Guest Post, Author at Cyber Secure Forum | Forum Events Ltd - Page 10 of 14
Posts By :

Guest Post

WEBINAR: Security Champions – Making the Business Case

 960 640 Guest Post
By:
0
9

You have an awesome idea. You plan it in full. You share it with your colleagues. What happens next?

Hang-on… They’re not jumping up and down. In fact, they’re frowning. They don’t get it!

Sound familiar?

When that happens remember:

“If you want something to change, only you can make that happen”

Join us – 1st Feb for a Masterclass in Making the Business Case for Security Champions. 

https://us02web.zoom.us/webinar/register/1816100266890/WN_OgUMcWkuTqWWtlSZBHyvsw

We’ll look at:
· Finding your WHY for your Champions Programme through socially constructed change (e.g. impactful conversations)
· Creating a 5-minute pitch for your programme
· Establishing resource and budget requirements

5 innovative cybersecurity training methods to try in 2021

 960 640 Guest Post
By:
0
1

By Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams

As much as 88% of data breaches are caused by human error, but only 43% of workers admit having made mistakes that compromised cybersecurity. In the past year a third of the breaches incorporated social engineering techniques and the cost of a breach caused by a human error averaged to $3.33 million

To mitigate the risk, enterprises develop complex cybersecurity strategies and action plans, yet they are insufficient unless acknowledged by every member of their organization. Half of the Chief Information Security Officers (CISOs) plan to extend cybersecurity and privacy into all business decisions and that makes it every employee’s concern. 

With the ever-changing and evolving digital threats, maintaining cyber resistance is no longer limited to IT and security officers and depends on every member of the organization. Constant training is a way to build the team’s resilience against threats, yet it is not uncommon for them to turn into dull PowerPoint sessions, after which few remember the safety measures they should take. The problem is amplified by the workforce operating from home and not subscribing to security policies of the company.

CISOs and other stakeholders can grab employees’ attention by changing the methods of the regular cybersecurity training. Those who found training to be very interesting were 13 times more likely to change the way they think about cyber threats and protection against them. Therefore, organizations should seek memorable, entertaining and accessible ways to talk about complicated security matters.

5 ways to make cybersecurity training more attractive

Gamify it. Dull figures slide after slide, myriads of ‘dos and don’ts’ along with knotty safety procedures make the process lethargic. Quizzes, games, prizes and quality time with colleagues will enhance enjoyment and learning. Interactive activities boost engagement and thus yield better results when it comes to teaching staff about cybersecurity. 

Engage in friendly competition. The key element of the gamification is competition. However,  putting a prompt question within the video lesson or offering ‘innovative’ content is not enough. People are engaged when they have an incentive, be it a prize or pride. Companies should organize monthly, quarterly or yearly competitions to keep a workforce constantly aware of new threats and how to tackle them.

Make it rewarding. Turn the right answer into a badge, a discovered vulnerability into a star, and a year without an incident into a holiday bonus. People expect feedback while participating in a competition, and the reward system is the optimal way to do it. Instead of giving an opinion to everybody in private, security and IT professionals can award the achievements. They also help to track the progress of each employee and take the precautions if necessary.

Turn it into a team effort. Staying protected from breaches and attacks is everyone’s interest. Thus employees should be encouraged to work in teams and solve riddles with their colleagues. In a cybersecurity workshop, for instance, employees can be asked to craft a phishing email. This encourages them to find out more about this criminal technique, to look at the examples of it and thus recognize them at the first glance next time. 

Be understood. For information security professionals, IT and cybersecurity jargon is a native language.  Yet for accountants, marketers and many others it’s just a meaningless jabber. Make sure to speak clearly and to explain every term in plain language so the relative layman understands and remembers.

These tips also apply when teaching the staff how to use various cybersecurity tools, such as cloud services or VPNs. With people working remotely, many of them face the need to use two-factor authentication or secure connection for the first time as it was readily available by default at their usual workstations. Now they have to care for their and their company’s protection themselves. 

Cybersecurity is no longer a thing only information security and IT departments care about. As many workplaces rely solely on digital solutions which are used by the entire workforce, staying protected against cyberattacks requires everyone’s joint effort. The main notions of data security must be conveyed in an appealing manner.

Where is cybersecurity in 2020 and where are we heading?

