tag:blogger.com,1999:blog-37986041153898368642024-03-21T13:17:43.685+00:00IT Security Expert BlogA UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced.
A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.comBlogger497125tag:blogger.com,1999:blog-3798604115389836864.post-52050901205902124642021-09-13T18:32:00.003+01:002021-09-13T18:32:38.960+01:00Prevention is Better Than Cure: The Ransomware Evolution<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5qO112iFOlMWQAx2Mgt0onTZGuFBxyxMB8zAw0bYawfjFue5gKeLydloiPDFBGH7a47zrLCCs3KoVjCbTU1gL-rI6Y6ptq0x6v7ZThdzscpUMGJ_R32P5hNFBPZSfZkW5UJ130dNfQggV/s1680/ransomware.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1316" data-original-width="1680" height="251" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5qO112iFOlMWQAx2Mgt0onTZGuFBxyxMB8zAw0bYawfjFue5gKeLydloiPDFBGH7a47zrLCCs3KoVjCbTU1gL-rI6Y6ptq0x6v7ZThdzscpUMGJ_R32P5hNFBPZSfZkW5UJ130dNfQggV/s320/ransomware.png" width="320" /></a></div><span style="font-family: arial;">Ransomware tactics have continued to evolve over the years, and remain a prominent threat to both SMBs and larger organisations. Particularly during the peak of COVID-19, </span><a href="https://www.itpro.co.uk/security/ransomware/357290/ransomware-incidents-exploded-in-june-says-ibm?_mout=1&utm_campaign=itpro_newsletter&utm_medium=email&utm_source=newsletter" style="font-family: arial;" target="_blank">research by IBM </a><span style="font-family: arial;">found that ransomware incidents ‘exploded’ in June 2020, which saw twice as many ransomware attacks as the month prior, taking advantage of remote workers being away from the help of IT teams. The same research found that demands by cyber attackers are also increasing to as much as £31 million, which for businesses of any size, is detrimental for survival.</span></div><div><span style="font-family: arial;"><br />In recent months, ransomware attacks have not left mainstream media headlines. And with the number and frequency of ransomware attacks increasing, not to mention the innovation in distribution methods, this should be a wake-up call for organisations to strengthen their defences. Jack Garnsey, Product Manager Security Awareness Training and SafeSend, VIPRE explains that by taking a preventative approach, businesses can take the necessary steps to strengthen their cybersecurity posture. This includes a combination of education, processes, hardware and software to detect, combat and recover from such attacks if they were to arise. <br /><br /><b><span style="font-size: large;">Ransomware in the 21st Century </span></b><br />Ransomware is not a new phenomenon, but its use has grown <a href="http://news.techworld.com/security/3343528/ransom-trojans-spreading-beyond-russian-heartland/">exponentially</a> and has led to the development of the term ‘Ransomware as a Service' (RaaS), which is a subscription-based model that enables affiliates to use already-developed ransomware tools to execute attacks. <br /><br />As ransomware incidents become more sophisticated and frequent, such as the increase in fileless attacks which exploit tools and features that are already available in the victim’s environment, the level of potential damage to a business is heightened. These types of attacks can be used in combination with social engineering targeting, such as phishing emails, without having to rely on file-based payloads. And unfortunately, ransomware is extremely difficult to prevent – all it takes is one employee clicking on the wrong link in an email or downloading a malicious attachment. <br /><br />No matter the size of an organisation, the effects of ransomware can be devastating financially, as well as inflicting longer-term damage to business reputation. The Irish Department of Health and Health Service Executive (HSE) was recently attacked by The Conti ransomware group, who reportedly asked the Health Service for $20 million (£14 million) to restore access. This attack caused substantial cancellations to outpatient services, part of a system already stretched to the max due to COVID-19. Some ransomware gangs operate by a<a href="https://www.bbc.co.uk/news/world-europe-57197688" target="_blank"> flimsy code of "ethics"</a>, stating they don't intend to endanger lives, but even if a minority of ransomware organisations are developing a sense of conscience, businesses are not exempt from the damage that can be done from such attacks. <br /><br />Additionally, in the US, Colonial Pipeline paid the cyber-criminal group DarkSide nearly $5m (£3.6m) in ransom, following a cyber-attack that took its service down for five days, causing supplies to tighten across the US. Unfortunately when under attack, a majority of businesses, such as the major pipeline, often pay the ransom. Luckily for Colonial Pipeline, some of the money was later recovered by the American Department Of Justice's Ransomware and Digital Extortion Task Force. But if they pay once – they will pay multiple times. A successful ransomware attack can be used various times against many organisations, turning an attack into a cash cow for criminal organisations offering Ransomware as a Service. So much so, that there is now an <a href="https://www.cuinfosecurity.com/should-paying-ransoms-to-attackers-be-banned-a-16726?rf=2021-05-25_ENEWS_SUB_CUIS__Slot1_ART16726&mkt_tok=MDUxLVpYSS0yMzcAAAF9QxFCBq6tGADPboNlpVaO5NzH-j7b2k2QbHsvC59_uRXkYCxpZV0ZRglm-cIytx1921tqK0lXhXm2ERr2LgB2Xq9mZrIP3rXtexmIam0la6EAbNBc0Q" target="_blank">ongoing debate</a> around whether it should be illegal for businesses or an individual to pay a ransom in order to try and deter the attackers, or at the minimum, to at least report it to the necessary regulators. <br /><br /><b><span style="font-size: large;">Contain and Report It </span></b><br />If a ransomware attack were to take place, it is important that the organisation works with local authorities to try to rectify the issue and follow the guidance. Often, many ransomware attacks go unreported – and this is where a lot of criminal power lies. <br /><br />Prevention is always better than cure, and damage limitation and containment are important right from the outset. As the United States President, Joe Biden, highlighted in his<a href="https://www.whitehouse.gov/wp-content/uploads/2021/06/Memo-What-We-Urge-You-To-Do-To-Protect-Against-The-Threat-of-Ransomware.pdf" target="_blank"> recent letter </a>to business leaders around ransomware: “The most important takeaway from the recent spate of ransomware attacks on U.S., Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations, rather than a simple risk of data theft will react and recover more effectively.” <br /><br />Most organisations should have a detailed disaster recovery plan in place and if they don’t, they should rectify this immediately. The key to every disaster recovery plan is backups. Once the breach has been contained, businesses can get back up and running quickly and relatively easily, allowing for maximum business continuity. <br /><br />As soon as the main threat has passed, it is recommended that all organisations conduct a full retrospective audit, ideally without blame or scapegoats, and share their findings and steps taken with the world. Full disclosure is helpful – not only for the customer, client or patient reassurances but also for other organisations to understand how they can prevent an attack of this type from being successful again. <br /><br /><b><span style="font-size: large;">The Support of Digital Tools </span></b><br />When it comes to ransomware, the importance of getting security foundations right must be emphasised. These attacks are not likely to stop or slow any time soon, but their success can be prevented with the right security armoury. <br /><br />Particularly to mitigate the threat of ransomware, it is crucial to have secure endpoint protection in place which protects the files, application and network layer across a number of devices, and respond to security alerts in real-time. This has never been more important than during the ongoing pandemic, where employees are dispersed and working from home in order to ensure all devices are protected and comply with the same standards. <br /><br />Additionally, solutions such as email attachment and URL sandboxing are also vital, as these digital tools provide vital protection against malicious emails. They can help prevent dangerous links, attachments or forms of malware from entering the user's inbox by examining and quarantining them. By filtering out this traffic and automatically restricting dangerous content, businesses can maintain greater control over email and the access points to the network. <br /><br /><b><span style="font-size: large;">The Human Layer </span></b><br />The users themselves are a key part of any security strategy. Those who are educated about the types of threats they could be vulnerable to, how to spot them and the steps to take in the event of a suspected breach, are a valuable and critical asset to any organisation. <br /><br />Employees need to be trained to be vigilant, cautious, suspicious and assume their role as the last line of defence when all else fails. The final decision to click send on an email or a link lies with the human, but this one click could mean the entire organisation falls prey to a ransomware attack. The key is to change the mindset from full reliance on IT, to one where everyone is responsible. In order to strengthen a business’ human layer protection, security awareness training and education must be implemented across the board. <br /><br />These programmes are designed to support users in understanding the role they play in helping to combat attacks and malware. Using phishing simulations, for example, as part of the wider security strategy, will help to give employees insight into real life situations they may face at any point. The importance of testing your human firewall was also outlined in Joe Biden’s ransomware <a href="https://www.whitehouse.gov/wp-content/uploads/2021/06/Memo-What-We-Urge-You-To-Do-To-Protect-Against-The-Threat-of-Ransomware.pdf" target="_blank">letter</a>: “Use a 3rd party pen tester to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors.” <br /><b><br /><span style="font-size: large;">Conclusion </span></b><br />Cyber security is a multi-faceted, complicated area, and one which must receive investment in each layer, from the technology to the people, to the tools we give to the users. Nevertheless, businesses of all sizes can safeguard their data and themselves from these types of ransomware attacks by investing in their cybersecurity and ensuring their workforces are conscious and informed of the threats they face. <br /><br />Both detection and prevention play a key role in stopping ransomware, but it shouldn’t be one or the other. The essence of a solid cybersecurity strategy is a layered defence that includes endpoint detection and response, email security, advanced threat protection, web security and a business-grade firewall for the security of your network – at its most basic. But even with the most sophisticated software in place, hackers make it their mission to stay one step ahead of IT defences. That is why regular training, in addition to complementary security tools which reinforce security best practices, can provide a fortified strategy for users to mitigate the threat of a cyberattack.</span></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-20864084999197591182021-08-13T14:00:00.002+01:002021-08-13T14:12:22.220+01:00How Businesses Can Utilise Penetration Testing<div><span style="font-family: arial;"><span style="background-color: white; font-size: 13px; font-style: italic;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhzaHzsdTkBJDMqWDGv-S5ga5iyEh86rk1neCEPzR-09XORLRPfZt2XgWQ5uH5-8VOS7eBcI5BwheDV6-s9l_zTeDmgn58n4bREkHz5CpGrBVbLO6IhaEbk7gLWubyK4WJ15ujkqGuKBOF/s610/PenetrationTesting.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="407" data-original-width="610" height="268" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhzaHzsdTkBJDMqWDGv-S5ga5iyEh86rk1neCEPzR-09XORLRPfZt2XgWQ5uH5-8VOS7eBcI5BwheDV6-s9l_zTeDmgn58n4bREkHz5CpGrBVbLO6IhaEbk7gLWubyK4WJ15ujkqGuKBOF/w400-h268/PenetrationTesting.jpg" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i style="font-family: "Times New Roman";"><span style="font-size: medium;">Understand your security vulnerabilities</span></i></td></tr></tbody></table>Article by </span><a href="https://beaupeters.contently.com/" style="background-color: white; color: #009be1; font-size: 13px; font-style: italic; text-decoration-line: none;" target="_blank">Beau Peters</a></span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The basic approaches like <a href="https://blog.itsecurityexpert.co.uk/2021/05/keeping-phishing-simulations-on-track.html" target="_blank">phishing simulations</a> are good, but they tend to have limited reach. This is why more agile methods, penetration testing among them, have been getting increasing attention. In essence, this sees experts with a background in ethical hacking utilizing the techniques of cybercriminals to breach a business’ systems. This also receives a certain amount of hesitancy — business owners are often unsure about the idea of letting somebody hack their systems in the name of cybersecurity. <br /><br />As always, there is more to this issue. So, let’s explore what penetration testing is, why businesses should engage with it and how they can do so to get the most impact. <br /><br /></span><div style="text-align: left;"><span style="font-family: arial;"><b><span style="font-size: large;">What are the Benefits? </span></b><br />Penetration testing requires a significant amount of trust. Therefore, it’s important to look at what the payoffs of this approach are as opposed to ostensibly safer techniques. <br /><br />Some of the key benefits include: <br /><ul style="text-align: left;"><li><span style="font-family: arial; font-size: medium;"><b>Ascertaining Vulnerabilities</b></span></li></ul></span></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><span style="font-family: arial;">Penetration testing
tends to be the most direct and reliable approach to identifying what parts of
a company’s systems are vulnerable to attack. In general, testers will go
through each aspect of the network architecture, the website and software code,
applications, and hardware to identify where weaknesses lie. This doesn’t just
apply to external threats but internal issues, too.</span><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">These experts are
also approaching their review of a business’ systems with the creative,
outside-of-the-box thinking cybercriminals are likely to use. As such,
companies benefit from perspectives not usually offered by in-house information
technology staff. Once points of vulnerability have been identified, the tester
will often provide information about what issues are the highest priority to
handle based on the severity of the risk and the consequences. </span></div></blockquote><div><div style="text-align: left;"><span style="font-family: arial; font-size: medium;"><ul style="text-align: left;"><li><b>Maintaining Trust</b></li></ul></span></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div style="text-align: left;"><span style="font-family: arial;">Perhaps above all else, the benefit of penetration testing is the opportunity to maintain and strengthen trust between a business, its customers, and its supply chain. This is vital given the amount of consumer and partner data companies are gathering and storing. Security is particularly vital in cases when </span><a href="https://www.course5i.com/blogs/data-democratization/" style="font-family: arial;">companies are undergoing data democratization</a><span style="font-family: arial;"> — where important data is not just accessible to analysts and leadership but to all members of the organization.</span></div><div style="text-align: left;"><span style="font-family: arial;"><br /></span></div><div style="text-align: left;"><span style="font-family: arial;">This can be an empowering use of data, helping workers to understand how best to use and protect such information. However, alongside practical obstacles like deficient tools and siloed data, there is a need to prevent breaches. Penetration testing identifies where risks are throughout democratization practices, giving businesses the tools to strengthen their approaches. In turn, consumers and suppliers are assured their data is used to its best purpose and kept safe.</span></div></blockquote><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Understand the Needs </span></b><br />While <a href="https://www.wgu.edu/blog/what-penetration-tester2101.html" target="_blank">penetration testing utilizes curious, creative ethical hackers</a>, businesses shouldn’t be mistaken in thinking this means it’s a simple process. It requires technological experts who usually go through at least five stages of protocols — from planning the right approach for the goals of the test to analyzing the data they’ve received and compiling a detailed report. The testing methodologies, too, can vary depending on the circumstances. As such, to make the most out of the process, businesses need to have a clear idea of what their needs are. <br /><br />Some of the common tests and the relevant needs they serve include:<br /></span></div><div><ul style="text-align: left;"><li><span style="font-family: arial; font-size: medium;"><b>Application Testing </b></span></li></ul></div></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px;"><div><div style="text-align: left;"><span style="font-family: arial;">Many brands are producing their own apps to improve customer engagement. However, consistent data security can be difficult to achieve, particularly when working across multiple operating systems. Application penetration testing is used to spot flaws in the current security systems, as well as how they interact with user’s devices and represent vulnerabilities to consumers. </span></div></div></blockquote><div><div><span style="font-family: arial;"><ul style="text-align: left;"><li><span style="font-family: arial; font-size: medium;"><b>Physical Testing </b></span></li></ul></span></div></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px;"><div><div style="text-align: left;"><span style="font-family: arial;">Businesses often think cybersecurity attacks will originate remotely. But when a company keeps its servers and equipment on-site, there is potential for criminals to break into the premises and cause a breach. Hacks may even come from staff. Physical penetration testing should, therefore, be sought to understand whether the equipment is vulnerable to the types of tools and methods in-person hackers may use. </span></div></div></blockquote><div><div><span style="font-family: arial;"><ul style="text-align: left;"><li><span style="font-family: arial; font-size: medium;"><b>Wireless Testing </b></span></li></ul></span></div></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px;"><div><div style="text-align: left;"><span style="font-family: arial;">Businesses are increasingly utilizing wireless tools for integral parts of operations. This includes capturing sensitive data, through contactless payment machines or sensors on devices in the Internet of Things (IoT) that track and control the supply chain. Wireless penetration testing can be used to understand how easy it is to illicitly collect data or even disrupt operations through the connected ecosystem. They’ll also confirm where stricter measures need to be in place to prevent access.</span></div></div></blockquote><div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Finding the Right Expert </span></b><br />Having established what pen testing is and how it can fit in with a business, how can companies find the right people for the job? After all, one of the key concerns companies have in this area is that they are essentially hiring hackers — there’s a lot of social and legal baggage accompanying this activity. <br /><br />When bringing on a consultant or hiring an in-house tester, the best approach is to look for relevant certification. Some of the most recognized examples here include <a href="https://blog.itsecurityexpert.co.uk/2021/01/the-top-cybersecurity-certifications-in.html" target="_blank">the Certified Ethical Hacker licenses</a> issued by the International Council of E-Commerce Consultants (EC-Council), and the Certified Penetration Tester course offered by the Information Assurance Certification Review Board (IACRB). Global Information Assurance Certification (GIAC) also provides various specialized qualifications that are considered to be reliable. These courses are designed to provide knowledge not just about the technical skills to positively impact a business, but also the ethical standards to help make sure testers are staying on the right moral and legal track throughout their activities. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Conclusion </span></b><br />Penetration testing is an agile tool offering various benefits for businesses, including maintaining trust and highlighting points of vulnerability. However, it’s important to remember that getting the most out of the process requires clarity on the company’s challenges and goals for testing, alongside sourcing the relevant certified tester to collaborate with.</span><br /> </div></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com2tag:blogger.com,1999:blog-3798604115389836864.post-19094935647458625782021-07-28T19:40:00.006+01:002021-07-28T19:42:00.879+01:00Payment Security: Understanding the Four Corner Model<span style="font-family: arial;"><b><span style="font-size: large;">Introduction </span></b><br />Online shopping digital payment transactions may seem quite simple, but in reality, just one single transaction sets off multiple, long-chain reactions. The Payment Card Industry comprises debit cards, credit cards, prepaid, e-purse/e-wallet, and POS payment transactions that enable easy payment transactions for consumers. However, the card scheme is a popular payment transaction process which is also a central payment network that uses credit and debit cards to process payments. </span><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The card scheme comes in two variants namely the Three-Party Scheme and the Four Party Scheme payment model. The Four Corner Model also popularly known as Four-Party Scheme is the model under which most of the payment systems in the world operate. It is used in almost all standard card payment systems around the globe. So, explaining in detail the payment model, we have shared details on how the Four Corner Model works while also explain the role of every entity involved in it</span><div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmy_yCAt932e5kPr7uCm5nEvWnh-fN10VKsZ_o7xxtli9SZ_H2_xdYwqiEtkyNNq9_JA2U7SgD5kXOH7IW9Yw2AbDsqYCarbvM8VlfGGizOBlLt_c-tTj5vbSE03qdhACEDXfEXVThQ84T/s460/credit-cards.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="288" data-original-width="460" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmy_yCAt932e5kPr7uCm5nEvWnh-fN10VKsZ_o7xxtli9SZ_H2_xdYwqiEtkyNNq9_JA2U7SgD5kXOH7IW9Yw2AbDsqYCarbvM8VlfGGizOBlLt_c-tTj5vbSE03qdhACEDXfEXVThQ84T/s320/credit-cards.jpg" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i>The Payment Network: Four Corner Payment Security Model</i></td></tr></tbody></table><span style="font-family: arial;"><b><span style="font-size: large;">The Four Corner Model of Payment Security and How it Works</span></b><br />The card payment network, often called the Four Party Scheme, comprises multiple entities involved in an online transaction. The entities involved would include the <b>Cardholder</b>, the <b>Merchant</b>, the <b>Issuer</b>, and the <b>Acquirer</b>. So, before moving on to understanding how the Four Corner Model works, let us briefly learn about the entities involved and their role in the process. <br /><br /><b><span style="font-size: medium;">Cardholder </span></b><br />Cardholders are the consumers who are issued a debit or credit card by a financial institution, such as a bank. The cardholder is a client of the issuing financial institution and may have an account directly linked to the payment card. The cardholder uses the card to make financial transactions for products or services they avail from businesses. <br /><br /><b><span style="font-size: medium;">Merchant </span></b><br />Merchants are organisations that accept card payments from cardholders for the products or services they offer to them. These can be merchants offering “<b><i>Card Present Payment</i></b>” digital payment options such as card swipe terminals and/or “<b><i>Card Not Present</i></b>” digital payment options such as online portals or even using modes such as UPI at the POS itself.) For instance, the e-commerce platforms, restaurants, hotels, and shops equipped with POS payment terminals, etc. can be termed as merchants. For that matter even an ATM can be termed as a Merchant as the primary role of the merchant is to “accept” payment cards. <br /><br /><b><span style="font-size: medium;">Issuer/Issuing Bank </span></b><br />The issuer is the Financial Institution that issues the payment card to the cardholder. It is generally the bank that issues a payment card which could be a debit card, credit card, or prepaid card. However, it is important to note the issuing bank on behalf of various payment card brands like Visa, Mastercard, American Express etc provides customers with payment cards. This can even be a private payment brand or network like a domestic scheme. But it is the issuing bank that is responsible for the security of the payment card, the cryptography, and the other relevant security controls. <br /><br /><b><span style="font-size: medium;">Acquirer </span></b><br />An acquirer is basically a software and hardware vendor who provide a medium or a tool for accepting payment cards to the Merchants. They are a third-party system and not the bank where the merchant has an account. So, an acquirer provides hardware or a software application to the merchant for accepting card payments and process the transactions. That said, the acquirer is responsible for managing the final return authorization codes from a transaction and ensures the merchant delivers the goods or services based on the payments received. Examples for this can be Razorpay, PayU, Paytm, etc. <br /><br /><b><span style="font-size: large;">How the Four Corner Model Works </span></b><br />The Four Corner Model triggers when a consumer makes a payment online with a payment card for products or services purchased from the merchant. This triggers the event or flow of payment authentication and processing with various entities involved in the process. However, for this to happen a cardholder needs to have a payment card while the POS terminal of the merchant must be able to accept the payment card. <br /><br />So, when a customer makes a payment with the card, an authorization request transmits from the merchant's POS terminal to the acquirer, and then to the issuer who either returns a positive or negative response which then again goes back to the merchant and then to the cardholder. The authorization process and response can be obererved on the POS terminal screen. It is important to note that the authorization requests and associated responses are transmitted via the card networks like VISA and MasterCard or a vast network of switches, gateways, and servers by card scheme network. On receiving a positive response from the issuing bank, the merchant processes the delivery of the goods or services to the client. At this point, it is also important to note that the Four Corner Model can also be a Three Corner Model if the Acquirer bank is skipped in the process, and the switches and gateways route the authorization flow directly to the Issuer. This makes the payment process less hassle on the payment network and also speeds up the transactions. <br /><br />While this is just one side of the payment process, now there is the clearing and settlement process that requires the merchant to transmit the transaction details to the acquirer. On receiving the transaction details, the acquirer collects the funds from the cardholders’ account by transmitting the corresponding payment flows to the issuing banks. So finally the merchant bank receives the money only after there is an interbank settlement of funds. <br /><br /><b><span style="font-size: large;">Conclusion </span></b><br />The Four Corner Model is a popular model for online payment transactions. It is a systematic payment transaction process that facilitates end-to-end secure transactions that are ciphered and protected at every stage of the information or payment transmission process. That said, such payment transactions often need HSM and automated key management to prevent hacks or criminal activity during the processing of online payment transactions. It provides the framework for managing numerous keys throughout their life cycles and ensuring secure payment transactions. <br /><br /></span><div><span style="font-family: arial;"><b>Author Bio <br />Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, and CRISC)</b> is the Founder and Director of <a href="https://www.vistainfosec.com/" target="_blank">VISTA InfoSec</a>, a global Information Security Consulting firm, based in the US, Singapore & India. Mr Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, &amp; Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, <a href="https://www.vistainfosec.com/uk/service/pci-dss-audit-certification-service/" target="_blank">PCI DSS Compliance & Audit</a>, PCI PIN, SOC2, <br /><br />PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.</span></div></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com2tag:blogger.com,1999:blog-3798604115389836864.post-82660994121418255052021-07-13T20:41:00.004+01:002021-07-13T20:41:46.761+01:00Free Coventry University Course to Help Everyone Protect their Online Privacy <div class="separator"><span style="font-family: arial;">Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a </span><a href="https://csi-cop.eu/informal-education-mooc/" style="font-family: arial;" target="_blank">free course </a><span style="font-family: arial;">from Coventry University.