Sinai after the 2013 ouster by the military of then-president Mohamed Mursi of the Muslim Brotherhood during massive protests against his rule.
A home-grown jihadist group, Ansar Bayt al-Maqdis, declared allegiance to Islamic State in 2014 and has since tried to spread outside the peninsula by targeting Christians with attacks on churches on the mainland. President Abdel Fatah al-Sisi, who presents himself as a bulwark against militants in the Middle East, has said Islamic State fighters might try to enter Libya and Egypt after their defeats in Iraq and Syria. Security forces have also faced attacks in the western desert region bordering Libya, where security sources say a former Egyptian special forces officer turned jihadist allied to al Qaeda was responsible for an ambush on a police operation last month.
(Reporting by Ahmed Mohamed Hassan, Ahmed Tolba, Mohamed Abdellah; Writing by Patrick Markey; editing by John Stonestreet)
- Barclays’ security chief Troels Oerting takes leave of absence.
- Oerting involved in internal investigation over efforts to identify anonymous Barclays whistleblower.
- Leave of absence said to be unconnected with whistleblowing incident.
LONDON Barclays’ security chief Troels Oerting took a leave of absence from the bank on Tuesday, according to two people familiar with the situation. Oerting joined the bank in 2015 from Europol, Europe’s law enforcement agency focusing on serious international crime and terrorism. As chief security officer and head of information security at Barclays, he is responsible for protecting the bank against everything from cyber threats to information leaks. A spokesman for Barclays declined to comment.
Oerting’s name turned up in an internal investigation over a whistleblowing case at Barclays . CEO Jes Staley asked Oerting to identify the writer of an anonymous letter sent to the board about a senior executive hired by Staley. Barclays said that Oerting’s group “received assistance” from US law enforcement officials in the attempt to find the whistleblower.1
His leave of absence is unconnected with the whistleblowing incident, one of the people said.
Both Jes Staley and Barclays have been the subject of investigations by the UK’s Financial Conduct Authority and Prudential Regulation Authority over the affair. After hearing about the incident earlier this year, the board appointed a law firm, Simmons & Simmons, to investigate. Staley said in a statement at the time: “I have apologised to the Barclays Board, and accepted its conclusion that my personal actions in this matter were errors on my part .
I will also accept whatever sanction it deems appropriate.” The board issued a “formal written reprimand” to Staley and made “a very significant compensation adjustment” to his bonus. Oerting was due to appear on Thursday in a panel discussion at a Barclays conference along with Royce Curtin, Barclays head of intelligence and former deputy assistant director at the FBI and Christopher Greany, Barclays head of investigations and insider threat .
It is unclear if he will still attend.
- ^ from US law enforcement officials in the attempt to find the whistleblower. (uk.businessinsider.com)
A market maker works on the trading floor at IG Index in London, Britain January 14, 2016.REUTERS/Stefan WermuthEarlier this month, credit reporting company Equifax disclosed that hackers had accessed1 the names and social security numbers of approximately 143 million of its US customers.
The breach tarnished Equifax’s reputation, destroyed its stock2 and decimated3 its executive ranks4. No one wants to be the next Equifax and it’s a safe bet that at this very moment big and small businesses across the country are scrambling to bolster their cyber fortifications. It’s not an easy feat . But Steve Martino, chief information security officer at Cisco, has developed some clever techniques through years of fighting the bad guys.
Cisco employees are constantly kept on their toes as Martino probes them for weak spots and drills a defensive mindset into them.
Martino sat down with Business Insider to share some of his key tactics for creating an organization that won’t become the victim of the next big cyber attack . Here’s what he recommends:
Kill your click-throughs
In online business, big click-through rates are great: it means customers are clicking on links and web pages to buy stuff.
Inside a company though, high click-through rates can be deadly as a daily barrage of phishing emails and other nefarious tricks try to entice susceptible employees into clicking a dangerous link.
Martino sends out fake phishing emails to Cisco’s entire staff every quarter .
Anyone who clicks on the phishing link is brought to an employee training video to teach them how to avoid engaging with suspicious emails in the future . The method works because it helps every employee understand their role in protecting their company against attacks.
“We’ve been able to reduce our click through rates by over 60% by giving them that training,” Martino says.
Protect your treasure
It’s extremely difficult to protect against every possible method of intrusion, so it’s best to focus on protecting the most important data. Figure out which customer and company data is most sensitive, as well as which portals of entry are most vulnerable, Martino advises.
“If you don’t know what your key things are, you’re trying to protect everything and you probably protect nothing,” he says.
Seek and destroy
Expect that attackers will get through some of the time and actively seek out the intruders.
“You have to recognize that in today’s interconnected world, no matter how much you deploy, mistakes will happen,” Martino says . From employees that click on phishing emails, to programmers that build buggy software, human mistake is often at the heart of security.
“Hackers are dedicated, and well funded adversaries, and they’re going to find errors in software,” says Martino.
Because of this, it’s vital that security teams actively look for existing breaches. One way to do this is to look for cybersecurity software which can work together, so that when something goes wrong at one point in the security process, protections are in place to prevent it from going any further.
Practice “fire drills”
Every student and office worker knows how to get out of the building fast if there’s an emergency . The same should be true for responding to cyber threats.
Martino recommends that management teams set up a cybersecurity playbook with defined steps that the team needs to take should their worst nightmares come to fruition.
Once the playbook is established, and roles are doled out to the staff, companies should run drills for security breaches the way that schools run drills for fires: The more a company practices, the better prepared staffers are when something does go wrong.
Spread the word
While a playbook is vital for the cybersecurity team, it should also include a prepared responses from other departments especially the communications team.
Most states have security breach notification laws that require companies to disclose when consumers have been impacted by a hack .
Companies also need plans for how to notify their board of directors, and other major stakeholders at the company .
And don’t forget to prep an apology statement to send to the press.
“If you don’t have a disaster response playbook, you’re going to try to make it up on the fly and make a lot of mistakes,” Martino says.