 960 640 Guest Post
By:
0
0

At the start of 2020, smart businesses were already preparing their security practices against threats including ransomware and phishing. That was before the pandemic, which has resulted in a shift in traditional working practices and a significant rise in remote working this year that has introduced the possibility of additional security risks. Paul Colwell (pictured), CTO at OGL Computer and CyberGuard Technologies reveals where we are now with cyber security and what the IT services providers’ team foresees the next 12 months bringing for UK businesses...

Where are we now with cyber security?

The last year has been full of rapidly evolving cyber threats made increasingly public via the news of high-profile breaches and allegations of election rigging as well as growing global data protection regulation.

News stories, consumer data protection awareness and corporate accountability at every level have contributed to an increased awareness of the need for excellent cyber security. Small to medium-sized businesses are more cyber aware as common attack vectors, such as email phishing, infiltrate every type of business, often costing millions.

Advances in cloud technology, AI and IoT have created a realisation that cyber protection must fully encompass the entire on-site and off-site network as well as peripheral IoT enabled devices.

Cyber Essentials is in high demand and has been accepted across the UK as a good standard for customer and supplier relationships, especially as companies recognise third-party risk can be severe. There has also been a maturity in patch management as specialists strive to fix the stress point of out of date software. Companies are also understanding the rapid development of Windows 10 and other software from cutting-edge creators means new business-beneficial features launch frequently.

What will the next 12 months in cyber security bring?

Companies are transitioning from reacting to threat after threat to a more pro-active security prevention approach. Industry wide advances such as AI-enhanced security services and a conditional rule approach are delivering better threat detection, and faster response rates.

Widespread recognition that threat-intelligence sharing must be enacted for all to benefit has been achieved so that today, and moving forward, companies and specialists can learn from attacks on their peers, and from industry experts and leaders before they themselves fall victim.

2021 in cyber security will see further growth in the need for “visibility” of network activity. Software developments such as the use of AI, high-performing integrated cyber security dashboards, real-time and cloud monitoring as well as regularly scheduled internal checks by specialists will allow the effective monitoring, tracking and response to network events. Real-time monitoring means threats are identified quicker and can be purged faster thus reducing corporate risk, loss, and potential litigation from expensive data breaches.

The combination of threat intelligence sharing, and the development of real-time monitoring means fast reaction – the ability for ‘zero day’ vulnerabilities to be pro-actively stopped before their impact is felt. Gone should be the days where cyber threats are able to infiltrate corporate networks for weeks and sometimes months without discovery.

The use of cloud technology and DevOps methodology as well as widespread remote working and IoT adoption have increased the awareness that cyber security practices must be implemented for every platform, device and user location. The security of cloud data will become increasingly the responsibility of the user. Two factor authentication for VPNs and Office 365 access will be a must. And, as in 2020, the popularity of next generation anti-virus services such as Carbon Black will grow with the need for enhanced security for off-network devices.

Where are we now with IT services

The growth in remote working, and even distance learning, has changed cyber security requirements but also the entire basis of IT provision. Figures from the Office for National Statistics in the UK point to homeworking having become common for nearly half of UK workers by the summer of 2020. This prompted both demand and technology change for bandwidth, remote connections, VPNs and RDS farms.

The use of interactive tools such as Microsoft Teams and Zoom has mushroomed affecting IT solution design, which has to keep up with the resource demand of such applications. Instead of hardware, software and softphones are being used for communication and audio/video calling, and instant messaging is far more prevalent.

Before 2020, IT services providers and IT departments were slowly adapting to remote working trends and greater digital transformation. In many cases mobile devices and laptops were still add-ons to a corporate network and employee perks instead of essential tools for many workers.

What will the next 12 months in IT services bring?

By 2021 digital transformation will have accelerated further. We believe that cloud-based solutions will continue to replace on-premise solutions in most instances, being more suited to remote working trends. Platforms like Microsoft Azure will no longer seem reserved for the enterprise, instead these are tools for almost any sized company.

Microsoft 365 applications, such as SharePoint, PowerBi and Flow, will see increased use. The onward migration to the cloud will give rise to greater use of cloud-based data storage and networking services, especially those that integrate with Microsoft 365 like OneDrive.

