One of the most interesting benefits of utilising deception technology - beyond the results - is the information learned throughout the process, providing a first-hand look into the mind of an attacker.
Many ICS asset owners lack access to an accurate inventory of their true risk. Level 1 and 0 ICS vulnerabilities are difficult to identify and remediate using tools originally developed for IT assets.
Wireless networks increase attack surfaces so should never be allowed in certain IIOT applications; first consider deployment & operation policies & procedures, the product, the underlying infrastructure.
The IOT could adopt an approach focused on trust, openness, and collaboration which could see companies establish shared values and standards that would allow the industry to in effect self-regulate.
The NIS Directive, the first EU-wide cyber-security legislation, promotes proactive adoption & building of best practice to achieve the aim of any cyber-security legislation - a more secure organisation.
Every minute digital assets are subject to scores of malware, malvertising, phishing, & cryptomining efforts on a massive scale, plus rogue apps, domain and brand infringement: top four takeaways listed here:
DevSecOps involves understanding everyone's objectives, & getting good data to help you track how well you support these aims over time. Developers: include security from the start; use what your team values.
IP geolocation using advanced traceroute tech & anonymous partner data locates users and connection characteristics, including proxy information, for reliable user authentication without personal identification.
Hackers are compromising your computers for cryptomining and infiltrating discussion groups to steal codes and information about other people's cryptocurrency network and ultimately steal their digital coins.
To resist ransomware, organisations need to treat ransomware as more than just malware. They need to start looking into the largely unmonitored internal darkspace of a network, identifying encrypted traffic.
How can democracy be defended? Action is needed to protect elections from interference by cyber-attackers. One possible solution is to move away from physical machines and towards online voting.
Understanding the profile of the person behind attacks allows us to identify what they might be after, how they might go about getting it, and how we may best be able to stop them.
Due to the complexity of aircraft systems there are millions of lines of code involved in avionics systems. If not regularly tested for vulnerabilities, the system's software can pose a severe security threat.
If you have a good data breach plan in place, you will be better able to limit the damage, and your business will be able to recover faster. But plan for different types of breaches.
Organisations must find ways to identify and stop fraud before it happens. This is accomplished by closely examining any potential loopholes related to your people, your processes and your technology.
The frequency and impact of security vulnerabilities make the process of software updates unavoidably necessary. It is no longer acceptable to consider any connected software a finished product.
Bank of England highlights industry concern on cyber-attacks: How do financial institutions reduce risk?
Financial institutions typically average more than 100 vulnerabilities per asset, with total vulnerability occurrences in the environment tallying in the millions.
Strengthening a company's security posture in a world of SDI requires rethinking all elements, moving from network-centric security to data-centric security.
Fraud online is changing in line with developments in online banking and finance, so what are the latest scams, what can we do about them, and how will machine learning help without losing control?
83% of enterprise workloads will be in the cloud by 2020. Yet there are still several questions that cloud providers need to resolve to settle the fears of those who've not yet made the transition to the cloud.
A variety of Red Team frameworks exist, eg the ATT&CK framework lets red teams classify an attack and study unique patterns, which can aid in identifying how a malware evolved as well as the likely authors.
Malware vulnerabilities: antivirus' can't keep up; movement of malicious files on networks isn't tracked; APTs bypass antivirus software; online scanning devices have drawbacks; cybersec awareness is low.
The UK's CNI is being negatively impacted by a lack of cyber skills, but what many people don't realise is that internships and graduate schemes aren't the only route towards a fulfilling career in cyber-security.
Changes in the technology landscape and legacy technology skills shortages have opened the door to new risks within mainframe-dependent businesses as they now connect to the internet and so are exposed.
80% of IT directors don't know how to protect the data generated by voice technology yet its possible to accurately identify individuals using the full range of data contained within audio files of a human voice.
Threat bounty programmes are an essential part of effective cyber-security, and they should be available to every company, big or small. By 2022 more than 50 percent of companies will want to implement them.
Combatting day-to-day threats can be achieved by addressing basic core principles: password practices; email management; updating and testing security processes as well as ensuring a security-first culture.
In addition to understanding an attacker's motives, board members must consider the perceived value of an organisation's systems and data, and view valuable information from strategic intelligence sources.
75% of IT decision makers believe that AI is the 'silver bullet' to solve their cyber-security challenges. It's not true. The claims are misleading and the hype could actually be putting businesses at greater risk.
Why privilege a font without signing? Security means never parsing external assets in a privileged context. That way, a malformed data structure can't be used to leverage an escalation of privilege attack.
Could you quickly find and replace compromised certificates or add a certificate at a moment's notice? It's now crucial for businesses to have a plan that does not leave them at the mercy of any one CA.
What security priorities cut unnecessary work and speed up deployment for time-pressed developers ? A centralised database to govern and secure data can also make securing applications easier and faster.
Deploying application-centric networking such as SD-WAN can allow you to tune your network, allowing the priority traffic to behave the way it needs to, giving greater insight and facilitating future automation.
An IoT breach can involve multiple vulnerable systems and applications in an owner's environment, dispersing levels of responsibility; ultimately the courts will decide and consumers bear the consequences.
Beyond the financial loss of sales and reputational damage that DDoS attacks cause, companies face at least another 13 risks caused by DDoS attacks based on time and type of impact, as described here:
People will most likely continue to choose obvious passwords, keep opening email attachments from strangers and use insecure communications channels. We must make this assumption and plan for it.
GDPR is not about cyber-security. It is about data protection. Organisations must plan how they acquire the data subject's permission and have a consolidated view of all collected data and permissions.
All board members need to take responsibility for reducing insider threat vulnerability since any employee in their area of responsibility could trigger a cyber-attack, whether unintentionally or deliberately.
Entire NHS trusts are susceptible to unpatched Windows 7 vulnerabilities, including those that facilitate remote code execution and privilege escalation - prime pickings for any malware that enters a system.
Prevent brute-force "password spraying" attacks: The passwords & network-connected devices should be reviewed on a regular basis, to ensure that new devices do not suddenly appear on the network.
The head of the NCSC recently told the Guardian that a major cyber-attack on the UK is a matter of "when, not if." Organisations can no longer treat attacks as a possibility, but rather an inevitability, so prepare now.
Implementing these security measures (below) will reduce the threat of an attack and help the organisation detect when an attacker is on the network so that security teams can focus on critical issues.
Investment in technology plays a crucial role in decreasing breach costs. Extensive use of encryption reduces costs by £10 per breached record, second only to having a strong incident response (IR) team.
Nearly two billion mobile security threats blocked during four-month period - an average of two attempts per day per device. Almost one billion security protections were triggered by cryptomining malware.
Shoplifting going digital is not just about stealing money; it's about stealing people's identities, payments and trust - and that means legitimate businesses loosing reputation and customers.
Why we will have to crowd-source skills over vast locations to cope with rising threats to critical national infrastructure; the concept of the IT help desk is now applicable to all manner of devices.
Biometric payment smart cards, with fingerprint recognition will greatly improve our ability to prevent fraud: fingerprints can now be enrolled onto the card directly, rather than a central database.
IoT security risks are much higher in health care than in other industries because IoT-connected medical devices store patients' confidential data, such as social security numbers and personal medical history.
With APIs now behind most mission-critical business capabilities, securing them has become paramount, making perimeter-based security models ineffective and even "negligent".
Proactive scalable security updates could be far quicker with Software-Defined Enterprise Content Delivery Networks, but IT teams and boards prioritise the latest 'must haves' of AI, ML, and unified comms.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense