TASL

Resources

THINGS CISOs NEED TO CONSIDER WHILE EMBRACING DECEPTION TECHNOLOGY

Deception is not a new concept for organizations and security professionals. It is being implemented since the late 1990s in the form of “Honeypots”, aiming to deceive threat actors. However, things have now changed to a great extent. Today’s deception technology offers a lot of guarantees, particularly when it comes to early and effective threat detection and mitigation. The best part is that it does not create any false positives and provides deep visibility across all the endpoints.

But to make a successful implementation, CISOs and other C-level executives need to note a few points owing to the secretive nature of the deception technology.

Let’s review these points.

  • Prepare a list of critical assets that you want to protect

You will require a well-defined strategy to achieve your security goals with respect to the deployment of deception technology. List down all the sensitive assets that may include (but not limited to) servers, users, files and databases, which you want to secure against malicious activists. This should be the first step in your action plan while integrating the deception in your security infrastructure.

  • Proactively identify the routes an attacker can follow to invade

As deception is an active defence strategy, it is important for security teams to get a deep understanding of the attackers’ modus operandi. Let your in-house or external red team to launch simulated attacks targeting resources that want to protect. This will help organizations to determine the potential paths a threat actor can utilize to penetrate the network. Also, you can measure the efficacy of your blue team and the deployed deception technology.

  • Be ready with a set of incident response plan

Since deception has a very low rate of false positives and provides real-time alerts, it is vital for organizations to be ready with an incident response plan for responding swiftly to deception alerts. This can reduce the impact of a breach to as much low as possible.

  • Customize the decoys as per your environment

You can maximize the chances of deceiving and catching an intruder by customizing the decoys according to your environment. Turn your network into a trap with realistic-but-fake decoys, breadcrumbs and lures to misdirect attackers into engaging and revealing their presence. By doing so, you are assisting your security professionals to detect an attack in its early stage and gather threat intelligence and indicators of compromise.

  • Ensure that decoys must look real

If a decoy is not fooling you, it cannot deceive any intruder. Make sure the deployed decoys appear as real as possible so that your own in-house/external red team should fall for them during the simulated attacks. The success of the deception technology completely depends upon these decoys.

 

Towards The End

In addition to the most advanced and mature security controls, organizations can employ deception technology to quickly discover what’s lurking inside their environment. Deception has proven to be more effective in detecting in-network threats, lateral movements, privilege escalation, data theft and ransomware, and hence is turning out to be an ideal technology solution.

Read More
Cyber Security Training: Time to Activate Your Human Firewall

“As cybercriminals keep updating and embracing new tactics, tools and procedures to invade, the global workforce also needs to be apprised to security.”

At the moment, cyber security training and awareness have become more important than ever for organizations. This topic has marked its seat in the board room discussions, specifically, when it comes to phishing attacks.

Companies have started investing in the training of their employees, instead of just focusing on the implementation of new security controls. In a recent survey done by Lucy Security in July 2020, around 96% of organizations agreed that cyber security awareness contributes to achieving a higher level of security. Furthermore, growing instances of data breaches and reputational damage across the globe are also encouraging enterprises to re-evaluate their security strategies and employees’ cyber behaviour.

From Where To Start?

When it comes to efficient cyber security, the organizations must find answers to the following questions:

  • Does each person in the organization know its cyber security responsibilities?
  • Are cyber security roles appropriately assigned?
  • Is there any structure for cyber security training and awareness in the organization?

Assess Your Workforce

Cyber security threats can come in any form or disguise – it could be an insider or external entity. Also, humans errors are accounted for a majority of security breaches. So, it becomes more crucial to conduct a comprehensive assessment of your workforce (before beginning the training) to check their level of awareness and knowledge.

This assessment can provide organizations with a brief about how employees’ react to adverse situations, which could be anything ranging from a phishing attack to social engineering. They can even identify if employees are following safe password practices or using same and weak passwords on multiple applications.

Plan Training Post Assessment

Once the assessments are done and results are analysed, companies can program and schedule the cyber security training and awareness sessions accordingly. Results can help them to determine the most relevant topics that can be prioritized and focused during the session. The training areas may include (but not limited to) the following:

  • Social Engineering
  • Phishing
  • Strong Passwords
  • Identification of Security Risks
  • Compliance Issues

This assessment is expected to help organizations a lot as an effective security approach should not be limited to what an employee must know, instead, it must also focus on what they should do. Such assessments should be done for all employees at every level inside an organization.

Encourage Cyber Security Awareness & Training as Culture

Creating and maintaining a cyber security culture within an organization is a continual process that needs to be executed in a timely manner. It is not mandatory to use high-tech solutions always, “awareness and training programs” can help you in getting started with the process. You just need to make it interesting for people, which can be done through different communication channels. These channels may include, but not limited to:

  • Monthly campaigns with powerful slogans
  • Creating some exciting videos
  • Useful blogs highlighting security awareness
  • E-newsletters for quick sharing of information
  • Creative banners or posters displaying security tips
  • Monthly workshops with real-time simulation

Benefits of Conducting Cyber Security Training

The efficacy and success of any training program depend on how it is implemented. A well-designed cyber security training session can elevate the level of the overall security and reduce the chances of a potential cyber attack.

Let’s have a look at some other advantages of an effective cyber security training program.

  • Incorporates security values into the roots of your business
  • Minimizes the probability of a successful security breach
  • Helps in achieving regulatory compliance and improving the audit results
  • Strengthens the cyber security posture
  • Boosts relation with customers and partners

Towards The End…

As cyber threats are evolving rapidly, our dependence on cyber security has soared accordingly. Increased usage of internet and mobile devices have made us more vulnerable than ever before. If we talk about the businesses, a single cyber security breach can cause irreversible damage and bring a company to its knees. Therefore, security awareness and training programs have become vital for organizations. Educating the workforce about different threats can reduce the risks to a greater level.

Read More
Evolving Terrain of Cybersecurity for SMBs

“No businesses are trivial for cyber-attacks.”

We often see small businesses falling victim to cyber-attacks as a majority of them feel that they will not face any such incident and hence do not adopt a proactive approach when it comes to cybersecurity. As a result, the number of cyber-attacks targeting SMBs has seen consistent growth in the last few years. And, this is one of the reasons why around 60% of small organizations fail to recover and go out of business within six months after falling victim to cyber-attacks.

Common Security Strategies Followed by SMBs

SMBs often follow different cybersecurity practices to protect their confidential data and brand reputation, most of which are economical and simple to apply. As per the industry reports, some most common cybersecurity approaches followed by small businesses include the usage of strong passwords, implementation of data encryption techniques, limiting employee access to data, 2-factor authentication, etc.

Security Threats Faced by SMBs

Unlike large organizations, SMBs face a lot of complex cyber threats. Phishing emails are the top and most damaging threats faced by small and medium-sized organizations. They are accounted for a majority of cyber-attacks as such emails are highly difficult to recognize. As per Verizon’s 2020 DBIR report, phishing accounted for 30% of breaches encountered by small organizations, accompanied by more key threats such as stolen credentials (27%) and password dumpers (16%).

Some other leading threat actions involved in SMBs’ breaches include:

  • Exploiting Vulnerabilities
  • Skimming
  • Ransomware
  • Brute Force
  • Misconfigurations
  • Data Mishandling

In addition to the above-listed threats, SQL injection has now become a popular attack vector as companies of all sizes have started developing and utilizing data-driven websites. These attacks, if executed successfully, can allow threat actors to steal, alter or delete business-critical information. Also, Denial-of-Service (DoS) and Man-in-the-Middle (MiTM) can never be placed out of the list when it comes to attacking an organization, particularly, SMBs.

Revamping Security in 2021

SMBs are turning their attention towards cybersecurity after a significant increase in the number of reported frauds and cyber-attacks. As per the 2020 State of SMB Cybersecurity report, 77% of SMBs are worried about cyber-attacks within the next six months, while 73% plan to invest more in cybersecurity in the next 12 months. The report also highlighted that more than half (52%) of SMBs surveyed lack the in-house skills required to effectively address security problems, and 57% lack cybersecurity professionals in their organization. It is important to notice that only 43% of SMBs are currently outsourcing all or the majority of their cybersecurity requirements. But then, 91% responded that they would consider moving to a new “MSSP” if they are provided with the right security solutions.

Let’s now glance through some effective methods that can help SMBs to ensure a safe working environment in 2021.

  • Perform Regular Audits: SMBs should conduct security audits at particular intervals to look for red flags, which indicates your systems have been compromised. It helps security teams to fix and remediate the loopholes and prevent future cyber-attacks. Also, conducting security audits helps in maintaining compliance with different industry regulations like PCI-DSS, HIPAA, etc.

 

  • Ensure Cloud Security: SMBs are swiftly turning to the cloud to grow their business and welcome benefits like easy access to resources, increased productivity and greater flexibility. They must choose cloud platforms and applications that offer the maximum level of security and have in-built defences to protect against vulnerabilities.

 

  • Investment in VPNs & Firewalls: SMBs should consider implementing more security products like VPNs and advanced Firewalls. Firewalls are generally considered as the first line of defence. VPNs have also played a critical role in allowing employees to safely connect to critical networks during the pandemic. Now, organizations must re-assess their VPN solutions and resolve issues which may have surfaced during the remote work.

 

  • Cybersecurity Training: Not every attack is a result of brute force attempts; instead human errors are accounted for a majority of cyber-attacks. SMBs should conduct training sessions to promote cybersecurity awareness and encourage employees to follow safe practices like using strong passwords, paying attention to anonymous emails, installing the latest system/application updates, etc.

