• Search for:
    14Mar, 2023
    Advancing Women in Cybersecurity – One CMO’s Journey

    The number of women in cybersecurity is on the rise. Recent research finds women hold 25% of cybersecurity jobs globally in 2022, up from 20% in 2019, and projected to reach 30% by 2025 and 35% by 2031. While the trend is moving in the right direction, women are still underrepresented. As an industry, we are leaving untapped talent on the table which we can ill-afford to do given the ongoing cybersecurity workforce gap.

    March is Women in Cybersecurity month and March 8 is International Women’s Day. So, I thought I’d take the opportunity to speak with a woman who has grown up in cybersecurity, Anna Tutt, CMO of Oort, to share her experiences and get her perspective on how we can help accelerate this growth.

    How did you get into cybersecurity? I started my career in the technology consulting space. But I quickly moved into cybersecurity when I was recruited by Sourcefire to do revenue operations rollout which was my background. In that role, I worked with all parts of the organization—sales, marketing, executive management—and got to grow quickly into a global programs role before the company was acquired by Cisco. Sourcefire was a great experience as a beginner in cybersecurity. I was surrounded by great mentors and industry leaders who I learned a tremendous amount from. I got hooked on the high growth environment and have used that to drive me in my career going forward. Every company I’ve joined since has been in a different area of cybersecurity. From the network to threat intelligence and OSINT, and most recently identity security. Each time, I’ve jumped into a whole new world I’ve had to learn.

    What do you see as the greatest challenges the industry faces right now? The environment we operate in is super noisy. I feel this as a marketing professional – with all the vendors out there it’s hard to know where to start – and security practitioners feel this too. The outcome of that is that you have security teams spinning their wheels, responding to red flags across all their systems and not working efficiently. And organizations are missing the basics. Last year 80% of hacking-related breaches used stolen and/or weak passwords, according to the Verizon 2022 Data Breach Investigations Report. We’re leaving the front door open. That’s why I joined Oort. I believe that identities are the easiest way in, and the most often ignored attack surface. Helping companies get a complete view of their identities is critical in order to stop account takeover and eventually moving towards zero trust.

    What uniquely valuable insights or perspectives do you think women bring to cybersecurity? Women often have an innate ability to multi-task and organize so we can get our arms around a lot, which is important in this profession. We also bring additional perspective and creativity which can help drive different solutions. Criminals are coming up with creative ways to attack us and we need creative ways to prevent them. Finally, empathy is very important. Being able to keep the customer in mind and humanize challenges changes discussions and helps us connect to our audiences better, which creates a win-win for vendors and users.

    There’s a lot of FUD out there. What makes you optimistic about the war on cybercrime?
    Despite all the economic uncertainty this year, cybersecurity is proving to still be a priority. Companies are still planning to invest in additional security technologies and services. And vendors are getting funding to come up with creative ways to solve problems. I think that’s a testament to how much innovation and need there is in this space. At the end of the day there are more good guys than bad guys, and as long as the good guys keep investing and getting funding to fight against it, the bad guys are going to be on their back foot.

    What advice can you share with women thinking about getting into cybersecurity or still early in their careers? First, even if you’re not in a technical role, invest in building up your cyber acumen. The more you understand how security teams operate, the better you can do your job. Second, trust your gut when joining a company and know your worth. Women tend to go in with imposter syndrome. Do your homework and go in prepared and confident. And third, find a trusted resource – a mentor or two you can turn to for advice navigating opportunities and challenges and setting boundaries. I’ve been lucky to have great mentors in my career who have really helped me. Hold onto these people. 

    The theme for International Women’s Day is #EmbraceEquity. Do you have any advice for employers on recruiting and retaining women? Here again, I have gotten lucky and have found that the most successful employers are those that understand their values, define their policies and then live those values. Make diversity integral to your culture, talk about your policies in the interview process so candidates don’t have to ask and, starting at the top, walk the walk. If you don’t do these things, you risk ignoring a huge population that is wondering if you are looking at them differently. When you can leave those questions at the door, you can talk about what is important.

    Resource : https://www.securityweek.com/advancing-women-in-cybersecurity-one-cmos-journey/

    4Mar, 2023
    Cybersecurity trends for 2023 and what to expect

    The rapid proliferation of new attack surfaces means more opportunities for threat actors than ever before, and this will only continue as new technologies are introduced, according to Vulcan Cyber’s Cyber Risk in 2022: A 360° View report.

    The report, developed by the Vulcan Cyber in-house research team, Voyager18, highlights the biggest developments and underlying narratives to cyber risk in 2022 and suggests ways to improve and maintain security posture as we enter 2023. According to the report, organizations need to be aware of the following seven trends in 2023:

    1. More attacks in the cloud

    Security in the cloud remains immature, with default cloud services often providing inadequate essential security functions. Threat actors are keenly aware of this, and security teams must keep up with their organizations’ appetite for cloud adoption.

    2. Mobile security attack surface

    With around two-thirds of the world’s population using smart devices as of 2021, it is no surprise that mobile is fast emerging as a major target for threat actors. Attackers leverage easy opportunities in e-commerce, banking and online booking applications. With mobile devices not going anywhere soon, this attack surface will only continue to grow.

    3. Threat actors turn to iot

    Expect to see more sophisticated and targeted attacks on Internet of Things (IoT) devices and a greater range of malicious actors targeting this technology in their attacks.

    4. Healthcare sector at risk

    The healthcare sector is increasingly vulnerable with more patient data being stored online and in the cloud, and the residual impact of the COVID-19 pandemic on healthcare services.

    5. AI in security efforts

    A welcome development for 2023 will be the increased implementation of advanced machine learning and other artificial intelligence (AI) techniques in identifying and responding to threats.