</span></div><span style="font-family: arial;"><br />The UK university has worked closely with experts including Pat Walshe at <a href="https://www.coventry.ac.uk/news/2021/moocs-world-rankings/">PrivacyMatters </a>to create an informative online course, offering participants easy access to key information about how to keep their online privacy safe. <br /><br />Coventry University has a strong reputation for its digital education provision and online offering after it was <a href="https://www.coventry.ac.uk/news/2021/moocs-world-rankings/" target="_blank">ranked number 1 in the world for the delivery of Massive Online Open Courses (MOOCs) </a> by MOOCLabs for 2021. <br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhz92U13n6yuYNY2IXiFpIkmOBE7Q3VSgV-lrirWru0GYUBJt8_YJufWYi_dRf23mitiumoaf3yAn__dxiZeKtVIS8_BR6wCGxxTYR-ogDEViUQ7jZSA4go_Fw-WHdLAKXKM6xoDXg2KNgf/s610/ITSE-Blog-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="407" data-original-width="610" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhz92U13n6yuYNY2IXiFpIkmOBE7Q3VSgV-lrirWru0GYUBJt8_YJufWYi_dRf23mitiumoaf3yAn__dxiZeKtVIS8_BR6wCGxxTYR-ogDEViUQ7jZSA4go_Fw-WHdLAKXKM6xoDXg2KNgf/s320/ITSE-Blog-1.png" width="320" /></a></div><span style="font-family: arial;"><br />With people's information and digital footprint becoming increasingly sought after, the university hopes the course will build further awareness while helping people stay protected online. Typically, data is collected through cookies and pixels on websites or other means such as browser fingerprinting and trackers embedded in mobile apps. Tracking techniques allow multiple parties to learn about the pages you visit, what you click and view, what devices you use and your location, all of which has data protection and privacy implications. <br /><br />Citizen Scientists Investigating Cookies and App GDPR compliance (CSI-COP), an EU Horizon2020 funded project led by Coventry University, has facilitated the free informal education course, called ‘Your Right to Privacy Online’. The project has already seen the creation of a <a href="http://tracking.vuelio.co.uk/tracking/click?d=olxy8eIQSFLMzI18HIxI9EimEs2aPZHy2_nruWrGvWYoK77rXE_x1oxZEMByvkPQSu26In4w-uZywizLi0KJ9W3XRGQbXyxr4x-bIBYu2W9iaqfHtDy4mR66x29njVNeVQ2" target="_blank">privacy-by-design, no-tracking website. </a> <br /><br />The course is designed to help people gain the knowledge and skills to turn off tracking by disabling cookies on websites and changing app permissions on mobile devices. It features an introductory video, practical tasks and activities, a knowledge test and recommended reading to help participants stay safe online. <br /><br />Huma Shah, Assistant Professor and Researcher in Artificial Intelligence at Coventry University, said: “We’re delighted to be able to tap into the university’s expertise in digital education to deliver this new, accessible and really useful course. The hope is that we can help as many people as possible to protect their online privacy and personal data while using the internet as well as giving them the tools and knowledge to better understand their rights to online privacy.” <br /><br />Beyond the MOOC, members of the public can join the CSI-COP team as citizen scientists to explore the extent of tracking across the internet. Citizen science is a great way for volunteers to collaborate with research teams, raising awareness of issues impacting society and increasing trust between the general public and scientists. <br /><br />Pat Walshe, Director for PrivacyMatters, said: “It’s never been more important to help people understand how their privacy is impacted when using websites and mobile apps and to help them protect their rights under data protection and ePrivacy law. I’m glad to see Coventry University working hard to achieve this with the development of this course which I’m sure will help greatly." <br /><br /><a href="https://csi-cop.eu/faq/" target="_blank">Find out more about this new course and the CSI-COP project</a>.</span><br />SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-39852127077190737792021-07-04T11:05:00.022+01:002021-07-04T23:48:48.576+01:00Cyber Security Roundup for July 2021<p> <b><i><span style="font-family: arial;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s455/Cyber-Security-Roundup.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="151" data-original-width="455" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s320/Cyber-Security-Roundup.png" width="320" /></a></span></i></b></p><p><b><i><span style="font-family: arial;">A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, June 2021.</span></i></b></p><div><div><b style="font-family: arial;"><span style="font-size: medium;">How was UK Government Building CCTV Leaked?</span></b></div><div><span style="font-family: arial;">The <a href="https://www.thesun.co.uk/news/15397207/watch-matt-hancock-video-health-secretary-kissing-gina-coladangelo/" target="_blank">Sun newspaper published CCTV workplace footage of Health Secretary Matt Hancock, kissing aide Gina Coladangelo</a> on 6th May 2021, the fact both are married to different people fuelled several days of sensational headlines. Given Matt Hancock has led the charge on directing the UK's COVID rules, his position in government quickly became untenable, <a href="https://www.reuters.com/world/uk/pressure-builds-uks-johnson-fire-health-secretary-2021-06-26/" target="_blank">resigning a few days later</a> after the story broke. However, the big security concern here, is how was internal UK government building CCTV footage obtained by an external reporter? </span></div><div><span style="font-family: arial;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaHHkjgfy5VgM6isP07scncodM1Q8h7g6I10gh110C0VYALtpYa81S7ny8mNqHakgxE_3dLgMvL4wd4UsnBmrZlz15Fq5ZR1DJ-qmbqhGjvwDKqFCzypxlidl9Gh10ZAImNUGhd3qscgJ8/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="765" data-original-width="620" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaHHkjgfy5VgM6isP07scncodM1Q8h7g6I10gh110C0VYALtpYa81S7ny8mNqHakgxE_3dLgMvL4wd4UsnBmrZlz15Fq5ZR1DJ-qmbqhGjvwDKqFCzypxlidl9Gh10ZAImNUGhd3qscgJ8/w260-h320/image.png" width="260" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i>CCTV Leaked from UK Gov Buildings is a security concern</i></td></tr></tbody></table><span style="font-family: arial;">The Northern Ireland secretary, </span><span style="font-family: arial;">Brandon Lewis,</span><span style="font-family: arial;"> summed up the security concern when he said </span><span style="font-family: arial;"><i>“t</i></span><span style="font-family: arial;"><i>he security and privacy of government business mean ministers need to understand how someone was able to access and record the footage and then share it with a newspaper. </i></span><span style="font-family: arial;"><i>What happens in government departments can be sensitive, important and people need to have confidence that what is happening in a government department is something that allows the government to be focused on these core issues, and the sensitivity sometimes in the security sense of those core issues."</i></span></span></div><div><div></div></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">Matt Hancock's replacement, Sajid Javid, said <a href="https://news.sky.com/story/matt-hancock-affair-camera-that-caught-aide-kiss-has-been-disabled-says-new-health-secretary-12343880" target="_blank">the cameras in question had been disabled</a>, while <a href="https://news.sky.com/story/matt-hancock-affair-justice-secretary-asks-for-his-office-to-be-swept-for-cameras-as-government-investigates-scandal-12343694" target="_blank">Justice Secretary Robert Buckland revealed he asked for his office to be swept for cameras.</a> </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">Multiple media reports seem to point to a Department of Health and Social Care (DHSC) employee that was behind the leak. </span><span style="font-family: arial;">The Mail on Sunday reported that the leaker sent messages via Instagram to the unnamed anti-lockdown activist. One said: “<i>I have some very damning CCTV footage of someone that has been recently classed as completely f***ing hopeless. If you would like some more information please contact me.</i>”</span><span style="font-family: arial;">And a further message said, <i>“I have the full video … it’s now been deleted off the system as it’s over 30 days.”</i></span></div><div><span style="font-family: arial;"><i><br /></i></span></div><div><span style="font-family: arial;">The </span><a href="https://www.theguardian.com/politics/2021/jun/27/government-investigate-leak-matt-hancock-footage" style="font-family: arial;" target="_blank">government announced it will be launching an internal investigation and inquiry into how the CCTV footage was leaked</a>. <span style="font-family: arial;">Hopefully, this inquiry's findings will be publicly shared, I say hopefully as they don't have to make their findings public.</span></div><div><br /></div><div><span style="font-family: arial;">There was another security own-goal for UK Gov after classified <a href="https://www.bbc.co.uk/news/uk-57624942" target="_blank">Ministry of Defence (MoD) documents about the HMS Defender was found at a bus stop in Kent</a>. </span><span style="font-family: arial;">The MoD said it is investigating "<i>an incident in which sensitive defence papers were recovered by a member of the public</i>".</span></div><div><span style="font-family: arial;"><br /></span></div><div><b style="font-family: arial;"><span style="font-size: medium;">Pandemic Homeworker Employee Spying</span></b></div><div><p style="margin: 0cm;"><span><span style="font-family: arial;">Sticking with the workplace spying theme, a French court
has ordered Ikea to pay a fine of €1m after the <a href="https://www.bbc.co.uk/news/world-europe-57482168" target="_blank"><span style="color: #0563c1;">Swedish furniture chain was found guilty of spying on
staff in France.</span></a> Ikea France was accused of using private detectives
and police officers to collect staff's private data.<o:p></o:p></span></span></p>
<p style="margin: 0cm;"><span><span style="font-family: arial;"> <o:p></o:p></span></span></p>
<p style="margin: 0cm;"><span><span style="font-family: arial;">With <a href="https://www.enhesa.com/resources/article/the-rise-of-remote-work-in-the-covid-era-and-beyond/" target="_blank"><span style="color: #0563c1;">so many more</span></a> people working from home
during the pandemic, employers have stepped up the extent to
which <a href="http://tracking.vuelio.co.uk/tracking/click?d=9Cx6yo-eFDgmEVz8VRycXS3cj3kGo170Khz7jEb_Lsl_Tg_VY2blTMjXWmyB_3o72DK3khyNQH2MeUO5TqKjaQyNZA9feTQZrQmRPw-aDaounXnRswF6XjQH_ZuPQvW8RiMXmDBujogh3hho3TqGadmqAaumEpYnVmmUnBwrTOYr7nwuUk-tD6H0WNb8jzqml91g82D3eKJt9DcjZs7Wq7aI_01aIkEJqRwoxgv2zNONAZsmpmCBx1iBP1QMfmSc3zv5pnecDPUeGJvgDqXLEYk1" target="_blank"><span style="color: #0563c1;">they are</span></a> monitoring <a href="https://prospect.org/labor/remote-controlled-workers-digital-surveillance/" target="_blank"><span style="color: #0563c1;">their staff online</span></a>. Not so many years
ago, <a href="https://prospect.org/labor/remote-controlled-workers-digital-surveillance/" target="_blank"><span style="color: #0563c1;">employees were</span></a> having to adjust to having
their work emails monitored, but that seems almost quaint compared to the
digital surveillance we are seeing today. </span></span><span style="font-family: arial;">Dr Evronia Azer, from Coventry
University’s Centre for Business in Society, says surveillance at work can make
employees feel vulnerable, leading to reduced productivity. In a recent blog,
she </span><a href="http://blogs.coventry.ac.uk/researchblog/remote-working-has-led-to-managers-spying-more-on-staff-here-are-three-ways-to-curb-it/" style="font-family: arial;" target="_blank"><span style="color: #0563c1;">offers solutions to curb this trend</span></a><span style="font-family: arial;">. </span></p><p style="margin: 0cm;"><span style="font-family: arial;"><br /></span></p><p style="margin: 0cm;"><span style="font-family: arial;"><b><span style="font-size: medium;">FIFA 21 Source Code Stolen</span></b></span></p><p style="margin: 0cm;"><span style="font-family: arial;">Game publishing giant, <a href="https://knews.uk/2021/07/02/ea-source-code-stolen-by-hacker-claiming-to-sell-it-online/" target="_blank">Electronic Arts (EA), reported a hack involving the theft of several of their games source-code</a>, including FIFA 21, the source code of which has been offered for sale on an underground forum. While some 780Gb of EA data was stolen, </span><span style="font-family: arial;">EA said no player data had been stolen. "<i>We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen</i>," an EA spokesperson said in a statement. </span><span style="font-family: arial;">"<i>No player data was accessed, and we have no reason to believe there is any risk to player privacy,</i>" she added. </span></p><p style="margin: 0cm;"><span style="font-family: arial;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqauib2Qeqsn3ryBALwPE3kGE_oaaHetFf3UlQ8i4gU7IdvZwVp7s673q38aEDpnDW6IUAAs4rPJEoO8YsLrP7Q7VzVYHGLtQBB9EFe6vuQb3mZxOCuJY_59Sni_iXs4mTSmU9NfLvfwZ6/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="358" data-original-width="628" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqauib2Qeqsn3ryBALwPE3kGE_oaaHetFf3UlQ8i4gU7IdvZwVp7s673q38aEDpnDW6IUAAs4rPJEoO8YsLrP7Q7VzVYHGLtQBB9EFe6vuQb3mZxOCuJY_59Sni_iXs4mTSmU9NfLvfwZ6/" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i>FIFA 21 Source Code Stolen</i></td></tr></tbody></table><span style="font-family: arial;">EA said it had already improved security and stated that it did not expect "an impact on our games or our business". </span><span style="font-family: arial;">The "network intrusion" was not a ransomware attack and had happened recently, EA added.</span></span></p><p style="margin: 0cm;"><b style="font-family: arial;"><span style="font-size: medium;">Ransomware Update</span></b></p><p style="margin: 0cm;"><span style="font-family: arial;">JBS, the world's largest meat processing company, had some of its global meat production operations ground to a halt after <a href="https://www.bbc.co.uk/news/world-us-canada-57318965" target="_blank">its computer systems were attacked by ransomware</a>. It was reported <a href="https://www.bbc.co.uk/news/business-57423008" target="_blank">JBS paid a £7.8m ($11m) Bitcoin ransom</a> payment to the REvil, a Russian linked cybercriminal group. REvil had initially demanded $22 Million, and </span><span style="font-family: arial;">after paying the ransom, the attackers provided JBS with the decryptor.</span></p><p style="margin: 0cm;"><span style="font-family: arial;"></span></p><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc0vwuTVwYyReTMsjABzV0DTrBqMEofgeKy8Uy8l4Ncen3VlqcCArKA3EwVsYGUDRlxFXZ1ymAU6SJ35_SVvMCaGiNhUPsrDwS1CaAtevztODHF6fdOFGFBQeGo9NQ7upRZ_sIP5BPg-0o/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="699" data-original-width="1147" height="244" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc0vwuTVwYyReTMsjABzV0DTrBqMEofgeKy8Uy8l4Ncen3VlqcCArKA3EwVsYGUDRlxFXZ1ymAU6SJ35_SVvMCaGiNhUPsrDwS1CaAtevztODHF6fdOFGFBQeGo9NQ7upRZ_sIP5BPg-0o/w400-h244/image.png" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i>REvil Ransomware Decryptor</i></td></tr></tbody></table><p></p><p style="margin: 0cm;"><span style="font-family: arial;">The <a href="https://www.fbcnews.com.fj/world/us-recovers-most-of-ransom-justice-department-says/" target="_blank">United States recovered most of the £3.1m ($4.4m) ransom paid to the DarkSide group, responsible for taking the Colonial Pipeline offline last month</a>, an attack which caused s</span><span style="font-family: arial;">everal days causing fuel shortages in the United States</span><span style="font-family: arial;">. </span><span style="font-family: arial;">DarkSide is thought to operate out of eastern Europe and possibly Russia. </span><span style="font-family: arial;">Deputy Attorney-General Lisa Monaco said investigators had “found and recaptured” 63.7 Bitcoin worth $2.3m – “the majority” of the ransom paid. Since the ransom was paid thought, the value of Bitcoin has fallen sharply, so a hit has been taken on the recovered amount given the new poorer exchange rate.</span></p><p style="margin: 0cm;"><span style="font-family: arial;"> </span></p></div><div><span style="font-family: arial;"><div>Stay safe and secure.</div></span></div><div><span><div><b><span style="font-family: arial;"><br /></span></b></div><div><b><span style="font-family: arial;">BLOG</span></b></div><div><ul><span style="font-family: arial;"><li><a href="https://blog.itsecurityexpert.co.uk/2021/06/why-freelancers-should-prioritise-security.html" target="_blank">Why Freelancers Should Prioritise Cybersecurity</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/06/CyberSecurity-Challenges-Post-Lockdown.html" target="_blank">Top Cyber Security Challenges Post Lockdown</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/cyber-security-roundup-for-may-2021.html" target="_blank">Cyber Security Roundup for May 2021</a></li></span></ul><b><span style="font-family: arial;">NEWS</span></b></div><div><span><span style="font-family: arial;"><ul><li style="font-family: "Times New Roman";"><a href="https://www.bbc.co.uk/news/uk-57624942" style="font-family: arial;" target="_blank">Classified Ministry of Defence Documents found at Bus Stop</a></li><li><a href="https://news.sky.com/story/government-investigation-into-leaked-footage-of-hancock-kissing-aide-gina-coladangelo-to-be-launched-12342957" target="_blank">UK Gov to Investigate How Internal CCTV footage of Hancock kissing aide Gina Coladangelo was obtained by the Press</a></li><li><a href="https://knews.uk/2021/07/02/ea-source-code-stolen-by-hacker-claiming-to-sell-it-online/" target="_blank">Gaming Giant, EA, Hacked and Source Code Stolen</a></li><li><a href="https://www.bbc.co.uk/news/technology-57601631" target="_blank">How Hackers are using Gamers to become Crypto-rich</a></li><li><a href="https://www.bbc.co.uk/news/business-57394041" target="_blank">US Recovers $2.3 million of paid Bitcoin Colonial Pipeline Ransom</a></li><li><a href="https://news.sky.com/story/group-linked-to-russia-is-behind-hacking-of-worlds-largest-meatpacking-company-report-12323325" target="_blank">Group linked to Russia is behind Hacking of World's Largest Meatpacking Company</a></li><li><a href="https://www.bbc.co.uk/news/business-57423008" target="_blank">Meat giant JBS pays $11m in Ransom to resolve Cyber-Attack</a></li><li><a href="https://www.bbc.co.uk/news/technology-57232253" target="_blank">Digital ad Industry accused of Huge Data Breach</a></li><li><a href="https://www.bbc.co.uk/news/technology-57504007" target="_blank">Why Cyber Gangs won't worry about US-Russia talks</a></li><li><a href="https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html" target="_blank">Chinese Hackers used Pulse Secure Zero-Day Vulnerability to infiltrate MTA systems</a></li><li><a href="https://www.bbc.co.uk/news/world-europe-57468750" target="_blank">Irish Police to be given Powers over Passwords</a></li><li><a href="https://www.bbc.co.uk/news/technology-57413224" target="_blank">One Fastly Customer Triggered an Internet meltdown</a></li><li><a href="https://www.scmagazine.com/home/security-news/ransomware/costs-from-ransomware-attack-against-ireland-health-system-reach-600m/" target="_blank">Costs from Ransomware Attack against Ireland Health System reach £435M</a></li><li><a href="http://tracking.vuelio.co.uk/tracking/click?d=EwKz5iYlpWZq6llEFV3XcgKpIhzWyoZj1bzbsqIqaLAN2v7uIeXvE00lQHR5gZMG0J5ZvLHbeCwsnxiD6j0AIdJfWyqY3GOL6EhF6qBG0prGzLye0XH3kQ6xV8THFGKldc2pX2RuSjM4DcMQ8yFtgwnkafdGAz3QO_lDFRVRFC7g0" target="_blank">Ikea Fined One Million Euros for Spying on Staff in France</a></li><li><a href="https://news.sky.com/story/john-mcafee-antivirus-software-entrepreneur-found-dead-in-spanish-prison-cell-12340296" target="_blank">John McAfee: Antivirus software entrepreneur found dead in Spanish prison cell</a></li></ul><div><p class="MsoNoSpacing"><o:p></o:p></p><p class="MsoNoSpacing"><b style="font-family: "Times New Roman";"><b><span style="font-family: arial;">VULNERABILITIES AND SECURITY UPDATES</span></b></b></p></div></span></span></div><div><div><ul><li><a href="https://msrc.microsoft.com/update-guide/en-us" target="_blank"><span style="font-family: arial;">Microsoft Patches 49 Vulnerabilities, 5 Rated as Critical</span></a></li><li><span style="font-family: arial;"><a href="https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-program-for-your-peloton-whether-you-like-it-or-not/" target="_blank">Vulnerability in Peloton Bikes: Example of a widespread Security Issue</a></span></li><li><span style="font-family: arial;"><a href="https://threatpost.com/dell-bios-attacks-rce/167195/" target="_blank">30M Dell Devices at Risk for Remote BIOS Attacks</a></span></li></ul><div style="font-family: arial;"></div></div><div style="font-family: arial;"><b>AWARENESS, EDUCATION AND THREAT INTELLIGENCE</b></div><div><p class="MsoNoSpacing"></p><ul><li><a href="https://nordlocker.com/blog/malware-case-study/" target="_blank"><span style="font-family: arial;">‘Nameless’ malware attacks 1.2TB database in the cloud</span></a></li></ul></div></div></span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-76668053886371966542021-06-11T12:14:00.005+01:002021-06-11T12:15:59.501+01:00Why Freelancers Should Prioritise Cybersecurity<div style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKWacF4J4LQblD0MOH24lXN3Ylb8FqXk5ojDrjfgoTOYEX87Jw3bE08rroeGmwfojUiH_R4QvaHS651oWj2P3LfVNMjyJjkTIRi0BR9Dy5-JivWEuYgQPaOuN5IBFcxMjEE5PEjyXNKRYa/" style="font-family: arial;"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKWacF4J4LQblD0MOH24lXN3Ylb8FqXk5ojDrjfgoTOYEX87Jw3bE08rroeGmwfojUiH_R4QvaHS651oWj2P3LfVNMjyJjkTIRi0BR9Dy5-JivWEuYgQPaOuN5IBFcxMjEE5PEjyXNKRYa/" /></a></div><span style="font-family: arial;"><div><i style="background-color: white; font-family: Arial, Tahoma, Helvetica, FreeSans, sans-serif; font-size: 13px;"><span style="font-family: arial;">Article by <a href="https://beaupeters.contently.com/" style="color: #009be1; text-decoration-line: none;" target="_blank">Beau Peters</a></span></i></div><br />As a freelancer in any industry, you are likely more susceptible to hackers and cybercrime than many other professions. Not only are you pulling in a constant stream of customer data, but as a worker on the go, you likely work exclusively in the digital realm with all of your information in the online space. That means that you are basically presenting data on a silver platter for cybercriminals to find and use for malicious purposes. <br /><br />If you take your business seriously, <a href="https://blog.itsecurityexpert.co.uk/2021/04/should-doctors-receive-cybersecurity.html" target="_blank">then cybersecurity needs to be your top priority</a>, not only for your clients but also for the stability of your own enterprise. Luckily, you can stay out of the way of cybercriminals by implementing a few basic security features along with an understanding of common threats. We’ll explain both solutions below.</span><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Protect Client Data </span></b><br />It is important to remember that just about any piece of client data can be used by cybercriminals to cause havoc. Credit card and social security numbers are especially dangerous, as they can be used to take out fraudulent loans and commit identity fraud that could lead to financial and emotional issues as your customers frantically try to get their life back together. <br /><br />Keep in mind that it is not only the data you acquire from customers that need to be protected. As a freelancer, you are likely working on many different websites with many different companies, and the cookies and browsing breadcrumbs you leave behind <a href="https://www.mastersindatascience.org/resources/what-data-do-tech-companies-collect-about-you/" target="_blank">are also loaded with customer data</a> as well as your own. If you don’t protect your systems, that data can be easily extracted by hackers. <br /><br />If you think you are safer because you have a smaller business, <a href="https://blog.itsecurityexpert.co.uk/2021/05/the-key-to-cybersecurity-is-educated.html" target="_blank">think again</a>. Hackers tend to go after smaller targets often because they know that freelancers and new organizations often don’t have the resources or security procedures in place to protect their data, and even if the hackers only get away with a small amount of private customer data, that information is just as valuable to hackers and dangerous on the black market. <br /><br />If you do have a client who becomes the victim of cybercrime and it is connected back to you, it could mean a hit to your reputation that you may not be able to come back from, and as a smaller business, you may not want that type of heat. Recent statistics show that the cost of a breach could be <a href="https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html" target="_blank">as much as £285k ($200k) in penalties and repairs</a>, so if you don’t bring in that kind of money, caution is of the utmost importance.</span><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Avoid Common Scams and Sketchy Characters </span></b><br />Since you are likely a one-person company that doesn’t have an IT team to detect issues and solve problems, you will need to be extra cautious of the companies and clients with which you interact. Part of that is being aware of common scams that could spell big trouble. Phishing emails are often sent by a hacker and they continue to be a constant threat. If you are contacted by a freelance client that seems too good to be true or asks for private information upfront, you may be dealing with a hacker. <br /><br />You must complete your due diligence when it comes to <a href="https://www.waveapps.com/freelancing/overview/how-to-get-freelance-clients">finding and accepting freelance clients</a>. Before you start sharing with them, get their contact information and look them up online to see if they have a digital footprint. A first step in determining if they are legitimate is by searching online with the keywords “company’s name + scam” or “company’s name + lawsuit,” and see what comes up. Also, use your network of writers and on LinkedIn to ask if your associates have heard of the company and if they have a good reputation. <br /><br />Another common scam that you should be aware of has little to do with who you work with, but instead, where you do your work. The man-in-the-middle attack is when a hacker sets up a fake Wi-Fi network in a public place and tries to gain the victim’s attention by saying that it is free or by attempting to mimic the real Wi-Fi at the establishment. When you connect to this fake network, you are really connecting directly to the hacker’s computer, and from there, they can take any data they want from your machine. To avoid this scam, always take the time to ask the proprietor of the establishment for the correct Wi-Fi, so you know it is legitimate. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Securing Your Work at All Times </span></b><br />To have the best chance of avoiding these issues now and in the future, you will want to build your computer network like a fortress. Not only will taking the proper precautions keep you out of financial trouble, but you could also advertise in your job pitches how secure your business really is. Start with smart passwords. Every program you use should have a strong password that utilises a combination of letters, numbers, and special characters, and every password you use should be unique. <br /><br />The next step in setting up your security fortress is installing software that will keep cybercriminals at bay. Start by installing antivirus software and use it to scan your system every week for malware and viruses. Always make it a point to update your antivirus software whenever a new version is available so you get the latest protection. On top of that, you should install a virtual private network (VPN), which will disguise your location and encrypt all of your precious information. <br /><br />Along with keeping your data secure, you will also want to keep all-important personal and client data stored on a dependable backup server. This will come in handy if you ever lose your computer or if you are the target of ransomware, which is an attack where hackers try to take control of your system until you pay them money to release it. If you have a backup, you can recover the data without playing into the hacker’s game. <br /><br />You’ve worked hard to create your freelance business, so you should do everything in your power to protect it. Try the solutions described above and your business will remain strong and secure.</span><br /></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com1tag:blogger.com,1999:blog-3798604115389836864.post-72871594844987179192021-06-08T18:29:00.004+01:002021-06-08T18:29:51.551+01:00Top Cyber Security Challenges Post Lockdown<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0xNSQ7_3ejhnBfCrTqRHy-9jhCysA7xbYdfVXm7XbA9uuGGeZlvkquq2BiDLJaQJvIpB5MLyivZvPXr6nQXKjtAslCVcKfw-lis6uw2IQXb9OqhWc7Lzg54e09h1bSJCErhxWm9oJgdEv/s2048/cybersecurityawareness.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1152" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0xNSQ7_3ejhnBfCrTqRHy-9jhCysA7xbYdfVXm7XbA9uuGGeZlvkquq2BiDLJaQJvIpB5MLyivZvPXr6nQXKjtAslCVcKfw-lis6uw2IQXb9OqhWc7Lzg54e09h1bSJCErhxWm9oJgdEv/s320/cybersecurityawareness.jpg" width="320" /></a></div></div><span style="font-family: arial;">By <a href="https://www.cybertecsecurity.com/" target="_blank">Sam Jones</a> | Cyber Tec Security <br /><br /> Not too long ago things were looking bleak for the world, still under the dark cloud of the COVID pandemic, but with vaccine rollouts now taking place worldwide, there is finally a light at the end of the tunnel. It’s important to remember, however, as we slowly transition back into some semblance of normality, that there will be new challenges to face in all facets of life, and the Cyber Security sector is no exception. <br /><br /><b><span style="font-size: large;"> The Rise in Cyber Threat </span></b><br />While the COVID pandemic loomed, the world was simultaneously dealing with a slightly different type of pandemic - a cyber one. The number of cyber attacks on businesses rose dramatically over the course of the last year, with estimated increases as high as <a href="https://securityboulevard.com/2020/11/90-of-companies-faced-increased-cyberattacks-during-covid-19/" target="_blank">90%</a>. <br /><br />Organisations were forced to quickly adapt and move operations out of the office and into home environments, often bypassing best practices for a secure migration. Hackers took advantage of this confusion and chaos and focused on exploiting the vulnerabilities of those at home, who were working more independently and potentially on devices that did not align with critical security controls. <br /><br />The pandemic offered new opportunities for cybercriminals to develop more sophisticated attacks, with the number of novel attack techniques <a href="https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html" target="_blank">rising to 35%</a>, 15% greater than pre-pandemic. The good news is that the increase in cyber attacks has likely brought to light the importance of cyber security and implementing effective measures to protect against these threats. <br /><br /><b><span style="font-size: large;">Hybrid Working </span></b><br />The pandemic has proved that remote working is indeed possible and it is probable that not all businesses will return to the office post lockdown, at least not full time. There may be more leniency with employees wanting to work from home more frequently, but this new world of hybrid working could create challenges for cyber security. <br /><br />Organisations will have to be wary that employees may be moving from a secure office environment to vulnerable home environments where they could be operating with inadequate security measures in place. In the rush to home working, companies were forced into being less restrictive with security policies and plenty of staff were using their own personal devices and network. But with such little visibility and control, there was no way of knowing what vulnerabilities there may have been - devices may not have been patched, home networks were potentially insecure, and company policies and processes ignored. <br /><br />“<i>This is all about understanding how we control an environment that is now a bigger risk because our network has increased from perhaps one or two locations to potentially hundreds</i>.” <b>CTO, Cyber Tec Security </b><br /><br />If businesses are going to operate effectively in this hybrid working style, they will need to bear in mind certain security considerations. Many will find it beneficial to introduce a home working policy or alter other company security policies to reflect new vulnerabilities. While employees will still need to access company data at home, it is imperative that this is done securely, with data protection tools and policies put in place and the use of a VPN for secure communication channels. Companies might consider providing company hardware to remote employees, but if personal devices are used at home to access data, they will need to be securely set up and regularly audited. <br /><br />Human error is still the number one cause of cyber attack and home working could make this even more prominent. In 2020, Verizon found that <a href="https://www.verizon.com/business/resources/reports/dbir/" target="_blank">67% of cyber attacks</a> were down to phishing and Business Email Compromise. Phishing links are still clicked on and while this is likely due to poor cyber awareness, the situation could be worse in a home environment with greater dependence on email for work requests and less support and supervision. <br /><br />Ultimately, organisations will need to cultivate a culture of security awareness and provide employees with relevant cyber training and resources to help minimise cyber risk and ensure individuals are fully equipped as they transition to this hybrid working style. <br /><br /><b><span style="font-size: large;">A Shift in Priorities </span></b><br />After a hard-hitting 12-14 months and a spike in cybercrime, businesses that may have not considered their cyber security before will now have it on their radar. Certain advancements can and should be made internally post-pandemic, such as developing new policies to incorporate home working and BYOD, and ensuring an incident response plan is in place. <br /><br />Recent Supply Chain attacks like SolarWinds should also compel businesses to start looking at managing the security of their third parties, which are a common way for cybercriminals to gain access and cause disruption to multiple organisations in a supply chain. <br /><br />Although some businesses will have the luxury of investing big money into more advanced security solutions and cyber insurance as a response to the pandemic, others will be facing budget limitations after a hard year. Regardless, no business can afford to ignore the cyber threat post-pandemic, but for most, it will be a case of identifying and prioritising risk reduction strategies to best fit your company’s funds and resources. <br /><br />The pandemic has forged a new security landscape and businesses have been forced to see the importance of being able to quickly adapt to changes in our working styles and environments. Cybercrime is not going anywhere in the post-pandemic world but by being well prepared in the face of these new security challenges, businesses can stay secure and successfully protect against the cyber threat.