 

  • Look For Mobile Malware: As cyber-attacks targeting mobile devices are increasingly becoming popular, SMBs need to draft mobile usage policies and security solutions like Mobile Device Management (MDM) to protect their critical data, internal systems, software and networks.

 

Towards The End…

As we move forward into 2021, the priorities to ensure a cyber-safe working culture will evolve. SMBs need to recognise the threats emerging in modern cyberspace. Tackling cybersecurity challenges can be daunting for SMBs but they can keep their infrastructure safe from cybercriminals by using advanced security controls, or outsourcing MSSPs. With support from MSSPs, SMBs can successfully address potential cyber threats and maintain their business continuity.

Read More
Cybersecurity in 2021: Plan Now To Confront Future Challenges

As 2021 has come close to our doors, it is an opportune time for companies to relook and set an effective strategy to navigate through the cybersecurity challenges in the coming year. All the C-level executives must brainstorm to effectively deal with concerns such as meeting regulatory compliance, keeping pace with emerging trends and technologies, preparing a strong incident response and remediation plan, and creating policies to securely manage critical data throughout its lifespan. All these tasks need to be accomplished while keeping in mind the security of sensitive digital assets, which becomes even more difficult when we all are in the midst of a pandemic. It is important for organizations to set their goals and priorities regarding the cybersecurity challenges right from the beginning of the new year.

Let’s discover some promising ways that can help in mitigating cybersecurity risks and strengthening the IT infrastructure in 2021.

  • Focus on Cloud Security

Cloud migration has increased incredibly in 2020. As per a report from the Synergy Research Group, global spending on cloud infrastructure services increased 33% in Q2 2020 over the same period in 2019 to $30 billion. During this pandemic, the velocity of creating digital-native business applications and services has greatly enhanced as enterprises are preparing themselves for survival in the post-pandemic period.

In 2021, organizations must look for misconfigurations and human errors, implement strong practices for container security, and meet compliance with industry regulations such as PCI, HIPAA, GDPR, etc. Companies should adopt and execute such a cloud security strategy that accelerates significant workplace transitions, to incorporate constantly increasing remote workforce. They can also prioritize Privileged Access Management (PAM) & Identity Access Management (IAM) to provide the least privilege access to the confidential data. Also, investment in Zero Trust Policy and Micro-segmentation will be a good option for cloud security.

  • Look for Insider Threats

Insider threats are one of the biggest drivers of the security risks faced by organizations as an insider has all the necessary rights required to assess the company’s critical assets. Identification and detection of malicious insider activities is a daunting task as companies often lack the ability to detect such unusual activities within their premises. According to a report by Forrester, it is expected that internal incidents will be accounted for 33% of data breaches in 2021.

Organizations should consider insider threat defence in order to prevent such incidents while being cautious not to degrade employees’ privacy, company’s culture and standards for labour practices. They can follow the below-mentioned security procedures to mitigate insider threats:

    • Conduct regular risk assessments
    • Create and document security policies such as account management, user monitoring and password management policies
    • Invest in security software like endpoint protection, intrusion detection and prevention and traffic monitoring
    • Strengthen the network security
  • Add Multi-factor Authentication (MFA)

Throughout 2020, data breaches remained at the top of the headlines across the globe. Malicious activists have gained incredible success in stealing sensitive business data with the help of stolen usernames and passwords, which are now easily available on underground marketplaces like Dark Web. Threat actors take advantage of the fact that most of the users still do not select strong and unique passwords for their accounts.

MFA reduces the risk by providing additional security methods, apart from username and password, such as One-Time Passwords (OTPs) that you often receive via emails & SMS. It is expected to be a crucial factor in protecting a user’s identity and preventing unauthorised account accesses. As per a recent report from MarketWatch, the global Multi-Factor Authentication (MFA) market size is expected to reach USD 32110 million by the end of 2026, with a CAGR of 19.6% during the forecast period (2021-2026).

  • Keep an Eye on Human Vulnerability

In 2021, enterprises must keep a sharp eye on the security of their workforce against the growing and evolving social engineering and phishing attacks. CISOs and other security leaders need to focus on and improve the casual attitude of employees towards cybersecurity in order to reduce the occurrences of data breaches and cybersecurity attacks.

It will be vital for organizations to look into cybersecurity education and training of their workforce, particularly when remote work is being followed globally. Employees should be made aware of the basic practices such as the creation of a strong password and double-check the URLs (embedded in emails) before clicking on them.

  • Review Data Security & Privacy Policies

In 2021, the data privacy landscape will remain in the spotlight. With the increasing focus on compliance with industry regulations, organizations will be looking forward to the security and privacy of data more seriously than ever. Classifying data as public, private and confidential is not sufficient enough to avert data breaches. Companies often provide employees with access to data that they do not need, and hence they are more likely to face a data security incident.

