Guest Post, Author at Cyber Secure Forum | Forum Events Ltd - Page 12 of 14
Posts By :

Guest Post

The first and last line of defence

 960 640 Guest Post
By:
0
0

As the frequency and sophistication of cyber attacks increase at an alarming rate, much attention has been paid to high-profile data breaches of enterprise companies. Just recently, EasyJet revealed that the personal information of 9 million customers was accessed in a cyber attack on the airline; and the examples don’t stop there. British Airways was fined £183 million in July last year after hackers stole data of half a million customers and in the same month, the Marriott hotel group was fined £99.2 million for a breach that exposed the data of 339 million customers. 

With media attention typically placed on data breaches of this scale, this could give the incorrect impression that the cyber security risk to SMBs is much smaller. It’s true that SMBs by their very nature don’t have thousands of employees or millions of global customers, but that doesn’t mean that they are not a target. Every business still has a combination of employees with personal data, payroll information, company credit cards, suppliers that use their systems – all valuable data that a hacker could potentially use to their advantage. Clearly, technology has a large role to play – but technology alone can’t prevent every type of attack.

Andrea Babbs, UK General Manager, VIPRE Security, explains how a combination of technology, regular training and tools that help the user to thwart potential hacks can provide a layered defence for organisations to mitigate the threats they face….

Technology alone is insufficient

Life and work as we know it is changing as a result of the Covid-19 crisis. Businesses were forced to implement a working from home policy (if they could) almost overnight, with many unprepared in terms of infrastructure and security. Cyber criminals have used this to their advantage, producing ever more sophisticated, convincing and dangerous methods to target businesses and individuals.

Technology, including solutions that provide a vital protection against email mistakes, can help users spot phishing attacks – such as the email that purports to come from inside the company, but actually has a cleverly disguised similar domain name. This technology can automatically flag that email when it identifies that it is not an allowed domain, enabling the user to cancel send and avoid falling for the phishing attack. In addition to email security and endpoint securitythat protects against emerging threats such as spyware, viruses, ransomware etc., this can be a valuable tool in an organisation’s armoury. 

But despite companies such as EasyJet investing significant amounts into essential cyber security software, the breach examples above clearly show that deploying technology in isolation is not enough to entirely mitigate the risk of cyber attacks. The key is to change the mindset from a full reliance on IT, to one where everyone is responsible. 

Employees are a key part of a business’ security strategy. Those that are educated about the types of threats they could be vulnerable to, how to spot them and the steps to take in the event of a suspected breach are a valuable and critical asset to a company. Employees are the soldiers on the front line in the battle against cyber criminals. They need to be trained to be vigilant, cautious and suspicious and assume their role as the last line of defence when all else fails. 

The threat landscape continues to evolve so rapidly that those businesses not conducting regular cyber security training for their employees are not secure. Relying on security software isn’t enough. But training shouldn’t just be a tickbox exercise either, a once a year session on cyber threats won’t be enough to keep the workforce sufficiently informed and vigilant. 

Security Awareness Training

Organisations cannot be expected to stay one step ahead of cyber criminals and adapt to new threats on their own. They need to recruit their employees to work mindfully and responsibly on the front lines of cyber defence. 

According to Verizon’s 2019 Breach Investigations report, 94 percent of malware is delivered by email, making it the most common attack vector. One element of ensuring that the workforce is alert to the threat of phishing emails is to conduct a regular internal phishing email campaign that can also provide analysis on which employees failed to spot the phishing attempt, and therefore, may require additional training. Would your employees know how to spot a scam attempt? What about the following real-world examples taken from actual events? 

  1. A scammer purporting to be a company executive sends an email to an employee requesting a wire transfer to be sent immediately to a supplier. With a senior colleague making the request, and added pressure at the moment to be seen as ‘working’ when working from home, the employee complies and wires funds to a fake account. 
  2. An email is sent to your outsourced HR provider claiming to be from the company CEO requesting personal employee data. Without spotting the fraudulent nature of the email, the HR provider complies and shares personal information with the scammer which could be used to create false documentation. 

Fortifying the defence strategy

The essence of a solid cyber security strategy is a layered defence that includes endpoint security, email security and a business-grade firewall for the security of your network. But even with the most sophisticated software in place, hackers make it their mission to stay one step ahead of IT defences. Employees can, therefore, be a proactive weapon in an organisation’s defence, or a hole in the fence for cyber criminals to pass straight through to the corporate network. That is why regular training, in addition to complementary security tools, can provide a fortified strategy for organisations to mitigate the threat of a cyber attack. The workforce should be trained to question everything, be cautious and double check anything that they think is suspicious. The difference between a trained and an uneducated workforce could mean the difference between an organisation surviving a cyber attack, or suffering the devastating consequences.

