So, how do organizations find the right balance when it comes to data security? Here are three tips to help organizations navigate this challenge:
Security and Usability: Designing Secure Systems that People Can Use
Jul 07 2021
Vulnerability in the Kaspersky Password Manager
Stupid programming mistake, or intentional backdoor?
Jul 06 2021
CISO implementation guide: 10 ways to ensure a cybersecurity partnership will work
Capitalizing on the urgency companies have to launch new digital businesses, cybersecurity vendors create partnerships to close product gaps quickly. An understanding of how the new alliances can deliver results must be part of every CISO’s purchasing decision process. But partnerships can be something of a slippery slope.
Today, CISOs face the conflicting problem of securing operations while supporting business growth. IT and cybersecurity teams are stretched thin attempting to scale endpoint security for virtual workforces, while securing their customer identities and transactions. CIOs and CISOs are turning to vendors they rely on for immediate help. In turn, cybersecurity vendors’ quick fix is to create as many partnerships as possible to close product gaps and close the upsell or new sale.
What’s driving market demand is the pressure CIOs and CISOs have to deliver results. Companies’ boards of directors are willing to double down on digital business plan investments and accelerate them. According to the 2021 Gartner Board of Directors’ survey, 60% of the boards rely on digital business initiatives to improve operations performance, and 50% want to see technology investments deliver improved cost optimization.
Company boards have a high level of enthusiasm for technology spending in general and cybersecurity especially. As a result, Gartner predicts the combined endpoint security and network access market will be a $111 billion opportunity. For such cybersecurity companies, partnerships are a quick path to lucrative deals and higher profits.
Partnerships alone will not solve the conflicting demands for IT resources to secure a business while driving new business growth. They are not a panacea for the biggest challenges facing IT today. Trusting the wrong partnerships can cost millions of dollars, lose months of productive time, and even cause a new digital venture to fail. Due diligence of nascent cybersecurity partnerships needs to go beyond comparing partners’ financial statements and into the specifics of how multiple technologies are performing in actual, live scenarios today. Ten ways stand out as means to guide decision making.
10 ways to truth-test cybersecurity partnerships
Previous CISO related articles
Jul 06 2021
Reaction to Social Engineering Indicative of Cybersecurity Culture
During COVID-19, threat actors used fear of the virus and hope of a vaccine to trick unwitting victims into downloading malware or giving up their credentials. It was a master class in social engineering, one that put an organization’s security posture at risk. Social engineering attacks like phishing take advantage of an employee’s awareness of basic cybersecurity best practices (or lack thereof), and the harder an employee falls for the scams, the greater the skepticism about the entire organization’s cybersecurity culture.
Although no one has come up with an industry standard definition of cybersecurity culture yet, Infosec explains that “a strong cybersecurity culture is based on employees willingly embracing and proactively using security best practices both professionally and personally.” And Infosec developed a framework, and fielded a survey, to help organizations quantify their cybersecurity culture, track changes over time and systematically measure results.
The study polled 1,000 working individuals to examine the collective approach of an organization’s security awareness and behaviors toward cybersecurity. “The results show employee beliefs toward cybersecurity vary widely, which can have a major impact on an organization’s security posture,” said Jack Koziol, CEO and founder at Infosec, in a formal statement.
Quality of Culture Depends on Company Size and Industry
Jul 04 2021
Attackers use ‘offensive AI’ to create deepfakes for phishing campaigns
Malware Analysis Using Artificial Intelligence and Deep Learning
Jul 02 2021
Why Data Protection Cloud Strategies Are Now Mission-Critical
The growing reliance on public cloud services as both a source and repository of mission-critical information means data owners are under pressure to deliver effective protection for cloud-resident applications and data. Indeed, cloud is now front of mind for many IT organisations. According to recent research by Enterprise Strategy Group (ESG) cloud is “very well-perceived by data protection decision makers”, with 87% of saying it has made a positive impact on their data protection strategies.