</span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-61645538649159080322021-06-01T17:30:00.000+01:002021-06-01T17:30:05.534+01:00Cyber Security Roundup for June 2021<p> <b><i><span style="font-family: arial;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s455/Cyber-Security-Roundup.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="151" data-original-width="455" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s320/Cyber-Security-Roundup.png" width="320" /></a></span></i></b></p><p><b><i><span style="font-family: arial;">A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021.</span></i></b></p><div><div><b style="font-family: arial; font-size: large;">UK Smarties Cities Cybersecurity Warning</b></div><div><span style="font-family: arial;">The <a href="https://www.ncsc.gov.uk/collection/connected-places-security-principles" target="_blank">UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities</a>. NCSC warned UK </span><span style="font-family: arial;">Smart Cities will be highly targeted by hackers, and as such, councils need to ensure they are properly prepared as they rollout increasingly connected and technology-reliant infrastructure. The NCSC said critical public services must be protected from disruption, while sensitive data also needs to be secured from being stolen in large volumes. Smart cities and connected rural environments promise a host of benefits for UK society, for instance, sensors will monitor pollution, real-time information on parking spaces, while cameras will track congestion and smartly manage traffic flow. However, another concern is the large volumes of personal information that will likely be collected by smart cities technology, which could erode privacy by allowing citizens to be tracked in greater detail than ever, or could be stolen by criminals or hostile states.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The NCSC's technical director, Dr Ian Levy, referred to Hollywood depictions of cyber-attacks on critical city infrastructure. He picked out the 1</span><span style="font-family: arial;">969 classic movie '<i>The Italian Job</i>', where a computer professor switches magnetic storage tapes running traffic in the Italian city of Turin, which causes utter gridlock, enabling a haul of gold to be stolen by mini cars weaving through the traffic chaos. </span><span style="font-family: arial;">"<i>A similar 'gridlock' attack on a 21st-century city would have catastrophic impacts on the people who live and work there, and criminals wouldn't likely need physical access to the traffic control system to do it</i>" <a href="https://www.ncsc.gov.uk/blog-post/connected-places-new-ncsc-security-principles-for-smart-cities" target="_blank">Dr Levy warns in a blog.</a></span></div><div><br /></div><div><b style="font-family: arial; font-size: large;">Is your Home Router a Security Risk?</b></div><div><div style="font-family: arial;">A <a href="https://www.bbc.co.uk/news/technology-56996717" target="_blank">Which? report claimed millions of UK people could be at risk of being hacked due to using outdated home routers</a>. The consumer watchdog examined 13 router models provided to customers by internet-service companies such as EE, Sky and Virgin Media, and found more than two-thirds had security flaws.</div><div style="font-family: arial;"><br /></div><div style="font-family: arial;"><div>Use of weak passwords was a common theme with the investigation, which concluded:</div><div><ul><li>weak default passwords cyber-criminals could hack were found on most of the routers</li><li>a lack of firmware updates, important for security and performance</li><li>a network vulnerability with EE's Brightbox 2, which could give a hacker full control of the device</li></ul></div><div>The routers found lacking in security updates included:</div><div><ul><li>Sky SR101 and SR102</li><li>Virgin Media Super Hub and Super Hub 2</li><li>TalkTalk HG635, HG523a, and HG533</li></ul></div></div></div><div><div><span style="font-family: arial;">Which? computing editor Kate Bevan said that a proposed UK Smart Device legislation which would ban default passwords on routers "<i>can't come soon enough. </i></span><span style="font-family: arial;"><i>Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to update devices that pose security risks</i>".</span></div></div><div><span style="font-family: arial;"><br /></span></div><div><b style="font-family: arial; font-size: large;">Eight Arrested in UK Smishing Fraud Bust</b></div><div><div><span style="font-family: arial;"><a href="https://www.bbc.co.uk/news/uk-england-57226704" target="_blank">Eight UK men were arrested in an investigation into scam text messages</a>. These scam text </span><span style="font-family: arial;">messages are known as "<a href="https://www.getsafeonline.org/personal/articles/smishing/" target="_blank">smishing</a>" within the security industry, where text messages entice victims with a web link to either malware or malicious website, in a bid to steal personal data or bank details or to have the victim make a bogus payment. </span><span style="font-family: arial;">The suspects, in this case, were allegedly involved in sending fake messages posing as the Royal Mail, asking people to pay a fee to retrieve a parcel.</span></div></div><div><br /></div><div><b style="font-family: arial; font-size: large;">Colonial Pipeline DarkSide Ransomware Attack</b></div><div><span style="font-family: arial;">A Russian cybercriminal group called DarkSide was said to be behind a devasting ransomware cyberattack that shut down a major fuel pipeline in the United States for several days. The cyberattack took down Colonial Pipeline's IT systems which manage a 5,500-mile pipeline network that moves some 2.5 million barrels of fuel a day from the Gulf of Mexico coast up through to New York state. The cyberattack dominated media headlines in the United States, with <a href="https://news.sky.com/story/colonial-pipeline-cyber-attack-us-drivers-warned-not-to-panic-buy-petrol-amid-shortages-in-eastern-states-12303710" target="_blank">US drivers warned not to panic buy petrol amid shortages in eastern states</a>. DarkSide released a statement following the publicity, <a href="https://www.bbc.co.uk/news/business-57050690" target="_blank">stated didn't intend to take the pipeline offline</a> - "</span><span style="font-family: arial;"><i>Our goal is to make money and not creating problems for society</i>". CNN, the New York Times, Bloomberg and the Wall Street Journal all reported Colonial Pipeline <a href="https://www.bbc.co.uk/news/business-57112371" target="_blank">paid $5 (£3.6) million in Bitcoin to Darkside</a>. </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">DarkSide is a ransomware-as-a-service platform, first seen advertised in August 2020 on Russian language hacking forums. The service can be purchased by pre-vetted cybercriminals to deliver ransomware and to perform negotiations and accept payments from victims. Following this attack, which <a href="https://www.bbc.co.uk/news/technology-57101249" target="_blank">garnered the focus of United States President Joe Biden </a>and <a href="https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-network-disruption-at-colonial-pipeline" target="_blank">the FBI</a>, <a href="https://www.techradar.com/uk/news/darkside-hacking-group-apparently-shuts-down-following-pipeline-attack" target="_blank">DarkSide promptly shut down its ransomware-as-service operations</a>.</span></div><div><br /></div><div><span style="font-family: arial;"><a href="https://www.bbc.co.uk/news/technology-57084943" target="_blank">UK Foreign Secretary Dominic Raab also issued a warning to Russia on ransomware attacks</a>, "</span><span style="font-family: arial;"><i>Russia can't just wave their hands and say it's nothing to do with them</i>", he said. </span><span style="font-family: arial;">"<i>Even if it is not directly linked to the state they have a responsibility to prosecute those gangs and individuals</i>." </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">It was reported </span><span style="font-family: arial;">DarkSide had made at least $90m in ransom payments from about 47 other victims according to Bitcoin records. </span><span style="font-family: arial;">DarkSide is one of at least a dozen prolific ransomware gangs making vast profits from holding companies, schools, governments and hospitals to ransom.</span></div><div><span style="font-family: arial;"><div><br /></div></span></div><div><b style="font-family: arial; font-size: large;">Conti Ransomware takes down Ireland's Health Service</b></div><div><span style="font-family: arial;"><a href="https://www.bbc.co.uk/news/world-europe-57111615" target="_blank">Ireland's national health service (Health Service Executive (HSE)) closed down its computer systems after reportedly being hit by the Conti ransomware group</a>, with the cybercriminals initially asking for £14m ($20m) to restore IT systems. </span><span style="font-family: arial;">Ireland's Health Minister Stephen Donnelly said "<i>the incident was having "a severe impact on health and social care services</i>". </span><span style="font-family: arial;">However, the ransomware group has since handed o</span><span style="font-family: arial;">ver software to release HSE systems for free, with the</span><span style="font-family: arial;"> Irish government insists it did not, and would not, be paying the hackers.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">Conti typically steals victims' files and encrypts the servers and workstations in an effort to force a ransom payment from the victim. </span><span style="font-family: arial;">If the ransom is not paid, the stolen data is sold or published to a public site controlled by the Conti actors. </span><span style="font-family: arial;">The FBI issued a warning in the United States about the Conti gang targeting at least 16 healthcare networks there. </span><span style="font-family: arial;">More than 400 organisations have been targeted by Conti worldwide.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The <a href="https://www.bbc.co.uk/news/technology-57173096" target="_blank">BBC news website debated whether paying ransomware should be made illegal in the UK</a>, given it is not currently explicitly illegal for UK firms, and their insurers, to pay ransoms out to cybercriminals.</span></div><div><br /></div><div><b style="font-family: arial; font-size: large;">More Big Data Breaches</b></div><div><span style="font-family: arial;">At least <a href="https://news.sky.com/story/air-india-at-least-45-million-peoples-data-exposed-following-it-system-hack-12314505" target="_blank">4.5 million individuals had their personal information compromised after Air India was subjected to a cyber attack</a>. Stolen d</span><span style="font-family: arial;">etails including names, passport information and payment details stretching back 10 years were accessed by the cybercriminals.</span></div><div><span style="font-family: arial;"><br /></span></div><div><div><span style="font-family: arial;"><a href="https://research.checkpoint.com/2021/the-need-to-protect-public-aws-ssm-documents-what-the-research-shows/" target="_blank">Check Point researchers reported Amazon Web Services System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents</a> with personally identifiable information and credit card transactions on more than 3,000 SSM documents. Check Point said they have worked with AWS Security to provide customers with the necessary information to help them resolve any configuration issues with the SSMs. Developers did not adhere to the <a href="https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-before-you-share.html" target="_blank">AWS best practices.</a></span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;"><div><a href="https://research.checkpoint.com/2021/mobile-app-developers-misconfiguration-of-third-party-services-leave-personal-data-of-over-100-million-exposed/" target="_blank">Check Point researchers also reported that in analysing Android apps on open databases they discovered serious cloud misconfigurations that led to the potential exposure of data belonging to more than 100 million users.</a> Check Point explained how the misuse of a real-time database, notification managers, and storage exposed the personal data of users, leaving corporate resources vulnerable to bad threat actors.</div><div><br /></div><div>Stay safe and secure.</div></span></div></div><div><span><div><b><span style="font-family: arial;"><br /></span></b></div><div><b><span style="font-family: arial;">BLOG</span></b></div><div><ul><span style="font-family: arial;"><span style="font-family: arial;"><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/keeping-phishing-simulations-on-track.html" target="_blank">Keeping Phishing Simulations on Track</a></li></span><span style="font-family: arial;"><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/3-ways-a-Mobile-Device-can-be-Compromised.html" target="_blank">How Hidden Vulnerabilities will Lead to Mobile Device Compromises</a></li></span><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/cyber-security-data-re-assurance.html" target="_blank">Cyber Security: Data ‘Re’-Assurance</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/How-to-Ensure-Security-when-Buying-a-Refurbished-or-Second-Hand-Smartphone.html" target="_blank">How to Ensure Security when Buying a Refurbished or Second-Hand Smartphone</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/10-things-you-might-not-know-about.html" target="_blank">10 Things You Might Not Know About Cyber Essentials</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/achieving-pci-dss-compliant-firewalls.html" target="_blank">Achieving PCI DSS Compliant Firewalls within a Small Business</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/cybersecurity-is-not-one-stop-shop.html" target="_blank">Cybersecurity Is Not A One-Stop-Shop</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/the-role-of-translation-in-cyber.html" target="_blank">The Role of Translation in Cyber Security and Data Privacy</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/the-key-to-cybersecurity-is-educated.html" target="_blank">The Key to Cybersecurity is an Educated Workforce</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/05/cyber-security-roundup-for-may-2021.html" target="_blank">Cyber Security Roundup for May 2021</a></li></span></ul><b><span style="font-family: arial;">NEWS</span></b></div><div><span><span style="font-family: arial;"><ul><li style="font-family: "Times New Roman";"><a href="https://www.nbcnews.com/politics/national-security/russian-criminal-group-may-be-responsible-colonial-pipeline-ransomware-attack-n1266793" style="font-family: arial;" target="_blank">Russian Criminal Group suspected in Colonial Pipeline Ransomware Attack</a></li><li><a href="https://www.ncsc.gov.uk/collection/connected-places-security-principles" target="_blank">NCSC Warn of Cyber Attacks on Smart Cities</a></li><li><a href="https://www.bbc.co.uk/news/world-europe-57111615" target="_blank">Ireland’s Health Service Shut Down IT Systems over Ransomware Attack by 'international criminals'</a></li><li><a href="https://news.sky.com/story/air-india-at-least-45-million-peoples-data-exposed-following-it-system-hack-12314505" target="_blank">4.5 Million Air India Records Exposed in Cyberattack</a></li><li><a href="https://www.bbc.co.uk/news/uk-england-57226704" target="_blank">Eight Arrests in Royal Mail Text Scam Investigation</a></li><li><a href="https://research.checkpoint.com/2021/the-need-to-protect-public-aws-ssm-documents-what-the-research-shows/" target="_blank">Issues with Configuration of AWS Service Lead to Exposure of 5 million Records</a></li><li><a href="https://www.scmagazine.com/firewalls-ipsec-vpns/ip-or-just-generic-tech-palo-alto-argues-centripetal-patent-claims-are-overly-broad/" target="_blank">79% of Observed Microsoft Exchange Server Exposures occurred in the Cloud</a></li><li><a href="https://research.checkpoint.com/2021/mobile-app-developers-misconfiguration-of-third-party-services-leave-personal-data-of-over-100-million-exposed/" target="_blank">Misconfigurations may have Exposed Data on 100 Million Android Users</a></li><li><a href="https://www.bbc.co.uk/news/technology-56996717" target="_blank">Millions at Security Risk from Old Routers, Which? Warns</a></li></ul><div style="font-family: arial;"><p class="MsoNoSpacing"><o:p></o:p></p><p class="MsoNoSpacing"><b style="font-family: "Times New Roman";"><b><span style="font-family: arial;">VULNERABILITIES AND SECURITY UPDATES</span></b></b></p></div></span></span></div><div><div><ul><li><a href="https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-May" target="_blank"><span style="font-family: arial;">Microsoft
Patches 55 Vulnerabilities, 3 Rated as Critical</span></a></li><li><a href="https://blogs.windows.com/windowsexperience/2021/05/19/the-future-of-internet-explorer-on-windows-10-is-in-microsoft-edge/" target="_blank"><span style="font-family: arial;">Microsoft
Internet Explorer will be retired in June 2022</span></a></li><li><a href="https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html" target="_blank"><span style="font-family: arial;">Chrome
91 Features 32 Security Fixes, Enhancements for Linux</span></a></li><li><a href="https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html" target="_blank"><span style="font-family: arial;">Pulse
Secure releases Patch for Zero-Day used to Target Defense Industrial Base</span></a></li><li><a href="https://www.dell.com/support/kbdoc/en-uk/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability" target="_blank"><span style="font-family: arial;">Dell
Patches Vulnerable Driver in a Decade of IT Products, Computers and Laptops</span></a></li></ul><div style="font-family: arial;"></div></div><div style="font-family: arial;"><b>AWARENESS, EDUCATION AND THREAT INTELLIGENCE</b></div><div><p class="MsoNoSpacing"></p><ul><li><a href="https://blog.morphisec.com/revealing-the-snip3-crypter-a-highly-evasive-rat-loader" target="_blank"><span style="font-family: arial;">RevengeRAT
and AysncRAT Target Aerospace and Travel Sectors</span></a></li><li><a href="https://www.trendmicro.com/en_us/research/21/e/new-panda-stealer-targets-cryptocurrency-wallets-.html" target="_blank"><span style="font-family: arial;">New
‘Panda’ Malware Strain is Targeting Cryptowallets</span></a></li><li><a href="https://csrc.nist.gov/projects/post-quantum-cryptography" target="_blank"><span style="font-family: arial;">Post-Quantum
Cryptographic Standards to be Finalised later this Year by NIST</span></a></li><li><a href="https://www.bbc.co.uk/news/technology-57156197" target="_blank"><span style="font-family: arial;">SolarWinds
Hack: Russian Denial 'unconvincing’</span></a></li><li><a href="https://www.bbc.co.uk/news/technology-57173096" target="_blank"><span style="font-family: arial;">Ransomware:
Should Paying Hacker Ransoms be illegal?</span></a></li></ul></div></div></span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-32757884639166671182021-05-28T14:00:00.001+01:002021-05-28T14:03:57.595+01:00Keeping Phishing Simulations on Track<span style="font-family: arial;"><div class="separator" style="clear: both; font-size: large; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXvLU7qqWigqg80ohmEdVU9V6kqOU8tC09GVcVwvF5PZKc7M_4ALXe-euZa6BBzeB0QXxF_1_8c7S9dJ5vx3UdyADlLTv1TETfMvGTr3HRl33DGnzpJfZeXwXjIB0uR9uPk_S1-V9198Fe/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="180" data-original-width="300" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXvLU7qqWigqg80ohmEdVU9V6kqOU8tC09GVcVwvF5PZKc7M_4ALXe-euZa6BBzeB0QXxF_1_8c7S9dJ5vx3UdyADlLTv1TETfMvGTr3HRl33DGnzpJfZeXwXjIB0uR9uPk_S1-V9198Fe/" width="320" /></a></div><br /><a href="https://www.theguardian.com/uk-news/2021/may/10/train-firms-worker-bonus-email-is-actually-cyber-security-test" style="font-size: large;" target="_blank">The West Midlands Train service</a><span style="font-size: medium;"> has come under fire after workers discovered that an email promising them a bonus payment after running trains during the pandemic was actually a phishing simulation test. </span><br /><br /><span style="font-size: medium;">Around 2,500 employees received a message which appeared to come from Julian Edwards, Managing Director of West Midlands Trains, thanking them for their hard work over the past year under COVID-19, and that they would get a one-off payment as a thank you. </span><br /><br /><span style="font-size: medium;">However, those who clicked through on the link were then emailed back with a message telling them it was a company-designed ‘phishing simulation test’ and there was to be no bonus. The email warned: “This was a test designed by our IT team to entice you to click the link and used both the promise of thanks and financial reward.” </span><br /><br /><span style="font-size: medium;">Since the test has been revealed, the train service has received media backlash for promising a fake financial reward to well-deserved teams. However, the modern threat landscape is constantly evolving, and it’s vital that businesses prepare their workforces against any type of threat. So was this a good test of resilience? <a href="https://www.vipre.com/" target="_blank">Andrea Babbs, UK General Manager, VIPRE</a>, explains. </span><br /><br /><b><span style="font-size: large;">Fight Fire with Fire </span></b><br /><span style="font-size: medium;">In order to be successful in the fight against cybercrime and protect the network, businesses should not be afraid to fight fire with fire and sometimes stoop as low as the phishers themselves – who have no morals. By using a powerful message and incentive such as the suggestion of a bonus provided by West Midlands Train Service, businesses can gain valuable insight into how their employees could be tricked into clicking on a phishing link, and why they need to ensure their staff are trained for any type of attack. </span><br /><br /><span style="font-size: medium;">However, the test has clearly upset West Midlands’ employees and could have been done in a less dramatic way so that it wasn’t either ethically or morally questionable. Particularly during a pandemic where our frontline workers, like those in the transport industry, have continued to put themselves at risk over the last year. The idea of a bonus in the current challenging environment seems deserving as an act of recognition for their above and beyond service – but for this to be a test, rather than the promised reward, is particularly hard-hitting for those involved. </span><br /><br /><b><span style="font-size: large;">Finding the Balance </span></b><br /><span style="font-size: medium;">It is vital that organisations take the time to train and educate their staff so that they become an additional line of defence in an organisation’s cybersecurity strategy. However, IT teams also need to rely on users’ goodwill to encourage them along the cybersecurity journey. This test by West Midlands Train service may have damaged that goodwill and could disillusion some members of staff. </span><br /><br /><span style="font-size: medium;">Rather than mentioning a bonus, the train service could have mentioned a change to pay, or the date of payroll. Both of these statements would have had the same instinctual reaction in employees, without having heightened emotions surrounding the letdown of a non-existent bonus. </span><br /><br /><b><span style="font-size: large;">Importance of Education </span></b><br /><span style="font-size: medium;">Regardless of the incentive behind the West Midlands phishing test, the fact that employees clicked on the link highlights the need for businesses to perform these types of tests in the first place. </span><br /><br /><span style="font-size: medium;">Cybercriminals will stop at nothing to get users to click on a phishing link, download a malicious attachment or fill in their details on a forged website, and will use personal or professional information to lure them into doing this. </span><br /><br /><span style="font-size: medium;">Therefore, employees need continuous training to identify and avoid these attacks. Going forward, businesses who are looking to deploy such phishing tests should try using less exciting topics to trick their users in order to avoid any bad will or backlash from their employees and the media. </span><br /><br /><span style="font-size: medium;">One way to achieve this is to implement Security Awareness Training programmes that incorporate real-life situations, including phishing simulations - that are less emotive. This educational material will help organisations to fortify crucial cyber threat prevention messaging and educates workforces on how to protect both the business and themselves.</span></span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com2tag:blogger.com,1999:blog-3798604115389836864.post-90178416758515452762021-05-26T13:30:00.001+01:002021-05-26T13:30:00.189+01:00How Hidden Vulnerabilities will Lead to Mobile Device Compromises<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXbucfTzzf-WPTt7JBxHHNvyTAE0t8q_Vw-onB0xMxORjpYk_bGPRPr0j_R8Xt037qnhT3rX2nJeu0WAY5m2L2tFrgvpsYJ3FFDqZccevuq-3MsLtWKBCr35ZoYrlJdeOGZFqY4WFiGynp/" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: arial;"><img alt="" data-original-height="217" data-original-width="542" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXbucfTzzf-WPTt7JBxHHNvyTAE0t8q_Vw-onB0xMxORjpYk_bGPRPr0j_R8Xt037qnhT3rX2nJeu0WAY5m2L2tFrgvpsYJ3FFDqZccevuq-3MsLtWKBCr35ZoYrlJdeOGZFqY4WFiGynp/w400-h160/image.png" width="400" /></span></a></div><span style="font-family: arial;">Your mobile device can be hacked very easily without your knowledge. Even if an attacker can’t get into your device they can attempt to gain access to the sensitive information instead that is stored inside such as your places visited, emails and contacts. It's not just consumers who are targeted by cybercriminals, the rise of smartphones and tablets in the workplace and the increase in remote working has resulted in hackers targeting businesses via their mobile device vulnerabilities.</span><div><span style="font-family: arial;"><br />Most individuals and organisations with very sensitive information, still do not take basic mobile security measures, even with the rising threats to our smartphones. According to a study by Intertrust on mobile security, the cost of mobile app hacks and violations will hit $1.5 billion by the end of 2021. Yet, network systems or even our desktop computers get more attention, with mobile device security continuing to be ignored by organisations across the globe every day. <br /><br /></span><div><span style="font-family: arial;"><b><span style="font-size: large;">Three Ways a Mobile Device can be Compromised</span></b><br /><b><span style="font-size: medium;">Unsecure Wi-Fi</span></b><br />When out and about, the free wifi sign is always something we’re looking out for, but it's best to ignore these networks the next time you come across a public Wi-Fi network that doesn't need a password. When using unsecured Wi-Fi networks, eavesdroppers will see all <a href="https://www.pcworld.com/article/2043095/heres-what-an-eavesdropper-sees-when-you-use-an-unsecured-wi-fi-hotspot.html" target="_blank">unencrypted traffic</a>. Wi-Fi could be insecure in public places, such as cafes and airports, allowing malicious actors to visualise everything you do while connected.<br /><br />Make sure you're connecting to websites using HTTPS. HTTPS ensures that correspondence to and from a specific website is encrypted, while <a href="https://us.norton.com/internetsecurity-privacy-what-is-a-vpn.html" target="_blank">a VPN service</a> encrypts anything you send. Look at the address bar of your browser window to see if you're linked via HTTPS; you should see "HTTPS" at the start of the web address (or, on some web browsers there is a lock icon). Hackers have been <a href="https://www.venafi.com/education-center/ssl/common-ssl-attacks" target="_blank">able to obtain valid SSL certificates</a> for sites with names that are slightly different from those of major financial institutions, as well as the HTTPS prefix.<br /><br />Finally, using public Wi-Fi exposes you to <a href="https://www.varonis.com/blog/7-wi-fi-security-tips-avoid-being-easy-prey-for-hackers/" target="_blank">session hijacking</a>, which occurs when a hacker tracking your Wi-Fi traffic tries to hijack an open session you have with an online service (such as a social networking site or an email client) by stealing the browser cookies the service uses to identify who you are. Once hackers have <a href="https://www.kaspersky.com/resource-center/threats/how-to-stop-phone-hacking" target="_blank">your cookies</a>, they can use it to impersonate you on these pages or even track you down.