Without automation, security gets harder during a business disruption

 960 640 Guest Post
By:
0
0

FireMon’s 2020 State of Hybrid Cloud Security Survey found that 69.5 percent of respondents have a security team of just 10 people or fewer.  And  most manage both on-premise network security and cloud security.  

These teams are already bogged down with manual tasks at the best of times, so when a crisis  hits, it magnifies the risks of manual processes. Not only is it difficult to maintain essential network operations, but the number of misconfigurations that threaten compliance go up dramatically. 

Worse still, if unexpected interruptions to business continuity lead to team members being out of commission, security and compliance is further compromised because there’s not enough people to execute even the most basic steps of the business continuity plan — forget security configuration and compliance! An unexpected disaster scenario that already threatens data and compliance is further magnified, and so is the risk to the business, including the greater likelihood of lost revenues. 

IT’S ALREADY WAY TOO HARD TO KEEP UP ON A NORMAL DAY 

If you’re already short on people on a regular day, it’s going to be even harder to keep on top of everything that needs to be done when disaster strikes. Some of those manual tasks such as firewall rule updates may simply not get done, or if they do, they’re rushed and are more prone to human errors that lead to misconfigurations. Instead, the priority is to keep the business running and security teams must shift their focus to exceptional, specific user access issues that are cropping up, which are also being done in a hurry without enough attention to compliance because there’s no foundational best practices in place. 

Disruptions also mean some security team members are no longer available, so you’re even further short-staffed at a time when you need all hands on deck. Without automation and logs that provide insight into how and why things are done, you’re dependent on the knowledge of people who may no longer be available to share it.  

AUTOMATE WHAT YOU CAN SO YOU CAN MANAGE WHAT YOU CAN’T 

You can’t control everything, and it’s not a matter of if disaster strikes, it’s when.  Regardless of the cause, a “black swan” event tends to throw a lot of curve balls at security teams. However, if you’ve already automated most cloud configurations and global security policy, your team is in a much better position to deal with the expected.  

There are many things security teams can automate, including: 

  • Identity and access management, including cloud configuration 
  • Updates and patches 
  • Detection and monitoring 
  • Firewall rule updates 

Knowledge transfer through documentation also means you’re not dependent on specific team members to maintain compliance. 

You can’t automate everything at once, but if you start with low-hanging fruit, you’ll see immediate benefits. By establishing a global security policy and making it a baseline for any access configurations, including cloud services, you can be responsive to the lines of business change requests. Organizational knowledge is also quickly accessible, even when disaster strikes and if team members become unavailable. 

There are times when business isn’t as usual – it happens. However, it’s important to learn and adapt while things unfold during those times. In this case, many organizations will decide to lean into cloud migrations and automation to blunt the impacts of future black swan events. 

TLS/SSL Decryption – One of the main pillars of zero trust model

 960 640 Guest Post
By:
0
0

By Stephen Dallas AVP Emerging Europe / Africa Sales & EMEA Channels at A10 Networks

In a world where everything and everyone is connected to the internet, in one way or another, it’s hard to imagine a network that is truly secure. Data, large amounts of it, are at the centre of it all. With industries from healthcare to the education sector to the government using the internet to provide easy access to data, it is no wonder that cybersecurity teams are always working around the clock to try and come up with better ways of defending these networks and the data they store.

Insider Threats – Need for Security to Evolve from “Castle and Moat” Approach

Modern cyberattacks are not limited to just network intrusion from the outside. Internal threat actors can often be found at the centre of sophisticated attacks.

Initially, we had the concept of zones, perimeters and network segments – placing all the protected assets “inside” the secured network perimeter. However, attackers are always evolving the methods they use; always on the lookout for weak points in your network defences; and coming up with newer ways of infiltrating the perimeter. Keeping up with them is a challenging and ongoing struggle. We also need to realise that the “castle and moat” approach to our network defences was mostly effective against threats that resided outside the network. But what about the threats on the inside? What about modern attacks that work on multiple levels to try to bring your networks down? How do we protect our networks from people who have legitimate access to all its resources? How do we battle the ever-growing and ever-evolving modern cyberattacks? Add to these questions, regulations like GDPR, and the rising fines, and you will see that having your networks attacked and data breached is one of the worst things that can happen to your company. With these issues as the backdrop, we are forced to re-assess and re-think the way we defend our networks, users and data.