However, many organisations are unclear about what levels of data protection are provided by public cloud infrastructure and SaaS solutions, increasing the risk of potential data loss and compliance breach. At the same time, on-premises backup and disaster recovery strategies are increasingly leveraging cloud infrastructure, resulting in hybrid data protection strategies that deliver inconsistent service levels.
Despite these challenges, there are a significant number of organizations that still don’t use a third-party data protection solution or service. This should be cause for concern considering that everything an organization stores in the cloud, from emails and files to chat history and sales data (among many other datasets) is its responsibility and is subject to the same recoverability challenges and requirements as traditional data. In fact, only 13% of survey respondents see themselves as solely responsible for protecting all their SaaS-resident application data.
Jul 01 2021
How to Stay Safe on Mobile Casino Apps
By 2027, the global online casino market is predicted to be worth $127.3 billion, growing at a CAGR of 11.5%. The increase in market size is largely due to the growing popularity of not just smartphones and mobile gaming, but also of social platforms that are transforming online games.
Already, providers like Tapinator are developing more social casino experiences for mobile phone users. And in the next few years, Gala Casino predicts that mobile gaming is set to overtake desktop casino experiences. This is thanks to people being more on-the-go and the technology in the mobile space improving consistently.
But the question is, with the overwhelming gaming options available, how can you stay safe while playing online casino games?
Look for reputable online casinos
There are countless casino apps available on the Internet, but before you start downloading a random app, be sure to do your research. Check if the casino is licensed through gambling registers, which can easily be found online. Although licensing bodies vary from state to state, most of the time, brick-and-mortar casinos offer online counterparts, and these apps are also heavily regulated to ensure fairness and safety for players.
Here is a quick tip: Usually, when casino apps only ask for just a username and password, odds are they are not legitimately safe. Trusted online casinos will ask for a way to verify your identity, like a copy of your ID or a recent utility bill.
Table of Contents
- Listen to user experiences
- Use trusted payment methods
- Read the fine print
- Take advantage of the trial period
- Secure the app from unauthorized use
Jun 30 2021
NFC Flaws in POS Devices and ATMs
Now Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems’ firmware. With a wave of his phone, he can exploit a variety of bugs to crash point-of-sale devices, hack them to collect and transmit credit card data, invisibly change the value of transactions, and even lock the devices while displaying a ransomware message. Rodriguez says he can even force at least one brand of ATMs to dispense cash though that “jackpotting” hack only works in combination with additional bugs he says he’s found in the ATMs’ software. He declined to specify or disclose those flaws publicly due to nondisclosure agreements with the ATM vendors.
Jun 29 2021
4 Warning Signs of an Insecure App
The “golden age of digital transformation” is upon us, and companies around the globe are scurrying to meet consumers on the digital frontier. For developers, it is a virtual gold rush, as businesses overhaul their infrastructure to meet consumers where they are—their mobile phones. For most, this means developing a mobile app.
Unfortunately, the byproduct of the scramble to build a mobile app is that essential features are often overlooked or omitted entirely. There are many things that can be missed when creating an app (like network tolerance and accessibility)–but confoundingly, the feature that’s most often forgotten is the most important: app security.
Data use and privacy are top-of-mind for users. It is vital that software developers don’t cut corners when it comes to securing a mobile app. A secure app should pass the coffee table test: Would I be comfortable going to the bathroom and leaving my phone on a public coffee table?
It’s no secret that app security is a hot topic, but what are the actual warning signs of an insecure app?
Jun 28 2021
Navigating the complexity of ransomware negotiations
Ransom negotiation protocol checklist
First and foremost, before communications can begin, you need to determine if legal engagement with the threat actor is possible. How? An OFAC (Office of Foreign Assets Control) check must be run to see whether any data (i.e., IP addresses, language, system access, etc.) or metadata is associated with an entity that has been put on the U.S. Sanctions list. If the answer is yes, communication with and ransom payments to the attacker is prohibited.