<br /><br />Pay attention to the warning message your device is sending you to see if you're on an unsecured connection. An alert will pop up on iPhones saying that the identity of the server can not be checked and asking if you still want to connect. Before you can access Wi-Fi, you will be asked to press "continue". Despite this warning, <a href="https://www.mcafee.com/content/dam/consumer/en-us/docs/2020-Mobile-Threat-Report.pdf" target="_blank">92%</a> of users click continue on the screen. In fact, your phone has a lot of <a href="https://www.techlicious.com/tip/how-to-protect-your-privacy-on-public-wifi-networks/%5d/" target="_blank">very good technology</a> built in to alert you when you are going to make a bad security decision. Be vigilant when connecting to free Wi-Fi, and avoid exchanging personal information, to protect yourself.<br /><br /><b><span style="font-size: medium;">Malicious Apps </span></b><br />There has been a <a href="https://purplesec.us/resources/cyber-security-statistics/" target="_blank">rise of 54%</a> of mobile users who have got attacked through malicious apps over the past year. Apps add mobile functionality, but also increase the risk of a data breach, particularly if they are downloaded from websites or tweets instead of a secure app store. Malicious code that allows hackers to steal data could be hidden within apps, even ones that work.<br /><br />The mobile technology ecosystem is enormous. Neither <a href="https://support.apple.com/en-gb/guide/mac-help/mchleab3a043/mac" target="_blank">Apple nor Google</a> will look at every single app in their store and decide whether or not it is malicious. You should restrict the number of applications you install in order to protect yourself - <a href="https://www.manageengine.com/mobile-device-management/what-is-mdm.html#:~:text=MDM%20Software%20or%20MDM%20solution,or%20personally%2Downed%20mobile%20devices.&text=An%20MDM%20solution%20or%20an,types%20used%20in%20an%20organization." target="_blank">MDM security solutions</a> can include computer implementations that require workers to use a VPN or a private Wi-Fi hotspot to connect to public Wi-Fi networks. Due to the increasing number of sophisticated cybersecurity threats. MDM is the key to a healthy, effective, and reliable mobile workforce.<br /><br />What we call the <a href="https://www.avast.com/en-gb/business/resources/what-is-attack-surface" target="_blank">attack surface</a> on your phone increases the more applications you have. What this suggests is that there are more code lines and thus there is a greater occurrence of a security-sensitive flaw in that amount of code.<br /><br /><b><span style="font-size: medium;">Operating System Flaws<br /></span></b>Vulnerabilities are identified as what lets attackers in, despite the best efforts of smartphone manufacturers. To protect users, device manufacturers release operating system updates frequently. All of those updates have very <a href="https://www.androidauthority.com/android-security-updates-960483/" target="_blank">important security patches</a> in them and people are concerned that maybe this will affect how they use their phone or if their phone will not be compatible with it. <br /><br />As soon as the new updates are released, they need to enforce those changes. Hackers know about <a href="https://www.zdnet.com/article/the-scariest-hacks-and-vulnerabilities-of-2019/" target="_blank">vulnerabilities after updates</a> are issued and try to hack out-of-date devices. Nobody recovers from being hacked quickly. Although computers have always been vulnerable to attack, mobile devices are becoming a larger target for criminals to attack. Secure yourself by identifying the risks and making attempts to minimise them ahead of time. <br /><br /><b>Author</b></span></div><div><span style="font-family: arial;">This article was provided by </span><a href="https://saltdna.com/features" style="font-family: arial;" target="_blank">SaltDNA</a>,<span style="font-family: arial;"> a provider of secure mobile message and voice call communications. You can sign up for a free trial of SaltDNA or talk to a member of their team at </span><a href="mailto:info@saltdna.com" style="font-family: arial;" target="_blank">info@saltdna.com</a><span style="font-family: arial;"> or by visiting </span><a href="http://saltdna.com" style="font-family: arial;" target="_blank">saltdna.com</a><span style="font-family: arial;">.</span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-9159595051909354162021-05-19T15:30:00.001+01:002021-05-19T16:47:19.754+01:00Cyber Security: Data ‘Re’-Assurance<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnFQxyCh4kqnBirNrs0Cq-bgT0AEMXBUawMAeLnT5-8-Q9QnFHrTlGpmlQ72TqAa5ha1DzRxAc9nUhUvMdamGIURvfo0kxx_MlmP9sekZnRF4yG-hcq93LHo-4UybPFlfypSgPJeCtIvVC/s1867/data+IT+security+expert.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1400" data-original-width="1867" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnFQxyCh4kqnBirNrs0Cq-bgT0AEMXBUawMAeLnT5-8-Q9QnFHrTlGpmlQ72TqAa5ha1DzRxAc9nUhUvMdamGIURvfo0kxx_MlmP9sekZnRF4yG-hcq93LHo-4UybPFlfypSgPJeCtIvVC/s320/data+IT+security+expert.jpg" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-family: arial; text-align: start;"><i>How do you know company data is secure?<b> </b></i></span></td></tr></tbody></table><span style="font-family: arial;">How do organisations know their data is secure? And how can companies ensure that a network breach won’t result in a loss of sensitive data? The consequences of a data breach are potentially disastrous for any organisation, so companies need to be reassured that their data is secure at all times in line with any internal and external compliance needs - and that they have the tools and visibility to prove this, should a network breach occur. <br /><br />With <a href="https://finance.yahoo.com/news/78-lack-confidence-company-cybersecurity-153000182.html?guccounter=1" target="_blank">78%</a> of IT security leaders lacking confidence in their company’s cybersecurity posture, now is the time for organisations to focus on applying a ‘Zero Trust’ approach to their cybersecurity strategy. In doing so, security professionals acknowledge that they cannot trust the security of their underlying infrastructure and therefore implement controls from a data assurance perspective, placing emphasis on protecting their sensitive data, irrespective of where this data travels within the network. And for those CISO’s and CSO’s who are solely concerned with their network security, they need to reconsider and focus on their data security. <br /><br />Security professionals should be taking a proactive approach to their organisation’s cybersecurity and should always be considering how they can better protect their most valuable asset - their data. With this in mind, <a href="https://certesnetworks.com/" target="_blank">Paul German, CEO, Certes Networks</a>, outlines how data assurance is a mindset that security professionals need to adopt in order to be confident that their sensitive data is protected at all times. <br /><br /><b><span style="font-size: large;">Increasing Threats </span></b><br />Cyber attacks are increasing dramatically and by its very nature, sensitive data is an incredibly valuable asset and one that is frequently targeted. Last year, <a href="https://www.techdigest.tv/2021/03/37-billion-data-records-leaked-in-2020-140-year-on-year.html" target="_blank">37 billion</a> data records were leaked at a staggering 140% increase year on year. Surely there are measures that companies can take to prevent this growing breach of data. <br /><br />However, on average only <a href="https://www.varonis.com/2019-data-risk-report/" target="_blank">5%</a> of company files are properly protected - a surprising statistic considering the vast implications of a cyber attack. Furthermore, malicious hackers are now attacking computers, networks and applications at a rate of one attack every <a href="https://www.comparitech.com/vpn/cybersecurity-cyber-crime-statistics-facts-trends/" target="_blank">39 seconds</a>. <br /><br />Clearly, cyber attacks and consequent data breaches are an epidemic and organisations need to put the appropriate measures in place in order to protect their data and their business. Ultimately, companies need to adopt a data assurance strategy aligned to business intent so they have the right tools and security posture in order to be in the best position when it comes to safeguarding their most valuable asset against cyber criminals. <br /><br /><b><span style="font-size: large;">The Consequences </span></b><br />When a cyber attack occurs and an organisation loses the sensitive data they have been trusted with, there are significant consequences. Of course, the obvious economic repercussions are enough to make any business concerned, with the average cost of a data breach being <a href="https://www.forbes.com/sites/chuckbrooks/2021/03/02/alarming-cybersecurity-stats-------what-you-need-to-know-for-2021/?sh=706db83e58d3" target="_blank">£2.73 million ($3.86m USD)</a> as of 2020. <br /><br />However, it is not just a data breach, but a breach of trust. Additionally, losing a client’s sensitive data damages a company’s reputation and organisations could even be facing legal action, especially if they breach regulations such as GDPR, HIPAA or CJIS. The fact is that businesses are fined for a loss of data because they are not compliant with specific laws over the use of sensitive information - not for a network breach. <br /><br />By looking at cybersecurity from a data assurance perspective, security professionals have the capacity to bypass these damages by protecting their data from the outset, rather than waiting for an inevitable breach to happen before implementing data security measures. There is no reason for businesses to put themselves in a vulnerable position when they have the ability to effectively avoid the consequences of a data breach altogether. <br /><br /><b><span style="font-size: large;">Data Assurance </span></b><br />When businesses consider their cybersecurity strategy from a data assurance perspective, they are directly focusing on their data security and ensuring that they have the necessary outputs in place in order to prove at all times that their sensitive data is protected according to their business intent. <br /><br />Through understanding their business intent, organisations adhere to specific objectives that they have defined in order to protect their data and mitigate associated risks. By adopting a Zero Trust approach to their cybersecurity posture, companies can achieve the separation of duties that cannot be met when security protocols are tied into the network infrastructure. With a secure overlay that is agnostic to the underlying network infrastructure, security teams can have total control of their security posture. This means that should an incident occur, the required controls are in place and functioning and security professionals can easily prove that their main priority, which is their sensitive data, is safe. <br /><br />Additionally, with regulations over how organisations can handle data continuing to evolve and change, companies need the mechanisms in place to be able to proactively react to any developments in regulatory compliance requirements. By implementing policies that match evolving compliance requirements and by putting data at the forefront of any cybersecurity strategy, organisations can be secure in the knowledge they are observing these rules and regulations and won’t fall victim to their data being compromised. <br /><br />Companies need to seriously consider implementing the right controls in order to make sure their data is protected and by focusing on their cyber security strategy from a data assurance perspective, they can ensure that they are emphasising the protection of their most valuable asset.</span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-14412466034325668662021-05-13T07:00:00.005+01:002021-05-13T07:00:00.178+01:00How to Ensure Security when Buying a Refurbished or Second-Hand Smartphone<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwhONm8UwHbEJ5KeUC51IvfhdDBftxaZB0t4mVdSMR5Zq7S7gXAhnJD29fMN_cMQinL3SWhsFvz_OWxsOJQoWMBBr8wIzXVtC2ZeUjm36dDgSUtlKl8U_T2H7MxWoRTRUqqg0dwhe8dgkU/s2048/stockvault-woman-holding-smartphone-colorized-hazy-looks222198.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1365" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwhONm8UwHbEJ5KeUC51IvfhdDBftxaZB0t4mVdSMR5Zq7S7gXAhnJD29fMN_cMQinL3SWhsFvz_OWxsOJQoWMBBr8wIzXVtC2ZeUjm36dDgSUtlKl8U_T2H7MxWoRTRUqqg0dwhe8dgkU/s320/stockvault-woman-holding-smartphone-colorized-hazy-looks222198.jpg" width="320" /></a></div></div><span style="font-family: arial;"><div><span style="font-family: arial;"><br /></span></div>Last year, a <a href="https://www.which.co.uk/news/2020/07/mobile-phones-recycling-and-security/" target="_blank">Which?</a> investigation found that 31% of resold smartphone models from three of the major used and refurbished handset stores are no longer receiving security updates. Phone manufacturers only schedule data updates for a certain period after the release of a model, so those looking for an additional bargain in older devices could be putting themselves at risk.<br /><br />As well as security issues, second-hand smartphones that haven’t been wiped by their previous user can still contain sensitive data. Without following the proper steps, anybody considering selling their old phone on eBay or another marketplace could be exposed to fraud in numerous ways.</span><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">How to Ensure Security When Buying a Phone</span></b><br />Phone manufacturers often release information on their security updates, so checking your chosen model is still receiving these updates is essential to remain secure once you start using your new phone. The length of time phones are updated varies by manufacturer and by model. <br /><br />For example, <a href="https://support.apple.com/en-gb/guide/iphone/iphe3fa5df43/12.0/ios/12.0" target="_blank">Apple offers security updates</a> for several years and the next model to stop receiving these updates is the iPhone 6, released in 2015, which will no longer be updated at the end of 2021. However, the Huawei Mate 10 Pro, stopped being updated just 28 months after its release in 2017.<br /><br />Apple also links its security updates with its general software updates, meaning if your device is no longer being updated, your apps and other functions will not work as well and can be exploited by hackers in other ways. For this reason, it’s best to shop around for more recent models.<br /><br />For those who have chosen an old model, it’s important to take extra care when using the device and navigating online. Pay attention to app permissions, as some apps may take advantage of gaps in the phone’s security perimeter that can expose your personal data. Using smartphone security or antivirus software will also help prevent unauthorised access to your device or your data when using an older phone.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;"><div>With any used or refurbished phone, carrying out a factory reset before using will ensure that any personal data that has been missed by the previous owner is deleted before you start using the device.</div><br /><b><span style="font-size: large;">Consider Your Data before Selling Your Smartphone</span></b><br />Before selling a smartphone, the best course of action to prevent your data from being stolen or abused is to perform a complete factory reset of the device. Once you’ve saved everything you want to keep on an external backup, like your computer or the cloud, perform a factory reset by following the guidelines of your phone’s manufacturer. Some devices may ask if you want to keep personal data while performing the factory reset, make sure you don’t select this option as this will not fully clear the device.<br /><br />Things to pay attention to are any apps where passwords are saved to your phone and apps that send SMS confirmations for security purposes. Before getting rid of your old device, make sure texts from online banking or other sites can be received on your new phone and be sure to save passwords somewhere secure to avoid being locked out once your phone has been reset.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">The Used and Refurbished Phone Market</span></b><br />Used and refurbished smartphones make up only 14% of all smartphone sales, but their presence is essential in reducing the environmental impact of the smartphone industry by prolonging the life of every device. With numerous precious metals used in smartphones that will soon be too difficult to mine, manufacturers need to do more to keep old devices secure. <br /><br />By arbitrarily limiting the length of time devices receive security updates, manufacturers are forcibly cutting the life of most devices short, contributing to the major e-waste problem faced by modern society.<br /><br />In addition to manufacturers, second-hand phone vendors need to make their customers aware before they buy unsecured devices. Following the Which? survey, some second-hand retailers added information about the security strength of old devices, which helps inform consumers’ decisions and raise awareness of how they can secure these devices if they choose to still purchase them.<br /><br /><b><span style="font-size: large;">Conclusion</span></b><br />Overall, second-hand and refurbished smartphones are an essential facet of the smartphone industry and more needs to be done to improve the quality and security of these devices to combat the rapidly growing e-waste problem, as well as provide more opportunities for consumers to get their hands on smartphones at any price point.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;"><i>This article was written by Damon Culbert from <a href="https://repairoutlet.co.uk/" target="_blank">Repair Outlet</a>, smartphone parts and refurbished device retailer.</i></span></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-22384200893909305442021-05-11T07:00:00.001+01:002021-05-11T07:00:00.223+01:0010 Things You Might Not Know About Cyber Essentials <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSGu9B7Ei7G0MGBXlvCcbQIClqW4gc8m7Tyy-wwt3yQMcLJm4rqDbsPA01EoDAUhJBSZPRnLLYfsPdCDI3U4WZUNLShH1IY8PsAEA9nOsvww41hUanGVRNEikNve0oyTPEs9WQu60uoqF-/s203/CE.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="144" data-original-width="203" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSGu9B7Ei7G0MGBXlvCcbQIClqW4gc8m7Tyy-wwt3yQMcLJm4rqDbsPA01EoDAUhJBSZPRnLLYfsPdCDI3U4WZUNLShH1IY8PsAEA9nOsvww41hUanGVRNEikNve0oyTPEs9WQu60uoqF-/s0/CE.png" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><a href="https://iasme.co.uk/" style="font-family: arial; font-style: italic; text-align: start;" target="_blank">I</a><a href="https://iasme.co.uk/" style="font-family: arial; font-style: italic; text-align: start;" target="_blank">ASME</a><span style="font-family: arial; font-style: italic; text-align: start;"> del</span><span style="font-family: arial; font-style: italic; text-align: start;">iv</span><span style="font-family: arial; font-style: italic; text-align: start;">ers Cyber Essentials on behalf of UK </span><a href="National Cyber Security Centre (NCSC)" style="font-family: arial; font-style: italic; text-align: start;" target="_blank">NCSC</a><br /></td></tr></tbody></table><span style="font-family: arial;"><i>By <a href="https://www.cybertecsecurity.com/" target="_blank">Sam Jones</a> | <a href="https://www.cybertecsecurity.com/" target="_blank">Cyber Tec Security</a> and Dave Whitelegg</i></span><div><span style="font-family: arial;"><i><br /></i>What is </span><span style="font-family: arial;">Cyber Essentials?</span><span style="font-family: arial;"> If you are just hearing about the Cyber Essentials scheme, read on as we unpack 10 things you might not know about Cyber Essentials. <br /><br /><b><span style="font-size: medium;">1. UK Gov Launched Cyber Essentials in 2014</span></b><br />The UK Government <a href="https://www.ncsc.gov.uk/">National Cyber Security Centre (NCSC)</a> published its <a href="https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security" target="_blank">‘10 Steps to Cyber Security in 2012'</a>, after the UK Government agencies recognised small-medium sized UK businesses require further cybersecurity guidance and support in order to protect the British digital dependant economy. </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">This led to the development of five critical 'cyber essentials' technical security controls which provides a minimum level of cybersecurity protection. Assurance of the adoption of these five security controls by an organisation provides a good degree of confidence an organisation is protected against the most common cyber threats, thus the UK Cyber Essentials certification scheme was born.<br /><br /><b><span style="font-size: medium;">2. IASME is the Sole Partner of the NCSC in delivering the Cyber Essentials Scheme</span><br /></b>As of April 2020, <a href="https://iasme.co.uk/" target="_blank">Information Assurance for Small and Medium Enterprises Consortium (IASME)</a> won the contract to become the sole partner of the Cyber Essentials scheme on behalf of the NCSC. Prior to this, there were five different accreditation bodies operating under different methodologies. So to reduce confusion around the scheme and to streamlined the certification process, the NCSC decided to go with a single accreditation body - IASME. <br /><br />IASME now oversees a large number of Certification Bodies based around the UK, all of which have qualified assessors able to certify businesses looking to achieve the certification. <br /><br /><b><span style="font-size: medium;">3. Cyber Essentials is the only UK Government Cybersecurity Standard </span></b><br />Although there are other cyber certifications available, Cyber Essentials is the only scheme designed and backed by the UK Government. Holding the certification is a mandatory requirement for any business bidding on UK Central and Local Government, and Ministry of Defence (MOD) contracts. <br /><br />Although a UK standard, business outside of the UK can and are Cyber Essentials certified. <br /><br /><b><span style="font-size: medium;">4. There are Two Levels to the Cyber Essentials Scheme</span><br /></b>The scheme is designed with small-medium sized businesses in mind, offering a low cost and straightforward way to start their cybersecurity journey, protecting UK businesses from the most common cyber threats. </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">To make the scheme more flexible, the are two levels, <a href="https://iasme.co.uk/cyber-essentials/" target="_blank">Cyber Essentials</a> and <a href="https://iasme.co.uk/cyber-essentials/cyber-essentials-plus-find-out-more/" target="_blank">Cyber Essentials Plus</a>. </span></div><div><ul style="text-align: left;"><li><span style="font-family: arial;"><b>Cyber Essentials</b> requires the five basic security controls to be assessed and recorded on an IASME provided secure web portal, with a qualified assessor verifies the information provided. This simple self-certification costs around £300. </span></li><li><span style="font-family: arial;"><b>Cyber Essential Plus (CE+) </b>provides a higher level of assurance than the regular Cyber Essentials, so suites business striving to further demonstrate their cybersecurity posture to clients. Some clients may even require CE+ certification for their security assurance via a contractual clause. The CE+ assessment process requires an external assessor to evidence and verify the five Cyber Essentials controls and requirements. The cost of a CE+ assessment will depend on the size and complexity of your business' IT network.</span></li></ul><span style="font-family: arial;"><b><span style="font-size: medium;">5. Cyber Essentials has to be Renewed every 12 months </span></b><br />Cyber Essentials certifications must be</span><span style="font-family: arial;"> renewed every year, to demonstrate the business is still aligned with the standard requirements. However, despite certification requiring passing </span><span style="font-family: arial;">a point-in-time security assessment, it is important that the cyber essentials security requirements are continually met. </span><span style="font-family: arial;">This is comparable to taking in your car for an MOT, your car may be deemed road-safe on the day it passed all the MOT checks, but if the car becomes no longer road worthy a couple of weeks later, then the MOT certificate provides no protection for your car being both safe and legal to use on UK roads. Therefore, with Cyber Essentials, you must constantly verify compliance with the security requirements outside of the annual certification process, else your business will not benefit from the protection the security controls provides.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">6. Achieving Cyber Essentials is Often Quick</span></b><br />Too many businesses put cybersecurity on the backburner because they lack the understanding and the time to properly assess their cyber controls and risks. Achieving Cyber Essentials certification does not take weeks to complete. The Cyber Essentials assessment approach provides guidance to help identify and remediate any security shortcomings found, so you can ultimately obtain a Cyber Essentials state of operation and certification which can be used to prove your business compliance with the scheme to others parties.<br /><br />Of course, the time to complete a Cyber Essentials certification will depend on the extent of the remediation work required, however, you do not need to be a security expert to fix the typical issues, as expert security guidance is provided through the online assessment process. Some businesses without security issues have managed to complete a Cyber Essentials assessment and then receive their IASME Cyber Essentials certification within 24 hours.<br /><br /><b><span style="font-size: medium;">7. Cyber Essentials reduces the risk of ICO Financial Penalties</span></b><br />The UK <a href="https://ico.org.uk/" target="_blank">Information Commissioner’s Office (ICO)</a> regulates privacy rights and data protection compliance with the UK Data Protection Act (DPA\GDPR), for any organisation which processes and/or stores UK citizen personal information. Failure to safeguard UK personal data from cyber-attacks can result in the ICO issuing of eye-water monetary penalties. The maximum amount is the higher value between £17.5 million and 4% of your annual turnover (based on the previous financial year). Recent penalties have involved <a href="https://ico.org.uk/action-weve-taken/enforcement/ticketmaster-uk-limited/" target="_blank">Ticketmaster UK</a>, <a href="https://ico.org.uk/action-weve-taken/enforcement/marriott-international-inc/" target="_blank">Marriott International</a>, and <a href="https://ico.org.uk/action-weve-taken/enforcement/british-airways/" target="_blank">British Airways</a>, the latter of which was fined £20m. <br /><br />Adopting the Cyber Essentials controls helps to protect personal data. The ICO works closely with the NCSC and is said to look favourably on organisations that have obtained Cyber Essentials certification and are breached, which may reduce the chance of higher regulatory fines being imposed. <br /><br /><b><span style="font-size: medium;">8. Cyber Essentials is for Big and Small UK Organisations</span></b><br />The Cyber Essentials certification has been adopted by many big names, including the likes of Vodafone, Deloitte, Accenture, BP and Barclays Bank. However, the scheme was very much developed with UK SME cybersecurity in mind. Adopting Cyber Essentials is a crucial first step for SMEs in taking their cybersecurity obligations more seriously, with a certification demonstrating security assurance both to customers and suppliers. <br /><br />Small businesses are highly prone and are the hardest hit by cyber-attacks, although it doesn't seem that way given it's the large bluechip companies that tend to dominate the media headlines when comes to cyberattacks and data breach reporting. While larger companies can afford to incur the often heavy cost of a cyberattack, it tends to be a different story for small businesses, where a serious cyberattack can lead to the business permanently closing.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">SMEs are commonly in the supply chain of larger organisations, as such are targetted by cybercriminals seeking to gain access to those organisations, given IT security is often a lot weaker at SMEs than the attacker's target. Once SME systems are compromised by an attacker, it can be a simple process to hop through the supply chain network to the target organisation.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">9. Cyber Essentials is still needed if other Security Certifications like ISO27001 are in place</span></b><br />ISO27001 is a popular internationally recognised information security business management certification. Holding ISO27001 certification does not mean Cyber Essentials is an unnecessary additional certification, although the two standards complement each other well. <br /><br /></span><span style="font-family: arial;">Cyber Essential provides a prescriptive set of security requirements which in turn provides confidence of a fundamental and a standard set of industry recognised good practice technical controls are in place and effective. This one of the reasons why Cyber Essentials is increasingly used to assure the security of supply chains through due diligence.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">10. USA are Big Supporters of the Cyber Essentials scheme </span></b><br />Thanks to the Cyber Essentials scheme’s early success, the United States of America <a href="https://www.cisa.gov/cyber-essentials" rel="nofollow">Cybersecurity and Infrastructure Security Agency (CISA) introduced Cyber Essentials</a> and the <a href="https://www.cisa.gov/sites/default/files/publications/19_1105_cisa_CISA-Cyber-Essentials.pdf" target="_blank">culture of cyber readiness</a> to small businesses and government agencies to guide them on their cybersecurity journey. <br /><br />In line with other international security standards like the <a href="https://www.nist.gov/cyberframework" target="_blank">NIST framework,</a> Cyber Essentials is a fantastic approach for those wanting to better understand their organisation’s cybersecurity defenses and the best practices for improving it.</span></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-85153889487056459412021-05-07T02:52:00.004+01:002021-05-07T02:52:56.884+01:00Achieving PCI DSS Compliant Firewalls within a Small Business<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC1I0IyyAJx6QbSCwD2POLiehQX9EtrjNxYLb6SV9Uz9AJ0ASoUYNhZmcV0u9FD0OgT86Yzq5XjhOVh8Lbayi_jvcHqWQvsYwFS-lyWSstuDyYzr9jm7qDkGCXIb3SFSEEq_JaGGnYEz7P/s2048/credit+card+IT+security+expert.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1370" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC1I0IyyAJx6QbSCwD2POLiehQX9EtrjNxYLb6SV9Uz9AJ0ASoUYNhZmcV0u9FD0OgT86Yzq5XjhOVh8Lbayi_jvcHqWQvsYwFS-lyWSstuDyYzr9jm7qDkGCXIb3SFSEEq_JaGGnYEz7P/s320/credit+card+IT+security+expert.jpg" width="320" /></a></div><span style="font-family: arial;">The most important and integral part of any data security begins with having firewalls installed in the environment. Not just that, installing firewalls is an essential requirement of the <a href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf" target="_blank">Payment Card Industry Data Security Standard (PCI DSS</a>). However, simply installing a firewall on the network perimeter will not make your organization PCI DSS compliant. <br /><br />PCI DSS draws out specific requirements pertinent to firewalls under requirement 1 and its sub-requirements on how firewalls should be installed, updated, maintained along with other firewall rules. Elaborating more on this, we have explained in this article basic PCI DSS firewall requirements, and the need for small businesses to install firewalls. But before getting into the details of it, let us first understand the meaning of a PCI DSS compliant firewall. <br /><br /><b><span style="font-size: large;">What is a PCI DSS Compliant Firewall? </span></b><br /></span><div><span style="font-family: arial;">Firewalls are used to segment or isolate networks and are an essential component to</span><span style="font-family: arial;"> </span><span style="font-family: arial;">limit cyber threats and protect internal networks from the internet and untrusted networks</span><span style="font-family: arial;">. </span><span style="font-family: arial;">In a merchant’s point-of-sale environments (POS), a firewall's purpose to restrict only specific permitted network traffic into and out of the POS network environment.</span></div><div><span style="font-family: arial;"><br />However, if misconfigured and unmaintained, a firewall could fail to adequately protect</span><span style="font-family: arial;"> networks and IT systems that process payment cards. The PCI Security Standards Council have provided requirements and </span><a href="https://blog.pcisecuritystandards.org/resource-for-small-merchants-firewall-basics" style="font-family: arial;" target="_blank">guidance for firewalls to ensure the merchants and service providers,</a> <span style="font-family: arial;">correctly deploy and maintain firewalls.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">PCI Firewall Requirements </span></b><br />The PCI DSS firewall requirements cover both technical specifications and physical access controls requirements within PCI DSS requirements 1 & 9. This includes planning for future updates, reconfiguration, limiting only relevant inbound network traffic, etc. The physical access requirements are more about ensuring that companies limit physical access to the Cardholder Data Environment (CDE). This would include inspecting card reading devices for identifying any tampering of devices, installing monitoring devices, the requirement of unique IDs for authorized access, and visitor logs to name a few. </span><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">To understand the technical requirements, let understand the PCI DSS firewall requirements summarised below for your better understanding.</span><div><br /></div><div><span style="font-family: arial;">
<table border="1" cellpadding="0" cellspacing="0" class="MsoTableGrid" style="border-collapse: collapse; border: none; margin-left: -0.25pt; width: 100%;">
<tbody><tr style="height: 12.55pt;">
<td style="border: 1pt solid windowtext; height: 12.55pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="32">
<p align="center" class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN">Ref.</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; border-right: 1pt solid windowtext; border-top: 1pt solid windowtext; border: 1pt solid windowtext; height: 12.55pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN">Requirements</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; border-right: 1pt solid windowtext; border-top: 1pt solid windowtext; border: 1pt solid windowtext; height: 12.55pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: left;"><b><span lang="EN-IN">Description</span></b></p>
</td>
</tr>
<tr style="height: 24.25pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 24.25pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 24.25pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Protect cardholder data with a
firewall.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 24.25pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Firewalls are a key
protection mechanism for securing the network and Cardholder Data
Environment.</span></p>
</td>
</tr>
<tr style="height: 19.95pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.95pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Establish and implement firewall and
router configuration standards. </span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Ensure establishing firewall
and router configuration standards and other documentation to verify that
standards are complete and implemented. </span></p>
</td>
</tr>
<tr style="height: 19.95pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.95pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1.1</b></span></p></td><td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232"><p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Establish a formal process to validate and test all network connections, changes to firewall and
router configurations. </span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Established documented
procedures to verify there is a formal process for testing and approving network
connections, changes to firewall and router configurations. This would even
include interviewing responsible personnel and examining records periodically
to verify that, network connections and a sample of actual changes made to
firewall and router configurations are approved and tested.</span></p>
</td>
</tr>
<tr style="height: 19.95pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.95pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1.2</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Establish a network diagram to identify all connections between the cardholder data environment
and other networks, including any wireless networks</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Create network diagrams that
describe how networks are configured, and identify the location of all
network devices. This prevents the possibility of any area being overlooked
and unknowingly left out of the security controls implemented for PCI DSS and
vulnerable to compromise</span></p>
</td>
</tr>
<tr style="height: 19.95pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.95pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1.3</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Establish a data flow diagram that shows
all cardholder data flows across systems and networks. </span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Create a data-flow diagram to identify the location of all cardholder data in the environment. This will help you in understanding and tracking<b> </b>the flow of the data in the environment across systems and networks. Further, the data flow must be kept up
to date as needed depending on the changes to the environment.</span></p>
</td>
</tr>
<tr style="height: 19.95pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.95pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1.4</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Establish firewalls at each Internet connection between the DMZ and the local network.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.95pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">The firewall on every
Internet connection coming into the network, and between any DMZ and the internal network, allows the organization to monitor and control access. This further minimizes the chances of malicious unauthorized access to the internal network via an unprotected connection. </span></p>
</td>
</tr>
<tr style="height: 47.2pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 47.2pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><span lang="EN-IN" style="font-size: 9pt;"><b>1.1.5</b></span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 47.2pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm;"><span lang="EN-IN" style="font-size: 9pt;">Create descriptions of groups,
roles, and responsibilities for managing network components.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 47.2pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm;"><span lang="EN-IN" style="font-size: 9pt;">Establish roles and responsibilities for the management of network components. This is to ensure that personnel is aware of their roles and responsibilities pertaining to the security of all network components. This helps facilitates better accountability for the security of the CDE. </span></p>
</td>
</tr>
<tr style="height: 19.15pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 19.15pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.1.6</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.15pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Document the
security measures implemented and protocols considered unsafe and the business rationale for using all services, protocols, and ports allowed.</span></p>
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><b><span lang="EN-IN" style="font-size: 9pt;"> </span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 19.15pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Implementing documentation
of services, protocols, and ports that are necessary for business can prevent a compromise that is otherwise caused due to the unused or insecure service and
ports. Further, the use of any necessary protocol and ports should be
justified, and the security features that allow these protocols to be used
securely should be documented and implemented.</span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.1.7</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Review
firewall and router rules at least every six months</span></p>
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><b><span lang="EN-IN" style="font-size: 9pt;"> </span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Organizations must
periodically review firewall and router rules at least every six months to
clearly unwanted outdated, or incorrect rules and ensure establishment rule
that allows only authorized services and ports that match the documented
business justifications.</span></p>
</td>
</tr>
<tr style="height: 49.9pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 49.9pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.2</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 49.9pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Restrict connections between untrusted
networks and all system components in the cardholder data environment with
firewall and router configurations</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 49.9pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Install network protection
between the internal, trusted network and any untrusted network that is
external and/or out of one's ability to control or manage. This is to limit
traffic and prevent any kind of vulnerability and unauthorized access by
malicious individuals or software. </span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.2.1</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Restrict inbound and outbound traffic to
only that is necessary for the cardholder data environment, and limit all
other traffic.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Examine all inbound and
outbound connections and set restrictions of traffic based on the source
and/or destination address. This helps filter out unnecessary traffic and
prevents malicious individuals from accessing the network via unauthorized IP
addresses or from using services, protocols, or ports in an unauthorized
manner. </span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.2.3</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Install perimeter firewalls between all wireless networks and the cardholder data environment and configure these
firewalls to filter only the authorized traffic for business purposes.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Firewalls must be installed between all wireless networks and the CDE, which may include, but is not limited to, corporate networks, retail stores, guest networks, warehouse environments, etc. Installing firewalls at the network perimeter works as a
filter to limit only authorized traffic. This restricts malicious individuals from gaining unauthorized access to the wireless network and the CDE to compromise account information. </span></p>
</td>
</tr>
<tr style="height: 48.1pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 48.1pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.3</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 48.1pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Prohibit direct public access
between the internet and any system components in the cardholder data
environment.</span></p>
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;"> </span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 48.1pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Firewalls must be installed to manage and control all connections between public systems and internal systems, especially those that store, process or transmit cardholder data.
This prevents bypassing and compromise of system components and card data. </span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.3.1</span></b></p><p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;"> 1.3.2</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Create
a demilitarized zone (DMZ) to limit incoming traffic to system components
that only provide publicly accessible authorized services, protocols, and
ports.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Implementing DMZ prevents
malicious individuals from accessing the organization's internal network from
the Internet, or from using services, protocols, or ports in an unauthorized
manner. </span></p>
</td>
</tr>
<tr style="height: 22pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 22pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.3.3</span></b></p></td><td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 22pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232"><p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Implement anti-spoofing measures to detect and prevent fraudulent source IP addresses from entering the network.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 22pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm;"><span lang="EN-IN" style="font-size: 9pt;">Implement anti-spoofing measures to filter forged IP addresses entering the internal network and causing compromise. </span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.3.4</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Do not allow unauthorized traffic from
the cardholder data environment to the internet.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm;"><span lang="EN-IN" style="font-size: 9pt;">Evaluate all traffic outbound from the
cardholder data environment to the internet to ensure</span><span lang="EN-IN">
</span><span lang="EN-IN" style="font-size: 9pt;">that it follows established,
authorized rules and restricts traffic to only authorized communications.</span></p>
</td>
</tr>
<tr style="height: 24.25pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 24.25pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.3.5</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 24.25pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Allow only established connections to the network.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 24.25pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm;"><span lang="EN-IN" style="font-size: 9pt;">Examine the firewall and router configurations to verify that the firewall permits only established connections into the internal network and blocks any inbound connections not associated with a previously established session. This prevents malicious traffic from trying to trick the firewall into allowing the connection. </span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.4</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Install personal firewall software
on all portable computing devices connected to the internet and access the
CDE while off the network.</span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Installing personal firewall
software or equivalent functionality on any portable computing device</span><span lang="EN-IN"> </span><span lang="EN-IN" style="font-size: 9pt;">protect devices
from Internet-based attacks, that use the device to gain access to the organization's systems and data once the device is reconnected to the network<b>.</b></span></p>
</td>
</tr>
<tr style="height: 28.65pt;">
<td style="border-bottom: 1pt solid windowtext; border-image: initial; border-left: 1pt solid windowtext; border-right: 1pt solid windowtext; border-top: none; border: 1pt solid windowtext; height: 28.65pt; padding: 0cm 5.4pt; width: 31.5pt;" valign="top" width="42">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: center;"><b><span lang="EN-IN" style="font-size: 9pt;">1.5</span></b></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 174.15pt;" valign="top" width="232">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Ensure that security policy and
operational procedures for the management of firewalls are documented in use
and are known to all parties concerned. </span></p>
</td>
<td style="border-bottom: 1pt solid windowtext; border-left: none; border-right: 1pt solid windowtext; border-top: none; height: 28.65pt; padding: 0cm 5.4pt; width: 284.85pt;" valign="top" width="380">
<p class="MsoNormal" style="line-height: normal; margin-bottom: 0cm; text-align: justify;"><span lang="EN-IN" style="font-size: 9pt;">Ensure that the security policies and operational procedures for managing firewalls are documented, in use, and personnel responsible are aware of it. This is to manage and prevent unauthorized access to the network.</span></p>
</td>
</tr>
</tbody></table><br /><b><span style="font-size: large;">Why does a small business need to have PCI Compliant Firewall? </span></b><br />Poor firewall implementation and maintenance is a common factor in cyber attacks and payment card data thefts within small businesses, which is often due to poor IT security understanding and suitable resources by IT and business management. All business connectivity with the internet poses the greatest risk to safeguard with a firewall. PCI DSS requirement all </span><span style="font-family: arial;">internet connectivity to be protected with a firewall, which effectively creates a ‘buffer zone’ between the business's IT network or systems, and untrust external networks and systems. Other </span><span style="font-family: arial;">reasons why firewalls are essential for small business include:</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Access Controls </span></b><br />The firewall operates at the network layer, filtering all incoming requests based on IP address and the service being accessed such as web or email or some customised ports. So, installing firewalls to a great extent restricts unauthorized access and prevents entry of any malicious individuals gaining unauthorised access to the network and compromise any data. <br /><b><br /><span style="font-size: medium;">Cloud Security</span></b><br />Connectivity with third parties and cloud service providers can also be controlled through a firewall policy, to safeguard from supply chain threats and protect sensitive data from exposure. <br /><br /><b><span style="font-size: medium;">Malware Protection</span></b><br />Firewalls are much more than just filtering network traffic based on IP addresses. 'Next Generation firewalls provide security controls beyond the traditional firewall controls of IP address and port filtering. Such as providing VPNs, web filtering capabilities, anti-malware screening of incoming traffic, and intrusion detection/prevention which is another PCI DSS requirement. <br /><br /><b><span style="font-size: medium;">Application and Database Protection</span></b><br />Some firewalls have web application screening capability and are known as Web Application Firewalls (WAF). A correctly configured WAF provides protection from application-layer threats such as web-based attacks like SQL injections, where an attacker manipulates a web application to expose the back-end database. PCI DSS requirement 6.6 requires installing an automated technical solution that detects and prevents web-based attacks (e.g., a web application firewall) as one of two ways to address vulnerabilities to public-facing web applications.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Monitoring and Responding to Malicious Activity</span></b></span></div><div><span style="font-family: arial;">Firewalls monitor and report suspicious attacks, with the support of a 'Security Information and Event Management' (SIEM) tool, the business is able to detect and quickly respond to cyber-attacks, which is covered by PCI DSS requirement 10.<br /><br /><b><span style="font-size: large;">Conclusion </span></b><br />Smaller businesses are considered easy prey by hackers, due to the tendency of such firms not having sufficiently robust IT security controls in place. Small businesses which process payment cards are specifically targeted by cybercriminals, as they can quickly turnaround stolen credit card data into cash via the dark web. Installing and maintain a firewall is a fundamental and basic IT security pillar that should never be neglected and underestimated in its importance, along with configuring IT systems to be secure, implementing access control, deploying anti-virus, and keeping all software up-to-date. <a href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf" target="_blank">PCI DSS </a>provides a highly descriptive set of security industry good practice IT controls, which if completely adhered to on a continual 24/7/365 basis, is sufficient to protect your business from payment card compromises by cybercriminals.</span></div><div><br /></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Author Bio <br /></span>Narendra Sahoo</b> (PCI QSA, PCI QPA, CISSP, CISA, and CRISC) is the Founder and Director of <a href="https://www.vistainfosec.com/" target="_blank">VISTA InfoSec</a>, a global Information Security Consulting firm, based in the US, Singapore & India. Mr. Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, &amp; Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, <a href="https://www.vistainfosec.com/uk/service/pci-dss-audit-certification-service/" target="_blank">PCI DSS Compliance & Audit</a>, PCI PIN, SOC2, PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.</span></div></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-27682582158418964672021-05-06T17:00:00.000+01:002021-05-06T17:01:27.051+01:00Cybersecurity Is Not A One-Stop-Shop<div><span style="font-family: arial;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjurF2mjELIkg1OmWmvdhl7ck2PVRx_jMpTeDffM6sVt8urS8m-L67mVpcbLa3Wauirin11cWEtbGEySDdaopEgg6dQ9twJLaceX7uWaMhs0skKe5_jlDiqIywDUspROP557qdZHlyWoVA/s2048/Security+IT+Security+Expert.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1365" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjurF2mjELIkg1OmWmvdhl7ck2PVRx_jMpTeDffM6sVt8urS8m-L67mVpcbLa3Wauirin11cWEtbGEySDdaopEgg6dQ9twJLaceX7uWaMhs0skKe5_jlDiqIywDUspROP557qdZHlyWoVA/s320/Security+IT+Security+Expert.jpg" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><i>Cybersecurity is not a One-Stop-Shop</i></td></tr></tbody></table><div>Boris Johnson announced the Government’s roadmap to lift Coronavirus restrictions for both businesses and the general public earlier in February, and since then, this has provided a glimmer of hope for many across the country. However, since the start of the pandemic, the way business is conducted has changed permanently, with many workforces wanting to continue to work remotely as lockdowns and restrictions ease over time. So, as companies relax and rules are eased, life is expected to return to a form of ‘new normal.’ But, the issues around cybersecurity are here to stay, and the gas pedal must not be eased – especially with the increased risks associated with continued remote working.</div></span></div><span style="font-family: arial;"><br />If anything, security should be more reinforced now than ever before to ensure all aspects of a business are secure. But this isn’t the case. <a href="http://giacom.com/" target="_blank">Steve Law, CTO, Giacom</a> and<a href="https://www.webroot.com/gb/en" target="_blank"> Kelvin Murray, Threat Researcher, Webroot,</a> detail the importance of embedding a trilogy security approach into organisations, and this is where a strong CSP/MSP relationship can be invaluable. <br /><br /><b><span style="font-size: large;">The Risk Grows </span></b><br />Despite lockdown restrictions easing, cybersecurity risks remain and are likely to grow as COVID-19 changes the working landscape. As indoor spaces begin to open in the next few months, employees will want to venture out to new spaces to work, such as coffee shops and internet cafes – but working on open networks and personal devices creates unlocked gateways for cyberattacks to take place. Since this hybrid and remote way of working looks like it’s here to stay, businesses must ensure they have the right infrastructure in place to combat any cyber threats. <br /><br />For instance, research by the National Cyber Security Centre shows that there has been a rise in COVID-19 related cyber attacks over the past year, with more than <a href="https://www.ft.com/content/f3d638f1-ff3c-4f8c-9a78-b96eec9c2cb8" target="_blank">one in four UK hacks</a> being related to the pandemic. This trend is not likely to ease up any time soon either. And, going forward, hackers could take advantage of excited travellers waiting to book their next holiday once the travel ban is lifted, deploying fake travel websites, for example. <br /><br />Aside from the bad actors in this wider scenario, part of the problem here is that many IT teams are not making use of a holistic and layered approach to security and data recovery; which can lead to damaging consequences as data is stolen from organisations. Such issues continue to resonate strongly across businesses of all sizes, who will, therefore, turn to their MSPs for a solution. <br /><br /><b><span style="font-size: large;">The Importance of a Layered Approach </span></b><br />Cybersecurity is not a one-stop-shop. A full trilogy of solutions is required to ensure maximum effect. This includes a layered combination of DNS networking, secure endpoint connections, and an educated and empowered human workforce. <br /><br />The need for DNS security cannot be ignored, especially with the rise of remote workforces, in order to monitor and manage internet access policies, as well as reduce malware. DNS is frequently targeted by <br /><br />bad actors, and so DNS-layer protection is now increasingly regarded as an essential security control – providing an added layer of protection between a user and the internet by blocking malicious websites and filtering out unwanted material. <br /><br />Similarly, endpoint protection solutions prevent file-based malware, detect and block malicious internal and external activity, and respond to security alerts in real-time. Webroot® Business Endpoint Protection, for example, harnesses the power of cloud computing and real-time machine learning to monitor and adapt individual endpoint defences to the unique threats that users face. <br /><br />However, these innovative tools and solutions cannot be implemented without educating users and embedding a cyber security-aware culture throughout the workforce. Humans are often the weakest link in cybersecurity, with <a href="https://www.infosecurity-magazine.com/news/90-data-breaches-human-error/" target="_blank">90% of data breaches</a> occurring due to human error. So, by offering the right training and resources, businesses can help their employees increase their cyber resilience and position themselves strongly on the front line of defence. This combination is crucial to ensure the right digital solutions are in place – as well as increasing workforces’ understanding of the critical role they play in keeping the organisation safe. In turn, these security needs provide various monetisation opportunities for the channel as more businesses require the right blend of technology and education to enable employees to be secure. <br /><br /><b><span style="font-size: large;">The Channel’s Role </span></b><br />Businesses, particularly SMBs, will look to MSPs to protect their businesses and help them achieve cyber resilience. This creates a unique and valuable opportunity for MSPs to guide customers through their cybersecurity journeys, providing them with the right tools and data protection solutions to get the most out of their employees’ home working environments in the most secure ways. Just as importantly, MSPs need to take responsibility for educating their own teams and clients. This includes delivering additional training modules around online safety through ongoing security awareness training, as well as endpoint protection and anything else that is required to enhance cyber resilience. <br /><br />Moreover, cyber resilience solutions and packages can be custom-built and personalised to fit the needs of the customer, including endpoint protection, ongoing end-user training, threat intelligence, and backup and recovery. With the right tools in place to grow and automate various services – complemented by technical, organisational and personal support – channel partners will then have the keys to success to develop new revenue streams too. <br /><br /><b><span style="font-size: large;">Conclusion </span></b><br />Hackers are more innovative than ever before, and in order to combat increasing threats, businesses need to stay one step ahead. Companies must continue to account for the new realities of remote work and distracted workforces, and they must reinforce to employees that cyber resilience isn’t just the job of IT teams – it’s a responsibility that everyone shares. By taking a multi-layered approach to cybersecurity, businesses can develop a holistic view of their defence strategy, accounting for the multitude of vectors by which modern malware and threats are delivered. Within this evolving cybersecurity landscape, it's essential for SMBs to find an MSP partner that offers a varied portfolio of security offerings and training, as well as the knowledge and support, to keep their business data, workforces and network secure.</span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-33516066580054469572021-05-05T12:00:00.002+01:002021-05-05T12:00:47.866+01:00The Role of Translation in Cyber Security and Data Privacy<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7ARrgWjuKCfZMlE4E8pDIBdpG554vGxN0v1Ik8alDu8Tel-PcWucwu-Lge15IMwgvn4vd1bE8yGgx2MtEDNx5s_zPCKz16-ZafLfYlIprfoGjP948bjy0xG_8JJtJlJ9hhbCGOvcliiHC/s1867/translate+IT+security+expert.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1400" data-original-width="1867" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7ARrgWjuKCfZMlE4E8pDIBdpG554vGxN0v1Ik8alDu8Tel-PcWucwu-Lge15IMwgvn4vd1bE8yGgx2MtEDNx5s_zPCKz16-ZafLfYlIprfoGjP948bjy0xG_8JJtJlJ9hhbCGOvcliiHC/w400-h300/translate+IT+security+expert.jpg" width="400" /></a></div></div><span style="font-family: arial;"><div><br /></div><div><i>Article by Shiela Pulido</i></div><div><br /></div><div>Due to our dependence on the internet for digital transformation, most people suffer from the risks of cyberattacks. It is an even greater concern this year due to the trend of remote working and international business expansions. According to <a href="https://www.capita.com/sites/g/files/nginej291/files/2020-08/Ponemon-Global-Cost-of-Data-Breach-Study-2020.pdf" target="_blank">IBM</a>, the cost of cyber hacks in 2020 is about $3.86 million. Thus, understanding how cybersecurity and data privacy plays a priority role in organizations, especially in a multilingual setting.</div><br />But, what is the relationship of languages in data privacy, and how can a reliable translation help prevent cyber-attacks?