Tag Archive for: cyber security

As cloud computing continues to reshape the business world, the need to ensure the security of this complex new environment is more important than ever. This comes with its own significant challenges. Increased cloud adoption is bringing increased exposure to cyber threats, leaving businesses vulnerable to ever-evolving forms of attack.

With cyber threats showing no sign of slowing down, organizations cannot afford any gaps in their cloud infrastructure. Fortunately, there are concrete actions every company can take to strengthen their security stance. To find out more, Scott Nicholson, Co-CEO of Bridewell, shared his thoughts.

Why is cloud cybersecurity so crucial?

Traditional cybersecurity was built around on-premises infrastructure to manage on-premises threats. But the landscape looks very different today. The rise of cloud computing has made the digital world more interconnected and accessible than ever before, as data and applications have moved outside the traditional perimeter. This change has rendered most legacy network security controls obsolete, so it is essential that cybersecurity methods evolve to keep pace with accelerated cloud adoption.

At the same time, these increasingly complex IT and networking infrastructures are bringing new opportunities for cyber criminals, due to the expanded attack surface. We need only look at recent news headlines to recognize the threats. The Russian-backed hackers behind the Sunburst cyber attack managed to exploit cloud vulnerabilities to pilfer emails and files from over 100 companies around the world. We are also seeing cloud-based systems, services and data being targeted by ransomcloud – attacks that take advantage of weaknesses or legitimate functionality in cloud resources to deploy malware, encrypt data, and extort money from businesses.

To manage such a complex web of risks, companies need to review their own cloud security posture today and put in place measures to boost visibility, cyber maturity and resilience.

How can companies tackle the problem of skills gaps when it comes to cloud security?

There’s no denying that the skills gap is a growing challenge. Unfortunately, a lot of organizations started their cloud transformation journey on the back foot, implementing remote access tech without the skills needed to secure and manage cloud environments on an ongoing basis. This has led to a skills, transformation, and burnout cycle: IT teams are being asked to do more with less people to support transformation, heightening the risks of human error, data breaches, and the cycle getting underway again.

But there are ways that companies can break through the cloud security skills gap. Education is key to mitigating threats in the cloud, so all IT, security, and end users need to be fully informed and trained on a range of basic cyber hygiene practices and how these translate into cloud environments, covering areas such as controls testing, configuration hardening, network segmentation and incident response capabilities in the cloud.

Also, organizations shouldn’t be afraid to expand their talent pool by recruiting people from other backgrounds. Too many organizations focus purely on cyber talent and could be missing out on many great candidates with transferable skills. Here at Bridewell, we have taken on a lot of IT engineers and trained them up to be penetration testers and these are now some of our best people.

Companies also have the option to partner with a trusted managed security services provider with expertise in cloud security solutions. Outsourcing addresses the cyber security skills gap by providing ongoing expertise and support, which is very difficult to achieve in-house.

What challenges are preventing organizations from gaining the visibility needed to detect and respond to threats in the cloud?

There are a number of reasons why organizations may struggle to gain a detailed view of all activity in the cloud. In today’s diverse digital landscape, it’s common to see the convergence of traditional enterprise IT infrastructure with public cloud in a hybrid deployment. Businesses are also now integrating their operations with multiple cloud providers, which adds an extra layer of complexity. This means that some traditional security operations centers (SOCs) are having to juggle around 40 different tools to cover the cloud and every other possible vulnerability, each of which needs to be configured, supported, and monitored 24/7. This is a huge ask, and resources will be stretched further as OT and IT continues to converge.

Organizations can improve their cloud visibility today by having a multi-cloud security strategy and aiming to move towards having a full Extended Detection & Response (XDR) capability to help detect and respond to security threats in a more holistic and efficient manner.

How can companies better balance operational uptime and security requirements?

Of course, every organization wants to have effective security in place but without hindering and negatively impacting business operations. This is absolutely critical for some Operational Technology (OT), where it is performing critical functions that have a health and safety consequence.

Context in these scenarios is king. Understanding what risks are faced, the threat actors and the various methods in which a cyber attack could occur will enable informed decisions to be made regarding the application of cyber security controls and risk mitigation activity. Threat modelling is a very good methodology to structure and deliver this type of approach, which should include security professionals, engineering teams and any other key stakeholders.