Zero Trust Model – a Modern Cybersecurity Approach

Zero Trust attempts to fix the problems, and patch the holes, in our cybersecurity strategies. At the core of it, the Zero Trust model is based on the principal of “trust nobody.” The Zero Trust model dictates that no one in your network should be trusted completely, that access should be restricted as much as possible, and that trust should be seen as yet another vulnerability that can put your network at risk.

Some of the precepts of the Zero Trust model are:

  • Networks need to be redesigned in a way that east-west traffic and access can be restricted.
  • Incident detection and response should be facilitated and improved using comprehensive analytics and automation solutions, as well as centralised management and visibility into the network, data, workloads, users and devices used.
  • Access should be restricted as much as possible, limiting excessive privileges for all users.
  • In multi-vendor networks, all solutions should integrate and work together seamlessly, enabling compliance and unified security. The solutions should also be easy to use so that additional complexity can be removed.

Danger of Security Blind Spots

In recent times, we have witnessed a phenomenal rise in the use of encryption across the internet. Google reports that over 90 percent of the traffic passing through its services is encrypted. The same is true for all the other vendors. This rise has been driven by many factors, including privacy concerns.

However, with encryption comes the creation of a “blind spot” in our network defences as most of the security devices we use are not designed to decrypt and inspect traffic. The Zero Trust model is not immune to this problem as visibility is considered as one of the key elements to its successful implementation. Without complete encrypted traffic visibility, the model will fail, introducing vulnerabilities that can be exploited by both insiders and hackers.

TLS/SSL Decryption – One of the Main Pillars of Zero Trust

A centralised and dedicated decryption solution must be placed at the centre of the Zero Trust model and should be included as one of the essential components your security strategy.

Many security vendors will make claims of the ability to decrypt their own traffic, working independently of a centralised decryption solution. However, this “distributed decryption” approach can introduce problems of its own, including inferior performance and network bottlenecks, and fixing these would require costly upgrades. In a multi-vendor, multidevice security infrastructure, the distributed decryption also forces you to deploy your private keys in multiple locations, creating an unnecessarily large threat surface in your network, which could be subject to exploitation.

Key features of a good TLS/ SSL Decryption Solution

It is important that a dedicated, centralised decryption solution provides full visibility to the enterprise security infrastructure for TLS/SSL traffic. Not only that, but the solution also needs to provide a multi-layered security approach, which then makes it the perfect candidate to be deployed at the centre of a Zero Trust network.

Below are some of the features to look out for when looking to implement a TLS/ SSL Decryption Solution:

  • Full Traffic Visibility – It needs to enable the entire security infrastructure to inspect all traffic in clear-text, at fast speeds, ensuring that no encrypted attacks or data breaches can slip through
  • Ease of Integration – It should be vendor agnostic and easily integrate with securitydevices already deployed within the network. This drives down additional costs and upgrades.
  • Multi-Layered Security Services – These are additional security services, including URL filtering, application visibility and control, threat intelligence and threat investigation, that help strengthen the security efficacy of the entire enterprise network
  • User Access Control – The product should be able to enforce authentication and authorisation policies to restrict unneeded access, log access information and provide the ability to apply different security policies based on user and group IDs.
  • Micro Segmentation – It should facilitate micro-segmentation through its ability to provide granular traffic control, user and group ID-based traffic control, and support for multi-tenancy
  • Securing Cloud Access – SaaS security is an important feature which can be provided by enforcing tenant access control and visibility into user activities.

In conclusion, without a centralised and dedicated TLS/SSL decryption solution, the Zero Trust model is unable to do what it was designed to do – protect our networks, users and data from threats residing inside and outside the network.

Top 5 business telecoms trends for 2020

 960 640 Guest Post
By:
0
0

By Laura Health, Head of Product Development at TSG

As with several business technologies, the 2010s saw huge advancements in telecommunications. Whilst VoIP (Voice over Internet Protocol) telephony had been around long before this decade, this is when it really took off as a viable, modern and futureproof solution for businesses around the world.

A lot of businesses saw it as an opportunity to realise savings from new internet connections or to move their voice services to new providers; but many didn’t really look at the benefits beyond that. 

High-quality internet became far more accessible in the 2010s; leased line internet services became more affordable, with many being able to benefit from 100Mbps and upwards connections; all for the same price of previous 10Mbps services. The internet evolved into an essential tool for any business with the shift towards cloud-based services.