It’s relatively rare for data from an attack to match an entity on the list because threat actors are using tools to mask their identities (i.e., VPNs, proxy connections, language translation, etc.). If you know where to dig, it’s not impossible to discover pieces of information to help unmask threat actors. For example, if a threat actor’s IP address says they are in the Netherlands, but upon reviewing the executable files they dropped on compromised systems you see they are written in Russian, this could reveal the attacker’s true location.
Once you’ve confirmed that legal engagement with the threat actor can proceed, you must weigh your answers to the following questions:
- Is my data backed up and accessible on the network?
- If not, can I rebuild the data from scratch?
- If the stolen data is shared publicly, how will this impact the company?
- Will my business survive if I don’t pay?
Source: Navigating the complexity of ransomware negotiations
Ransomware Protection Playbook
No cybersecurity plan will ever be perfect, no defense is impenetrable. With the dangers and costs of a successful ransomware attack on an organization increasing daily, it is important for cybersecurity and business leaders to have a prevention and recovery plan before disaster strikes.
In Ransomware Protection Playbook experienced penetration tester and cybersecurity evangelist Roger Grimes lays out the steps and considerations organizations need to have in place including technical preventative measures, cybersecurity insurance, legal plans, and a response plan. From there he looks at the all important steps to stop and recover from an ongoing attack starting with detecting the attack, limiting the damage, and what’s becoming a trickier question with every new attack – whether or not to pay the ransom.
No organization with mission-critical systems or data can afford to be unprepared for ransomware. Prepare your organization with the Ransomware Protection Playbook.
Jun 27 2021
7 keys to evaluating zero trust security frameworks
Zero trust as a framework for securing modern enterprises has been around for years, but is drawing renewed attention with the increase in cyberattacks. The United States government is pushing for zero trust implementations across all its agencies, and more vendors are jumping on board the already rolling zero trust product bandwagon.
The mix of user need and vendor hype makes zero trust frameworks especially difficult to evaluate. Can a given zero trust solution stand up to close scrutiny? Buyers need to define and test an impartial, balanced set of complex criteria before making their purchase decisions.
Factors to consider include scalability, advanced patch management, and least-privileged access, and that is just the beginning. As automated AI-based network and application discovery gains traction, buyers must be prepared to assess the effectiveness of AI software, which is no small task.
Zero trust meets mega hype
Zero Trust security has become a major industry trend, and yet there still is uncertainty about what it means. Zero Trust is about fundamentally changing the underlying philosophy and approach to enterprise security―moving from outdated and demonstrably ineffective perimeter-centric approaches to a dynamic, identity-centric, and policy-based approach.
Making this type of shift can be challenging. Your organization has already deployed and operationalized enterprise security assets such as Directories, IAM systems, IDS/IPS, and SIEM, and changing things can be difficult. Zero Trust Security uniquely covers the breadth of enterprise security and IT architectures, providing substantive architectural guidance and technical analysis with the goal of accelerating your organization‘s journey to Zero Trust.
Zero Trust Security: An Enterprise Guide
Jun 26 2021
WhyNotWin11 is a better replacement for Windows 11’s PC Health Check
An open-source application called WhyNotWin11 acts as a better drop-in replacement for Microsoft’s PC Health Check app to determine if your hardware is compatible with Windows 11.
This week, Microsoft announced that the next version of Windows is Windows 11 would be the next version of Windows and that it would be released as a free upgrade this fall.
As part of this announcement, Microsoft also published Windows 11’s minimum hardware requirements needed to upgrade or install Windows 11.
Microsoft released the PC Health Check app to check your computer’s hardware and tell you if it is compatible with Windows 11.
Unfortunately, Microsoft’s first version of the PC Health Check app did not tell users what hardware was failing tests, leading to even more confusion.
For many people, the issue was that they did not have a required TPM 2 compatible security processor enabled on their computer. As a result, Microsoft released an updated PC Health Check app that specifically warned users that a TPM 2 device was missing.