</span><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">The Connection of Translation Company to Data Privacy </span></b><br />A lot of people will ask about the clear connection between translations and cybersecurity. In data privacy, conveying important information through effective communications is important. However, with language barriers and complicated jargon in the IT industry, only IT professionals can understand their messages. It is also especially difficult for multilingual people who only know basic translations of the contents. <br /><br />Oftentimes, a cyber attack or cyber hack happens when people don’t know what’s happening in their gadgets. Malware developers have different ways of attacking their victims, and they make their attempts as difficult to identify as they can. Some of them use spam which is in the form of unsolicited and inappropriate messages. According to the Message<a href="http://www.maawg.org/" target="_blank"> Anti-Abuse Working Group</a>, about 88–92% of total email messages in 2010 are spam. <br /><br />Aside from that, phishing is also a known way of attempting to get sensitive information from users through a webpage that looks the same as a trustworthy entity. Due to the uncanny similarity of the sites, the unsuspecting visitors tend to put their bank, credit card, and identity details willingly. <br /><br />For clarity and convenience, it is essential to have accurate translations for guidelines, procedures, and warnings to bridge communication gaps in cybersecurity. However, you must find an experienced translation company with <a href="https://www.tomedes.com/" target="_blank">specialists in diverse technologies</a> and masters the terminologies in the IT industry. It is best to avoid free translation software that is more prone to data piracy and cyberattacks.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Cyberattack Cases Worldwide </span></b><br />To understand the severity of cyber hacking, here are some of the widely known cyberattacks in different parts of the world: <br /><br /></span></div><div><span style="font-family: arial;"><span style="font-size: medium;"><b>Japan </b></span><br />Even with its title as one of the leading countries with high technology, Japan still wasn’t able to escape cybercrimes. Last 2016, Japan experienced a series of cyberattacks on different companies that led to the leaking of over 12.6 million confidential corporate information. There was also another ransomware named WannaCry that attacked over 500 companies at that time. They even caused great damage to large brands like Honda Motors, which had to shut their operations down for some time. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Denmark </span></b><br />Last 2015, there were some cyberattacks on the staff members of the Danish defence and foreign minister. It was followed by the ransomware that paralyzed the operations of Maersk, Denmark’s transport and logistics giant brand. The multiple threats of cyber attacks in their country also affected their hospitals and energy infrastructures. Due to that, the request for their languages for cybersecurity is continuously increasing up to this year. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Russia </span></b><br />Some people think that Russia is one of the major perpetrators of cyber-attacks around the world. However, they are vulnerable to cybercrimes themselves and have already experienced previous attacks. Some of the targeted organizations in Russia were Rosnet, their largest oil producer, airports, and banks. Wannacry was also able to infiltrate Russia’s Interior Ministry, which was a great threat to their government. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">How Translators Help Prevent Cyber Attacks </span></b><br />As mentioned, translators are of great help in preventing cyber attacks. But, how is it possible? Here are some of the best ways to avoid data privacy invasion and malware installations through accurate translations: <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Translating User Interface </span></b><br />The user interface is the screen that lets users and computers interact with each other. If the users cannot understand what they’re seeing, it will be difficult for them to identify suspicious ads and pop-ups. Thus, it is ideal to translate the user interface to different languages to cater to the needs of their multilingual users. <br /><br />For example, if the users entered a website trying to install malicious software to a computer, they should be able to identify what they can click and not. However, most websites and user interfaces (UI) are in English, and not everyone around the world speaks this language. This is why most people tend to click the wrong buttons and accidentally permit the installation of virus-infected files. <br /><br />This is also the same case when it comes to using mobile applications. Most cyber hackers are using ads and pop-ups to attack users. To confuse people, malware developers don’t only rely on standard keys such as “x” that confuses people on what they should click. They make finding the exit difficult to find to force the users to make a mistake. <br /><br />In these cases, translating the UI of the website, software, and application to other languages is the ideal solution. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Bridging Communication Gaps between Cybersecurity Experts </span></b><br />Cybersecurity staff may understand the jargon in the IT industry, but it is a different case when they speak different languages. There are numerous cybersecurity centres all around the world and they don’t always understand English. The language barrier interferes with their ability to convey important information about cybersecurity. Due to this, most companies are hiring reliable translators to let the professionals speak confidently about important matters. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Securing Accurate Translations of Important Texts </span></b><br />Most websites post warnings and precautions to help their users avoid malware attacks. However, if they are in a different language, most people will just ignore these warnings. Even if they try to translate the texts through free automated translations, the result could be inaccurate and may cause misunderstandings to users. <br /><br />A professional translation of these warnings, labels, and precautions can ensure that the website’s messages are properly conveyed to the users. It is especially useful for large entities, organizations, and government institutions. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Protecting Critical Information </span></b><br />Most small to medium enterprises choose translation software because they are relatively cheaper than hiring professional translators. However, the sad truth about that is they’re putting their companies at risk for cyber attacks. This software uses artificial intelligence and machine learning that stores your information as you translate documents. They are free to use the acquired details however they want, and you can’t do anything with it. <br /><br />Thus, for critical documents, emails, and company and health information, it is ideal to hire a trusted translation company to secure your details. They also use technology with tight security and privacy for the translated contents.</span><br /> </div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-55953090965213623002021-05-04T13:07:00.005+01:002021-05-04T13:07:32.735+01:00The Key to Cybersecurity is an Educated Workforce <div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc58dsXRL7m4fAqXpG6-4_W5gxfWMvdgiZfRbD-Tbbs-ZvMoCyh3K0oTR6v_TN4g6cFPpRmfuWmnmmFFIKxrtZWQyQihjM8nFYEx7NhGvnf9dPPsC0VVzvpd6A6qWVISPhRONr8xGSLVAI/s2048/cybersecurityawareness.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1152" data-original-width="2048" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc58dsXRL7m4fAqXpG6-4_W5gxfWMvdgiZfRbD-Tbbs-ZvMoCyh3K0oTR6v_TN4g6cFPpRmfuWmnmmFFIKxrtZWQyQihjM8nFYEx7NhGvnf9dPPsC0VVzvpd6A6qWVISPhRONr8xGSLVAI/w400-h225/cybersecurityawareness.jpg" width="400" /></a></div><span style="font-family: arial;">The United Kingdom's National Cyber Security Centre (NCSC) handled a <a href="https://news.sky.com/story/coronavirus-cyber-security-centre-handled-record-number-of-incidents-over-past-year-12121985" target="_blank">record number</a> of cybersecurity incidents over the last year, a 20% increase in cases handled the year before. With the increasing number and more innovative nature of cyber attacks, businesses of all sizes must prioritise cybersecurity. However, the fundamental starting point of any organisation’s security infrastructure must be a trained and aware workforce, who understand their responsibility in keeping business data safe. Oliver Paterson, Product Expert, <a href="https://global.vipre.com/en-ie/" target="_blank">VIPRE Security Awareness Training and Safesend</a>, explains. <br /><br /><b><span style="font-size: large;">Business Size Doesn’t Matter </span></b><br />Whether a business is a start-up or a larger corporate organisation, all companies are at risk of a cyber-attack. We often see million-pound enterprises on the news when they suffer from a data breach, such as <a href="https://www.pcr-online.biz/2021/01/19/top-10-biggest-data-breaches-of-2020/" target="_blank">Estée Lauder, Microsoft and Broadvoice</a>. But, no organisation is too small to target, including small and medium-sized businesses (SMBs), who are the target for an estimated 65,000 attempted cyber attacks every day, <a href="https://www.hiscoxgroup.com/news/press-releases/2018/18-10-18" target="_blank">according to new figures</a>. Unfortunately, these types of businesses may not have the same infrastructure and resources in place to survive such attacks, as it is found <a href="https://cybersecurityventures.com/60-percent-of-small-companies-close-within-6-months-of-being-hacked/" target="_blank">60% of small companies</a> go out of business within six months of falling victim to a data breach or cyber attack. <br /><br />No matter the size of an organisation, the effects of a cyber attack can be devastating financially, as well as having longer-term damage to business reputation. Small businesses remain at the same level of security risks as those which are larger, for example, Volunteer Voyages, a small single-owned organisation, did not deploy the right level of security and fell victim to $14,000 in fraudulent charges using its payment information. Similarly, the entrepreneur who owns <a href="https://www.foxbusiness.com/features/cyber-attacks-on-small-businesses-on-the-rise" target="_blank">Maine Indoor Karting</a> accidentally clicked on a malicious email pretending to be from his bank warning him of unfamiliar activity, resulting in clearing out his account. Nevertheless, SMEs can safeguard their data and themselves from these types of attacks by investing in their cybersecurity and being conscious and informed of the threats they face. <br /><br /><b><span style="font-size: large;">Human Error </span></b><br />As the year-on-year number of cyber attacks continues to accelerate, hackers are also becoming more advanced and innovative in their tactics. They are able to spot weaknesses in workforces, particularly preying on those who are working from home as a result of the ongoing pandemic, away from their trusted IT teams. In fact, a <a href="https://securityboulevard.com/2020/11/90-of-companies-faced-increased-cyberattacks-during-covid-19/" target="_blank">recent survey </a>found that 90% of companies faced an increase in cyber attacks during COVID-19. <br /><br />It is no surprise that hackers use humans to their advantage, as according to data from the<a href="https://www.infosecurity-magazine.com/news/90-data-breaches-human-error/" target="_blank"> UK Information Commissioner’s Office (ICO</a>), human error is the cause of 90% of cyber data breaches. Humans make mistakes – stressed, tired employees who are distracted at home will make even more mistakes. Whether it’s sending a confidential document to the wrong person or clicking on a phishing email, no organisation is immune to human error and the damaging consequences this can have on the business. <br /><br />Yet, these risks can be mitigated by educating workforces on the modern threat landscape and the existing risks. Teamed with anti-malware solutions and technology, such as VIPRE’s SafeSend, employees can be alerted to double-check their email attachments and recipients, as well as any potentially malicious incoming emails. <br /><br /><b><span style="font-size: large;">Cybersecurity Training </span></b><br />Businesses cannot solely rely on digital tools to protect their operations, information and people. However, they cannot expect workforces to understand and identify existing threats, as well as avert them from taking place, without education. Particularly, small and micro-businesses lack the resources and knowledge to defend against an attack, with a concerning <a href="https://www.towergateinsurance.co.uk/liability-insurance/smes-and-cyber-attacks" target="_blank">81% of organisations</a> not receiving any training on cybersecurity. <br /><br />Without this cognisance, workforces cannot stay ahead of the persistently evolving threat landscape. It is therefore essential that businesses choose the correct training programmes to get the most value and retention out of this learning. While deploying an annual security awareness training programme may satisfy instant requirements, it does not equate to a continuous defence strategy for ever-changing threats. <br /><br />The key considerations include the length of the programme, the level of engagement, having a variety of multimedia content and ensuring it is relevant and relatable to a global audience. Adding in real-life situations and intriguing employees with diverse content, including virtual reality and phishing simulations, helps to fortify crucial cyber threat prevention messaging and educates workforces on how to protect both the business and themselves. This, in turn, strengthens the workforce security culture, ensuring employees know what to do when faced with a cyber threat. <br /><br />By working with a successful vendor, such as VIPRE, that has access to the appropriate security solutions and expertise, they can help CISOs create and foster a good security culture, making security part of the vision and values of everyone in the organisation. <br /><br /><b><span style="font-size: large;">A Responsible Workforce </span></b><br />Once workforces are trained and educated on the existing security risks, it is vital that they also understand their responsibilities when securing an organisation’s IT infrastructure. Traditionally, IT teams are often perceived to have a key role in ensuring the right security measures are in place, and it’s up to them to defend the business against hackers. However, this is not the case, particularly for SMBs who may not have a committed IT unit to rely on. <br /><br />Especially now with dispersed workforces and social distancing restrictions in place, the help and support from those in IT is not so immediate. Now more than ever, the responsibility must be reinforced throughout the entire business. In order to combat imminent threats, employees who are on the front lines of the business’ cyber defence must understand that they have a key role to play in keeping data safe. After all, the final choice in sending sensitive information via email or downloading an external attachment is with them. <br /><br /><a href="https://www.forrester.com/report/The+Forrester+Wave+Security+Awareness+And+Training+Solutions+Q1+2020/-/E-RES150755" target="_blank">Forrester’s latest report</a> re-iterates this, as it states that “Organisations with strong security cultures have employees who are educated, enabled, and enthusiastic about their personal cyber safety and that of their employer.” The combination of having a vigilant and empowered workforce, supported with regular training and innovative tools, allows businesses to benefit from a security-first initiative with an educated and responsible culture long-term.</span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-45063166265801201052021-05-03T17:36:00.005+01:002021-05-05T09:36:56.285+01:00Cyber Security Roundup for May 2021<p> <b><i><span style="font-family: arial;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s455/Cyber-Security-Roundup.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="151" data-original-width="455" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYyMu858pEgitFJxkgl2g_qhIJfxnf5sWv6u6a-Ndet_kl0easEk7HZZowI3WmDgzW1Jw5nybyaoytulflKVubmXEsBA3XbjMUmcooADI3Zlv1sP0ZkwkJGrWwi5UABIQmdMWcJLMYQql2/s320/Cyber-Security-Roundup.png" width="320" /></a></span></i></b></p><p><b><i><span style="font-family: arial;">A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021.</span></i></b></p><div><div><b style="font-family: arial; font-size: large;">Think Before You LinkedIn!</b></div><div><span style="font-family: arial;">Business social media platform LinkedIn is being exploited by nation-state threat actors to target UK citizens. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles. MI5 said the faked LinkedIn accounts are created and operation by nation-state spy agencies, with an intent to </span><span style="font-family: arial;">recruit individuals or gather sensitive information. <a href="https://www.cpni.gov.uk/security-campaigns/think-you-link" target="_blank">MI5 released a campaign video called "Think Before You Link" to raise awareness</a> of the threat.</span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The <a href="https://news.sky.com/story/facebook-details-of-more-than-500-million-users-including-11-million-from-the-uk-found-on-website-for-hackers-12265633" target="_blank">personal information of 11 million UK Facebook profiles were been found on a hackers website</a>, with the social media giant seemingly dismissing the significance of the data within a statement, <i>"</i></span><span style="font-family: arial;"><i>This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019"</i>. However, personal information is rarely historic data that losses significance to the person it is associated with. In this case, the leaked Facebook data included full names, locations, birthdates, email addresses, Facebooks IDs, and even phones numbers. Such personal data is unlikely to have changed for the vast majority of people in the last couple of years, therefore this data is of concern to its owners, and also remains of good value to scammers. You can check if your phone number or email address is part of this Facebook data leak and other data breaches on the </span><span style="font-family: arial;"><a href="https://haveibeenpwned.com/" target="_blank">Have I Been Pwned website</a>. </span><span style="font-family: arial;"><a href="https://www.bbc.co.uk/news/technology-56745734" rel="nofollow">Facebook faces a privacy regulation investigation over this data breach</a>.</span></div><div><span style="font-family: arial;"><br /></span></div><div><b style="font-family: arial; font-size: large;">The Ransomware Scourge</b></div><div><span style="font-family: arial;">The <a href="https://securityandtechnology.org/" target="_blank">Institute for Science and Technology</a> '<a href="https://securityandtechnology.org/ransomwaretaskforce/" target="_blank">Ransomware Task Force</a>' (RTF), which is a </span><span style="font-family: arial;">collaboration of more than 60 stakeholders, finally released its <a href="https://securityandtechnology.org/ransomwaretaskforce/report/" target="_blank">ransomware framework</a>, which comprised of 48 strategies to tackle the ransomware problem. </span><span style="font-family: arial;"><i>“Ransomware attacks will only continue to grow in size and severity unless there is a coordinated, comprehensive, public-private response,</i>” the 80-page report says. “<i>It will take nothing less than our total collective effort to mitigate the ransomware scourge.</i>” </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">The RFT listed its top-five priority strategies, which are:</span></div><div><span style="font-family: arial;"><div><div><ol style="text-align: left;"><li>Co-ordinated, international diplomatic and law enforcement efforts must proactively prioritize ransomware through a comprehensive, resourced strategy, including using a carrot-and-stick approach to direct nation-states away from providing safe havens to ransomware criminals.</li><li>The United States should lead by example and execute a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House. This must include the establishment of 1) an Interagency Working Group led by the National Security Council in coordination with the nascent National Cyber Director; 2) an internal U.S. Government Joint Ransomware Task Force; and 3) a collaborative, private industry-led informal Ransomware Threat Focus Hub.</li><li>Governments should establish Cyber Response and Recovery Funds to support ransomware response and other cybersecurity activities; mandate that organizations report ransom payments; and require organizations to consider alternatives before making payments.</li><li>An internationally coordinated effort should develop a clear, accessible, and broadly adopted framework to help organizations prepare for, and respond to, ransomware attacks. In some under-resourced and more critical sectors, incentives (such as fine relief and funding) or regulation may be required to drive adoption.</li><li>The cryptocurrency sector that enables ransomware crime should be more closely regulated. Governments should require cryptocurrency exchanges, crypto kiosks, and over-the-counter (OTC) trading “desks” to comply with existing laws, including Know Your Customer (KYC), Anti-Money Laundering (AML), and Combatting Financing of Terrorism (CFT) laws.</li></ol></div></div><div><div>The RFT report concludes, “<i>Despite the gravity of their crimes, the majority of ransomware criminals operate with near-impunity, based out of jurisdictions that are unable or unwilling to bring them to justice. “This problem is exacerbated by financial systems that enable attackers to receive funds without being traced</i>.”</div></div><div><br /></div></span></div><div><span style="font-family: arial;">The <a href="https://www.bbc.co.uk/news/uk-england-tees-56668176" target="_blank">UK Government have chipped in £3.68 million</a> of a <a href="https://www.bbc.co.uk/news/uk-england-tees-53662187" target="_blank">£10.4 million bill for Redcar and Cleveland Council</a> on the back of <a href="https://www.bbc.co.uk/news/technology-51504482" target="_blank">a ransomware attack that took the Councils IT systems down in February last year</a>. The ransom was said not to have been paid by the Council, in a statement, LibDem Council leader Mary Lanigan said <i>"No money was handed over to these criminals and we continue to hope that they will eventually be brought to justice.</i></span><span style="font-family: arial;">". </span></div><div><span style="font-family: arial;"><br /></span></div><div><span style="font-family: arial;">A freedom of information request revealed the </span><a href="https://www.bbc.co.uk/news/uk-scotland-56612867" style="font-family: arial;" target="_blank">Scottish Environment Protection Agency (Sepa) spent £790,000 to recover from a Christmas Eve Conti ransomware attack</a><span style="font-family: arial;">. <a href="https://www.bbc.co.uk/news/uk-scotland-55757884" target="_blank">Cybercriminals stole over 4,000 files, but Sepa </a>also refused to pay the ransom.</span></div><div><br /></div><div><span style="font-family: arial;">Meanwhile, on the other side of the pond, it was reported that Russian-speaking ransomware gang <a href="https://www.washingtonpost.com/local/public-safety/hackers-computers-police-washington/2021/04/27/5ca92234-a778-11eb-8d25-7b30e74923ea_story.html" target="_blank">Babuk had infiltrated Washington D.C. Met Police</a>, and with the gang threatening to disclose confidential information via Twitter, including suspected gang member informants. The </span><span style="font-family: arial;"><a href="https://www.bleepingcomputer.com/news/security/revil-gang-tries-to-extort-apple-threatens-to-sell-stolen-blueprints/" target="_blank">REvil ransomware gang are also reported to be demanding a hefty ransom payment from Apple, else 15 unreleased MacBook schematics and gigabytes of stolen personal data</a> would be leaked online. </span><span style="font-family: arial;">The ransomware gang said it was seeking a $50 million ransom to be paid by 27th April, else the ransom would increase to $100 million.</span></div><div><span style="font-family: arial;"><div><br /></div><div><b style="font-size: large;">Millions in the UK Targeted by Malware via a DHL Scam Text Message</b></div><div><div><a href="https://www.bbc.co.uk/news/technology-56859091" target="_blank">Millions of UK citizens received a scam text message (aka smashing) which impersonated DHL in April</a>. The message said "<i>DHL: Your parcel is arriving, track here <link></i>". That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Android devices. </div><div><br /></div><div>A Vodafone spokesman said, "<i>We believe this current wave of Flubot malware SMS attacks will gain serious traction very quickly, and it's something that needs awareness to stop the spread</i>". </div><div><br /></div><div>If you receive any Text Message which includes a web link, <i>"Think before you Click!", </i>and<i> </i>if you have any doubt about message origin, always better to stay safe and delete it, or to report the message to your network provider, by forwarding to 7726.</div><div><ul style="text-align: left;"><li><a href="https://www.ncsc.gov.uk/guidance/flubot-guidance-for-text-message-scam" target="_blank">NCSC advice FluBot: Guidance for ‘package delivery’ text message scam</a> </li></ul></div><div><b style="font-size: large;">How Strong is Your Password?</b></div><div><a href="https://www.ncsc.gov.uk/news/national-pet-day-password-advice" target="_blank">Millions of British people are using their pet's name as an online password, despite it being an easy target for hackers to work out, according to a National Cyber Security Centre (NCSC) survey</a>. The NCSC said 15% of brits use their pets names, while 14% use a family member's name, and 13% pick a notable date. A favourite sports team accounted for 6% of passwords, while a favourite TV show accounted for 5%. Most concerning is that 6% of people are still using "password" as all, or a part of their password.</div><div><br /></div><div>"<i>Millions of accounts could be easily breached by criminals using trial-and-error techniques,</i>" the NCSC warned. <a href="https://www.ncsc.gov.uk/cyberaware/home#action-2" target="_blank">The NCSC urges people to choose random words that cannot be guessed instead</a>. An example they give is "<i>RedPantsTree</i>", which is unlikely to be used anywhere else online.</div><div><div><ul style="text-align: left;"><li><a href="https://www.logmeonce.com/blog/interviews/passwords-are-and-have-always-been-an-achilles-heel-in-cybersecurity/" target="_blank">Passwords are and have always been an Achilles Heel in Cybersecurity</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2009/01/problem-with-website-passwords.html" target="_blank">The Problem with Website Passwords (from Blog Post from 2009)</a></li></ul></div><div>Stay safe and secure.</div></div></div></span></div><div><span><div style="font-family: "Times New Roman";"><b><span style="font-family: arial;"><br /></span></b></div><div style="font-family: "Times New Roman";"><b><span style="font-family: arial;">BLOG</span></b></div><div style="font-family: "Times New Roman";"><ul><span style="font-family: arial;"><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/Vulnerability-Scan-V-Penetration-Test.html" target="_blank">Which is more Important: Vulnerability Scans Or Penetration Tests?</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/should-doctors-receive-cybersecurity.html" target="_blank">Should Doctors Receive a Cybersecurity Education?</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/the-future-of-service-management-in.html" target="_blank">The Future of Service Management in the DevOps Era</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/flexibility-and-security-you-can-have.html" target="_blank">Flexibility and Security, You Can Have it All!</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/adapting-security-awareness-to-post.html" target="_blank">Adapting Security Awareness to the Post-Pandemic World</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/important-strategies-for-aligning.html" target="_blank">Important Strategies for Aligning Security With Business Objectives</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/building-security-conscious-workforce.html" target="_blank">Building a Security Conscious Workforce</a></li><li><a href="https://blog.itsecurityexpert.co.uk/2021/04/cyber-security-roundup-for-april-2021.html" target="_blank">Cyber Security Roundup for April 2021</a></li></span></ul><b><span style="font-family: arial;">NEWS</span></b></div><div style="font-family: arial;"><span><span style="font-family: arial;"><ul><li style="font-family: "Times New Roman";"><a href="https://www.bbc.co.uk/news/technology-56812746" style="font-family: arial;" target="_blank">Nation-State Threat Actors used Fake LinkedIn Profiles to Lure 10,000 UK Citizens</a></li><li style="font-family: "Times New Roman";"><a href="https://news.sky.com/story/facebook-details-of-more-than-500-million-users-including-11-million-from-the-uk-found-on-website-for-hackers-12265633" style="font-family: arial;" target="_blank">Facebook details of 11 Million UK Users Found on Website for Hackers</a></li><li style="font-family: "Times New Roman";"><a href="https://www.bbc.co.uk/news/uk-scotland-56612867" style="font-family: arial;" target="_blank">The Scottish Environment Protection Agency Spent nearly £800,000 on Cyber Attack Response</a></li><li style="font-family: "Times New Roman";"><a href="https://www.bbc.co.uk/news/uk-england-tees-56668176" style="font-family: arial;" target="_blank">Redcar Cyber-Attack: UK Government to Cover £3.68 Million of the Costs</a></li><li style="font-family: "Times New Roman";"><a href="https://www.washingtonpost.com/local/public-safety/hackers-computers-police-washington/2021/04/27/5ca92234-a778-11eb-8d25-7b30e74923ea_story.html" style="font-family: arial;" target="_blank">Ransomware Gang Babuk claims DC’s Metropolitan Police Attack</a></li><li style="font-family: "Times New Roman";"><a href="https://www.bbc.co.uk/news/technology-56859091" style="font-family: arial;" target="_blank">Flubot: Warning over SMS “Package Delivery” Scam Message which Delivers Android Malware</a></li><li style="font-family: "Times New Roman";"><a href="https://www.itworldcanada.com/article/task-force-calls-for-international-action-against-ransomware/446710" style="font-family: arial;" target="_blank">Ransomware Task Force releases Recommendations</a></li><li style="font-family: "Times New Roman";"><a href="https://www.bleepingcomputer.com/news/security/revil-gang-tries-to-extort-apple-threatens-to-sell-stolen-blueprints/" style="font-family: arial;" target="_blank">REvil seeks to Extort Apple and Hits Supplier with $50 Million Ransom</a></li><li style="font-family: "Times New Roman";"><a href="https://www.group-ib.com/media/swarmshop-breach/" style="font-family: arial;" target="_blank">Hackers