As the decade progressed and many organisations got to grips with flexible working (an option afforded to us by this move to cloud services), consumers benefitted from better internet services. The fibre broadband rollout gained pace, and now an estimated 96% of the UK can access internet speeds in excess of 24Mbps download. It’s an added bonus for avid streamers, from Netflix binges to the festive football fixtures available on Amazon Prime.

What will telephony and telecommunications look like in the 2020s?

Now that we’ve taken a quick whistle-stop tour of the advancements in telephony in the 2010s, let’s look ahead. With the changing way we’re using the internet to consume more services, both personally and professionally, this decade is really exciting.

Hosted telephony is becoming the norm

In a business context, the shift to the cloud continues at an incredible pace. Many businesses, having completed their migration, are now adopting a cloud-first approach, utilising services like Office 365, Dynamics 365 and hosted voice services – all of which need great telecommunications infrastructure.

This is particularly important as businesses are changing how they want to consume their voice services. Typically, organisations are looking to remove the need for physical equipment (in the form of a PBX system – the key aim is to move to a softphone-only environment) and benefit from the advantages a hosted voice platform provides, namely:

  • Disaster recovery capabilities – traditionally, this was only afforded to organisations with a lot of money to spend
  • Flexibility – giving staff the ability to work from any location whilst still being part of the corporate system
  • Preparing for the ISDN switch-off – read more about this further down
  • Cost-savings – these can easily be achieved through consolidation; reduced call spend and typically a low capital expenditure when implementing a new system

Kick-started by the ISDN switch-off, thousands of UK businesses are replacing legacy phone systems – some of which are older than this millennium! Additionally, the rate of change in the hosted voice market continued to increase last year with the announcement from Microsoft about full voice services coming to its Teams platform, provided to organisations via Office 365.

Microsoft shakes up the hosted voice market with Microsoft 365 Business Voice

Microsoft 365 Business Voice could revolutionise how we approach voice services here in the UK. If you add to this the perfect storm of the death of ISDN in 2025 and many users already utilising Office 365, the next decade could see Teams providing an entry to hosted voice services to the many at just a small additional cost on top of their existing O365 subscriptions. 

One exciting innovation is the exploration of integrating artificial intelligence (AI) into voice services, particularly in the call centre space. This is likely to play a huge part during the next decade, providing efficiencies to call flow and improving customer service. Imagine being presented with all the information required by your device without having to type?

The ISDN switch-off – act now before it’s too late

ISDN voice services will be coming to their inevitable end in 2025, with Openreach making the announcement a few years ago. This will see the way in which we all consume our voice services change. It also means those business clinging on to the ageing traditional systems because “they don’t cost anything to run” will find that they need to upgrade or risk losing their voice services entirely.

Consumers will also be boosted again in the coming decade. Many will still require the copper cable, but this will be more for the provision of the broadband, not voice services. As networks are upgraded, Openreach has now adopted a fibre-first approach. In short, any new buildings or upgrades that it carries out will see superfast fibre FTTP (fibre to the premise) deployed instead of the FTTC (fibre to the cabinet) technology of the last decade. This will provide speeds of up to 1Gbps. Just imagine the streaming on that… 8K anyone?

Providers are upping their game

The introduction of Microsoft 365 Business Voice means providers need to adapt in order to keep up with the times and offer robust services. We’re already seeing this with Gamma’s introduction of its mobile convergence offering (Gamma Connect), giving you phone system functionality on your mobile phone without the need for a softphone. This technology is great for any business who has a very mobile workforce.

5G will give us endless mobile possibilities

The last area to touch on is the introduction of 5G. This is great news not only for consumers, but for businesses invested in mobile voice services. When on the go and not hooked up to WiFi, this means your mobile workforce will still be available and able to use voice services. There are also interesting implications for the IoT (Internet of Things) and AI. 

A final word

So, over the next decade we can expect businesses to move to IP telephony in their droves as they jump ship from ISDN before the costs become unmanageable and, in turn, reap a host of additional benefits. The Microsoft Teams telephony solution will give the market a much-needed shake-up and provides an entry-point into hosted voice for small to medium businesses.

TSG is a managed IT support company in London, offering expertise across a range of areas including Office 365, Dynamics 365, document management and business intelligence. 

Image by Ahmad Ardity from Pixabay 

Progress your career with a funded Cyber Security Apprenticeship

 960 640 Guest Post
By:
0
0

This funded Degree Apprenticeship programme from De Montfort University (DMU) is a great opportunity to work towards becoming a fully-competent cyber security professional.