Source: WhyNotWin11 is a better replacement for Windows 11’s PC Health Check
Microsoft Introducing Windows 11
Jun 25 2021
Ensono: Security is a key factor when choosing a public cloud provider
There are many factors to considered when selecting a public cloud provider, but 56% in a recent survey said security concerns had the most significant influence during the selection process for public cloud providers, IT services management company Ensono said.
Above: Ensono Cloud Clarity Report uncovered several areas that significantly influenced buying decisions.
Ensono: Security is a key factor when choosing a public cloud provider
Jun 24 2021
Google extends open source vulnerabilities database to Python, Rust, Go, and DWF
Google today announced it has extended its Open Source Vulnerabilities (OSV) database to incorporate data from additional open source projects, using a unified schema for “describing vulnerabilities precisely.”
The benefits of open source software are widely understood, but concerns around vulnerabilities frequently rear their head. The vast majority of codebases contain at least one known open source vulnerability, while a report this week concluded that more often that not, developers don’t update third-party libraries after including them in their software. That same report noted that 92% of open source library flaws could be easily fixed with a simple update.
Open source software impacts pretty much everyone, everywhere. From small startups to major enterprises, companies rely on community-driven components in most of their applications. So it’s in everyone’s interests to ensure open source software is properly maintained.
Are Password Protectors Safe in 2021?
Open Source Vulnerability Database:
Jun 23 2021
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber adversary behavior.
The tool allows users to add notes, and create new or extend existing objects – matrices, techniques, tactics, mitigations, groups, and software – with new content. It also allows them to share these insights with other organizations.
Jun 23 2021
Why You Need a Disaster Recovery Plan (DRP)
Assessing IT Disaster Recovery Plans : The Case Of Publicly Listed Firm
All the information technology (IT) literature emphasizes the fact that a properly managed organization should have a well-developed IT disaster recovery plan (DRP) to enable it to continue its operations in the event of a disruption and to be able to survive a disastrous interruption to its information systems. To determine the current status of IT disaster recovery plans in the UAE, this research attempts to answer the following research questions:
1) what is the overall level of disaster preparedness of businesses in the United Arab Emirates?
2) To what extent does your business have a formal and documented disaster recovery plan in place?
3) What is the level of employees’ preparedness and awareness of the existence of the DRB and their role in case of a disaster?
4) The most significant physical and logical risks that pose the most threats to drive the development of the DRB?
5) The extent of the controls in place to mitigate, avoid or transfer risk? and
6) what is the frequency of testing and exercising the DRP? To answer these questions, we surveyed the public companies listed on the Abu Dhabi Securities Exchange (ADX).
Jun 22 2021
Ransomware: What REALLY happens if you pay the crooks?
Governments and law enforcement hate it when ransomware victims pay the blackmail demands that almost always follow a ransomware attack, and you can understand why, given that today’s payments fund tomorrow’s cybercriminality.
Of course, no one needs to be told that.
Paying up hurts in any number of ways, whether you feel that hurt in your head, in your heart or even just in the pit of your stomach.
“I was happy to pay up for a job well done,” said no ransomware victim ever.
However, it’s easy for people who aren’t looking down the wrong end of the cybercrime barrel to say, “You should never, ever pay. You should let your entire business implode, and let everyone in the company lose their job, because that’s just the price of failure.”
So, if your back’s against the wall and you DO pay up in the hope that you’ll be able to restart a business that has ground to a total halt…
…how well will it all go?
Guess what? You can find out by tuning into a fun but informative talk that we’re giving twice this week.
Catch us online on Wednesday 23 June 2021 at the SC Annual Digital Congress, at 14:15 UK time (UTC+1), or on Thursday 24 June 2021 at the Sophos Break a Hacker’s Heart online event, at 11:00 UK time (UTC+1).
You need to register, but both events are free to join. (They’re both 100% virtual, given that the UK is still in coronavirus lockdown, so feel free to attend from anywhere.)
We’ll give you a clue by sharing a key slide from the talk:
As you can see, paying up often doesn’t work out very well anyway, even if you have no ethical qualms about doing so, and enough money burning a hole in your pocket to pay without flinching.