Security products that protect such services, like Datto, will prosper. Data storage technology will continue to change with SSD and NVMe (Non-Volatile Memory Express) increasing performance and interoperability for corporate systems. The demand for on-premise and physical equipment will fall, reducing capital expenditure. However, the need for services and subscriptions will increase monthly and yearly operating spend.

Social distancing means less human interaction. As this need continues and embeds into workplace culture the use of AI, machine learning, automation, virtual, augmented and mixed reality will also accelerate. IoT and smart devices will be used more frequently for real-time monitoring of processes, especially to aid distancing. Without Covid-19, AI was already set to revolutionise business intelligence and create efficiencies, especially in sales and customer service processes.

Businesses will budget in 2021 for homeworking solutions and equipment for their employees. Both companies and individuals will utilise smart home solutions to deliver multi-format fluid communications platforms, which need to be engaged frequently during the day. Smart assistants such as Google and Alexa will augment work processes as well as home lives for remote workers.

Escaping from Data Lockdown with a Digital Evolution

 960 640 Guest Post
By:
0
0

With data amassing at an exponential rate, digital transformation continues to be throttled as businesses struggle to achieve the insight they need from the data. To achieve value from data, businesses need to be able to access what they need, when they need, by the right people, in a usable format. Peter Ruffley, CEO, Zizo, has previously detailed the first three aspects businesses should consider to get out of data lockdown, including data access, responsibility and outcomes. With the data readily available and the company goals in mind, businesses need to ensure that the data they’re analysing will be of value and help them meet these objectives.

Here, Peter highlights two further aspects for businesses to consider before they can move forward in their digital transformation journey. While there is no one-size-fits-all approach to suit every company, by having available and structured data with an open and flexible culture, organisations are in a much stronger position to take on this critical shift and escape from data lockdown. 

Data structure and analysis:

Data must be structured for purpose – clean and consistent data will lead to better decisions and an easier transformation. There are many whose skill set is structuring data and building data structures; but because of their fixed belief on how they think things should be done, it can be a choke point for digital transformation. You have to be prepared to follow a business objective, even if it may apparently contradict some of the deeply held beliefs of your IT colleagues, or if the data tells you something that goes against your intuition, rather than derailing the process. 

Digital transformation isn’t a one-change process, but instead, a number of transformations will need to be made and augmented with other sources of structured data – it should be conducted as an ongoing rolling programme of incremental changes and additions. That adaptability to absorb other sources of data and find other business value is what this is all about.

It’s not digital transformation, it’s digital evolution. Some things may not go 100% to plan, therefore, you have to change and adapt based around those models. And just because every decision can be driven by data, does not mean you have to analyse all the data before you take each step. There is a case for paralysis through analysis; if you try to look at everything, you will end up doing nothing. An agile way of doing things and trying something small to see if it works, using the tools and techniques for when we want to scale up or down will enable smaller steps towards transformation to be taken faster. 

Business value and collaboration:

The key to digital transformation success is collaboration and flexibility. Businesses need to be flexible enough to digitally transform the marketplace. The tools, techniques and technologies exist, but there are only some organisations that are going to be smart, quick enough and united to actually take advantage. 

By distinguishing ownership and having a sense of collaboration within your company culture, the barriers to digital transformation will be diminished as team members acknowledge the changes that are going to be made to the business as a result of this transition. Without everybody on board, the transformation will not work. Technology is just one part of the process underpinning these changes – having an open attitude towards the use of data within the organisation is a necessity. 

People need to trust the data they’re using through provenance and understanding the business rules and objectives. Rather than trying to impose a rigid framework, using data as the foundation provides you with trusted evidence and reasoning, backed up by other areas of the business. If you’ve got a dialogue supported with data that you trust, stakeholders will buy into the initiative. 

Organisations can’t expect the deployment of tools and technologies to change their business overnight, but by having a more open and collaborative attitude towards the use of data within the organisation, underpinned by new tools and technology, a digital evolution can progress in the right direction. 

LogRhythm NextGen SIEM Platform – Build your security program on a solid foundation

 960 640 Guest Post
By:
0
0

By LogRhythm

Align your team, technology, and processes to see broadly across your IT and operating environments, uncover threats, and minimise risk — all within a single, unified platform. The LogRhythm NextGen SIEM Platform is at the centre of thousands of SOCs worldwide.

Detect threats earlier and faster. 
When it comes to stopping threats, seconds matter. That’s why we built our platform for speed. You’ll quickly identify threats, automate and collaborate on investigations, and remediate threats with agility.

Gain visibility across your environment.
Eliminate blind spots across your entire enterprise — from your endpoints to the network to the cloud. Easily search across your log and other machine data to find the answers you need and know what’s happening across your environment.

Work smarter, not harder.
Spend your time on impactful work instead of maintaining, caring for, and feeding your SIEM tool. Automate repetitive tasks and labour-intensive work so your team can focus on the areas where their expertise can make a difference.

Build for today, scale for tomorrow.
The complexity and scale of your environment is growing rapidly. Don’t settle for an entry-level solution that you’ll soon outgrow. Get high performance and reduced operating costs — for today and tomorrow.

Deploy in the cloud or on-prem.

Learn more at www.logrhythm.com.

The state of the security team: Are executives the problem?

 960 640 Guest Post
By:
0
0

By LogRhythm

A global survey of security professionals and executives by LogRhythm

Amid a slew of statistics on how job stress is impacting security professionals, we sought to learn the causes of the tension and anxiety — as well understand potential ways teams might alleviate and remediate the potential of job burnout. 

We ran a global survey with security professionals and executives and investigated the tools those security professionals use to understand solution capabilities, deployment strategies, technology gaps, and the value of tool consolidation.

Key findings

“Now, more than ever, security teams are being expected to do more with less leading to increasing stress levels. With more organisations operating under remote work conditions, the attack surface has broadened, making security at scale a critical concern,” says James Carder, CSO and VP of LogRhythm Labs. “This is a call to action for executives to prioritise alleviating the stress and better support their teams with proper tools, processes, and strategic guidance.”

When asked what causes the most work-related stress, not having enough time is cited by 41 percent and working with executives by 18 percent. In fact, 57 percent of respondents think their security program lacks proper executive support — defined as providing strategic vision, buy-in and budget.

In addition, security professionals cite inadequate executive accountability for strategic security decisions as the top reason (42 percent) they want to leave their job. This is a worrying statistic, given that nearly half of companies (47 percent) are trying to fill three or more security positions.

If you are leading a security team or part of a SOC, hearing that stress is increasing in your space is likely no surprise. To keep up with the threats facing your organisation, it is clear there needs to be a cultural shift — and it must start at the top. It is no longer just the responsibility of a CISO or CSO. To ensure a company is secure, the board and executive team must supply their security team with the strategic guidance, a healthy budget, and the proper tools required to effectively do their jobs.

Further information is available in the full report, available from the LogRhythm website

Joiner-Mover-Leaver process: Solve it once and for all?

 960 640 Guest Post
By:
0
0

By Tenfold Security

JML processes give IT and HR departments regular headaches and often create quite hefty conflicts between those two departments. What is this all about?

When a new employee joins your organization, HR will know about them first, as they sign the contracts and do the onboarding. Today, many employees will require IT system access in order to fill their job role. That means IT needs to know about new hires so they can onboard them as well with all the necessary resources:

  • Client hardware (PC, Laptop, etc.)
  • Active Directory accounts, group memberships
  • E-Mail access, distribution groups, access to shared mailboxes
  • Access to applications like ERP or CRM

If HR fails to pass on that information (for whatever reason), you might end up with a new employee not being productive on their first few days, because they can’t access important systems and data. This is not only a loss for the company, but also creates great frustration for the new hire.

The same challenge arises if HR forgets to inform IT about employee that has departed from the organization recently. The result are orphaned user accounts that pose a huge security risk and generate costs in the form of unused software licenses.

How to solve the issue? We at tenfold, the leading mid-market Identity & Access Management solution propose the following:

  • If you manage less than 500 users, let HR manually input new hires, leavers and data changes (for example last name changes or new telephone numbers) into tenfold. Our software will then distribute those changes to Active Directory and other systems. Your HR users don’t have to be domain administrators for this to work.
  • If you manage more than 500 users, attach your HR management or payroll system directly to tenfold to automate the whole process. Read all about how this is made possible by the tenfold Import Plugin: https://www.tenfold-security.com/en/import-plugin-tenfold/

If you would like to learn about the basics of access management in Microsoft environments (structure, access right levels, access control lists, inheritance) then download our detailed white paper “Best Practices For Access Management In Microsoft® Environments” at this link: https://www.tenfold-security.com/en/whitepaper-best-practices/  

Want to try tenfold for yourself? No problem, just register to download our free trial https://www.tenfold-security.com/en/free-trial/

Why endpoint security matters more than ever

 960 640 Guest Post
By:
0
0

The swiftly evolving threat landscape, combined with the huge increase in remote working, means that securing your organisation’s endpoints has never been more critical.

Here, George Glass, Head of Threat Intelligence at Redscan, explains the importance of endpoint security and why detecting and responding to the latest threats demands greater endpoint visibility and specialist expertise...

Next-generation endpoint protection is a must

As cyber threats continue to evolve, it’s increasingly clear that organisations must look beyond traditional endpoint security solutions.

Antivirus software remains essential, but relying on traditional AV tools, which are largely signature-based, can leave organisations vulnerable to more sophisticated threats. Most traditional AV solutions are estimated to block just 40% of attacks.

Detecting the latest advanced threats requires next-generation capabilities, such as those provided by Endpoint Detection and Response (EDR) and Next-Gen AV (NGAV) platforms. 

EDR and NGAV technologies provide deep visibility across devices by collecting raw telemetry relating to processes, file modifications and registry changes, and using behavioural analytics to examine events in near real-time. 

Fileless malware is a serious risk to organisations and the top critical threat to endpoints in 2020. However, without more advanced endpoint detection there is a real danger that these and other sophisticated attack vectors can be missed.

The increasing risks of remote working

Providing employees with seamless access to the corporate network is essential to ensure that they can fulfil their roles effectively, but every device that connects to the network carries an inherent risk.

When employees work from home, they are located outside the protection of the corporate firewall, which can monitor and block incoming and outgoing communications to endpoint devices. Many organisations insist that employees connect to a Virtual Private Network (VPN) and while this can offer some security, ensuring all employees do so with regularity can be a challenge.

Employee devices are at greater risk for a number of other reasons too. Many often have unpatched software vulnerabilities and are operated by people susceptible to phishing, the most common attack vector used to target endpoints.

Malware threats such as Emotet are primarily delivered via emails. Emotet is equipped with wormable features, making it highly effective at triggering ransomware. 

The average cost per breach resulting from an attack on endpoints is over £7 million, more than twice the average cost of a general data breach 

(Ponemon Institute)

The significant damage and disruption that endpoint breaches can cause makes incident response critical. Securing endpoints is important because it helps organisations to reduce incident response times by disrupting and containing attacks earlier in the kill chain. Advanced tools like EDR can automate response actions, such as by terminating processes and isolating infected endpoints from a network, thereby ensuring infections are shut down as quickly as possible.

With threats deployed more quickly than ever, a swift response is vital to address critical vulnerabilities such as Zerologon and shutting down ransomware attacks, which can achieve full domain-wide encryption in just a matter of hours.

The challenges of endpoint security 

Early detection of endpoint attacks is imperative, but without a team of security experts to manage and monitor EDR and NGAV technologies around-the-clock, organisations will experience challenges with achieving the required security outcomes.

Next-generation endpoint solutions collect and analyse a huge volume of data, and the greater the number of devices and applications that are monitored, the more security alerts that can result. This causes growing complexity that can be difficult to manage for in-house teams, who may lack the specialist security training required to make sense of them.

Getting the best from the latest tools and reducing false positives requires security teams to draw upon a wide range of threat intelligence and develop custom rulesets that accurately identify the latest threat behaviours.

It is only by maximising the benefits of specialist technology that organisations will fully realise their endpoint security goals.

George Glass is Head of Threat Intelligence at Redscan, a leading UK-provider of Managed Detection and Response and security assessment services. 

To learn more, visit www.redscan.com/

Identity Access Management vs. Access Rights Management – What’s the Difference?

 615 410 Guest Post
By:
0
1

The terms access management (short: AM; also referred to as access rights management or just rights management) and identity & access management (short: IAM) are often used synonymously. In practice, however, they do not stand for the same thing. In this article, we are going to take a closer look at the difference between access rights management software and identity/access management solutions.