Businesses often find their workforce has gaps in the specific digital skills needed to protect them from cyber security threats. The Cyber Security Technical Professional Integrated Degree Apprenticeship provides the essential skills and knowledge to ensure individuals can become independent cyber security professionals who can operate within business, technology or engineering functions across a range of industry sectors. Apprentices will develop skills which enable them to lead teams that research, analyse, model and assess cyber risks, design, develop, justify, manage and operate secure solutions, and detect and respond to incidents.

The great news is that if your organisation is a Levy payer, this apprenticeship allows you to utilise the funds within that Apprenticeship Levy. If your organisation does not pay the levy, up to 95% of the apprenticeship can be funded by the Government Apprenticeship Service. With this service you have the opportunity to reserve funds up to three months in advance of the start date for the programme. From now until autumn, up to 15,000 apprenticeships are available via this route.  

The teaching on this programme is underpinned by the work of academics from DMU’s Cyber Technology Institute (CTI). The CTI is a recognised NCSC Academic Centre of Excellence in Cyber Security Research as well as an Airbus Centre of Excellence in SCADA Forensics. This research and industry expertise provides the perfect environment for apprentices to develop the skills they need to respond to real-world cyber security challenges.

Key elements of the apprenticeship include; Risk modelling, analysis and assessment strategies, Cyber Incident Response tools and techniques, Secure software development, Malware Analysis, and understanding of the applicable laws, regulations, standards and ethics.

During this 42 month programme apprentices can expect to attend DMU for week-long blocks of teaching for each module, learning alongside peers from industry to encourage broad scope thinking. Integrating workplace training with academic learning provides apprentices with an increased understanding of their organisation’s unique business needs.

This apprenticeship is suitable for professionals employed by an organisation who will support their participation in the entire programme. This includes regular meetings with a work place mentor to support development of the professional skills they need to complete the programme successfully.

DMU works with organisations such as IBM, Siemens and BT delivering apprenticeships, where learning and skills are embedded back into the business from day one, adding real value and transferring fresh and innovative ideas.

The programme is based on the Level 6 Cyber Security Technical Professional (Integrated Degree) apprenticeship standard and is allocated Funding Band 27 (£24,000) by the Institute for Apprenticeships (IfA).

To find out more, click here.

Digital Transformation and Cloud Migration Initiatives Shouldn’t Leave Security Behind

 960 640 Guest Post
By:
0
0

Digital transformation can be a nebulous term, but for FireMon customers, it typically means shifting workloads to the cloud and streamlining business processes. 

This transformation should emanate from the inside out and is not simply adding transformational technology at the edge or remotely. Strategic initiatives around digital transformation should contribute to as many of the below areas as possible:   

  • Corporate cost savings 
  • People efficiency 
  • Customer satisfaction 
  • Infrastructure security posture 
  • Driver for meaningful innovation 

Most enterprises are on the journey now, albeit at different places. The destination is a cloud-first, more profitable, responsive, efficient and customer-centric organization. But the road ahead has obstacles. To avoid these, enterprises need complete visibility into the infrastructure they are transforming so they don’t replicate and automate inefficient processes. Empowering their people to be more productive should be top of mind.  

All this must be done with security at the forefront and not as an afterthought. Proper configuration of cloud deployments and automation of security policy management can move digital transformation efforts forward. 

Digital transformation needs a map 

If enterprises are to fully benefit from a cloud-first strategy, they not only need complete visibility into the IT they’re adding, but also their existing environments.  

Without a clear picture of what you already have, you risk lifting and shifting outdated processes and non-compliant security to the cloud. And you’re not necessarily going to move everything, so your digital transformation should move you toward a complete view of your infrastructure. 

At FireMon, we have been driving innovation that allows customers see their cloud deployments the same way they see their on-premise infrastructures, even though security configurations can differ widely. Digital transformation is an opportunity to create a dashboard that can travel with you down the road far into the future, even as the horizon changes — in this case, it’s wherever you decide to put workloads and digital assets. 

Clean before you automate 

Before you can embrace automation, there’s one key step you need to take in your digital transformation journey: ingesting and aggregating information to improve security posture. 

Visibility through FireMon Lumeta enables to you to see all the devices and endpoints in your existing environment, including what you’ve already put in the cloud, and every rule that’s attached to them. Before you decide what to automate, make sure it’s worth automating. Digital transformation is an opportunity to look at what you’re already doing and a chance to clean up or fix broken processes.  