    6. Users as an attack surface

    An organization’s user base will remain a primary target, with threat actors leveraging phishing, social engineering, and other techniques to try to compromise the organization’s employees and their customers.

    7. Diversified cyber risk requires a better solution

    With the avenues of attack growing in number, IT security teams cannot rely on outdated methods to stay secure.

    The report explores a number of ways organizations can meet the increased demands of the cyber risk landscape, including:

    • Making employees part of the company’s security defense
    • Keep patches up to date
    • Restrict unnecessary access
    • Implement multi-factor authentication
    • Follow industry best practices

    Resource : https://www.securitymagazine.com/articles/98916-cybersecurity-trends-for-2023-and-what-to-expect#:~:text=AI%20in%20security%20efforts,identifying%20and%20responding%20to%20threats.

    1Mar, 2023
    Cyber Insights 2023 | Zero Trust and Identity and Access Management

    Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and everything, everywhere and anytime.

    SecurityWeek Cyber Insights 2023 | Zero Trust and Identity and Access Management (IAM) – Zero trust is not a replacement for identity and access management (IAM), it is an extension in extremis. It is the extension of IAM principles from people to everyone and everything, everywhere and anytime. The difficulties in IAM are retained but are complicated by the complexity of installing it everywhere.

    Nevertheless, zero trust is widely seen as an important part of effective cybersecurity. In 2023 we will see more vendors touting a complete zero trust product and/or methodology, and more businesses attempting its implementation.

    Here we examine how this might progress through 2023.

    Background

    Zero trust is a natural evolution from the realization that company networks no longer have a perimeter that can be defended. With no perimeter to defend, every asset needs to be individually protected, and every access needs to be individually verified. Location means nothing – access to anything from anywhere must always be verified before it is granted. 

    It is a short step from this to realize such verification should apply within the network as well as from outside: east-west (where it is also called ‘microsegmentation’) as well as north-south. Achieve this, and you have fulfilled the journey to zero trust.

    Zero trust is the replacement of a defensible data center perimeter with individual defensible asset perimeters – from one to potentially millions.

    The DoD Zero Trust Reference Architecture, referred to in an OMB memorandum in January 2022, describes the concept: “Zero trust is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the Internet) or based on asset ownership (enterprise or personally owned). Zero trust requires designing a consolidated and more secure architecture without impeding operations or compromising security. The classic perimeter/defense-in-depth cybersecurity strategy repeatedly shows to have limited value against well-resourced adversaries and is an ineffective approach to address insider threats.”

    The OMB memorandum goes on to state, “This memorandum requires agencies to achieve specific zero trust security goals by the end of Fiscal Year (FY) 2024.” Two things are immediately apparent: firstly, there will be extensive activity within federal agencies through 2023 to fulfill this requirement (and associated vendor activity to help them achieve this); and secondly, it is no simple task. The trickle-down effect of federal mandates will ensure that adequately resourced private industry will follow.

    “Zero trust represents a fundamental shift in the way in which organizations view and approach risk (and in turn security),” explains Chris Denbigh-White, cybersecurity strategist at Next DLP. “Moving through 2023 many organizations are going to realize that zero trust is not so much a destination as a means of conducting the journey of information security. Yes, technology will play a vital role in this journey but should never be confused with the end of the conversation, or indeed the end of the journey.”

    It is worth noting that some vendors call their preferred route to zero trust ‘zero trust network access’ (ZTNA). You can get further details on ZTNA here – but within this article we will treat the two terms (zero trust and ZTNA) indiscriminately.

    Problems and issues for 2023

    “The most common mistake organizations make deploying zero trust or microsegmentation is underestimating the complexity of their network,” says John Yun, VP of product strategy at ColorTokens. “An effective zero trust implementation requires the knowledge of all servers, applications that run on the servers, and users authorized to use those applications.”

    Matthew Carroll, CEO and co-founder of Immuta, warns that zero trust should not be considered a complete solution on its own. The problem that it seeks to solve is partly due to the massive increase in data sharing that has arisen through the growth of cloud-based SaaS infrastructures. This will result in an increase in data processing agreements (DPA) between companies and SaaS providers. “In 2023, we’ll see DPAs become a standard element of SaaS contracts and data sharing negotiations.”

    He still fears that zero trust alone will not provide adequate security. “In 2023 we’ll see a major shift in data security architecture. This will include proper access controls that effectively balance access and security.” But he adds, “Zero trust won’t work using traditional approaches because there are too many endpoints.” Implementing a zero trust approach for access must still be integrated with adequate anomaly detection – zero trust for access should not be at the expense of internal visibility.

    The effect of Covid-19 has increased the importance of a zero trust architecture. “The Covid-19 pandemic ushered in a new era of remote and hybrid working,” says Craig Lurey, CTO and co-founder at Keeper Security. “The explosion in the sheer number of endpoints, with an increasing amount of them accessed remotely, requires a higher level of security to tackle growing online threats. Under this new normal, zero trust is now the only realistic and comprehensive framework for securing modern, cloud-based data environments and distributed workforces.”

    Joseph Carson, chief security scientist at Delinea, adds, “A zero trust approach will become more essential than ever as the transformation continues. Employees should have access only to what they need to efficiently do their job. This will ensure that an attacker’s ability to move within the larger business network is limited and the attack surface reduced.” But he also notes that this could raise privacy issues if employers impose conditions on personally owned computers.

    “It appears remote work is here to stay and will increase into 2023,” says John McClurg, SVP and CISO at BlackBerry. “Enterprises should look to adopt a zero trust architecture and security model to truly secure their remote workforces. This model is defined by trusting no one and absolutely nothing by default – including users inside an actual network. By assuming every user, device or network is hostile, zero trust security forces everyone to prove who they are before access is authorized.”