Hit Nine Countries, Expose 623,036 Payment Card Records </a></li></ul><div><p class="MsoNoSpacing"><o:p></o:p></p><p class="MsoNoSpacing"><b style="font-family: "Times New Roman";"><b><span style="font-family: arial;">VULNERABILITIES AND SECURITY UPDATES</span></b></b></p></div></span></span></div><div><div style="font-family: arial;"><ul><li><a href="https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/" target="_blank">More Critical Patches for Microsoft Exchange Server (Versions 2013, 2016, & 2019)</a></li><li><a href="https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/" target="_blank">Microsoft Warns of Damaging Vulnerabilities in Dozens of IoT Operating Systems</a></li><li><a href="https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/">Critical </a><a href="https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Mar" target="_blank">Microsoft Patches 108 Vulnerabilities, 20 Rated as Critical</a></li><li><a href="https://ics-cert.kaspersky.com/reports/2021/04/07/vulnerability-in-fortigate-vpn-servers-is-exploited-in-cring-ransomware-attacks/" target="_blank">Unpatched Fortinet VPN Devices Vulnerable to New Cring Ransomware</a></li><li style="font-family: "Times New Roman";"><a href="https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html" style="font-family: arial;" target="_blank">Microsoft SharePoint Vulnerability and China Chopper Web Shell used in Ransomware Attacks</a></li></ul><div></div></div><div style="font-family: arial;"><b>AWARENESS, EDUCATION AND THREAT INTELLIGENCE</b></div><div><p class="MsoNoSpacing" style="font-family: "Times New Roman";"></p><ul style="font-family: arial;"><li style="font-family: "Times New Roman";"><a href="https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html" style="font-family: arial;" target="_blank">Hackers Exploit Unpatched Vulnerabilities, Zero Day to Attack Governments and Contractors</a></li><li style="font-family: "Times New Roman";"><a href="https://www.scmagazine.com/home/security-news/phishing/scammers-imitate-windows-logo-with-html-tables-to-slip-through-email-gateways/" style="font-family: arial;" target="_blank">Phishing Scammers imitate Windows logo with HTML Tables to Slip through Email Gateways</a></li><li style="font-family: "Times New Roman";"><a href="https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html" style="font-family: arial;" target="_blank">Ransomware Group Targeted SonicWall Vulnerability Pre-Patch</a></li><li style="font-family: "Times New Roman";"><a href="https://news.sophos.com/en-us/2021/04/21/nearly-half-of-malware-now-use-tls-to-conceal-communications/" style="font-family: arial;" target="_blank">Malware Operators Leverage TLS in 46% of Detected Communications</a></li><li style="font-family: "Times New Roman";"><a href="https://www.bbc.com/news/amp/technology-56680790" style="font-family: arial;" target="_blank">Pets’ Names used as Passwords by Millions, NCSC Study Finds</a></li></ul></div></div></span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-66759555502462957962021-04-30T01:29:00.000+01:002021-04-30T01:29:10.107+01:00Which is more Important: Vulnerability Scans Or Penetration Tests?<div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsrM-01NiIfU8Wf6W4QxfCIzhQNN4IX7kfILmbQKWGZp9Qrm7OPV6dWLfChfMH-f09hnDCxsXELD7HyS0HuyWTA19sW_4sZlloomAJCSHI6dVaL9orlILemAOOS7pCi9SkZYiOJ6Atx6Ys/s2048/ITSE-PICx2+%25281%2529.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1189" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsrM-01NiIfU8Wf6W4QxfCIzhQNN4IX7kfILmbQKWGZp9Qrm7OPV6dWLfChfMH-f09hnDCxsXELD7HyS0HuyWTA19sW_4sZlloomAJCSHI6dVaL9orlILemAOOS7pCi9SkZYiOJ6Atx6Ys/s320/ITSE-PICx2+%25281%2529.jpg" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-family: arial; text-align: start;"><i>Which Is Better? A Vulnerability Scan Or A Penetration Test?</i></span></td></tr></tbody></table></div><span style="font-family: arial;"><div>Vulnerability scanning and penetration tests are two very different ways to test your system for any vulnerabilities. Despite this, they are often confused about the same service, which leads to business owners purchasing one service when they are really in need of the other.</div><br />In an effort to help these business owners tell the difference between the two services and understand which is best suited to their needs, <a href="https://secureteam.co.uk/" target="_blank">SecureTeam</a>, a cybersecurity consultancy, has written this guide to explain vulnerability scans vs. penetration testing. <br /><br />In a brief summary, a vulnerability scan is an automated, high-level test that looks for and reports potential vulnerabilities in your system. A penetration test, on the other hand, is a detailed hands-on examination by a cybersecurity professional that tries to detect and exploit weaknesses in your system. Now, let’s look a little deeper at the two services. <br /><br /></span><div><span style="font-family: arial;"><b><span style="font-size: large;">What is a Vulnerability Scan?</span></b><br />Vulnerability scans can also be known as vulnerability assessments and are a scan performed by cybersecurity professionals that assess your systems, networks and computers for any cybersecurity weaknesses or vulnerabilities. <br /><br />Once they have been set up vulnerability scans are typically automated and are used to give a beginning look at any weaknesses in your system that could be exploited. High-quality vulnerability scans can search for over 50,000 vulnerabilities. <br /><br />Vulnerability scans can be started manually or can be run on a regularly scheduled basis. In addition, vulnerability scans can take anywhere from a few minutes to several hours. <br /><br />Vulnerability scans are a passive approach to cybersecurity and only report on any vulnerabilities that are detected. It is then up to the business owner to arrange to take care of those vulnerabilities.</span><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Vulnerability Scan Reporting </span></b><br />After a vulnerability scan is completed a detailed report will be created. Typically, vulnerability scans create an extensive list of vulnerabilities found that your team can perform further research on. Some cybersecurity consultancies will also offer direction on how to resolve any weaknesses you have. <br /><br />The reporting can sometimes include false positives where the scan identifies a threat that isn’t actually real. Unfortunately, sifting through the report is the only way to differentiate between the real threats and the false positives. Typically, cybersecurity professionals will rank vulnerabilities found by the scan into groups based on the severity of the risk, allowing you to prioritise high-risk weaknesses first.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Benefits of a Vulnerability Scan </span></b><br />Vulnerability scans have a number of benefits that make them a useful tool for businesses.<br /><ul style="text-align: left;"><li><span style="font-family: arial;">Vulnerability scans are a very affordable cybersecurity solution</span></li><li>Quick to complete and provide a complete look at possible vulnerabilities</li><li>Can be run automatically on a schedule that works for you</li></ul></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Limitations of a Vulnerability Scan <br /></span></b>However, vulnerability scans do have some limitations that might make them inappropriate for a businesses’ requirements. <br /><ul style="text-align: left;"><li><span style="font-family: arial;">They can provide false positives</span></li><li><span style="font-family: arial;">After the scan is complete you must manually check each vulnerability</span></li><li><span style="font-family: arial;">Vulnerability scans don’t tell you if a weakness is exploitable</span></li></ul></span></div><div><span style="font-family: arial;"><span style="font-size: large;"><b>What is a Penetration Test?</b></span><br />Penetration testing, also known as ethical hacking, is when a cybersecurity professional simulates a hacker attempting to get into your system through a hands-on attempt to exploit any vulnerabilities in your system. Penetration testers will search for vulnerabilities and then attempt to prove that they can be exploited. <br /><br />Penetration testing makes use of testing methods like buffer overflow, password cracking and SQL injection in an attempt to compromise and extract data from your network in a way that doesn’t damage it. <br /><br />Penetration tests are an extremely detailed and effective approach to finding any vulnerabilities in your applications and networks. If you really want to find deep issues in your application or network, you need a penetration test. And if you modify your systems and software over time, a regular penetration test is a great way to ensure continued security.<br /><br />The main aspect that differentiates penetration testing from vulnerability scanning is the live human element. There is no such thing as an automated penetration test. All penetration tests are conducted by very experienced, very technical, cybersecurity professionals.<br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Penetration Test Reporting </span></b><br />Usually, penetration test reports are much longer compared to vulnerability scans and contain a high-detailed description of the attacks used and testing methodologies. In addition, penetration test reports often include suggestions on how to remedy the vulnerabilities and weaknesses found.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Benefits of a Penetration Test </span></b><br />Penetration tests have a number of benefits that make them the first choice for many businesses. <br /><ul style="text-align: left;"><li><span style="font-family: arial;">Manual testing by a cybersecurity professional means results are more accurate</span></li><li><span style="font-family: arial;">Retesting after remediation is often included as standard</span></li><li><span style="font-family: arial;">Rules out any false positives</span></li></ul></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Limitations of a Penetration Test </span></b><br />Despite their thoroughness, penetration tests do have some limitations to be aware of. <br /><ul style="text-align: left;"><li><span style="font-family: arial;">They can take far longer to complete (ranging from 1 day up to 3 weeks)</span></li><li><span style="font-family: arial;">They are far more expensive than vulnerability scans, which can be an issue for smaller businesses</span></li></ul></span></div><div><span style="font-family: arial;"><b><span style="font-size: large;">Which is Better? A Vulnerability Scan Or A Penetration Test?</span></b><br />Vulnerability scans are a quick and easy way to gain insight into your network security with weekly, monthly or quarterly scans. However, penetration tests are far more thorough and deeply examine your network security. On the other hand, penetration tests are far more expensive. But, you are getting a cybersecurity professional to examine every part of your business in the same way a real-world attacker would. <br /><br />Both tests should be utilised by businesses to protect their networks and ensure security. However, as the more affordable option vulnerability scans is a tool that can easily be automated and used more frequently. While the more expensive penetration tests are very thorough and can be used less frequently. <br /><br />Effective cybersecurity is vital for businesses, regardless of size. For further advice on vulnerability scans and penetration testing or to arrange a test for your network, contact a cybersecurity consultant. <br /></span><b style="font-family: arial;"><span style="font-size: medium;"><br /></span></b></div><div><b style="font-family: arial;"><span style="font-size: medium;">Author’s Bio:</span></b></div><div><span style="font-family: arial;">Dan Baker is a Content Writer who works with <a href="https://secureteam.co.uk/" target="_blank">SecureTeam</a>, a cybersecurity consultancy practice based in the UK.</span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-27843528756360360582021-04-28T07:30:00.001+01:002021-04-28T09:47:08.726+01:00Should Doctors Receive a Cybersecurity Education?<div><div class="separator" style="clear: both; text-align: left;"><i><span style="font-family: arial;">Article by <a href="https://beaupeters.contently.com/" target="_blank">Beau Peters</a></span></i></div></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuw60WvAX2-2h_SexrAiRoqlA0z8_v5Xv5JvXH0SnUzutUWEoOMQa1v-LR3WnC2NWjIQecyMh1NnfxiiQpHTFKHf2cSyFh2XQChJFBfexVSzoFznNCOtNoT8_R7Qfc9sJgWJSwEuIfn-t0/s610/ITSE-Blog-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="407" data-original-width="610" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuw60WvAX2-2h_SexrAiRoqlA0z8_v5Xv5JvXH0SnUzutUWEoOMQa1v-LR3WnC2NWjIQecyMh1NnfxiiQpHTFKHf2cSyFh2XQChJFBfexVSzoFznNCOtNoT8_R7Qfc9sJgWJSwEuIfn-t0/s320/ITSE-Blog-1.png" width="320" /></a></div></div><div><br /></div><span style="font-family: arial;">It is no secret that medical professionals of all levels need to maintain a vast amount of knowledge in their brains at all times. After all, having experience and education is crucial to saving lives and helping patients. But should an understanding of cybersecurity be added to their repertoire? If they want to give the best overall care inside and outside of the clinic, then the answer is yes. <br /><br />As technology has evolved and we have moved to a more remote work environment, it is essential that cybersecurity becomes part of training for everyone in a medical organization, from <a href="https://blog.itsecurityexpert.co.uk/2021/03/hr-strategies-to-drive-cybersecurity.html" target="_blank">human resources</a> to the doctors themselves. By knowing the threats and understanding the solutions, doctors can protect their patients and provide advice to keep them safe even after they leave the office. Below are some of the many reasons why doctors should receive a cybersecurity education.</span><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Following Privacy Guidelines </span></b><br />These days, technology is being used in the medical community more than it ever has before. Currently, medical devices and tools <a href="https://healthtechmagazine.net/article/2019/10/why-all-healthcare-workers-need-cybersecurity-training" target="_blank">outnumber actual human doctors by 3 to 1</a>. While this is great for providing patients with around-the-clock support, the downside is that hackers have been <a href="https://healthitsecurity.com/news/32m-patient-records-breached-in-first-half-of-2019-88-caused-by-hacking" target="_blank">breaching medical devices and computers in record numbers</a>. That’s not all. Even though these risks exist, recent studies show that <a href="https://www.fiercehealthcare.com/tech/despite-ongoing-cyber-threats-32-healthcare-employees-never-received-cybersecurity-training" target="_blank">32 percent of medical employees don’t have any cybersecurity training</a>, including many doctors. <br /><br />While the increased number of threats should be reason enough for cybersecurity training, there are also guidelines in place that require medical establishments to keep customer records safe. In the US, for example, along with the Health Insurance Portability and Accountability Act (HIPAA), there are the <a href="https://www.incrediblehealth.com/blog/cybersecurity-and-privacy-tips-for-medical-information/" target="_blank">HIPAA security and privacy rules</a>, which state that medical establishments must ensure that patient data is left confidential and that a practice must defend against any known security threat. Without educating the doctors, these guidelines cannot be met. <br /><br />Cybersecurity education should also be taught because failing to protect your customers is not only right, but failure to do so could be disastrous for your practice. Recent numbers show that the average cost of a medical breach is upwards of <a href="https://www.fiercehealthcare.com/tech/average-cost-healthcare-data-breach-rises-to-7-1m-according-to-ibm-report" target="_blank">seven million dollars</a>, which is money spent on data recovery and fixing vulnerabilities. A medical practice that does not have the type of money to recover after a breach may have to close its doors.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Do No Harm </span></b><br />Just about any form of personal patient information can be used maliciously. Social security numbers and credit card information can be used to take out fake loans, which could result in bankruptcy or worse. Even email addresses can be used to send phishing emails and log into personal accounts. <br /><br />Doctors who understand cybersecurity threats can also help to avoid more immediate threats that could even occur during surgeries. Hackers often use ransomware to infect and gain control of computers or medical apparatus. Once they do, they can lock the device until the hospital pays a hefty ransom to have the machine turned back on. This has occurred in <a href="https://www.beckershospitalreview.com/cybersecurity/6-hospital-ransomware-attacks-in-24-hours-prompts-us-advisory-8-things-to-know.html" target="_blank">hospitals in the past</a>, and it can be deadly for patients who need immediate care. <br /><br />Doctors who are educated on cybersecurity can ensure that their practice has the proper prosecutions in place. This includes updated antivirus software and a firewall on all internet systems to block unwanted traffic. Educated doctors will also recognise the importance of backup servers that can hold patient data and other information in the case that the main network is compromised.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: large;">Security and Telehealth </span></b><br />The arrival of COVID-19 required many business and medical offices to transition to a remote workforce which meant that many doctors had to adjust and begin treating non-emergency situations with telehealth platforms. The technology has grown exponentially over the last year, and due to its popularity, it is likely not going away anytime soon. However, while it is convenient and helpful, especially for elderly patients and those in rural areas, telehealth is also a target for hackers. <br /><br />The issue is that the tech is still not completely understood by patients or doctors, and hackers use that vulnerability to find holes that they get through to steal data, listen in on <a href="https://blog.itsecurityexpert.co.uk/2021/03/reducing-human-error-security-threats.html" target="_blank">video calls</a>, and expand to other programs to steal even more data. Doctors who are informed on the risks of telehealth can educate the patients with an email before the telehealth session to tell them what to expect and how to protect their connection. <br /><br />For instance, guidance should include precautions to use when talking to the doctor in a public place. It is in this environment that hackers can set up <a href="https://www.verizon.com/articles/mobile-device-security/" target="_blank">fake Wi-Fi accounts</a> that look legitimate and are often advertised as free. However, when the patient connects, they are really connecting directly to the hacker. Doctors can advise them to only use telehealth in their home or to ask the owner of the establishment for the correct network. <br /><br />Patients should also be told about the danger of phishing emails. Hackers can take advantage of those who frequent telehealth and send fake invites that appear to be from their doctor. There is typically a link in the email, and when clicked, the hacker gets access to their system. Doctors who are aware of the threat of phishing emails can advise patients to only open emails from their office, which should be sent through a secure service that requires a password to access. <br /><br />While many doctors may feel that they don’t have the time to learn about cybersecurity, the fact is that doing so is more important than ever. Digital care is becoming as important as physical health, and a well-informed doctor can provide their patient's all-around care.</span></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-12455958142378821692021-04-23T07:30:00.007+01:002021-04-23T10:24:53.391+01:00The Future of Service Management in the DevOps Era<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlSuxocKxLJ5BpGdqzfSqclwi3WGw3VvUc6gznmq3NYx8kivpLbl5lZg_mmSS2chyphenhyphenaH20pnbo1eXeT4vzikMiDHrM-0iJivXNu0GrWP7EsGlAR-jFcbb86miHUFH08pQYvGS9_UVGYmjug/s770/security-predictions-2016.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: arial;"><img border="0" data-original-height="577" data-original-width="770" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlSuxocKxLJ5BpGdqzfSqclwi3WGw3VvUc6gznmq3NYx8kivpLbl5lZg_mmSS2chyphenhyphenaH20pnbo1eXeT4vzikMiDHrM-0iJivXNu0GrWP7EsGlAR-jFcbb86miHUFH08pQYvGS9_UVGYmjug/s320/security-predictions-2016.jpg" width="320" /></span></a></div></div><div><i><span style="font-family: arial;"><br /></span></i></div><span style="font-family: arial;"><i>By Gary Blower, Solutions Architect, <a href="https://www.clearvision-cm.com/?utm_campaign=Brand%20%7C%20UK%20%7C%20Exact&utm_term=clearvision&utm_source=adwords&utm_medium=ppc&hsa_grp=52657126245&hsa_acc=1468716582&hsa_ad=359448912377&hsa_cam=1352347372&hsa_src=g&hsa_tgt=kwd-322482297594&hsa_kw=clearvision&hsa_ver=3&hsa_net=adwords&hsa_mt=e&gclid=Cj0KCQjw1PSDBhDbARIsAPeTqrfx5X6Q_p5NqCJ8rCDKAessenj9gH26ePXdv4uB40daJ_ko7vY6mu0aAh2zEALw_wcB" target="_blank">Clearvision</a> <br /></i><br />Whether you view your organisation as having an agile approach or not, in 2020, companies had no choice but to drastically change their way of working as the world rapidly pivoted to remote working. Organisations that had already embraced agile principles had the advantage of being able to adapt faster to the pandemic and meet the demands of their employees, who were suddenly all working from home. Now, as we start to slowly emerge from multiple lockdowns and restrictions, one interesting side effect of COVID-19 is that it has lowered our collective tolerance for slow, overly bureaucratic processes. We all crave an agile approach, whatever our definition of agile might be. <br /><br /><b><span style="font-size: medium;">COVID-19 has Accelerated Digital Transformation </span></b><br />Digital innovation has fundamentally changed how the world operates. COVID-19 demonstrated just how much we rely on technology. And, as modern technology permeates every area of our lives, our expectations around the availability of information and the speed with which we can obtain it are even higher than they were pre-pandemic. Therefore, as lockdowns ease, the world is continuing to change just as rapidly to keep pace with the demands on businesses, who must accelerate out of recession and aggressively compete to remain relevant. <br /><br />The knock-on impact of this acceleration is that organisations need their IT teams working together as efficiently and effectively as possible. Likewise, their IT service management (ITSM) capabilities must be nimble and efficient to support shifting organisational priorities, capitalise on new opportunities, and satisfy growing end-user demands for immediate and seamless service, wherever users are located. <br /><br />To meet this increasing demand and requirement for speed, the flow of work between the support, DevOps and operational teams must be unified, and teams need to be empowered to deliver work with agility. IT teams are under huge pressure and are required to become even more adaptable to the challenges they face. This means that practices and workflows need to remain flexible so that teams are better positioned should situations like we just experienced in the past 12 months arise again in the future. <br /><br /><b><span style="font-size: medium;">Traditional Service Management Approaches can’t keep pace with Demand <br /></span></b>However, even the smallest request for change is not an easy task for some organisations and must be approved by layers of bureaucracy, which can take weeks or sometimes months. Additionally, this increased demand, combined with the ongoing pressure to lower costs, runs counter to traditional approaches to service management that emphasise risk mitigation and control over efficiency and agility—leaving some IT teams hamstrung and unable to play to their full potential. In our ‘always on’, digital world, this will disadvantage those companies unable to respond, with end-users and customers no longer willing to accept long wait times. And why should they? The COVID-19 experience showed that, when we really need to, we can completely change our way of working overnight. Therefore, many customers are now unforgiving of those that cannot accommodate their requirements or promptly meet their expectations. <br /><br />One way that organisations can accelerate their service management initiatives and introduce more efficient methods to serve ever-growing business demands is by implementing Jira Service Management. This is the only ITSM solution built on the Jira software development platform. This means that users don’t have to seek the Jira application separately, and they benefit from having everything they need in one platform. <br /><br /><b><span style="font-size: medium;">DevOps, IT Support, and IT Operations must all Collaborate </span></b><br />This accessibility is important because IT teams using other service management tools often end up integrating their application with Jira for additional functionality, which can be clunky and not as streamlined. The co-existence of Jira Service Management and the Jira software development platform has huge benefits because it means that support and development teams can collaborate on the same platform and fix software issues and incidents faster. Jira Service Management was also designed with both IT and development teams in mind and provides streamlined requests and change management processes. This allows teams to make change requests without complex approvals and link incidents to problems in one click. <br /><br />With other service management platforms, siloed tools between development and IT operations can result in context switching, lack of visibility, and decelerated work. As a result, integrations between Jira Software and service management tools tend to be weaker and cumbersome to manage. In contrast, tight integrations between Jira Software and Jira Service Management mean seamless and accelerated workflows between development and IT. Teams can link issues across Jira and ingest data from other software development tools, providing IT support and operations teams with richer contextual information to respond rapidly to requests, incidents, and changes. <br /><br />Jira Service Management also offers customisable templates for ITSM, customer service, and business teams such as HR and finance. Furthermore, an intuitive portal in Jira Service Management makes it effortless for customers to ask for help, while the simple UI makes it easy for teams to use. And, with easily configured automations, IT teams can prioritise and resolve requests quickly. <br /><br /><b><span style="font-size: medium;"> Service Management Built for the DevOps era </span></b><br />In today’s world of digitised services and support, being able to deliver a rich and collaborative service desk, modern incident management, and change management is critically important. The world is changing fast and, to keep pace, organisations need a service management platform built for the DevOps era. An open, collaborative platform enables teams to scale operations quickly and ensure the organisations’ critical services are always on and operating at high velocity. This will ensure they can respond quickly to business change while delivering great customer and employee service experiences. </span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-32948415876690541682021-04-19T06:30:00.004+01:002021-05-13T11:19:48.803+01:00Flexibility and Security, You Can Have it All!<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjGweo-vravnFO-FOIPEupD6MzFqDv-454taq4_nSP8V6zHJHTAuHVWJqoJtQd6TN-Fp2atvclbSdjPeRoYEyTKl0fFeOpXx5G-SsyLrUjlgZwQDUK7MEqsj-rG40WtOzhIYyA9A9_Cm3H/s461/IT+security+expert+data+protection.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="461" data-original-width="409" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjGweo-vravnFO-FOIPEupD6MzFqDv-454taq4_nSP8V6zHJHTAuHVWJqoJtQd6TN-Fp2atvclbSdjPeRoYEyTKl0fFeOpXx5G-SsyLrUjlgZwQDUK7MEqsj-rG40WtOzhIYyA9A9_Cm3H/s320/IT+security+expert+data+protection.jpg" /></a></div></div><span style="font-family: arial;"><div><span style="font-family: arial;"><br /></span></div>Every organisation is on a mission to achieve agility; if 2020 taught us anything, it’s the need to be flexible is essential in order to adapt and thrive in new and uncertain environments. The increased adoption of technology in all forms - from increased connectivity to the cloud or collaboration tools for remote working - has greatly enabled organisations to achieve this. Powered by the adoption of software-defined wide-area networking (SD-WAN) technology, organisations have been able to take advantage of this newfound flexibility, ease of management and ability to scale, but many have realised that the compromise to data security is too big a risk. <br /><br />The dichotomy is real: ignoring the benefits that SD-WAN technology can bring only leads to dated and costly solutions being used for connectivity; not only impeding the ability to realise the real-world direct cost savings available with SD-WAN but also limiting the scope for building the future-proof agile environment that’s needed as part of any organisation’s ongoing digital transformation. On the other hand, for the public sector and other highly regulated industries in particular, securing data has never been a simple task, but adopting an SD-WAN model has only highlighted that traditional security solutions are no longer enough. These solutions simply do not have the flexibility, performance or interconnectivity that SD-WAN connections require, and because of this, data is increasingly being left unprotected and vulnerable to malicious actors. The numerous data breaches that the industry has seen over the last few years are only proof of this. <br /><br />Something clearly must change and organisations need to be able to deploy the benefits of SD-WAN with the confidence that the necessary controls are in place to ensure guaranteed levels of protection for high assurance data. As Paul German, CEO, <a href="https://certesnetworks.com/" target="_blank">Certes Networks</a>, explains, a software-defined approach to data assurance will enable organisations to remain flexible and reap cost savings whilst ensuring their data is kept private and handled in accordance with compliance needs. <br /><br /><b><span style="font-size: medium;">Turning Business Intent into Business Value </span></b><br />Business intent is defined by the key goals that an organisation sets out to meet with its data security strategy in order to achieve business value. For example, this could include being proactive to meet new and existing regulatory compliance requirements; being agile to move to hybrid environments; or being protected to keeping data secure and staying ahead of malicious actors. <br /><br />Business value will be achieved when the organisation’s data security posture is visible, scalable, observable, and above all, provable. In practice, a provable security strategy is quantifiable, measurable and outcomes-driven, and will turn data security into a strategic investment that mitigates risk and that delivers a quantifiable contribution to the overall value of the business. <br /><br />Having the intention to make changes and meet business goals, though, is only one part of the process as there are numerous challenges to overcome in order for business intent to turn into business value. <br /><br /><b><span style="font-size: medium;">Achieving Business Value within SD-WAN </span></b><br />An example of business intent is an organisation moving toward SD-WAN and adopting Zero Trust as an approach to ensure their data is kept secure, whilst staying flexible. However, the challenge that stops business value from being reached in this example is that the separation of duties cannot be achieved when security protocols are tied into the network infrastructure, which is often the case when organisations have not yet adopted a network-agnostic approach to data security. Business value will be achieved by deploying a secure overlay that’s agnostic to the underlying network infrastructure, giving security teams total control and visibility of the security posture. <br /><br />Similarly, an organisation might have the aim of being agile and moving to a hybrid or SD-WAN environment, but the challenge of a disaggregated or antiquated network infrastructure will often mean that this intent cannot be turned into value for the business. By decoupling security from the network, the organisation can be safe in the knowledge that the data will be protected wherever it travels. Furthermore, by matching security policies to business intent requirements, organisations won’t be beaten by continuously evolving regulations, solving two challenges and delivering business value with a future-proof approach to data security as a result. <br /><br />Overcoming these challenges with a provable security strategy that encompasses auditing and analytics and that automates cryptographic key rotation for each classification of business intent, ensures that even if a hacker is able to infiltrate the network, there will be no lateral movement between applications. And, with real-time monitoring of the data assurance posture, CISOs can react and remediate the attack at speed, greatly limiting any damage that could be caused and enabling business value to be achieved. <br /><br /><span style="font-size: medium;"><b>Making Flexibility and Security Entirely Possible </b></span><br />Ensuring that data remains secure should be front of mind when making any organisational changes, particularly when it comes to the adoption of new technology. There is simply no point in making the company’s processes and operations flexible and agile to suit the new working environment if data is left vulnerable and open to compromise as a result. <br /><br />But organisations don’t have to choose between flexibility and security - both can easily be achieved with a strategy that not only overcomes the data security challenges presented by an SD-WAN environment, but that also provides value by achieving business intent. A software-defined data assurance strategy successfully delivers ‘data first’ security to ensure that data remains protected and is handled in accordance with compliance needs, whilst providing the ability to react and adapt to both external and internal changes as required. <br /><br />It’s a win-win, so now is the time for organisations to really consider the viability of an SD-WAN environment where data security is decoupled from the network in order to truly realise the benefits.