Make sure your security controls go with you; you should have the same level of confidence in the cloud as you did on premise, and the same visibility, if not better. It’s also an opportunity to align teams responsible for security, especially if on-premise and cloud security duties are divided. Better still, bridge that gap and unify your team as so security is better positioned as part of your overall design process.  

Once you can see everything you have and have shored up your security policy, you can automate what should be automated and replicate the appropriate on-premise controls in your cloud environment. It’s a chance to discard redundant firewall rules and processes, just as you would have a garage sale before moving a new house — why take unnecessary junk with you? 

Digital transformation is more than making the business more efficient through cloud-first strategies; it’s a cultural shift for the entire organization. It means not doing things the same way just because they’ve always been done that way, but it also empowers people to take on new responsibilities by freeing them up through smart automation.  

And remember, there’s no point embarking on the digital transformation journey unless you take security with you.   

Find out more at www.Firemon.com

Taking online networking back to basics in IT

 960 640 Guest Post
By:
0
0

IT professionals are struggling to get value from online networking, knowledge-sharing and content driven platforms. Too many recruitment requests, questionable connections, and far too much time spent wading through promotional messages to reach the right content. Individuals need less noise, more relevance. Max Kurton, Editor in Chief, EM360 explains why it’s time for online networking to get back to basics...

Noisy and Confusing

It may be hard to remember but online networking platforms started with a simple model: to provide professionals within a specific market – such as IT – the chance to network and interact with like-minded individuals, sharing content relevant to each individual’s interests, background and preferences. That doesn’t sound anything like today’s experience. Over the past decade that simple but highly effective premise has been completely lost. While still essential for day to day networking and collaboration, the deluge of irrelevant content and connections online platforms serve up second by second is adding to workplace stress rather than supporting any effective or timely knowledge sharing and collaboration.

Just consider how much time everyone spends each day sifting through irrelevant and intrusive recruitment messaging, ignoring sales pitches or checking the credentials of people asking to connect. And that is before trying to locate content relevant to your business or interests. The need for trusted information and effective collaboration has never been greater – but current online networking platforms are no longer providing the quality or relevance required.

Relevant and Like Minded

It is time to take the concept of online networking back to basics and deliver the focused, timely content and collaboration that can truly leverage shared knowledge, experience and objectives. The first step is to create a true community of like-minded individuals. The next step is to leverage Artificial Intelligence (AI) to further refine the experience by ensuring individuals are only presented with truly relevant content – whether that is business continuity, security, data management, unified communications or AI.

It is also essential to avoid overt selling by ensuring content is focused on thought leadership and education. A strong editorial team creating a raft of white papers, podcasts and articles will reinforce both the quality and tone of content, enabling individuals to quickly and confidently access high quality, informative information. Members posting content must also conform to these quality standards, following a simple but effective posting guideline to guarantee that the educational essence of the online networking platform is retained.

Critically, people need to be able to gain fast but trusted access to like-minded individuals – whether that is a technology area such as data science or a market such as financial services. Combining a model that rigorously qualifies those signing up to ensure their identity with simple ways to make connections, network members can engage with new connections with confidence. 

Trusted Experience

In an online world awash with vast amounts of, often questionable, information every business professional needs to find a safe, trusted source of informative and educational content. If that high quality resource can be combined with an online networking platform that ensures the credentials of members, like-minded individuals can rediscover the value of fast, relevant information sharing and collaboration.

By eradicating the noise and removing the extraneous activity, online networking can get back to basics, enabling IT professionals to experience once again the value of focused, relevant and effective information sources, connections and collaboration. 

Who keeps the keys to the smart cities?

 960 640 Guest Post
By:
0
0

By Sean Wray, VP NA Government Programs, Certes Networks

Smart cities seem inevitable. According to IDC, Smart City initiatives attracted technology investments of more than $81 billion globally in 2018, and spending is estimated to grow to $158 billion in 2022. Similarly, in 2018, the number of major metropolitan cities relying on or developing a comprehensive smart city plan – as opposed to implementing a few innovative projects without an overall smart plan – dramatically increased. 

In the US, for example cities like Philadelphia, Newark and Chicago all have goals to upgrade and to become leading ‘SMART’ cities, while UK innovation is being spearheaded by major conurbations such as Bristol, London and Manchester.