    The urgency of the pandemic and the consequent rush to implement remote working is in many cases causing problems for the integration of an overarching zero trust solution. “The majority of organizations today still struggle with allowing explicit access to applications and enforcing zero trust policies across their business. In fact, over 80% of organizations have found it difficult to implement a zero trust model, and that has a lot to do with the fact that many organizations have hybrid IT architectures,” explains Peter Newton, senior director of products at Fortinet.

    The problem is that it is too cumbersome to have one set of policies for on premises and an entirely different set of policies for the cloud. Consequently, he says, “In 2023 we will see more IT teams shift to incorporate ZTNA across the entire network – from cloud to on-premises – for universal coverage under a single solution. And as ZTNA begins to go mainstream in the enterprise, we’ll start to see organizations transition away from a pay-per-user model and start to bake ZTNA directly into their security architecture for a more seamless and consistent user and management experience.”

    At its root, zero trust is a major extension of identity and access management (IAM) – but IAM itself is a problem that has never yet been completely solved. “Organizations are still learning the concept of identity sprawl and the scale of their technical debt, which means that companies are just starting to realize the scale of the challenge,” comments Wade Ellery, field CTO at Radiant Logic. 

    “In 2023, we are going to see more and more businesses slow down to speed up –they’ll recognize they need to put in an identity data foundation before they can justify building new, revenue-oriented projects that demand access to identity.”

    For zero trust, he added, “As we move into 2023, senior decision-makers and security teams are discussing how they can achieve a granular-approach in real-time, and ultimately, they will come back to the issue of identity data management.”

    More and more companies are recognizing the theoretical security benefits of zero trust and are starting their own journeys. In 2023, the difficulties in doing so will become more apparent – but it’s not all doom and gloom. “To a certain extent, factors such as internal politics, talent shortages, and economic conditions play a role in any IT project,” comments Hendra Hendrawan, security technical councilor at the Info-Tech Research Group. “Still, organizations with a good IT or cybersecurity strategy should embark on the zero trust journey with fewer frictions.”

    At a high level, he says a successful IT implementation generally consists of well-documented processes, good selections of technology, and great talents. “Couple these with a solid security strategy, and achieving a zero trust architecture should not be a question of how but of when.”

    That ‘when’ will be many years in the making. “Zero trust is a security model, not a product. Adopting zero trust across an enterprise requires careful planning and the use of complementary, multi-vendor solutions,” warns Torsten Staab, principal engineering fellow at Raytheon Intelligence and Space. “For many organizations, adopting zero trust security will be a multi-year journey. Establishing a solid zero trust strategy up front and developing a phased, step-by-step implementation plan to avoid boiling the ocean and losing focus will be key to a successful zero trust implementation.” But for 2023, he added, “Look for additional zero trust implementation guidance and recommendations from NIST and CISA.”

    IAM issues

    Foundational to implementing zero trust will be solving the existing IAM problems – and that will not be easy. The traditional approach has been to implement basic MFA involving a second-factor token delivered via a mobile phone – but such MFA is frequently broken by hackers. 

    “My prediction for 2023,” says Ben Brigida, director of SOC operations at Expel, “is that we will witness an increase in MFA push notification fatigue attacks. Why? Because they’re working. More and more, organizations are turning to cloud access identity providers for single sign-on capabilities. Attackers know that if they can get their hands on credentials for these platforms, they’ll get access to critical business applications—not just email. So, they’re sending multiple push notification requests to users and hoping the user will just approve one to make the notifications stop.”

    Chris Vaughan, VP technical account management, EMEA and South Asia at Tanium, calls this an MFA push exhaustion attack. “This is where an attacker sends a large number of MFA acceptance prompts to users’ phone which may cause them to click accept to stop the barrage of requests. This has been largely successful in gaining access to user data and accessing IT environments.”

    “Once considered a ‘silver bullet’ in the fight against credential stuffing,” adds Marcus Fowler, CEO of federal government for Darktrace, “it hasn’t taken attackers long to find and exploit weaknesses in MFA and they will continue to do so in 2023.”

    John Stevenson, senior product director at Cyren, expands on the problem: “Phishing will remain an unsolved problem leading to countless account takeover attacks. As businesses enable MFA, phishers will update their tactics to defeat additional verification steps like one-time codes sent to phones or email addresses. So-called strong authentication methods that rely on mobile phones and email accounts (that were never intended to be identities) will be the first to prove insecure for high-risk use cases. Passwordless authentication won’t yet solve these issues due to insufficient lifecycle management solutions and incompatibility with legacy systems.”

    John Pescatore, director of emerging security trends at SANS, sees an additional phone-based threat to identity management. “While mobile phones are more secure than desktops,” he comments, “we will also see a greater volume of stalkerware included in downloaded apps that target consumers.” 

    Pegasus spyware is a prime example of this threat – it can install itself on iOS and Android devices with zero clicks. Hackers are also creating malicious stalkerware apps and hiding them in app stores. 

    “As people become more accustomed to downloading family tracking software and giving away app permissions, the risk of having their keystrokes, locations, voice, and even photos and videos recorded for financial theft and other nefarious purposes will also increase.”

    If second-factor one-time codes and passwordless authentication are not the solution to the IAM issue. an alternative must be found. Many have been suggested, from physical biometrics (including touchless fingerprinting) to behavioral biometrics and more.

    “Touchless fingerprinting will emerge as the top authentication method,” claims Chace Hatcher, VP of technology and innovation at Telos. “In 2023, organizations with a pre-existing fingerprint database infrastructure will increasingly turn to touchless fingerprinting to perform remote biometric identity verification”, he says. “With regards to authentication, we’ll see identity platforms backed by multi-modal true biometrics face and fingerprint and ‘convenience biometrics’ embedded mobile solutions like faceID and touchID emerge.” 