And remember that if you lose 1/3 of your data, like 1/2 of our respondents said they did, you don’t get to choose which computers will decrypt OK and which will fail.
Murphy’s law warns you that the laptops you could have reimaged easily enough will probably decrypt just fine, while those servers you really meant to backup but didn’t… probably won’t.
We’re going to try to make the talk amusing (as amusing as we dare be when talking about such a treacherous subject), but with a serious yet not-too-technical side.
We’ll be giving some tips you can use both at work and at home to reduce the risk of getting ransomed in the first place.
Ransomware Protection Playbook
No cybersecurity plan will ever be perfect, no defense is impenetrable. With the dangers and costs of a successful ransomware attack on an organization increasing daily, it is important for cybersecurity and business leaders to have a prevention and recovery plan before disaster strikes.
In Ransomware Protection Playbook experienced penetration tester and cybersecurity evangelist Roger Grimes lays out the steps and considerations organizations need to have in place including technical preventative measures, cybersecurity insurance, legal plans, and a response plan. From there he looks at the all important steps to stop and recover from an ongoing attack starting with detecting the attack, limiting the damage, and what’s becoming a trickier question with every new attack – whether or not to pay the ransom.
No organization with mission-critical systems or data can afford to be unprepared for ransomware. Prepare your organization with the Ransomware Protection Playbook.
Jun 22 2021
Apple Will Offer Onion Routing for iCloud/Safari Users
TOR Anonymity Network 101 If you have been searching for how to access the most private and secure part of the internet, then look no more! The TOR Anonymity Network 101 – An Introduction To The Most Private Part Of The Internet has everything you’ve ever wanted to learn about how to be completely anonymous online. We live in an age where despite our best intentions, everything we do online is open to monitoring or attack. Our own advances in technology which were supposed to make our lives easier can be twisted and used against us. Knowing how to protect our own best interests is a vital skill that everyone should be aware of. The TOR Anonymity Network 101 includes: * How to maintain your anonymity online * The key to networking 101 * An introduction to the most private parts of the internet & much more! TOR doesn’t stop you from being seen on the internet, but it will prevent people from learning your location and using that information against you. If you value your privacy, then you need to check out TOR Anonymity Network 101 – An Introduction To The Most Private Part Of The Internet for yourself!
Jun 22 2021
Threat actors in January attempted to poison the water at a US facility
Threat actors in January attempted to poison the water at a US facility, a circumstance that highlights the importance of cybersecurity for water and wastewater utilities. The news that a threat actor in January attempted to poison the water at a facility…
Cyber Threats and Nuclear Weapons
“The technology controlling United States nuclear weapons predates the Internet. Updating the technology for the digital era is necessary, but it comes with the risk that anything digital can be hacked. Moreover, using new systems for both nuclear and non-nuclear operations will lead to levels of nuclear risk hardly imagined before. This book is the first to confront these risks comprehensively. With Cyber Threats and Nuclear Weapons, Herbert S. Lin provides a clear-eyed breakdown of the cyber risks to the U.S. nuclear enterprise. Featuring a series of scenarios that clarify the intersection of cyber and nuclear risk, this book guides readers through a little-understood element of the risk profile that government decision-makers should be anticipating. What might have happened if the Cuban Missile Crisis took place in the age of Twitter, with unvetted information swirling around? What if an adversary announced that malware had compromised nuclear systems, clouding the confidence of nuclear decision-makers? Cyber Threats and Nuclear Weapons, the first book to consider cyber risks across the entire nuclear enterprise, concludes with crucial advice on how government can manage the tensions between new nuclear capabilities and increasing cyber risk. This is an invaluable handbook for those ready to confront the unique challenges of cyber nuclear risk”–
Jun 21 2021
Embrace integrations and automation as you build a security program
Information Security Program Guide: Company Policies, Departmental Procedures, IT Standards & Guidelines
« Previous Page — Next Page »