Strong data access controls and policies should be considered as one of the top priorities in 2021 in order to ensure the security of critical business data. Solutions, like email security, can be viewed and implemented to keep a check on what data is being transferred or received to/from outside the organizational perimeter. Companies must regularly review policies to track how their critical information is being stored and update authorizations on a regular basis.

Read More
Cybersecurity Preparedness – Lessons We Learnt In 2020

To call 2020 a year filled with unprecedented challenges would not be an overstatement. Right from the eruption of COVID-19 pandemic to a comprehensive list of disruptive cyber-attacks, 2020 has engendered enormous concerns to enterprise cybersecurity teams. While these cyber-attacks have caused terrible damage to many organizations globally, they have also presented several key lessons for cybersecurity and information security professionals moving forward. By taking into consideration these lessons, enterprises can augment and strengthen their security posture against the rising wave of cyber threats.

Now as we move towards a new calendar year, let us have a look at some critical areas that need to be looked after cautiously.

Data Security is Crucial

As per a recent report from Risk Based Security, the number of records exposed through the end of September 2020 has increased to 36 billion. Two breaches in Q3 leaked more than 1 billion records and four breaches exposed over 100 million records, which together accounted for approximately 8 billion exposed records.

Therefore, companies must look to protect their sensitive data in all forms i.e. at rest, in motion and in use throughout its lifespan. They should ensure data integrity, security and consistency by heeding advanced security controls like robust encryption policies that can help in reducing the impact, to some extent, if data is exfiltrated or stolen. They can establish a data governance program to manage the flow of critical information across the organization. This program may include (but not limited to) the below points:

  • Assigning roles and responsibilities for managing and monitoring the consistent and effective management of the data assets
  • Identifying who can take what actions, with what data, under what circumstances
  • Establishing different security levels for different categories of data like highly sensitive, moderately sensitive and publicly available information

Check For Vulnerabilities

Threat actors discover and exploit vulnerabilities in order to penetrate corporate networks and infect critical resources with malware, Trojans and worms. Organizations must seek to identify and address the existing security gaps through vulnerability assessments that should be followed as a continuous practice performed at regular intervals. Such assessments have become more important than ever as employees have started coming back to their offices after a long break of remote working. Safety practices such as patching vulnerabilities and reviewing security settings will play a key role in mitigating cybersecurity incidents.

Cybersecurity Awareness & Training for Employees

As humans are more likely to create errors in comparison with digital assets, threat actors primarily target them using popular techniques like Social Engineering and Phishing. So far, we have witnessed several instances where cybercriminals leveraged human vulnerability to cause damage and gain huge profits.

Did you know that around 22% of breaches in 2019 involved phishing? (Source: Verizon DBIR 2020)

In 2020, the phishing attacks have continued to explode. As per the APWG’s Trend Report Q3 2020, around 199,133 unique phishing websites were detected in September. The report revealed that Saas & webmail sites were the most targeted industry sectors in Q3 2020. The most noticeable thing is that 80% of phishing sites were protected by the HTTPS encryption protocol.   

Therefore, enterprises must mitigate the probability of human errors through regular training and awareness sessions. Improving awareness will not only enhance cyber hygiene and reduce cyber risks, but also help in cultivating cybersecurity culture within organizations.

Look For Ransomware

Ransomware has been the most prevalent cyber-attack faced by organizations across the world in 2020. As per a recent report by SonicWall, ransomware attacks globally have increased by 40% to reach 199.7 million in the Q3 2020. Enterprises need to remain careful and can follow the below-mentioned practices to ensure their safety:

  • Encourage employees to avoid clicking on the unknown URLs
  • Create data backup
  • Avoid disclosing personal information to unknown calls, texts or emails
  • Promote usage of anti-virus/anti-malware software
  • Conduct security awareness sessions

Be Ready with Incident Response Plan

Companies should follow a proactive approach while preparing themselves to defend cybersecurity incidents. This approach can help organizations to protect their critical data, brand reputation, customers’ trust from getting impacted by malicious activities. An Incident Response plan may include (but not limited to) some key phases including preparing a plan to prevent and respond to events, identify incidents and its severity, containment of the incident before it causes damage, addressing the root cause of the incident and restoration of systems to normal operation.

Towards the End…

Cybersecurity is not an overnight process. It is an ongoing practice that takes time and continuous efforts. This COVID-19 crisis has taught us the reason behind why we are at risk. And that is, we are not enough prepared. We often wait for things to happen and then react accordingly. To stay safe and secure, organizations need to follow a proactive approach and invest in their security infrastructure to prevent themselves from falling short to evolving, complex cyber threats.

Read More
Vulnerability Assessment: Increasingly Becoming Top Priority for C-Suit in The New Normal

Conducting an assessment to look out for vulnerabilities existing within the networks, applications or infrastructure has always been an ideal approach to safeguard your organization against evolving and complex cyber threats. And, doing so on a regular basis takes an organization far ahead of the reach of cybercriminals.

But, during these uncertain times when businesses have adapted to a remote working model, the attack surface has exploded to a large scale. After which, Vulnerability Assessment (VA) has now surfaced as the core requirement of the CISOs, CIOs, COOs and other C-level executives. The reason behind the expansion of the attack surface and growing demand for security assessment includes:

  • Introduction of Personal Devices: Most employees were not provided with company-issued laptops or computers to continue work from home. Consequently, they were using their own devices to access corporate resources and data that may have vulnerabilities or already been compromised. Also, they have made a huge dependency on web conferencing & collaboration tools like Zoom, Microsoft Team Meeting, Google Meet, etc. for daily operations. Throughout this global crisis, threat actors have leveraged such platforms to deceive people and compromise their devices.
  • Migration to Cloud: Owing to the current pandemic, organizations have promptly moved to the cloud to accommodate remote workforce requirements. But this swift movement has also opened them to multiple risks including configuration errors, vulnerabilities within the applications, security oversight issues, etc. As per the Cloud Threat Landscape Report 2020, any unauthorized access to cloud assets can result in losses of more than $50000 in less than one hour. Also, over one billion records were stolen in 2019 due to misconfigured cloud servers.   
  • Insecure Home Networks: Home networks often lack sufficient security measures that are required for a secured connection with corporate resources. For instance, it does not include intrusion prevention systems, advanced firewalls (say WAFs), etc. This may allow cybercriminals to enter into and get access to critical corporate data and applications. As per a report from BitSight, it was found that home networks are 3.5 times more expected as compared to office networks to be infected by malware. Threats like Mirai malware and Trickbot were observed 20 and 3.75 times, respectively, more frequently on home networks in comparison with corporate networks.

How Vulnerability Assessment Helps

As the new normal has begun, businesses are recognizing the need for a proactive approach to detect and remediate the security flaws (if any) to prevent threat actors from causing havoc and stealing sensitive business-critical data. The VA provides a clear picture of the effectiveness of the security controls in place. It enables organizations to fill the security gap in their security posture before getting exposed by the cybercriminals. An effective VA can yield several benefits including:

  • Find known security vulnerabilities before attackers exploit them
  • Discover all the critical assets present on the network, including vulnerabilities associated with each asset
  • List of required future upgrades
  • Define the level of risk
  • Prepare a well-defined response plan

Outsource Vulnerability Assessment Services

Typically, it is often seen that organizations prefer to have their in-house vulnerability assessment team. An in-house team has its business advantages like it has a better understanding of the systems being assessed, and availability as per the company’s schedule or requirement. But due to the lack of skilled resources, it is somewhat difficult to find the right talent and create your own VA team. Alternatively, businesses can outsource security teams to conduct VA in their environment. It saves time and efforts that can be further utilized in other business functions. It can also help CISOs and CIOs to reduce dependency on internal resources, improve prioritization of human assets, meet compliance with different industry regulations, etc.  

How Market is Shaping

As per a report from MarketsandMarkets,  the global Security and Vulnerability Management market is predicted to increase from USD 12.5 billion in 2020 to USD 15.5 billion by 2025, with a Compound Annual Growth Rate (CAGR) of 4.5%. The contributing factors include growing cyber awareness among developing economies, soaring mandates for adhering to regulatory compliances across organizations in different verticals, growing volume of cyberattacks such as phishing, ransomware, DDoS and malware. According to an estimate by Cybersecurity Ventures, the global annual cost of cybercrimes will reach USD 6 trillion by 2021.

Conclusion

Rather than a quinquennial review process, Vulnerability Assessment should be viewed as a continuous process performed after regular short intervals. An in-depth understanding of the potential security risks within the security posture of an organization can aid C-level executives and their security teams to effectively manage business operations in the new normal while reducing the risks of being compromised. Conducting assessments, along with the implementation of appropriate security solutions like Zero Trust and Privileged Access Management will expand the security capabilities of businesses and help them to stay on top of the vulnerabilities.

If you are looking to assess and revamp the security posture of your organization, connect with us at contactcs@tataadvancedsystems.com or visit at https://www.tataadvancedsystems.com/cybersecurity.php

Read More
Cybersecurity in Post-COVID Environment: Time for C-Level Executives to Devise New Strategy

As COVID-19 restrictions have started slackening, people are transitioning back to their offices and social calendar. Unfortunately, this shift is expected to introduce an increased threat of malicious activities. The risk is comparatively higher for those organizations who have not provided their remote employees with adequate VPN and regular software updates. Employees of such organizations exposed to a variety of threats as they were connected to their home network, which lacks required security measures.

Glance through some common risks that employees may have experienced while working from home. 

Risk of Dormant Malware

Threat actors have largely exploited the remote workforce during the lockdown with COVID-themed phishing emails containing malevolent URLs and attachments to get access to victim’s sensitive personal and corporate information. They have also infected systems with different strains of malware that have stayed dormant and may get active once those systems are reconnected to the office networks. Post successful execution, such malware may trigger dreadful cybersecurity incidents and cause massive loss to an organization, both financially and reputationally.