</span>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-38377456914811975542021-04-16T10:48:00.002+01:002021-04-16T10:48:54.148+01:00Adapting Security Awareness to the Post-Pandemic World<div><span style="font-family: arial;"><b><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAHe9YffCl8mlABubXpTje36qCjQZQuGaNsP4PVM0CRE8IWnsTx6ywwnx6tTq2jalpqBxFK_IWRznnNAx0Xo8TaayGrJhpTRMj7Lwlad11spw3GKblsVjnthMiu_FiXM_VApmQNeiRzzwI/s2048/computer-desk-electronics-indoors-374074.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1365" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAHe9YffCl8mlABubXpTje36qCjQZQuGaNsP4PVM0CRE8IWnsTx6ywwnx6tTq2jalpqBxFK_IWRznnNAx0Xo8TaayGrJhpTRMj7Lwlad11spw3GKblsVjnthMiu_FiXM_VApmQNeiRzzwI/s320/computer-desk-electronics-indoors-374074.jpg" width="320" /></a></div><br /></b></span></div><span style="font-family: arial;"><b><span style="font-size: medium;">It's time for Security Awareness to adapt by thinking Cyber </span></b><br />The transition to working from home, as well as the necessary technological change, has had an effect on businesses all over the world. This has serious consequences for cybersecurity. Current approaches to human user security are antiquated, infrequent, complex or patronising. Yet, in a world where <a href="https://www.cybersecurityintelligence.com/blog/90-of-breaches-are-caused-by-human-error-4820.html#:~:text=Human%20error%20caused%2090%25%20of,ICO)%20carried%20out%20by%20CybSafe." target="_blank">90% of cyber attacks </a>begin with a human user, technological controls can never guarantee 100% security. <br /><br />To keep up, security awareness must <a href="https://terranovasecurity.com/how-to-build-a-strong-security-awareness-program-in-2021/" target="_blank">build new methods</a>. The days of an annual awareness course are long gone. Instead, security awareness is becoming more and more about drip-feeding brief snippets of information to users, with content production periods of hours or days rather than weeks or months. Adjust easily, with minimal effect on workers, to win the battle for recognition while still passing on those benefits.</span><div><br /></div><div><div><span style="font-family: arial;">Belfast based cybersecurity company <a href="https://saltdna.com/" target="_blank">SaltDNA</a>, a </span><a href="https://saltdna.com/news/saltdna-graduate-from-lorca-3-cohort" style="font-family: arial;" target="_blank">LORCA 3 Cohort Graduate</a><span style="font-family: arial;">, recently attended </span><a href="https://www.lorcalive.co.uk/?gclid=CjwKCAjw9MuCBhBUEiwAbDZ-7uOeRHpnRy_sAlEjrS_gQw-EgBv1KsTVlu_X19T0DQ8OASUK67sSoBoCMDIQAvD_BwE" style="font-family: arial;" target="_blank">LORCA Live’s</a><span style="font-family: arial;"> online event, a global ecosystem together to explore the role cybersecurity can play as an enabler for the emerging technologies set to define our world. During the event, there was a wide range of workshops, panel discussions and live broadcasts, tailored to today's cyber landscape.</span><span style="font-family: arial;"><br /><br />According to a panel on LORCA Live ‘<i>Understanding the changing risk landscape for business</i>', the panellists highlighted the importance of security awareness finding new ways to be part of the context. Security awareness must <a href="https://techbeacon.com/security/6-ways-develop-security-culture-top-bottom" target="_blank">find new ways</a> to incorporate itself into the environment. Since physical cues are no longer present, we must build virtual cues to promote safe behaviour by integrating security into people's daily computing activities. These initiatives should be quick, attractive, social, and timely for optimal impact. They should preferably be delivered at the <a href="https://www.cybsafe.com/community/blog/7-reasons-why-security-awareness-training-is-important/" target="_blank">point of risk</a>, going well beyond merely reminding people of their professional responsibilities. We can shift the context to drive secure behaviours by offering the right feedback at the right time. <br /><br /><b><span style="font-size: medium;">Remote working is here to stay - why it's even more important to secure your organisation <br /></span></b>2020 moving into 2021, there has been a <a href="https://www.forbes.com/sites/charlestowersclark/2020/12/17/what-will-the-future-of-work-look-like-in-2021/?sh=2a45a6742159" target="_blank">substantial change</a> toward working from home. Businesses, for the most part, seem to have dealt with the logistical and health and safety implications of the transition, people seem to have adapted to remote working arrangements and processes fairly well. <br /><br />Undoubtedly, there's more to it than that from a security standpoint. It's not enough that the dangers have shifted. More importantly, the environment in which most work is performed has changed. Given that all behaviour is influenced by its environment, approaches to ensuring your business and employees safety <a href="https://www.infosecurity-magazine.com/next-gen-infosec/changing-behaviors-workplace/" target="_blank">must evolve</a>. <br /><br />Data enforcement, data hacks, and malware attacks are all issues that <a href="https://www.mckinsey.com/~/media/McKinsey/McKinsey%20Solutions/Cyber%20Solutions/Perspectives%20on%20transforming%20cybersecurity/Transforming%20cybersecurity_March2019.ashx" target="_blank">CISOs and CIOs</a> must deal with. As more people work from home, their jobs are becoming more difficult. Cyber-security threats and breaches are a concern that any company has to face. They can be <a href="https://www.sungardas.com/en-gb/blog/the-consequences-of-a-cyber-security-breach/" target="_blank">highly disruptive,</a> resulting in major, long-term financial and reputational harm. <br /><br />When workers operate remotely, such an assault can be much more difficult to manage, so make sure you have a safe setup in place to reduce the risk as much as possible. The importance of providing frequent security training for employees, as one of the most serious threats to your security is <a href="https://blog.usecure.io/the-role-of-human-error-in-successful-cyber-security-breaches" target="_blank">human error</a>. Responding to a phishing email, downloading malicious material, or clicking on a dangerous connection is all too convenient. Furthermore, since the security threat environment is constantly changing, workers are often unaware of the risk that their activities can pose. As a business owner, you<a href="https://www.efrontlearning.com/blog/2019/03/cyber-security-training-for-employees-101.html" target="_blank"> must ensure</a> that the workers undergo daily training and updates to ensure that they have as much information as possible. <br /><br /><b><span style="font-size: medium;">Organisations need to build trust to succeed in a post-pandemic world <br /></span></b>Forward-thinking business executives who<a href="https://hbr.org/2020/04/leaders-do-you-have-a-clear-vision-for-the-post-crisis-future" target="_blank"> took steps before 2020</a> were more likely to survive the past year's turmoil and place their businesses to succeed in the future. They created organisations with forward-thinking strategies, which offered a strong commitment to their stakeholders, and effective use of technology to gain a competitive advantage. Improving organisational resilience to plan for potential disruptions starts with an honest assessment of the organisation's readiness, adaptability, collaboration, trustworthiness, and responsibility. <br /><br />The pandemic has hastened the <a href="https://www.mckinsey.com/business-functions/strategy-and-corporate-finance/our-insights/how-covid-19-has-pushed-companies-over-the-technology-tipping-point-and-transformed-business-forever" target="_blank">adoption of technology</a>, and many companies have had to change their digital operations in order to remain operational and expand. Users must have confidence in how their data will be used, stored, and secured in order to participate in the digital economy. This poses a number of issues for companies. <br /><br />The ‘<i>Building trust to succeed in the post-pandemic world</i>’ workshop held by <a href="https://www.lorcalive.co.uk/workshops/building-trust-to-succeed-in-a-post-pandemic-world/" target="_blank">DELL technologies</a> shared a number of strategic actions businesses can take to build resilience. The first option was to conduct crisis scenarios on a regular basis with key decision-makers from different roles and departments. Scenario preparation <a href="https://www2.deloitte.com/global/en/pages/about-deloitte/articles/covid-19/covid-19-scenarios-and-impacts-for-business-and-society-world-remade.html" target="_blank">assists leaders</a> in preparing for change and predicting what businesses will need in the future to not only succeed but also prosper. <br /><br /></span></div><div><span style="font-family: arial;">Secondly, to encourage employees to learn new cyber skills, develop training or rotational programs. This could improve an organisation's ability to redeploy employees based on business requirements and employee preferences. Finally, invest in a <a href="https://saltdna.com/" target="_blank">secure communications platform</a> that promotes collaboration and private communications within your organisation. The collaboration will improve resilience by helping organisations communicate more effectively and promote trust among employees. <br /><br />Although the future remains unclear, it would be <a href="https://www.mckinsey.com/industries/healthcare-systems-and-services/our-insights/when-will-the-covid-19-pandemic-end" target="_blank">unrealistic to expect</a> that coronavirus vaccines would usher in a full return to pre-pandemic conditions. Now is the time to accept and plan for a more permanent remote-work environment. Firms can do this by<a href="https://saltdna.com/features" target="_blank"> integrating secure technology </a>that encourages secure digital communications among employees and teams, making their businesses more appealing to customers while also promoting broader strategic growth objectives. <br /><br />A constructive approach is more likely to be safe and resilient, as well as to survive in the data-driven digital economy. Change and disruption will be the norm in the future, so leaders who put the building blocks of resilience in place now will be in the best position to succeed. <br /><br /></span><span style="font-family: arial;"><b><span style="font-size: medium;">About SaltDNA</span></b></span></div><div><span style="font-family: arial;"><a href="https://saltdna.com/" target="_blank">SaltDNA</a> provides enterprise managed encrypted communications between mobile devices, safeguarding the confidentiality of voice, message and conference call communications, and file transfers. </span><span style="font-family: arial;">To sign up for a</span><a href="https://trial.saltdna.com/30-days" style="font-family: arial;" target="_blank"> free trial of SaltDNA </a><span style="font-family: arial;">or to talk speak with the SaltDNA team, contact them at </span><a href="mailto:info@saltdna.com" style="font-family: arial;">info@saltdna.com</a><span style="font-family: arial;">.</span></div></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-36286849022481389742021-04-15T01:38:00.003+01:002021-04-15T01:38:49.506+01:00Important Strategies for Aligning Security With Business Objectives<div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5eSyGozjAGOz1pon5z4hd2YfAEmfK5eu3yTL7tudmuyGt8rujrlf0PTcq25N8hn1mzxPk8gHrP15D-pFgVyYOlpo_zK7enHqF3NktCgTBZcMpzGYAOip49D8t6CEfbKdXQv5j8R6bA3gx/s953/business-security.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="590" data-original-width="953" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5eSyGozjAGOz1pon5z4hd2YfAEmfK5eu3yTL7tudmuyGt8rujrlf0PTcq25N8hn1mzxPk8gHrP15D-pFgVyYOlpo_zK7enHqF3NktCgTBZcMpzGYAOip49D8t6CEfbKdXQv5j8R6bA3gx/s320/business-security.png" width="320" /></a></div></div><span style="font-family: arial;"><div><span style="font-family: arial;"><br /></span></div>What is the objective of implementing cybersecurity in a business? The answer might vary depending on whether you ask a security professional or a business executive. <br /><br />However, in any cybersecurity implementation, it’s very important to stay focused on the big picture: cybersecurity is there to secure the business and its assets, so the business can concentrate on achieving its business objectives. <br /><br />For example, if we are a coffee shop, then cybersecurity should be implemented to help the restaurant sell more coffee, and cybersecurity by itself is not an end goal. <br /><br />To do so, security professionals and executives must align cybersecurity with business objectives, which can be quite challenging in certain cases. <br /><br />Below, we’ll share important strategies that can help cybersecurity teams move business and cybersecurity alignment in the right direction, starting with the first one. <br /><br /></span><div><span style="font-family: arial;"><b><span style="font-size: medium;">Know the business objectives inside out </span></b><br />One of the key challenges in aligning security with business objectives is that information security/data security executives (i.e. CISO/Chief Information Security Officer) are often too concerned about security and not the overall business objectives. <br /><br />Each top stakeholder in the company might have different business and security concerns. For example, the marketing manager might be more worried about the success of the upcoming marketing campaign, while the CFO might be more worried about the cost of security infrastructure and potential losses due to security concerns. <br /><br />With that being said, explore the following areas to consider how security should align with business objectives: <br /><ul style="text-align: left;"><li><span style="font-family: arial;">Compliance with local regulations and policies</span></li><li><span style="font-family: arial;">Data assurance, security, and integrity</span></li><li><span style="font-family: arial;">Market trust and brand reputation</span></li><li><span style="font-family: arial;">Availability and performance </span></li><li>Culture, policy, and governance</li><li>Cost efficiency in implementing security controls</li></ul>Maintaining two-way discussions with management and employees is very important so the security team can prioritize which areas they should focus on to help achieve organizational business objectives. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Upgrade connectivity to improve cybersecurity and productivity </span></b><br />With remote working becoming the norm nowadays, especially due to the COVID-19 restrictions, more employees are now actively accessing cloud resources from home. Even in a traditional office setting, regularly accessing cloud resources in various forms is now also a common practice. <br /><br />To prevent potential issues, organizations must ensure a more reliable connectivity solution that is also more secure, and <a href="https://en.wikipedia.org/wiki/SD-WAN" target="_blank">SD-WAN (Software Defined-Wide Area Network) </a>can be a viable solution in the following ways:<br /><ul style="text-align: left;"><li><span style="font-family: arial;">Better security: SD-WAN allows businesses to integrate security directly into the connection, for example by integrating VPNs, encryption, IPS, sandboxing, and firewalls. </span></li><li>Reliability: SD-WAN can prioritize critical applications to ensure more reliable connectivity for all employees.</li><li>Centralized management: security teams can easily integrate essential security functions into a single location, allowing better efficiency.</li></ul>The implementations of SD-WAN as well as other types of security-focused connectivity solutions, can help businesses in aligning security with business objectives by ensuring fast, reliable, but secure network at all times. <br /><br /></span></div><div><span style="font-family: arial;"><span style="font-size: medium;"><b>Implement cybersecurity automation to free up time and resources for pursuing organizational objectives </b></span><br />Implementing automation in executing cybersecurity practices has two core benefits: <br /><br />First, is that while human resources are and should be an organization’s most important security asset, human errors are also often an organization’s biggest security vulnerability. In fact, <a href="https://thehackernews.com/2021/02/why-human-error-is-1-cyber-security.html" target="_blank">more than 95% of successful cybersecurity breaches </a>are caused by human errors. Automating the execution of your cybersecurity can help reduce or even eliminate these human errors. <br /><br />Second, is that automating cybersecurity practices can free up your employees’ valuable time so they don’t deviate from their core competencies, allowing these employees to contribute more in pursuing organizational objectives. <br /><br />For example, investing in automated bot detection and management solutions like DataDome can help implement advanced, AI-powered bot mitigation. DataDome <a href="https://datadome.co/bot-detection/how-stop-bot-attacks/" target="_blank">will stop bot attacks</a> on autopilot and in real-time. <br /><br /></span></div><div><span style="font-family: arial;"><span style="font-size: medium;"><b>Establish a security-focused company culture </b></span><br />Again, human resources are an organization’s most important security assets and also the most vulnerable security vulnerabilities. <br /><br />It’s very important to ensure regular training so employees and management can better spot various forms of cybersecurity attacks especially phishing and social engineering attacks. <br /><br />Creating a security-focused company culture start by building awareness and knowledge of end-users by ensuring: <br /><ul style="text-align: left;"><li><span style="font-family: arial;">All employees must understand the symptoms of key attack vectors with the highest potential of affecting the organization, so they can recognize these threats in real-world situations </span></li><li>Communication is key. Management and employees should maintain clear, two-way communication about security and keep them updated.</li><li>Monitor and evaluate progress regularly, including updating the employees with new training modules when required</li></ul>Creating an organization-wide security culture requires commitment both from management and from employees, and improving awareness can be the most important asset an organization should invest in to ensure alignment of security with business objectives.</span></div><div><span style="font-family: arial;"><br /><b><span style="font-size: medium;">Recognizing that cybersecurity is a prerequisite, not the end goal </span></b><br />A very common mistake performed by organizations, especially security executives and officers, is treating cybersecurity as the end goal, while in truth cybersecurity is only a means to an end. We need cybersecurity to achieve the end goal and not the other way around. <br /><br />This is why every cybersecurity initiative should consider the related business objective it’s pursuing, and the cybersecurity team should provide an assessment to explore different options and possible outcomes rather than forcing the idea of security for the sake of security. <br /><br />We wouldn’t want security teams and executives to get caught up in being like an overprotective parent, hindering the business’s performance by treating security as the end goal. <br /><br />Thus, cybersecurity should help the business’s goals, and not the ultimate objective by itself. <br /><br /></span></div><div><span style="font-family: arial;"><b><span style="font-size: medium;">Conclusion </span></b><br />With various cyber-attacks are continuously growing, both in terms of scale and quality of attack, the negative impacts of these attacks on any business are increasingly becoming more threatening. <br /><br />This is why aligning cybersecurity to business objectives is now a necessity, ensuring the organization is becoming more capable of mitigating security risks that can hinder the organization’s success while ensuring positive ROI in security investments.</span></div>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0tag:blogger.com,1999:blog-3798604115389836864.post-29467832544998496302021-04-09T15:36:00.010+01:002021-04-09T15:38:40.028+01:00Building a Security Conscious Workforce<p><span style="font-family: arial;"><i>Article by Daniel Warelow, Product Manager at <a href="https://cloudmarket.com/" target="_blank">Giacom</a> and Charles Preston, CEO & Founder of <a href="https://www.usecure.io/en/" rel="" target="_blank">usecure</a></i></span></p><p></p><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2sQYPrGtMLOE_GZY5elShZsXj7vvrvYnE7ZNz5Iso7LLXnpJDHHHRz98EMgWHJ60sFAh0vHCIuQs3jPAjdZnI3Uyy0fzwM8EQrTglhbJLZhijXtN6SPLFzxasaFUcvsK5vj4iP45TpoS5/s2048/computer-desk-electronics-indoors-374074.jpg" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1365" data-original-width="2048" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2sQYPrGtMLOE_GZY5elShZsXj7vvrvYnE7ZNz5Iso7LLXnpJDHHHRz98EMgWHJ60sFAh0vHCIuQs3jPAjdZnI3Uyy0fzwM8EQrTglhbJLZhijXtN6SPLFzxasaFUcvsK5vj4iP45TpoS5/s320/computer-desk-electronics-indoors-374074.jpg" width="320" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-family: arial; text-align: start;"><i>Employees are a vital part of the security strategy</i></span></td></tr></tbody></table><p></p><p><span style="font-family: arial; font-size: medium;"><b>Security Awareness Training the foundation of a Cyberculture </b></span><br /><span style="font-family: arial;">Life and work as we know it
is changing as a result of the COVID-19 crisis, and cybercriminals are using
this to their advantage. A </span><a href="https://www.ft.com/content/f3d638f1-ff3c-4f8c-9a78-b96eec9c2cb8" style="font-family: arial;" target="_blank">new
report </a><span style="font-family: arial;">has found that more than one in four UK cyber-attacks have been
related to the pandemic, and as attackers continue to come up with
sophisticated and dangerous methods to attack businesses and individuals, cyber
security measures must be prioritised. </span></p><p><span style="font-family: arial;">Businesses can no longer
rely on technology alone to mitigate the risks that come from cyber threats,
especially while many workforces work remotely through the pandemic. Instead,
they need to encourage their employees to work mindfully and responsibly on the
frontlines of cyber defence. Daniel Warelow, Product Manager at Giacom and
Charles Preston, CEO & Founder of usecure, highlight the importance
of implementing continuous security awareness training in order for employees
to be more security conscious as part of their overall IT security strategy and
protection.</span></p>
<p><span style="font-family: arial; font-size: medium;"><b>Human Error </b></span><br /><span style="font-family: arial;">Employees are a vital part
of any business’s security strategy – they are the soldiers on the front line
in the battle against hackers. However, if they are not educated or trained in
what to look out for when it comes to security, the human can also become the
open gateway for cyber attacks to take place, playing upon user
vulnerabilities. </span></p>
<p><span style="font-family: arial;">This is the case, especially
when working from home. Users have additional pressure to work harder and
faster, which is when more mistakes can happen. It has been found that <a href="https://blog.usecure.io/the-role-of-human-error-in-successful-cyber-security-breaches" target="_blank">95%of cyber security breaches</a> are due to human error, demonstrating how
dangerous humans being the weakest link can be. These internal business risks,
such as sending an email to the wrong person or with an incorrect attachment
can be detrimental to a business – not only in terms of financial
repercussions, but also its reputation. <o:p></o:p></span></p>
<p><span style="font-family: arial;">This is when cyber security
training and tools that educate the user have never been more important, as
employees need to be trained to be vigilant, cautious and suspicious.<o:p></o:p></span></p>
<p><span style="font-family: arial; font-size: medium;"><b>Security Awareness Training</b></span><br /><span style="font-family: arial;">The cyber threat continues
to evolve too as hackers and their methods become more and more innovative.
However, businesses cannot expect their employees to stay ahead of growing
threats without having the education and training in place in response to the
changing and modern landscape. Elements such as security awareness training and
simulated phishing resources can help mitigate end-user cyber risk and drive
secure user behaviour.<o:p></o:p></span></p>
<p><span style="font-family: arial;">These programs are designed
to help users understand the role they play in helping to combat security
breaches. Additionally, using phishing simulations, as part of the wider
security strategy will help to provide realistic situations that often occur,
particularly via email, that employees must be aware of. Further, training
allows businesses to assess the nature of the workforce regarding its security
awareness posture, and provide employees with the information to understand the
dangers of social engineering attacks and how to take appropriate actions to
protect themselves and the organisation. <o:p></o:p></span></p>
<p><span style="font-family: arial;">However, security awareness
training should not be a one size fits all approach. Instead, training should
be continuous and tailored to each user's unique vulnerabilities, creating
an optimised and effective cyber strategy. By highlighting any cyber weaknesses
in the workforce, these can be targeted through educational resources to ensure
that the human is aware of and knows how to detect such risks, and more
importantly, how to reduce the likelihood of an attack. Regular training,
in addition to complementary security tools, can provide a layered defence for
organisations to reduce the threats that any business faces. <o:p></o:p></span></p>
<p><span style="font-family: arial; font-size: medium;"><b>The Role of the Channel</b></span><br /><span style="font-family: arial;">The channel plays a key
role in the fight against cyber crime too. Organisations cannot be
expected to stay one step ahead of cyber criminals and adapt to new threats on
their own, but by relying on the help of their MSP, businesses can feel
confident that they have the right education and tools in place to combat the
risk of cyber attacks. </span></p>
<p><span style="font-family: arial;">There remains a large cyber
skills gap across many businesses, and with the immediate move to remote work
over the last 12 or so months, being away from the help of on-site IT teams,
organisations are more vulnerable than ever. Finding the right vendor and
solutions to tackle these evolving threats is crucial, and end user
organisations need to work effectively with Managed Service Providers (MSPs) to
stay ahead of the attackers. This enables MSPs to become trusted IT security
advisors for the businesses they support, helping them to create a secure
business and custom-fit security approach.<o:p></o:p></span></p>
<p><span style="font-family: arial;">In addition to this, to
meet growing cyber security threats to organisations, channel partners can
increase their value to their customers by ensuring they have the right
security solutions and training programmes in place across their existing
portfolio. MSPs must take a proactive role in understanding the current state
of a customer’s ability to protect against, prevent, detect and respond to
modern cyber threats when recommending the best approaches to being cyber
resilient. <o:p></o:p></span></p>
<p><span style="font-family: arial;">By addressing pain points
and providing assurance around the security of their working environments,
partners can build and strengthen the relationship with their customers, while
recognising the opportunity surrounding the related additional revenue
streams. </span><span face="Helvetica, sans-serif"><o:p></o:p></span></p>SecurityExperthttp://www.blogger.com/profile/02816379340772195492noreply@blogger.com0