A significant investment is being made by cities in data connectivity providing a number of new technologies such as Wi-Fi 6, smart grid, and IoT sensor devices, all promising to enhance overall visibility and security. However, as we extend the reach of technology and connectivity, there will increasingly be cyber-risks to take into account. As part of their transformation, smart cities serve as a technology hub and gateway to major institutions such as banks, hospitals, universities, law enforcement agencies, and utilities. This means the storage and transmission of customer data such as social security numbers, addresses, credit card information, and other sensitive data, is a potential goldmine for malicious actors. Not to mention an increasing number of projects monitoring roads, traffic, traffic light and metro services, all of which must be kept secure from threats at all times…

Click here to read the full article on sister-site Total Security Briefing.

Make the Most of Your People with the Benefits of Automation

 960 640 Guest Post
By:
0
0

By Ofer Elzam, Vice President & GM, FireMon GPC

Gone are the days when IT leaders fretted that the benefits of automation would shove people out of jobs. If anything, it’s the opposite: 74% of cybersecurity professionals say that a skills shortage has affected their organizations, continuing a trend of concern over the past few years, according to the report “The Life and Times of Cybersecurity Professionals 2018.”

While the story around the labor shortage is more complex than it may appear, the current narrative around the advantages of automation has shifted away from labor concerns. But in a way, that erstwhile concern is a direct link to the underlying current of all the benefits of automation: the human factor.

Heightened productivity, consistency and keeping up with increasingly complex security needs are solid advantages of automation, but there’s more to the story. Here’s how all of those benefits of automation (and more) ladder up to protecting your company’s most precious resource—your people.

Ready to use automation to protect your team? Request a demo of FireMon Automation today.

Automation Allows People to Do What People Do Best

Machines can be rapid, agile and comprehensive. What they can’t be: creative. When security processes are automated, the flesh-and-blood members of your team are freed up to deploy their creativity to solve problems and build more robust security measures.

The current state of security operations (SecOps) teams doesn’t allow that creativity to thrive. FireMon’s 2019 State of the Firewall report revealed that 30.9% of survey respondents had an ad hoc or manual change management process. This exposes two critical issues: an underutilization of humans’ unique abilities and the inevitability of human error.

One of the top benefits of automation is that it gives your team members more time to focus on other security issues. At the same time, it’s an opportunity for your team to map out the very processes that enable successful automation. For example, in most companies automation works best when the processes behind them are strategically planned beforehandThis is the work that humans can do better than algorithms, as it requires judgment, creativity and insight.

As automation enables human capital to thrive, it also eliminates human risk. Through 2023, 99% of firewall breaches will be caused by misconfigurations, not firewall flaws, according to Gartner—something automation helps prevent. Human error also throws a wrench when integrating security systems. A comprehensive approach like FireMon Automation offers persistent security across networks while minimizing the potential for human error.

Learn more about FireMon Automation.

Automation Allows Your People to Work Better Together

IT teams frequently work in silos, leading to redundancy and opportunistic, one-off approaches to security. With a comprehensive system, companies can depart from the “hero culture” of employees writing automation scripts to solve an issue without looking at the holistic picture.

Amid worries that automation inhibits agility and innovation, decision makers sometimes hedge on implementing automation. But one of the benefits of automation in the workplace is how it organically supports both development operations and security operations, eliminating the friction that can exist between the needs of these groups. Planning for automation requires both teams to work together and understand the priorities of the other, leading to better communication—for the automation plan and beyond.

Automation Supports Your Company’s Ability to Work With—and Against—Third Parties

“Hackers today—they’re not even hacking, they’re using automation tools,” said FireMon’s Tim Woods, vice president of technology alliances, in the talk “Automation: One Giant Leap for Security.”

When criminals are exploiting the benefits of automation, security teams have an obligation to outpace them. Using automated systems frees up SecOps teams to anticipate and proactively develop rules to protect against hackers—again, leveraging the human creativity and critical thinking that successful crime prevention entails.

On the flip side, automation allows your team to work with the people who have your customers’ best interests at heart. Compliance regulations are changing quicker than you can say “GDPR,” and with the California Consumer Privacy Act coming into play January 1, 2020, security rules continue to be in flux.

Only 13.8% of survey respondents in FireMon’s State of the Firewall report say they’re 90% to 100% prepared for a compliance audit. Confidence is even lower among key decision-makers: Just 45.3% of C-level respondents said they felt 60% to 80% ready for an audit. In other words, one of the benefits of building an automation system is building faith among your company’s C-suite—consider it another form of security.

