MATURING A THREAT INTELLIGENCE PROGRAM

| January 24, 2019

article image
The threat intelligence landscape is an emerging one. Even in the most sophisticated security organizations, resource constraints often dictate that threat intelligence (TI) is the responsibility of a sole analyst sifting through incident alerts looking for patterns and trends which may indicate that a threat exists.

Spotlight

Corelight, Inc

Corelight (formerly Broala) was founded by the scientists and technologists who created the Bro network monitoring platform, now protecting thousands of organizations worldwide including some of the largest and most complex. We aim to build exceptional tools for cybersecurity and network monitoring, and to generate an ongoing revenue stream for the open-source Bro project.

OTHER ARTICLES

Data Privacy Problem: Are Home Genealogy Kits a Security Threat?

Article | March 2, 2020

Surprising news recently emerged from the personal genetics business. The two leading direct-to-consumer companies in North America, 23andMe and Ancestry.com, announced within a week of each other that they were laying off a significant proportion of their workforce as a result of a steep drop in sales. This past Christmas, the sales of testing kits were expected to take a sharp hike — nothing says family like a gift that says prove it. But sales plummeted instead. According to Second Measure, a company that analyzes website sales, 23andMe’s business plummeted 54 per cent and Ancestry kits sales declined 38 per cent. Industry executives, market watchers and genealogists have all speculated about the causes of the drop in consumer interest. Market saturation? Early adopters tapped out? Limited usefulness? Recession fears? Whatever the theory, everyone seems to agree on one factor: privacy concerns.

Read More

Information Security Management System to Protect Information Confidentiality, Integrity, and Availability

Article | March 2, 2020

In this modern world of technology, ensuring information security is very important for the smooth running of any organization. Unfortunately, there are many information/cyber security threats, including malware, ransom ware, emotet, denial of service, man in the middle, phishing, SQL injection, and password attacks. Whatever your business is, no doubt, it can collapse your business and your dreams. However, the severity of its after-effects depends upon the type of business you do. As information security threat has become a hurdle for all organizations, companies must implement an effective information security management system. In 2019 alone, the total number of breaches was 1473. It is increasing every year as businesses are doing digital transformation widely. Phishing is the most damaging and widespread threat to businesses, accounting for 90% of organizations' breaches. This article lets you understand what ISMS is and how it can be effectively implemented in your organization. Information Security Management System (ISMS) According to ISO/IEC 27001, Information Security Management System (ISMS) refers to various procedures, policies, and guidelines to manage and protect organizations' information assets. In addition, the system also comprises various other associated resources and activities frameworks for information security management. Organizations are jointly responsible for maintaining information security. People responsible for security in an organization ensure that all employees diligently meet all policies, guidelines, and other objectives regarding protecting information. Also, they safeguard all assets of the organization from external cyber threats and attacks. The goal and objective of the system are to protect the confidentiality, integrity, and availability of assets from all threats and vulnerabilities. Effectively implementing an information security management system in your organization avoids the possibility of leaking personal, sensitive, and confidential data and getting exposed to harmful hands. The step-by-step implementation of ISMS includes the process of designing, implementing, managing, and maintaining it. Implementing ISMS in Organizations The standard for establishing and maintaining an information security management system in any organization is ISO 27001. However, as the standard has broad building blocks in designing and implementing ISMS, organizations can shape it according to their requirements. Effectively implementing ISMS in organizations in compliance with ISO 27001 lets you enjoy significant benefits. However, an in-depth implementation and training process has to be ensured to realize these benefits comprehensively. Therefore, let us look into how an information security management system can be successfully implemented in your organization. Identification The first step in implementing ISMS is identifying the assets vulnerable to security threats and determining their value to your organization. In this process, devices and various types of data are listed according to their relative importance. Assets can be divided across three dimensions: confidentiality, integrity, and availability. It will allow you to give a rating to your assets according to their sensitivity and importance to the company. Confidentiality is ensuring that the assets are accessed by authorized persons only. Integrity means ensuring that the data and information to be secured are complete, correct, and safeguarded thoroughly. Availability is ensuring that the protected information is available to the authorized persons when they require it. Policies and Procedures and Approval from the Management In this step, you will have to create policies and procedures based on the insights you got from the first step. It is said to be the riskiest step as it will enforce new behaviors in your organization. Rules and regulations will be set for all the employees in this step. Therefore, it becomes the riskiest step as people always resist accepting and following the changes. You also should get the management approval once the policies are written. Risk Assessment Risk assessment is an integral part of implementing an Information Security Management System. Risk assessment allows you to provide values to your assets and realize which asset needs utmost care. For example, a competitor, an insider, or a cybercriminal group may want to compromise your information and steal your information. With a simple brainstorming session, you can realize and identify various potential sources of risk and potential damage. A well-documented risk assessment plan and methodology will make the process error-free. Risk Treatment In this step, you will have to implement the risk assessment plan you defined in the previous step. It is a time-consuming process, especially for larger organizations. This process is to get a clear picture of both internal and external dangers that can happen to the information in your organization. The process of risk treatment also will help you to reduce the risks, which are not acceptable. Additionally, you may have to create a detailed report comprising all the steps you took during the risk assessment and treatment phase in this step. Training If you want effectively implement all the policies and procedures, providing training to employees is necessary. To make people perform as expected, educating your personnel about the necessity of implementing an information security management system is crucial. The most common reason for the failure of security management failure is the absence of this program. Implementing ISMS Once policies and procedures are written, and necessary training is provided to all employees, you can get into the actual process of implementing it in your organization. Then, as all the employees follow the new set of rules and regulations, you can start evaluating the system's effectiveness. Monitoring and Auditing Here you check whether the objectives set were being met or not. If not, you may take corrective and preventive actions. In addition, as part of auditing, you also ensure all employees are following what was being implemented in the information security management system. This is because people may likely follow wrong things without the awareness that they are doing something wrong. In that case, disciplinary actions have to be taken to prevent and correct it. Here you make sure and ensure all the controls are working as you expected. Management Review The final step in the process of implementing an information security management system is management review. In this step, you work with the senior management to understand your ISMS is achieving the goals. You also utilize this step to set future goals in terms of your security strategy. Once the implementation and review are completed successfully, the organization can apply for certification to ensure the best information security management practices. Summing UP Organizations benefit from implementing and certifying their information security management system. The organization has defined and implemented a management system by building awareness, training employees, applying the proper security measures, and executing a systematic approach to information security management. Thus implementation has the following benefits: Minimized risk of information loss. The increased trust of customers in the company as the company is ISO/IEC 27001 certified. Developed competencies and awareness about information security among all employees The organization meets various regulatory requirements. Frequently Asked questions What are the three principles of information security? Confidentiality, integrity, and availability (CIA) are the three main principles and objectives of information security. These are the fundamental principles and the heart of information security. How does information security management work? Information security management works on five pillars. The five pillars are assessment, detection, reaction, documentation, and prevention. Effective implementation of these pillars determines the success of the information security management in your company. What are the challenges in information security management? Challenges in information security management in your company can be the following: You can’t identify your most critical data Policies aren’t in place for protecting sensitive information. Employees aren’t trained in company policies. Technology isn’t implemented for your policies. You can’t limit vendor access to sensitive information.