    “In 2023, more people will protect their critical accounts with methods other than logins and passwords,” adds Ricardo Amper, founder and CEO at Incode. “When creating accounts, they will provide multiple factors such as biometrics, government-issued identity documents, and information from reliable sources to prove their identities. When authenticating access to these accounts, they will use biometrics, providing more security for their private data.”

    Donnie Scott, CEO at Idemia, has a more specific US identity prediction for 2023. “In 2023, every jurisdiction that issues an identity will have deployed, be in the process of deploying, or considering the deployment of a digital form of mobile identity/mobile-driver’s license. Arizona was the first US state to adopt mobile IDs followed by Oklahoma, Delaware, and Mississippi. Up to 30 states, including Colorado, Hawaii, Ohio, and the territory of Puerto Rico, are in the process of making mobile IDs available to their residents. We will only see this increase.”

    He is very upbeat about the potential. “The benefits of this model, where biometrics meets identity, are a citizen-controlled assertion of identity, backed by the Government’s high standard of proof against who that person is. This combination results in a high assurance, privacy protected model.”

    But the problem for this, and virtually every other means of remote identification, is that ultimately it identifies a mobile phone and not necessarily the owner or current user of that phone. A compromised phone can still lead to a compromised identity. Absolute proof of personal identity for perfect zero trust is very difficult. 

    And we haven’t even mentioned machine identities, which are equally important in a zero trust architecture, and present their own problems.

    Summary

    “Modern security solutions that remove the implicit trust from users, devices, services, and workloads, regardless of the location will become the norm,” says Stefan Schachinger, product manager network security at Barracuda. “The ‘context’ of who, what, when, where, and how will become key security components in a world of continuous zero trust evaluation that will defend against ever more stealthy threats. In 2023, just detecting and blocking malicious events will no longer be sufficient. You need to investigate and remediate everything.”

    Achieving a solid zero trust architecture won’t happen overnight. It’s not a product you can buy and run. It will require the integration of different security solutions – some of which may already be present while others will need to be purchased, implemented, and integrated, seamlessly. Many companies will start the journey in 2023, and many others will make progress – but getting close to the destination will probably take years.

    Nevertheless, “Zero trust represents a new cybersecurity paradigm that offers numerous benefits to organizations of all sizes and industries. Deploying a zero trust approach to access management can be especially effective, creating a virtual ‘locking of shields’ between governments and the private sector,” says McClurg. “This allows for closer cooperation to better protect critically important infrastructure and services.”

    “I like to keep this stuff abstract,” Steve Riley, field CTO at Netskope, told SecurityWeek. “I want to eliminate implicit trust from every layer: from the network, from applications, from virtual machines and from the data objects. Instead, I want the situation where every interaction is mediated by something, and the level of confidence in that interaction is measured by the context and the signal surrounding.”

    Resource : https://www.securityweek.com/zero-trust-and-identity-and-access-management-insights/

    25Feb, 2023
    Top SaaS cyber security threats in 2023

    This year will bring new challenges and new opportunities in relation to SaaS security. As we move into the year, it’s becoming increasingly clear that SaaS organizations will need to take great care in implementing the processes, policies, tools and best practices that will prevent next-generation threats from disrupting the flow of business. In this article, we’ll discuss prominent issues related to SaaS security, explaining what they are and how to more effectively protect your business data.

    1. Web application weaknesses. Web applications are at the center of the SaaS business model, and play a profound role in determining how an enterprise operates. Web applications commonly store customer data and other valuable business information.

    Because SaaS applications are commonly multi-tenanted, applications need to be secure from the kinds of attacks where one customer attempts to break into the systems of another customer. Such attacks tend to rely on logic flaws, injection flaws or access control weaknesses.

    Design and build secure web applications by using an automated vulnerability scanner in combination with routine pentesting. This can assist you in catching vulnerabilities as they’re introduced through the development cycle.

    2. Misconfiguration mistakes. Glitches, gaps and errors can accidentally expose your cloud environment to risk. Engineers are typically tasked with ensuring that every setting, user role and permission complies with industry and company policy. However, misconfigurations can occur – and they’re also extremely difficult to detect and to manually remediate.

    Mitigate risk by ensuring that you monitor external networks and pentest cloud infrastructure. This will help reveal issues related to misconfigured S3 buckets, permissive firewalls within VPCs, and overly permissive cloud accounts.

    A vulnerability scanner can help reduce and monitor your attack surface by ensuring that only the services that need exposure to the internet are accessible.

    3. Vulnerable software and patching. Although it may sound obvious, vulnerable software and patching are major issues that companies continue to contend with. If you’re self-hosting an application, ensure that the operating system and library security patches are applied shortly after they are rolled out. Vulnerability fixes and patching are continuous processes, as security vulnerabilities in operating systems and libraries are constantly being identified and solved for.

    Use DevOps best practices and ephemeral infrastructure to make sure that your systems are always up-to-date with each patch release. In addition, be sure to monitor for new weaknesses that could be uncovered between patch releases.

    One alternative to self-hosting is free (and paid) Serverless and Platform-as-a-Service (PaaS) offerings that operate your application in a container. This takes care of operation system patching. However, the onus is on you to ensure that the libraries used by your service are kept up-to-date with security patches.

    4. Weak internal security policies and practices. SaaS companies are often small, strategic and well-positioned for growth. Consequently, in the spirit of moving fast and breaking things, the security posture can prove poor. SaaS businesses are particularly vulnerable to cyber attacks.

    Simple measures like two-factor authentication and cyber security awareness training for employees can significantly increase security.