There are also security technologies that provide non-intrusive network based detection capabilities to aide visibility, which is a great starting point for security improvements. Having a development environment or being able to replicate segments of an environment to test the application of security controls, will all aide understanding and decision making.

What does a proactive cyber security posture look like, and how can organizations achieve it?

Organizations with a proactive cyber security posture take the initiative to drive long-lasting security improvements from within, rather than waiting for the next big breach to happen. This involves moving away from traditional reactive security techniques – which focus simply on detection and notification of attacks – towards a more intelligent stance that gives a clear, holistic view of cyber security across IT, OT, cloud, and end user devices. As both cloud adoption and cloud security risks continue to grow, this proactive approach is critical to business continuity.

To build a proactive stance, businesses need to understand the threats they’re likely to face – past, present, and future. Threat intelligence is vital in enabling IT teams to quickly detect and respond to active threats in the cloud. With the right strategy, based on threat intelligence linked to managed detection and response (MDR) and supported by ethical hacking techniques to test defenses, companies can ensure they are fully armed in the face of evolving cloud-based threats.

Organizations that have a proactive cyber security posture also understand that attacks are inevitable, they focus on how quickly they can identify, detect and respond to those attacks in addition to compartmentalizing any successful attacks and having confidence in their ability to resume systems in a timely manner if negatively impacted.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Learn About Today’s Most Common Types Of Cyber-Attacks

If you’ve turned on the news sometime during the past few years, you’ve probably heard of more than one instance where a business closed due to a cyber-attack. You may think your business is small enough and hackers won’t target you, but this couldn’t be further from the truth. Every business is at risk of experiencing a cyber-attack and should be well-prepared to defend against these threats. With the right type of attack, a cybercriminal can gain valuable information about your business, customers and employees, which can be used to damage your reputation and hurt you financially.

If you’re a business owner or leader and you want to ensure your business is well-protected, check out the most common cyber-attacks that are affecting companies today. From there, you can implement cyber security plans and tactics to ensure your business is protected from cybercriminals.

Phishing Scams

Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure. Phishing scams can wreak havoc on your business and personal life. You may have seen an e-mail from someone claiming to be Amazon or your credit card company asking for specific sensitive information. Often, the e-mail address does not line up with who the person is claiming to be.

When a phishing scam targets your business, they’ll likely request valuable information from your employees such as passwords or customer data. If your employees fall for the scam, they could give a cybercriminal unprecedented access to your network and systems. This may also allow the cybercriminal to steal private employee and customer information, leaving your employees vulnerable to identity theft. Phishing scams can be averted by using common sense and providing cyber security training to your employees. Most companies will not request private information over e-mail. That being said, if an employee receives a suspicious e-mail, they should do their due diligence to ensure the e-mail is genuine before responding in any way.

Malware

Malware is software installed on a computer without the user’s consent that performs malicious actions, such as stealing passwords or money. There are many types of malware, including spyware, viruses, ransomware and adware. You can accidentally download malware onto your computer by clicking on sketchy links within e-mails or websites. You might not even notice you have malware on your computer right now. If your computer is operating more slowly than usual, web browsers are taking you to random sites or you have frequent pop-ups, you should scan your computer for malware.

Prevention is key in stopping malware from affecting your business. Hiring and utilizing a managed services provider is the best way to protect your business, as they will continually monitor your network for exploitable holes. With malware, it’s always better to play it safe than sorry. If a cybercriminal is able to use ransomware on your network, your business could be stuck at a standstill until you pay the ransom. Even if you can pay the ransom, your reputation will still take a hit, and your business could be greatly affected. Be careful where you click on your phone, too, since malware attacks on cellphones have become more common over the past few years.

Attacks Involving Passwords

How do your employees access your network or computer systems? They most likely use a password to log in to their computer, access their e-mail and much more. What would happen if someone with bad intentions gained access to one of your employee’s passwords? Depending on the individual’s access, they could obtain sensitive information about your business, customers and employees.

Your team should be using long, complex passwords for their accounts, and each password for every account should be different. Encourage your employees to use password managers that will allow them to create the most complex passwords possible and keep track of them more easily. You can also incorporate multifactor authentication to ensure nobody can steal a password and gain access immediately. You should make your employees aware of this during your annual cyber security training.

If your business falls victim to a cyber-attack, it could have lasting consequences for everyone involved. Now that you know the most common types of cyber-attacks, you can start implementing plans to ensure you and your business stay protected.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Phishing attacks are increasing and getting more sophisticated. Here’s how to avoid them:

Phishing is on the rise, and anyone who uses email, text messaging, and other forms of communication is a potential victim.

These attacks, in which a cybercriminal sends a deceptive message that’s designed to fool a user into providing sensitive information such as credit card numbers or to launch malware on the user’s system, can be extremely effective if done well.

These types of attacks have become increasingly sophisticated — making them more dangerous — and more common. An October 2022 study by messaging security provider SlashNext analyzed billions of link-based URLs, attachments, and natural language messages in email, mobile and browser channels over a six-month period, and found more than 255 million attacks. That’s a 61% increase in the rate of phishing attacks compared with 2021.

The study revealed that cybercriminals are shifting their attacks to mobile and personal communication channels to reach users. It showed a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.

“What we’ve been seeing is an increase in the use of voicemail and text as part of two-pronged phishing and BEC [business email compromise] campaigns,” said Jess Burn, senior analyst at Forrester Research. “The attackers leave a voicemail or send a text about the email they sent, either lending credibility to the sender or increasing the urgency of the request.”

The firm is receiving a lot of inquiries from clients about BEC attacks in general, Burn said. “With geopolitical strife disrupting ransomware gang activity and cryptocurrency — the preferred method of ransom payment — imploding as of late, bad actors are going back to old-fashioned fraud to make money,” he said. “So BEC is on the rise.”

Criminals using phishing attacks based on tax season, shopping deals

One of the iterations of phishing that people need to be aware of is spear-phishing, a more targeted form of phishing that often uses topical lures.

“While it is not a new tactic, the topics and themes might evolve with world or even seasonal events,” said Luke McNamara, principal analyst at cyber security consulting firm Mandiant Consulting. “For example, as we are in the holiday season, we can expect to see more phishing lures related to shopping deals. During regional tax seasons, threat actors might similarly try to exploit users in the process of filing their taxes with phishing emails that contain tax themes in the subject line.”

Phishing themes can also be generic, such as an email that appears to be from a technology vendor about resetting an account, McNamara said. “More prolific criminal campaigns might leverage less specific themes, and conversely more targeted campaigns by threat actors involved in activity like cyber espionage might utilize more specific phishing lures,” he said.

What people should do to ward off phishing attempts

Individuals can take steps to better defend themselves against phishing attacks.

One is to be vigilant when giving out personal information, whether it’s to a person or on a website.

“Phishing is a form of social engineering,” Burn said. “That means that phishers use psychology to convince their victims to take an action they may not normally take. Most people want to be helpful and do what someone in authority tells them to do. Phishers know this, so they prey upon those instincts and ask the victim to help with a problem or do something immediately.”

If an email is unexpected from a specific sender, if it’s asking someone to do something urgently, or if it’s asking for information or financial details not normally provided, take a step back and look closely at the sender, Burn said.

“If the sender looks legitimate but something still seems off, don’t open any attachments and mouse or hover over any hyperlinks in the body of the email and look at the URL the link points to,” Burn said. “If it doesn’t seem like a legitimate destination, do not click on it.”

If a suspicious-looking message comes in from a known source, reach out to the person or company via a separate channel and inquire as to whether they sent the message, Burn said. “You’ll save yourself a lot of trouble and you’ll alert the person or company to the phishing scam if the email did not originate from them,” he said.

It’s a good idea to stay up on the latest phishing techniques. “Cyber criminals constantly evolve their methods, so individuals need to be on alert,” said Emily Mossburg, global cyber leader at Deloitte. “Phishers prey on human error.”

Another good practice is to use anti-phishing software and other cyber security tools as protection against potential attacks and to keep personal and work data safe. This includes automated behavior analytics tools to detect and mitigate potential risk indicators. “The use of these tools among employees has increased significantly,” Mossburg said.

Another technology, multi-factor authentication, “can provide one of the best layers of security to secure your emails,” McNamara said. “It provides another layer of defense should a threat actor successfully compromise your credentials.”

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from CNBC.com SOURCE

Breaking Bad Habits

4 Ways Your Employees Are Putting Your Business At Risk Of Cyber-Attack

A couple years ago, TechRepublic ran a story with the following headline: “Employees Are Almost As Dangerous To Business As Hackers And Cybercriminals.” From the perspective of the business, you might think that’s simply inaccurate. Your company strives to hire the best people it can find – people who are good at their jobs and would never dream of putting their own employer at risk.

Your employees are instrumental when it comes to protecting your business from cyberthreats. But they can also become targets for hackers and cybercriminals, and they might not know it. Here are four ways your employees might be endangering your business and themselves — and what you can do about it.

1. They’re Not Practicing Safe And Secure Web Browsing. One of the most basic rules of the Internet is to not click on anything that looks suspicious. These days, however, it can be harder to tell what’s safe and what isn’t.

A good rule of thumb is to avoid websites that do not have “https” in front of their web address. The “s” tells you it’s secure – https stands for Hypertext Transfer Protocol Secure. If all you see is “http” – no “s” – then you should not trust putting your data on that website, as you don’t know where your data might end up.

Another way to practice safe web browsing is to avoid clicking on ads or by using an ad blocker, such as uBlock Origin (a popular ad blocker for Google Chrome and Mozilla Firefox). Hackers can use ad networks to install malware on a user’s computer and network.

2. They’re Not Using Strong Passwords. This is one of the worst IT security habits out there. It’s too easy for employees to use simple passwords or to reuse the same password over and over again or to use one password for everything. Or, worse yet, all of the above.

Cybercriminals love it when people get lazy with their passwords. If you use the same password over and over, and that password is stolen in a data breach (unbeknownst to you), it becomes super easy for cybercriminals to access virtually any app or account tied to that password. No hacking needed!

To avoid this, your employees must use strong passwords, change passwords every 60 to 90 days, and not reuse old passwords. It might sound tedious, especially if they rely on multiple passwords, but when it comes to the IT security of your business, it’s worth it. One more thing: the “tedious” argument really doesn’t hold much water either, thanks to password managers like 1Password and LastPass that make it easy to create new passwords and manage them across all apps and accounts.

3. They’re Not Using Secure Connections. This is especially relevant for remote workers, but it’s something every employee should be aware of. You can find WiFi virtually everywhere, and it makes connecting to the Internet very easy. A little too easy. When you can connect to an unverified network at the click of a button, it should raise eyebrows.

And unless your employee is using company-issued hardware, you have no idea what their endpoint security situation is. It’s one risk after another, and it’s all unnecessary. The best policy is to prohibit employees from connecting to unsecured networks (like public WiFi) with company property.

Instead, they should stick to secure networks that then connect via VPN. This is on top of the endpoint security that should be installed on every device that connects to your company’s network: malware protection, antivirus, anti-spyware, anti-ransomware, firewalls, you name it! You want to put up as many gates between your business interests and the outside digital world as you can.

4. They’re Not Aware Of Current Threats. How educated is your team about today’s cyber security threats? If you don’t know, or you know the answer isn’t a good one, it’s time for a change. One of the biggest threats to your business is a workforce that doesn’t know what a phishing e-mail looks like or doesn’t know who to call when something goes wrong on the IT side of things.

If an employee opens an e-mail they shouldn’t or clicks a “bad” link, it can compromise your entire business. You could end up the victim of data breach. Or a hacker might decide to hold your data hostage until you pay up. This happens every day to businesses around the world – and hackers are relentless. They will use your own employees against you, if given the chance.

Your best move is to get your team trained up and educated about current threats facing your business. Working with a managed service provider or partnering with an IT services firm is an excellent way to accomplish this and to avoid everything we’ve talked about in this article. Education is a powerful tool and, when used right, it can protect your business and your employees.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE