Experts pick the top 5 security threats for 2015

TONY BRADLEY |

article image
Massive, high-profile data breaches pockmarked 2014, culminating in the bizarre events surrounding the hack of Sony Pictures—allegedly by North Korea in retaliation for the politically incorrect stoner comedy The Interview. That’s a tough act to follow, but I’m sure 2015 will make an effort.  I spoke with security experts to find out what we have to look forward to.

Spotlight

Quann

Quann, formerly known as e-Cop, is a homegrown cyber security services provider and a business unit of Singapore’s leading security organization, Certis CISCO. Quann has been in the cyber security business for over 15 years, and has evolved from being a Managed Security Service Provider serving Singapore-based enterprises and government agencies, to a leading regional cyber security services provider with an extensive Asian footprint. It is currently one of the largest cyber security service providers with multiple ISO/IEC 27001 certified, in-country next-generation Security Operations Centers (SOCs) in Asia that help organizations detect, prevent and respond to cyber threats. Quann’s next-generation SOCs operate on its own patented technologies which provide real-time, advanced detection and big data analytics to swiftly alert clients to both known and unknown threats. The company is headquartered in Singapore and has regional offices in Malaysia, Hong Kong, Thailand and India. It has

OTHER ARTICLES

How much do behavioural biometrics improve cyber security?

Article | February 19, 2020

Experts often consider biometrics security the next big thing in cyber security. It encompasses a broad category that includes verifying a person's fingerprint, iris, gait and other factors that should be unique to the person checked. However, various tests proved that some biometric-based security has substantial room for improvement For example, researchers have hacked into smartphones that have fingerprint scanners by pressing the print of the rightful owner into a piece of Play-Doh and holding that impression against the reader. What those results indicate is that people should not assume that biometrics options are a foolproof choice for cyber security needs.

Read More
SOFTWARE SECURITY

SASE: A NEXT-GENERATION CLOUD-SECURITY FRAMEWORK

Article | February 19, 2020

The ongoing pandemic has forced organizations across the globe to install work-from-home policies. A majority of the workforce in various industries, especially IT, have already adapting to working remotely. With a sudden rise in remote users and growing need and demand for cloud services, a huge volume of data is being transmitted between datacenters and cloud services. This has also given rise to the increased need for network security and a safer means of data transmission. The existing network security approaches and techniques are no longer dependable for the required levels of security and access control. To secure these surging digital needs, Gartner debuted an emerging cybersecurity framework in the form of what it calls SASE.

Read More

The Coronavirus is Already Taking Effect on Cyber Security– This is How CISOs Should Prepare

Article | February 19, 2020

Cynet has revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. The Coronavirus is hitting hard on the world’s economy, creating a high volume of uncertainty within organizations. Cynet has revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. In light of these insights, Cynet has shared a few ways to best prepare for the Coronavirus derived threat landscape and provides a solution (learn more here) to protect employees that are working from home with their personal computers, because of the coronavirus. Cynet identifies two main trends – attacks that aim to steal remote user credentials, and weaponized email attacks:

Read More

How Organizations can prepare for Cybersecurity

Article | February 19, 2020

According to a Gartner study in 2018, the global Cybersecurity market is estimated to be as big as US$170.4 billion by 2022. The rapid growth in cybersecurity market is boosted by new technological initiatives like cloud-based applications and workloads that require security beyond the traditional data centres, the internet of things devices, and data protection mandates like EU’s GDPR. Cybersecurity, at its core, is protecting information and systems from cyberthreats that come in many forms like ransomware, malware, phishing attacks and exploit kits. Technological advancements have unfortunately opened as many opportunities to cybercriminals as it has for the authorities. These negative elements are now capable of launching sophisticated cyberattacks at a reduced cost. Therefore, it becomes imperative for organizations across all industries to incorporate latest technologies to stay ahead of the cybercriminals. Table of Contents: - What is the cybersecurity scenario around the world? - Driving Management Awareness towards Cybersecurity - Preparing Cybersecurity Workforce - Cybersecurity Awareness for Other Employees - Conclusion What is the cybersecurity scenario around the world? Even as there has been a steady increase in cyberattacks, according to the 2018 Global State of Information Security Survey from PwC: 44% companies across the world do not have an overall information security strategy, 48% executives said they do not have an employee security awareness training program, and 54% said they do not have an incident response process. So, where does the problem lie? Many boards still see it as an IT problem. Matt Olsen, Co-Founder and President of Business Development and Strategy, IronNet Cybersecurity. Cybersecurity The greater responsibility of building a resilient cybersecurity of an organization lies with its leaders. There is a need to eliminate the stigma of ‘risk of doing business lies solely with the technology leaders of an organization. Oversight and proactive risk management must come under CEO focus. According to the National Association of Corporate Directors' 2016-2017 surveys of public and private company directors, very few leaders felt confident about their security against cyberattacks, perhaps due to their lack of involvement into the subject. Driving Management Awareness towards Cybersecurity • Gain buy-in by mapping security initiatives back to business objectives and explaining security in ways that speak to the business • Update management about your current activities pertaining to the security initiatives taken, recent news about breaches and resolve any doubts. • Illustrate the security maturity of your organization by using audit findings along with industry benchmarks such as BSIMM to show management how your organization fares and how you plan to improve, given their support. • Running awareness program for your management regarding spear-phishing, ransomware and other hacking campaigns that aim for executives and teach how to avoid them. The bottom line is that leaders can seize the opportunity now to take meaningful actions designed to bolster the resilience of their organizations, withstand disruptive cyber threats and build a secure digital society. The bottom line is that leaders can seize the opportunity now to take meaningful actions designed to bolster the resilience of their organizations, withstand disruptive cyber threats and build a secure digital society.. Pwc READ MORE: WEBROOT: WIDESPREAD LACK OF CYBERSECURITY BEST PRACTICES /11029 Preparing Cybersecurity Workforce Hackers are able to find 75% of the vulnerabilities within the application layer. Thus, developers have an important role to play in the cybersecurity of an organization and are responsible for the security of their systems. Training insecure codingis the best way to raise their cybersecurity awareness levels. Raising Cybersecurity Awareness in Developers: • Training developers to code from the attackers’ point of view, using specific snippets from your own apps. • Explain in-depth about vulnerabilities found by calling remedial sessions. • Find ways to make secure coding easier on developers, like integrating security testing and resources into their workflow and early in the SDLC/ • Seek feedback from developers on how your security policies fit into their workflow and find ways to improve. Cybersecurity Awareness for Other Employees According to the Online Trust Alliance’s2016 Data Protection and Breach Readiness Guide, employees cause about 30% of data breaches. Employees are the weakest link in the cybersecurity chain. But that can be changed by creating awareness and educating them on the risks surrounding equipment, passwords, social media, the latest social engineering ploys, and communications and collaboration tools.Make standard security tasks part of their everyday routine, including updating antivirus software and privacy settings, and taking steps as simple as covering cameras when they end a video conference call. Conclusion: The technological advancements are moving faster than anF-16, so the measure are by no means exhaustive. The important thing is to keep pace with numerous cybersecurity measures to not fall prey to a cyberattack. Every organizational level plays an important role in achieving a matured security infrastructure, thus making awareness and participation mandatory. Organizations should consider a natively integrated, automated security platform specifically designed to provide consistent, prevention-based protection for endpoints, data centers, networks, public and private clouds, and software-as-a-service environments READ MORE: A 4 STEP GUIDE TO STRONGER OT CYBERSECURITY

Read More

Spotlight

Quann

Quann, formerly known as e-Cop, is a homegrown cyber security services provider and a business unit of Singapore’s leading security organization, Certis CISCO. Quann has been in the cyber security business for over 15 years, and has evolved from being a Managed Security Service Provider serving Singapore-based enterprises and government agencies, to a leading regional cyber security services provider with an extensive Asian footprint. It is currently one of the largest cyber security service providers with multiple ISO/IEC 27001 certified, in-country next-generation Security Operations Centers (SOCs) in Asia that help organizations detect, prevent and respond to cyber threats. Quann’s next-generation SOCs operate on its own patented technologies which provide real-time, advanced detection and big data analytics to swiftly alert clients to both known and unknown threats. The company is headquartered in Singapore and has regional offices in Malaysia, Hong Kong, Thailand and India. It has

Events