    Organizations should take care to enable two-factor or multi-factor authentication (2FA/MFA) wherever possible. Further, ensure that your teams understand how to recognize and avoid phishing emails.

    Resource : https://www.cybertalk.org/top-saas-cyber-security-threats-in-2023/

    18Feb, 2023
    Ten Security Tips For Employees
    1. Be alert | Use common sense and think twice before clicking links, opening attachments, visiting websites or responding to emails or phone calls. Many cyberattacks can be prevented if you take a moment to consider your actions and potential consequences.
    2. Know how to identify phishing attempts | Be wary of emails or calls that require “immediate action” or ask for personal information. Carefully inspect links to make sure they point to a reputable site before clicking and never respond to messages asking for your username and password. Report suspicious emails to abuse@fsu.edu.
    3. Use 2FA | FSU offers 2-factor authentication (2FA) for myFSU HR, FSU email and other university applications. Consider adding this same protection to other sites or apps when available, such as your personal email or social media accounts. This extra layer of security requires you to verify your identity twice before accessing your account and can protect you from having your email hijacked or paycheck redirected.
    4. Create strong passwords | Make a lengthy password using a combination of uppercase and lowercase letters, numbers and special characters. Use different passwords for different sites and consider using a password manager, such as LastPass, to store your passwords. Also, never share your password with anyone.
    5. Lock your devices | Never leave your devices unattended. Password protect your phone or tablet and log off or lock your screen every time you step away from your computer.
    6. Keep apps and software up to date | Talk with your IT support staff to make sure your work computer is programmed to automatically install updates. Do the same thing for your home computer and mobile devices, and regularly restart all devices to give them a chance to complete the update process.
    7. Limit activities on public Wi-Fi | On campus, always connect to the FSU Secure network. When traveling, either use your cellular network, Eduroam or a virtual private network (VPN) to get secure internet access. If you must use a public network, make sure it is reputable and refrain from accessing sensitive information, such as online banking.
    8. Back up your computer | Talk with the IT support staff in your unit and make sure there is a plan in place to back up your files and data regularly. Computers can utilize cloud storage or external hard drives to store copies of files. Either way, regular backup will protect you from losing all your work or research in the event of a ransomware attack.
    9. Protect personal information | Do not store personally identifiable information—such as employee Social Security numbers, credit card numbers or student email addresses—on your computer unless it’s in an encrypted file.
    10. Attend training | Take advantage of free cybersecurity training resources. Visit the ITS website to register for security awareness training videos, browse training sites or request an on-site cybersecurity presentation for your team.

    Resource : https://www.google.com/search?q=Ten+Security+Tips+For+Employees&sxsrf=AJOqlzXjh-smDhAiYGUk57rD9LPl98oWow:1676696951084&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjH4qjxpp79AhUzTmwGHTIrDPkQ_AUoAXoECAEQAw&biw=1242&bih=597&dpr=1.1#imgrc=WlGblHL9GwCpOM

    17Feb, 2023
    How to maintain effective cyber security by using the latest technologies in 2023

    The rapid evolution and pervasiveness of technologies like artificial intelligence (AI), quantum computing, 5G, and the Internet of Things (IoT) are opening up a wealth of growth opportunities for businesses across a wide range of industries. However, these advancements also broaden the attack surface, providing a variety of cybersecurity risks and giving hackers new ways to corrupt, abuse, and damage critical IT assets. According to the Indian Computer Emergency Response Team, 3.63 million cybersecurity incidents in India were reported between January 2019 and June 2022.

    The need for Cybersecurity

    The scope of deploying efficient cyber posture in an organisation includes defending endpoints and protecting information from cyber-attacks and threats. In the digitalised world, numerous cyber threats exist, and as a result, it can be challenging to keep up with cybersecurity strategy and operations. Protecting from unauthorised access, disruption or damage to the targeted computer systems, stealing or destroying data is a crucial function of cyber security. Cybersecurity and Data security are extremely important today because they protect your personal and business information. Unaware of hazards, few unintentionally give their information, which leaves them open to cyberattacks. 

    Even after adhering to security policies, procedures, and access privileges and complying with cyber laws, organisations still experience insider threats, Data theft, and social engineering attacks. As technology advances, more data is stored, shared, and accessed online; the number of threats also increases. 

    The ethics of cyber security pertain to the moral principles and values that guide decision-making and actions related to protecting information and assets in the digital realm and ensuring society’s overall safety and well-being.

    Types of Cyber-threats

    Keeping up with emerging technology, it’s important to note that the threat landscape is constantly evolving, and new types of cyber threats are constantly emerging. It’s essential to stay informed and implement security measures that can protect against a wide range of threats.

    Mentioned below are some common cyber threats which usually affect cyber security:

    • Ransomware is a sort of malware that encrypts a victim’s files and demands a ransom payment to restore access.
    • Malware includes programmes like Trojan horses, worms, computer viruses, and spyware that are used to harm internet users by stealing their data.
    • An attack known as social engineering uses human contact to persuade users to circumvent security precautions in order to obtain sensitive information that is ordinarily protected.
    • Phishing is a type of fraud in which fraudulent emails that appear to be from reliable sources are sent; nonetheless, the purpose of these emails is to obtain sensitive information, such as login or credit card information. 
    • Insider Threats: An insider threat is a malicious threat to an organisation that comes from people within the organisation, such as employees, contractors, or business partners.

    How to maintain effective cyber security

    In the past, businesses and governments have responded to cyber threats reactively. While reactive strategies focus on containing and mitigating the impact of a security incident rather than preventing it from happening, reactive strategies can be an important part of an overall cybersecurity strategy but are not sufficient on their own. This strategy is costly and complicated. Frequent computer breaches continue to dominate headlines damaging brand reputation and customer trust. 