Improper Security Configuration

Lack of proper security configuration is another element that has fueled the growing momentum of cyber-attacks globally. For several organizations, the remote management of employees’ computer systems has been challenging so far. For instance, providing VPN to such a great extent was not feasible for every organization. Also, it cannot be overlooked that employees may not have given sufficient attention to update their work devices or install required security patches while working from home. Linking those devices back to the corporate network may permit malicious activists to exploit the security loopholes in the systems and bring an organization to its knees.

 

Ransomware, data breaches, social engineering, phishing and malware attacks have surged exponentially during COVID times and impacted organizations globally, irrespective of their vertical. Now, when the employees are returning to the offices, all the C-level executives and security teams must collaborate and work closely to define a new strategy to use technology, tools, people and processes smartly. Gartner has also predicted that cyber-physical security incidents will result in personal liability for 75% of CEOs by 2024. So, they need to remain more cautious than ever before while defending the digital assets of their organization.

Here, we will look at some important steps that can be employed to address potential cyber threats and reduce the chances for threat actors to infiltrate.

  • Security Assessment of IT Infrastructure

The first step towards resumption of work from offices should be a thorough assessment of the entire IT infrastructure. The C-level executives, including CISOs and CIOs, must have a clear understanding of the organization’s current cybersecurity posture as the prolonged inactivity may have surfaced some unpatched vulnerabilities.

 

  • Expand Cybersecurity Budget

Spending on information security and risk assessment will help organizations to create a robust and resilient infrastructure, repel complex cyber-attacks and minimize the chances of data breaches and leaks. Not long ago, Gartner has also predicted that information security spending is expected to grow 2.4% to reach $123.8 billion in 2020.

 

  • Examine Employees’ Devices for Vulnerabilities

A majority of organizations have provided their employees with laptops and desktops to continue work from home during the lockdown. It is possible that those systems may get infected with some virus or trojans since they were not connected to the office network. This could be potentially dangerous when those devices will be reconnected to the corporate network as threat actors might exploit the hidden vulnerabilities to cause damage to the organization. Ideally, all such devices should be submitted to the IT team for virus scan and security patches before usage.

 

  • Allow Sufficient Resources Only

Organizations can identify and allow resources that have privileged access to critical business data and are at increased risk of being exploited by the cybercriminals to resume work from offices. This can help in removing pressure from IT teams working to patch employees’ work devices and mitigating the risk of cybersecurity incidents.

 

  • Conduct Security Awareness Training

Security awareness training is supposed to be the most important practice towards ensuring cybersecurity as employees have been accustomed to certain habits while working from home, which may pose risks to an organization’s security. Such awareness programs will help in educating employees about the security obligations that they need to follow at the workplace and in staying aware of the new emerging cyber threats.

 

  • Implement a Zero Trust Model

Zero Trust model is based on the principle – Trust no one, verify all. Since the number of endpoints has continued to rise, it is increasingly becoming difficult to define a security perimeter. An ideal approach would be to adopt a Zero Trust model which ensures that the business-critical applications and information are accessible only to authenticated users and devices.

 

In the post-COVID environment, organizations, especially their C-level executives need to remain vigilant to different complex cyber threats and vulnerabilities that could arise when employees start working from the workplace. Security teams need to take the opportunity to recheck the efficacy of existing security controls and implement good cyber hygienic activities like virus scans and network traffic monitoring to prevent unauthorised users from accessing the company’s network. To redefine the cybersecurity infrastructure of your organization, connect with us at contactcs@tataadvancedsystems.com

 

Read More
Awareness – Key To Protection Against Cyber Attacks

Are you aware that 99% of cyber-attacks require human interaction?

Nearly, all cybersecurity incidents start with the exploitation of the human tendency to make errors. Phishing and Social Engineering are the most common methods used by cybercriminals to lure victims and gain a foothold in the targeted system, network or infrastructure. As per the Phishing Activity Trends Report 2020, around 146,994 phishing sites were detected in the Q2 of the current year. This study is quite sufficient to explain the ever-evolving nature and techniques of cybercrimes. A people-centric cybersecurity approach encompassing effective Security Awareness Training is the need of the hour to overturn the growing spike of such cyber-attacks and make organizations more resilient than ever before.

Importance of Cybersecurity Awareness Program for Businesses

While being an important asset for an organization, humans are one of the most vulnerable resources as well. Threat actors target people, rather than systems because of the low levels of security awareness among them. As per the Cyber Risk Survey 2019, less than one-third (31%) of employees receive annual, companywide training from their organizations. Lack of knowledge and awareness concerning cybersecurity among the workforce could result in a major breach or cyber-attack. Cybersecurity Ventures has also predicted that the cost of cybercrimes will exceed $6 trillion annually by 2021. So, the best way to contain the cost and strengthen the defence is to create awareness among employees.