Check out the article at https://www.tenfold-security.com/en/identity-access-management-vs-permission-management-whats-the-difference/

If you are looking to secure data access in your organization by:

  • Getting more visibility out of your Active Directory environment
  • Want to manage file server access rights in a best practice compliant way
  • Want to automate your user lifecycle tasks
  • Let users request access and have your business owners approve requests
  • Achieve compliance for need-to-know permissions

Then try tenfold for free today and see how we will be able to make your IT infrastructure more secure from day one.

Request free trial at: https://www.tenfold-security.com/en/free-trial/

Meeting the Tests to get out of Data Lockdown

 960 640 Guest Post
By:
0
0

Digital transformation of any business has always been hampered by making sense of underlying data. And that data has been growing in volume at an unprecedented rate driven by the growth of IoT. It’s the perfect storm – the need for real-time information being increasingly distanced by the rate at which the data volume is growing. Businesses need insight, not just data, which means getting the right information, to the right person, at the right time. 

But the age-old problem remains today – how do you understand and see what data you have readily available, in a format that’s usable and that you can access at the right time? Peter Ruffley, CEO, Zizo, explores three aspects businesses must consider to get out of ‘data lockdown‘…

Data access 

There are a multitude of ways to store and access data, but a majority of businesses haven’t considered access to external data sources yet. When we begin to question how to enrich and improve data, one of the fundamental capabilities of this process is by integrating external third-party data sources, such as weather, crime or other open data sources. 

Businesses need to have an understanding of what they need to do to make the process worthwhile, and ensure they have the correct capabilities before they start. A common first approach for many organisations is to build from scratch and make it their own, rather than considering the buyer approaches where you look at what’s out there, explore the marketplace and transform existing data to use within the business, rather than starting from the ground up. 

If they can’t combine different sources of data quickly and cost-effectively together, they won’t move forward. It makes sense to digitally transform an organisation if it is going to make use of what’s already out there, as being able to tap in and share other work and insights will make the exercise worthwhile and cost-effective. With combinations of solutions available in the marketplace that can accelerate the process by providing the necessary building blocks, it’s time to transform the digital transformation process. 

Data responsibility 

There remains a disconnect between IT teams and businesses’ impressions about what it means to provide the data. If both parties are not aligned with the same aims of the business, the project could stall at the first hurdle. Instead, organisations need to bridge the divide and encourage stronger collaboration between all stakeholders. When businesses realise where those holes are in their structure, it’s key to get people involved to solve those challenges. 

This involves change on three levels; personnel, cultural and technological. Who’s responsible for this chain? Whose action is it? How do we bring these teams together? The business might be storing a lot of data, but how can it be accessed, interrogated and made useful? How will the business’ data goals be defined? 

Typically, the digital transformation initiative comes from the top in the organisation. In order to get your business on board, you have to make a very clear case of what the benefits are. Employees need to trust that improvements will be made for them by doing this, rather than just dictating the plan. Digital transformation is a change programme, which impacts all aspects of the business. You therefore have to approach it in the same way that you would approach any change project – with clear objectives and an agreed process of identifying how you’re going to get value from data. With a compelling case, you have a much better chance of carrying it through with buy in from all stakeholders. 

Data and objective identification:

You can’t embark on a digital transformation initiative without a concept – you’re condemning the project to failure if the business is not engaged properly with the process before you start. In order to yield business benefit from data, organisations must identify the areas that will realise the most benefits. Even if they’re hypothetical, there must be measurable ambitions in place or milestones for this journey, so that there is an understanding of what you’re going to do, and what you want to get out of it. Or if those ambitions weren’t achieved, why not? What steps need to be taken next time? 

Organisations have to be able to collect the data and assess whether they can achieve their business objectives from that data. But a goal of just ‘digital transformation’, ‘digitising data’ or ‘making more money’ will never translate into a concrete business case. Goals need to be specific and measurable in order to determine the project roadmap and for success to be evaluated. 

More importantly, you have to understand where the data is in your organisation and what it’s being used for, before you start the process of transformation. The whole supply chain needs to be aware of the transformation and the demands that are going to be in place. You’ve got to be very open about this process, because there will be people who you haven’t thought of that might be impacted by the changes you’re making.

With easy access, a connected team and clear objectives, companies can have a clear outline of what it is they set out to achieve in their digital transformation, how they expect to make this transition with the data available, and who can take on what role in this process.