    On the other hand, proactive strategies, like Threat Intelligence, focus on identifying and mitigating potential threats before they can cause any harm to endpoints. By implementing the combination of proactive and reactive strategies, organisations can protect and respond effectively when a security incident occurs.

    Overall, effective cybersecurity requires a combination of technology, processes, and people working together to protect against cyber threats.

    Initiatives by the government to have secure cyberspace

    The current growth in digitalisation has led to an increase in cybersecurity challenges, particularly failures in hardware, software, or human processes. This can result in data breaches, cyberattacks, identity theft, and ransomware. Such failures can have severe consequences for organisations and individuals, including financial losses, reputational damage, and disruption to operations. India has a robust cybersecurity ecosystem, which is growing, under a strong framework set up by the GoI, with private actors providing a variety of cybersecurity services and products. The Government of India has taken extensive measures in Data Protection and Data Privacy and assigned many organisations with duties to guarantee national security and address other privacy issues in Cybersecurity.

    The Information Technology (IT) Act, of 2000, as well as other technical, institutional, and regulatory measures, have been implemented by the Government of India (GoI) to address cybersecurity-related challenges. The Cyber Forensics Lab at CERT-In has been authorised to execute the authority provided by Section 79A of the Information Technology Act, 2000. The lab is outfitted with the necessary equipment to analyse digital evidence gleaned from mobile devices and data storage. Also, MHA developed the Indian Cyber Crime Coordination Centre (I4C) to address all forms of cybercrime in the nation in a coordinated and thorough manner.

    To conclude

    Cybercrimes cost nations and businesses billions of dollars each year as their attack frequency rises. Cybersecurity defense measures should be enhanced to keep pace with the expanding data landscape. Cyber defense, is the practice of protecting all the connected endpoints and evaluating data flow in real-time and preventing unauthorised access, use, disclosure, disruption, modification, or destruction of information. 

    There is a shortage of professionals with cybersecurity skillsets; it has been estimated that the global cybersecurity workforce gap will reach 3.5 million jobs. The lack of qualified professionals can make it difficult for organisations to protect themselves against digital attacks and can also make it harder for governments to protect their citizens and critical infrastructure from cyber threats. 

    Many initiatives have been launched to address this issue, such as Cybersecurity education, training for the current workforce, upskilling and reskilling of professionals and encouraging more women to enter the security domain. As Machine Learning (ML) and Artificial intelligence (AI) have become more prevalent, these are increasingly used in cybersecurity to improve the ability and precisely detect and respond to cyber threats – Anomaly detection and Threat intelligence.

    However, it’s important to note that ML and AI are not a silver bullet for cybersecurity, and they need to be used in conjunction with other security measures – Firewalls, IPS, IDS and regular security audits.

    In order to execute policies that benefit the citizens, it’s important to note that cybersecurity awareness among the public is crucial, to make them aware of the dangers and how to be vigilant at all times. Finding the solutions will not be difficult if people realise the importance of a secure digital environment and safe internet practices for individuals.

    In addition, regardless of the attacker’s technology; a strategic approach to understanding attackers, their patterns and behaviours can enable building a Robust cyber defense.

    Resource : https://timesofindia.indiatimes.com/blogs/voices/how-to-maintain-effective-cyber-security-by-using-the-latest-technologies-in-2023/

    7Feb, 2023
    Rise in cyber threats demand new strategies for data recovery

    We are more connected than ever in this digital era, and those connections are faster and increasingly more immediate. Advanced technologies are accelerating incredible achievements for businesses and consumers.

    While technology offers significant benefits, it has also made it easier for those who seek to gain an advantage by exploiting others. Hidden in the digital web of interconnections are people intent on stealing your content or holding it to a hefty ransom for its return, making the information age a double-edged sword.

    Today’s organizations need digital sentries and multiple lines of defense against cybercrime, which can devastate a business when it hits and impact it for years after the initial attack.

    Ransomware has been steadily growing in prominence and impact since the 2017 WannaCry ransomware outbreak that infiltrated systems around the world. While criminals develop more advanced techniques, the fundamentals of ransomware remain the same. Attackers penetrate a network, find and encrypt data, and demand payment for a decryption key.

    The threat of ransomware is increasing quickly. It’s not a question of “if” but of “when” you will face this challenge. Choosing between ransom payments or suffering data loss is costly and risky.

    The impact of an attack is enormous, and the costs associated with cyberattacks, including lost business, insurance rate hikes, lawsuits, criminal investigations, and bad press, can even put a company out of business – and fast. Here are just a few of the many data breaches that occurred during the past two years and their costly toll:

    • The New York Times reported that T-Mobile Reached a $500 Million Settlement in a Huge 2021 Data Breach: The company, which said the hacking had affected 76.6 million people, agreed to pay $350 million to settle claims and spend $150 million to bolster security.
    • Insiders reported that global insurance provider CNA Financial forked over a reported mind-blowing $40 million post-cyber-attack last year.
    • The Washington Post reported that a ransomware attack on U.S. software provider Kaseya in 2021 targeted the firm’s remote-computer-management tool and endangered up to 2,000 companies globally.

    While there are many strategies for mitigating the risks associated with cyber threats, such as ransomware, each comes with challenges. Backup is a critical means of recovery, yet decades-old legacy enterprise backup solutions were not designed to handle the scale and complexity of today’s data. And this problem continues to grow. Terabytes of data are rapidly becoming petabytes to exabytes of data and beyond. IDC predicts the world’s collective data will reach 175 zettabytes by 2025.

    Backup is Broken

    Traditional backup as we know it is broken, and here’s why:

    • Backups are periodically done in batches – when data recovery is needed, the last available copy could be more than 24 hours old, resulting in permanently lost data and/or recent changes.
    • Backup is outdated – snapshot-based legacy backup soft­ware, developed decades ago, still uses agents to protect and recover virtual machines, resulting in high maintenance costs, time wasted on administration, or even failed recoveries.
    • It’s expensive – aside from costs associated with impacts on production and resources, legacy backup requires multiple licenses, additional agent purchases, and increased IT infrastructure costs.
    • Legacy backup tools are complex – they use distributed systems for data transfer, requiring dedicated hardware, extensive configuration, and a lot of IT time and resources.
    • It’s disruptive – legacy backup jobs often don’t complete in time, disrupt production environments with unplanned downtime, and heavily burden already constrained IT resources.

    And it’s slow – legacy backup copying processes place an enormous load on your production environment, causing network lag and downtime.

    A New Backup Paradigm to Recover Data Instantaneously

    What’s needed is continuous data availability. This approach would provide a strong first line of defense against cyber threats, enabling organizations to recover compromised data easily and almost instantly. And yet, continuous data availability has been out of reach given the weaknesses of traditional backup. Business leaders have been forced to accept levels of data loss, measured by recovery point objectives (RPO), and downtime, measured by recovery time objectives (RTO).

    Traditionally, backup occurs outside the operating system data path. As data volumes increase exponentially – both in the number of files and the amount of data generated – backup systems that scan file systems are no longer feasible, particularly as we enter the realms of billions of files and petabytes or more data.

    A new approach would make the file system and backup one and the same. As a result, every change in the file system would be recorded as it happens, end users could recover lost data without the assistance of IT, and finding files would be easy, regardless of when they may have existed, and across the entire time continuum. Such an approach would redefine enterprise storage by converging storage and data resilience into one system. Every change that occurs in the data path would be captured. This approach would not require decryption keys, users could just unwind ransomware events with a single operation.

    Current backup and recovery solutions are not where the world needs them to be, but that doesn’t mean we should settle for less. In 2023, there will be an increased focus on the “first line of defense,” where cyberattacks are stopped altogether or can be swiftly unwound without recourse to backups. Instead of taking hours, days, and sometimes weeks or more, recovery would take place almost immediately.

    Backup that sits within the operating system data path could enable continuous data access. This method could provide unprecedented data protection, making it possible to approach the ideal of zero RTO, giving users control of searching and recovering data immediately without IT assistance, and an RPO of zero, eliminating the significant cost and impact of data loss and interrupted data access.

    Anything more is a compromise that exposes organizations to increased risk of data and financial loss. Companies should push vendors to achieve zero RPO and zero RTO and seek out solutions that achieve those objectives.

    Resource : https://www.securityinfowatch.com/cybersecurity/information-security/breach-detection/article/21294365/rise-in-cyber-threats-demand-new-strategies-for-data-recovery

    1Feb, 2023
    The Different Types of Cybersecurity

    Cyber security is a wide field covering several disciplines. It can be divided into seven main pillars:

    1. Network Security

    Most attacks occur over the network, and network security solutions are designed to identify and block these attacks. These solutions include data and access controls such as Data Loss Prevention (DLP), IAM (Identity Access Management), NAC (Network Access Control), and NGFW (Next-Generation Firewall) application controls to enforce safe web use policies.

    Advanced and multi-layered network threat prevention technologies include IPS (Intrusion Prevention System), NGAV (Next-Gen Antivirus), Sandboxing, and CDR (Content Disarm and Reconstruction). Also important are network analytics, threat hunting, and automated SOAR (Security Orchestration and Response) technologies.

    2. Cloud Security

    As organizations increasingly adopt cloud computing, securing the cloud becomes a major priority. A cloud security strategy includes cyber security solutions, controls, policies, and services that help to protect an organization’s entire cloud deployment (applications, data, infrastructure, etc.) against attack.

    While many cloud providers offer security solutions, these are often inadequate to the task of achieving enterprise-grade security in the cloud. Supplementary third-party solutions are necessary to protect against data breaches and targeted attacks in cloud environments.

    3. Endpoint Security

    The zero-trust security model prescribes creating micro-segments around data wherever it may be. One way to do that with a mobile workforce is using endpoint security. With endpoint security, companies can secure end-user devices such as desktops and laptops with data and network security controls, advanced threat prevention such as anti-phishing and anti-ransomware, and technologies that provide forensics such as endpoint detection and response (EDR) solutions.

    4. Mobile Security

    Often overlooked, mobile devices such as tablets and smartphones have access to corporate data, exposing businesses to threats from malicious apps, zero-day, phishing, and IM (Instant Messaging) attacks. Mobile security prevents these attacks and secures the operating systems and devices from rooting and jailbreaking. When included with an MDM (Mobile Device Management) solution, this enables enterprises to ensure only compliant mobile devices have access to corporate assets.

    5. IoT Security

    While using Internet of Things (IoT) devices certainly delivers productivity benefits, it also exposes organizations to new cyber threats. Threat actors seek out vulnerable devices inadvertently connected to the Internet for nefarious uses such as a pathway into a corporate network or for another bot in a global bot network.

    IoT security protects these devices with discovery and classification of the connected devices, auto-segmentation to control network activities, and using IPS as a virtual patch to prevent exploits against vulnerable IoT devices. In some cases, the firmware of the device can also be augmented with small agents to prevent exploits and runtime attacks.

    6. Application Security

    Web applications, like anything else directly connected to the Internet, are targets for threat actors. Since 2007, OWASP has tracked the top 10 threats to critical web application security flaws such as injection, broken authentication, misconfiguration, and cross-site scripting to name a few.

    With application security, the OWASP Top 10 attacks can be stopped. Application security also prevents bot attacks and stops any malicious interaction with applications and APIs. With continuous learning, apps will remain protected even as DevOps releases new content.

    7. Zero Trust

    The traditional security model is perimeter-focused, building walls around an organization’s valuable assets like a castle. However, this approach has several issues, such as the potential for insider threats and the rapid dissolution of the network perimeter.

    As corporate assets move off-premises as part of cloud adoption and remote work, a new approach to security is needed. Zero trust takes a more granular approach to security, protecting individual resources through a combination of micro-segmentation, monitoring, and enforcement of role-based access controls.

    Resource : https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cybersecurity/

    27Jan, 2023
    Top 10 Cybersecurity Trends That Will Dominate in 2023

    Top 10 Cybersecurity Trends for 2023: Stay Ahead of the Curve and Protect Your Business

    To stay protected, businesses and individuals must stay current on the latest developments in the rapidly evolving field of cybersecurity. As a result of the widespread adoption of computerized systems by corporations, organizations, and even governments to manage their daily operations as a result of the Digital Revolution, cybersecurity has become a top priority to protect data from various online attacks and unauthorized access. As news of data breaches, ransomware, and hacks becomes the norm, it is implied that there will be a parallel shift in cybersecurity trends.

    Here are the top 10 cybersecurity trends that will dominate in 2023:

    1. Data Breaches: Organizations all over the world will continue to prioritize data. Protecting digital data is the main objective right today, whether it’s for an individual or a business. Any tiny defect or weakness in your computer’s software or browser could allow hackers access to your sensitive data.
    2. Rise of Automotive Hacking: Today’s vehicles are loaded with automated software that enables smooth connectivity for drivers in areas like airbags, cruise control, door locks, and advanced driver aid systems. These vehicles use Bluetooth and Wi-Fi to connect, which exposes them to several security flaws or hacker threats. With more automated vehicles on the road in 2023, it’s anticipated that attempts to take control of them or listen in on conversations will increase.
    3. Cloud security: The need to secure these assets grows as more businesses move their data and applications to the cloud. This entails making sure that data is safeguarded both during transit and while it is stored, as well as that cloud infrastructure is properly configured to restrict access.
    4. Artificial intelligence and machine learning: Through the use of these technologies, cybersecurity tools and systems like intrusion detection and response, threat hunting, and incident response are being made more effective.
    5. Internet of Things: Securing those devices becomes more crucial as more of them are connected to the internet. This covers everything from industrial control systems to home security cameras.
    6. Cyber insurance: Organizations are turning to cyber insurance as a way to guard themselves against monetary losses as the frequency and severity of cyber-attacks continue to rise.
    7. Email security: Email is still one of the most popular methods for cyberattacks, so businesses must put in place strong email security protocols to guard against phishing, malware, and other dangers.
    8. Identity and access management: Protecting against cyber-attacks requires making sure that only authorized users have access to sensitive data and systems. This entails putting in place multi-factor authentication and stringent access controls.
    9. Remote work: Organizations must make sure that their networks and data are properly secured as more employees work remotely. This includes implementing efficient endpoint security and granting secure access to corporate resources.
    10. Compliance and regulations: Organizations must make sure they adhere to several laws and standards, including the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR).

    Conclusion: These are a few of the most important cybersecurity trends that 2023 is predicted to bring about. Organizations will undoubtedly be more hesitant to increase their security measures as a result of these cybersecurity trends. This year, it’s anticipated that businesses will spend over $100 billion on asset protection alone. It would be a wise decision to begin their learning curve in cybersecurity today so that they can become authorities for tomorrow, as infrastructure security is now a significant component of almost every organization.

    Resource : https://www.analyticsinsight.net/top-10-cybersecurity-trends-that-will-dominate-in-2023/

    24Jan, 2023
    Top 5 AI-powered Cybersecurity threats in 2023

    Watch out for the top 5 AI-Powered cybersecurity threats; the future of cyber attacks

    Cybersecurity threats are constantly evolving in today’s digital age. The increasing use of artificial intelligence (AI) in cyber-attacks has been one of the most significant developments in recent years. As AI technology advances, attackers use it to launch more sophisticated and effective attacks. These AI-powered cybersecurity threats are a growing concern for organizations and individuals alike, as they can evade traditional security measures and cause significant damage. In this article, we will explore the top five AI-powered cybersecurity threats.

    1. Advanced Persistent Threats (APTs): A sophisticated, sustained cyberattack known as an advanced persistent threat (APT) occurs when an intruder enters a network undetected and stays there for a long time in order to steal sensitive data. They frequently involve the use of artificial intelligence to avoid detection and target specific organizations or individuals.
    2. Deepfake attacks: These employ artificial intelligence-generated synthetic media, such as videos or images, to impersonate real people and carry out fraud or disinformation campaigns.
    3. AI-powered malware: Malware that uses AI has been taught to think for itself, adapt its course of action in response to the situation, and particularly target its victims’ systems. Malicious software that uses AI to avoid detection and adapt to changing environments, makes defense more difficult.
    4. Phishing: Using natural language processing and machine learning, attackers can create more convincing phishing emails and messages that are designed to trick individuals into revealing sensitive information.
    5. DDoS attacks: Distributed Denial of Service (DDoS) attacks that use AI to identify and exploit vulnerabilities in a network, allowing the attacker to amplify the scale and impact of the attack.

    These are some of the other AI-powered cybersecurity threats that are causing concern in the tech industry. Cybercriminals are increasingly employing AI to carry out sophisticated and targeted attacks on individuals and organizations. Individuals and businesses must stay informed about the latest AI-powered cyber threats and implement robust security measures to protect themselves.

    Resource : https://www.analyticsinsight.net/top-5-ai-powered-cybersecurity-threats-in-2023/