ABOUT THE AUTHOR

Ofer Elzam is responsible for the continued development of FireMon GPC, the industry’s first and only solution to deliver persistent policy enforcement for complex, hybrid network environments. Before joining FireMon, Elzam was VP of product at Dome9 Security. Under his headship, Dome9 became the leader in securing multi-cloud deployments, which led to its acquisition by Check Point Software. Prior to Dome9, Elzam was the director of Sophos’ network security product line, where he led the company’s transition to the next-generation XG Firewall platform. Earlier, Elzam worked at Cisco serving as both a strategic architect of security technologies and executive director of product management, where he led ScanSafe, which was acquired by Cisco in December 2009. Elzam also spent 10 years serving in a variety of product leadership positions, including as CTO at Gemalto.

Most Urgent CISO Skills 2020: Reporting, Avoiding Burnout, More collaboration

 960 640 Guest Post
By:
0
0

By Jake Olcott, VP of Government Affairs, BitSight

Since the creation of the first CISO role about 25 years ago, the job has changed dramatically. What was once an uncommon position has quickly become standard, with the majority of companies including a cybersecurity-specific role in their C-suites.

As cybersecurity has gone from niche issue to mainstream business concern, the CISO has become more important. And, although many CISOs come from purely technical backgrounds, new challenges have forced them to take on the responsibilities of business leaders.

As a result, the most important CISO skills are not necessarily technical in nature. Business skills like collaboration, communication, and management are just as critical for CISOs as they aim to reduce cyber risk in an increasingly fraught threat landscape.

Here are some of the most important CISO skills for 2020:

Collaboration

Cybersecurity is collaborative. The most efficient team of SOC analysts in the world can’t prevent incidents if employees in other parts of the organisation aren’t trained on good security hygiene. CISOs can’t give their teams the resources they need if their Board and fellow executives don’t understand security challenges and allocate the necessary budget.

Shockingly, however, only 22% of companies say their organisation’s security function is integrated with other business functions.

CISOs in 2020 and beyond will need to build collaboration skills in order to act as ambassadors for the cybersecurity program. Communicating security priorities to other departments and across lines of business or distributed workplaces is a challenge but gaining their buy-in is essential to maintaining effective security.

Avoiding burnout

CISOs don’t have it easy. 91% of CISOs say they suffer from moderate or high stress, and 27.5% of CISOs say stress affects their ability to do their jobs. CISO burnout is real, and it can create new security risks as well as personal challenges.

Strange as it might seem, one of the most important skills for CISOs is making sure they don’t become victims of burnout themselves.

One aspect of avoiding burnout is stress management. Exercise, meditation, and other stress-reducing activities can be very helpful. However, personal stress management isn’t going to be enough to stem the burnout crisis. CISOs can also consider advocating for policies in their organisations that reduce the likelihood of job stress, such as workplace wellness programs or limiting after-hours email notifications.

Increasing employee engagement 

CISOs aren’t the only cybersecurity professionals at risk of burning out. 65% of SOC professionals say stress has caused them to think about quitting.

As the cybersecurity skills shortage drags on, the most effective CISOs will be the ones who make sure their best employees stay on long-term.

With a 0% industry unemployment rate, the market pressure is on the employer to keep employees happy, not the other way around. That means security leaders must hone their people management skills and keep a finger on the pulse of employee engagement.

There are many techniques for increasing employee engagement, and each CISO will need to figure out what will work best in their own organisation. Some effective techniques include:

  • Increasing the frequency of employee/manager meetings
  • Giving employees several avenues for giving feedback, including anonymous suggestions
  • Adding more social time to the schedule, or hosting company-sponsored parties or group activities
  • Recognising high-performers with awards and prizes

Communication and reporting 

When reporting to the Board, other executives, or even third-party auditors, CISOs need to make sure they get the messaging right.

One of the most important CISO skills is being able to translate complicated technical concepts into easy-to-understand language. When others can actually wrap their minds around the challenges of the cybersecurity program, they’re more likely to buy in and provide support.

On a basic level, CISOs can improve their communications by avoiding information-dumping and scare tactics. Turning in a 100-page report full of metrics the Board doesn’t understand isn’t useful. Similarly, warning of worst-case-scenarios can backfire when it creates a reactionary approach to security.

Further, CISOs should take a risk-based approach to cybersecurity reporting. In practice, that means making sure KPIs contain context about the actual risk posed to the organisation. In addition, CISOs should understand each data point’s impact on larger business KPIs and objectives.

Following a risk-based approach to reporting can help CISOs demonstrate the effectiveness of their programs, advocate for new initiatives, and improve overall security.