Cybersecurity awareness training helps organizations to inform their employees about how to maintain good cyber hygiene. This may include (but not limited to) propagating knowledge regarding the evolving cyber threat landscape, best practices to identify potential threats like malware and phishing emails, and adherence to applicable compliance and data protection regulations.

Creating such a culture reduces the possibility of a successful cybersecurity incident to a great extent. Also, it helps employees to understand the potential impact that a cyber-attack can make on the organization.

Recommendations for organizations to increase cybersecurity:

  • Perform a thorough audit and identify your valuable assets, which may include critical data like PII, financial information, intellectual property, etc. Figure out who has access to them and what functions they can perform.
  • Focus on high-risk users with escalated privileges. For example, CISO, CIO, CFO and CEO as they have access to high-value data.
  • Review the efficacy of existing security solutions and identify areas of weakness.
  • Automate repetitive tasks to reduce manual efforts, which minimizes the chances of errors.
  • Implement a data recovery strategy to back up data in case of a successful security incident.
  • Establish an incident response plan to take appropriate actions when security is breached.
  • Disseminate strong password policy to all the employees.

Benefits of Implementing Security Awareness Training

Security awareness training is one of the most preferred methods to tackle the growing concern of cyber-attacks. It yields multiple advantages for an organization, including:

  • Reduces the percentage of human errors & minimizes the likelihood of data breaches and cyber-attacks
  • Encourages employees’ to work in a security-focused atmosphere
  • Improves brand reputation and trustworthiness among clients and partners
  • Prevents downtime, which badly affects an organization’s workflow and targets
  • Demonstrates compliance with industry regulations

How Individual Users Can Ensure Cyber Safety?

Some useful security practices recommended for users to remain guarded against malicious activities include:

  • Keep systems and applications up-to-date as updates are designed to patch the existing vulnerabilities.
  • Pay sufficient attention while accessing emails from unidentified sources. Look for red flags and do not click on suspicious URLs, as well as download attachments from such emails.
  • Avoid using identical passwords for different applications.
  • Implement multi-factor authentication as it adds an additional layer of protection.
  • Always enable firewall protection to protect the network against incoming malicious web traffic.
  • Avoid using public wi-fi for internet banking, accessing corporate data, sending critical information, etc.
  • Always prepare a backup of your data at regular intervals to avoid data loss in case of a cyber-attack.

Remember, ensuring cybersecurity is not a one-time process. It is a continual activity that must be maintained and followed by each individual associated with the organization. Cyber awareness helps people to take accurate decisions while confronting an adverse situation, which ultimately strengthens the cyber defence of the company. Always engage yourself in safe online behaviour by implementing recommended security practices.

Read More
Mobile Applications – Intensifying Risks to Data Security & Privacy

Mobile applications are now surfacing as a new feeble link when it comes to user’s information security and privacy. Threat actors are utilizing advanced techniques to evade detection while deploying malicious applications on official app stores. This constantly rising complexity of associated cyber threats, accompanied by growing data breach incidents is keeping CISOs up at night. We have also seen nations prohibiting several mobile applications for infringing data security and privacy regulations.

Impact of COVID-19

The risk of privacy breach has increased manifolds with the growing popularity of mobile applications in the current pandemic when people are asked to self-isolate and work remotely. Mobile devices have become a core tool to play down stress, manage daily tasks, access business-critical data, etc. Video conferencing and collaboration applications like Zoom, Skype, Microsoft Teams, Google Meet, etc. observed a massive surge in usage across the web and mobile platforms.  

As per App Annie, a trusted mobile data and analytics platform, users spent around 1.6 trillion hours on mobile devices in the first half of 2020 with a 220% increase in time spent on business applications.

Besides popularity, the COVID-19 outbreak has contributed phenomenally in letting threat actors capitalize the global disruptions through new cyber threat campaigns. They are distributing fake mobile applications embedded with trojans or virus, which upon execution steal host device’s information that may include (but not limited to) contact information, financial details, username and passwords, device details, etc.

Third-party App Stores

Google Play and App store are the two leading distribution channels for mobile applications. This fact is not concealed from cybercriminals. Hence, they have started focusing on third-party stores that lie outside the boundaries of official app stores. According to the Symantec’s report, third-party app stores host 99% of discovered mobile malware. There are more than 300 third-party app stores across the globe, and the number is still growing.

Users who download mobile apps from such stores face increased security risks as third-party stores do not have stringent application review processes in place like official app stores. According to the 2020 Mobile Threat Report by Wandera, 5.8% and 1.1% of iOS and Android devices, respectively, have at least one sideloaded apps installed. 

Increased Mobile Apps Usage – A Sign of Digital Transformation or Cyber Risk

Certainly, mobile apps have supported organizations to speed up their digital transformation and deliver a great experience to employees and customers. However, on the contrary, cybersecurity is still a major concern when it comes to mobile applications. We often see mobile applications asking for more than sufficient permissions, which are not required for them to function. These permissions pose a huge risk to users’ privacy as they allow an application to access users’ sensitive information.

Let’s go through both dimensions of mobile applications usage i.e. the digital transformation and cybersecurity risk.

 Digital Transformation

Cybersecurity Risk

  1. Strengthen customer engagement for businesses
  2. Quick access to corporate resources/emails/social media accounts
  3. Growth of e-commerce industry
  4. Increase brand reputation and awareness
  5. Enables geo-targeting marketing
  6. Increase in digital payments
  7. Medium of entertainment
  1. Lack of secure data storage
  2. Insufficient data layer protection
  3. Client-side code injection
  4. Improper session handling
  5. Reverse Engineering
  6. Insufficient encryption
  7. Lack of multi-factor authentication

                   

 

Some recent findings highlighting the risks related to mobile applications:

  • High-risk vulnerabilities were found in 38% of iOS applications and 43% of Android applications. (Source: Positive Technologies)
  • The percentage of fraudulent transactions originating from a mobile application increased from 13% in Q4 2019 to 26% in Q1 2020. (Source: RSA Fraud Report Q1 2020)
  • Rogue mobile apps were accounted for 15% of fraud attacks in Q1 2020. (Source: RSA Fraud Report Q1 2020)
  • The average value of a fraudulent payment transaction in the mobile channel has increased by 60% (from USD 480 to 767) in Q1 2020. (Source: RSA Fraud Report Q1 2020)

Need For Stringent Obligations

As the world is constantly updating its digital footprints, the need for data protection has become more crucial than ever. For developing countries, the growing volume of personal data and adoption of smartphones is continually increasing the demand for a strict and firm data protection obligations that can regulate the use of data collected by mobile applications and give users a sense of security.

As a user, we need to be more vigilant while installing applications and granting permissions keeping in mind the task for which the app is downloaded. We can follow the practice of reading terms and conditions before logging onto any mobile applications to reduce the chances of getting compromised.

 

Read More
Data Protection Officer (DPO): A Guide to Foster Data Security Culture in Organizations

Need for DPOs is gaining momentum with the rising spike of data breaches globally. As per the Internation Association of Privacy Professionals (IAPP), around half-million organizations registered data protection officers across Europe in 2019. Businesses are experiencing the necessity to secure their corporate data, revamp security approaches, and align themselves with different data protection laws governing the collection, utilization and disclosure of personal data.

Data Protection Officer (DPO) is an expert responsible for ensuring compliance with data protection laws, like GDPR and PDPA, and nurturing the tradition of data protection within an organization. The DPO works together with other functional units engrossed in the processing of personal data as it helps in attaining detailed visibility into the regulatory and data segment of an organization.

Explore more about the responsibilities, challenges and other important aspects of a DPO.

What functions does a DPO perform?

A DPO executes a myriad of tasks to ensure that the organization fulfils all the requirements of protecting business-critical data. Following are some primary functions of a DPO that will help you understand the importance of its role:

  • Designing and implementing policies and processes for managing personal data to ensure compliance with data protection laws such as GDPR and PDPA.
  • Guiding organizations and their employees on data protection obligations.
  • Reviewing organizations’ internal data security strategies, which may include (but not limited to) allocation of responsibilities, internet audits, training of individuals engaged in the processing of personal information, etc.
  • Handling issues (raised by data subjects, public authorities or relevant supervisory authorities) related to data protection, data breach, Data Subject Access Requests (DSARs), etc.
  • Regular evaluation of data processing activities to monitor compliance with data protection laws.
  • Reporting to concerned authorities in case of security risks that might occur concerning sensitive personal information.

Who Needs to Appoint DPO?

An organization is required to hire a DPO if:

  • It is a public institution or body (except for courts).
  • Its core activities require large scale, regular and systematic monitoring of data subjects (such as employees and customers).
  • Its core activities include processing of sensitive, personal information that may include (but not limited to) health information, criminal records, etc.

Besides above-mentioned factors, an organization can voluntarily hire a DPO as a matter of good practice. Also, the DPO doesn't need to be hired internally. Organizations can also outsource the role of a DPO to address the compliance demands of the data protection laws.

What challenges does a DPO face?

While addressing the requirements for an organization to achieve compliance with data protection laws and create a safe environment for data processing, a DPO has to go through several challenges including (but not limited to):

  • Cooperation from other organizational units
  • Finding the right talent to prepare the privacy team
  • Insufficient privacy budget of the organizations
  • Lack of support from principal actors of the organizations
  • Conflict of interest between DPO responsibilities and other duties
  • Unavailability of DPO tools

Why choose us?

  • Vast array of working experience with different sectors
  • Result-oriented and customer-centric approach to data protection
  • Pool of professionals having extensive experience in data security and privacy

 

To start your data protection journey, connect with us at contactcs@tataadvancedsystems.com

Read More

Subscribe To Our Resources