Read More

Mitigating Risks with Social Media Security Best Practices

Article | March 2, 2020

Social media has become an integral part of business promotion, especially to build brand image and maintain brand reputation. Small businesses to large corporations are active on various social media platforms to interact with their target audience daily. Moreover, the onset of the Pandemic has compelled businesses to rely more on these platforms to connect with their world of customers. This has skyrocketed the amount of information businesses, and customers share on social media. As a result, social media security threats have increased. Hackers are looking for a chance to get into accounts, steal personal and business information, and use it for various gains. Publically accessible social media information is vulnerable to cyber-attacks from cybercriminals. To communicate with customers directly, corporations today operate multiple social media channels. However, cybersecurity measures have to be ensured within the organizations while accessing the channels to increase security. The commonly used safety models, such as the Least-Privileged Administrative model, can be applied in organizations to ensure security. In addition, social media access to employees should be minimized. Taking necessary steps to increase social media security in organizations will help in avoiding deliberate sabotage. However, taking no care in this matter may jeopardize your business, as your company's platforms will be vulnerable to malpractices and attacks by cybercriminals. These factors make social media security vital than ever before. Let us look into some social media security threats and mitigate them through adequate cybersecurity best practices. Social Media Security Threats Third-party Apps Even if you ensure a hundred percentages of security for your social media channels, hackers can quickly get into your account through vulnerable third-party apps. International Olympics Committee and FC Barcelona were victims of it. Twitter accounts of these organizations were hacked through vulnerabilities of connected third-party apps. You cannot foresee how dangerous the third-party apps you use are. Malware Cyber adversaries trick their targets into installing malware to systems and start to control and monitor it. This way, they get sensitive information. Phishing Scams Phishing scams can quickly get into your social media security walls. Phishing scams make employees of organizations hand over information to frauds unknowingly. These can be private information such as passwords, bank details, etc. Unattended accounts Organizations are likely to use some accounts for some time and ignore them after a while. Cyber hackers are targeting these accounts, as they know no one is watching them. Even without hacking, they can post fraudulent messages on those accounts. They use an imposter account for it. They even can send malicious links from these unattended accounts to your followers. Therefore, these unmonitored accounts are a huge threat to your social media security. Social Media Security Tips Above mentioned are some of the social media security threats that corporations face while handling social media pages to interact with tier customers. However, following a social media strategy with stringent social media security best practices can save your company from these frauds and criminals. Cybersecurity products are also available to secure your online activities and business. Social Media Policy All organizations should have an effective social media strategy with a social media security policy for employees, especially those handling the profiles. The guidelines in this policy will make your social media executives handle the accounts safely. Additionally, it will save you from various vulnerabilities that make criminals break into your social media security walls. Social Media Security Audit Due to the technology improving every second, new vulnerabilities, threats, and new hacking tactics emerge. In addition, criminals are also coming up with new viruses, strategies, and scams to hack social media accounts. Thus, it is always good to audit the social media security measures implemented in your company. The audit should be done often, such as quarterly or semi-quarterly. This will ensure that your social media security measures are strong enough to fight new-age hackers. Strong Passwords Strong passwords alone can fight any social media security breaches and cybersecurity threats. Therefore, you have to ensure that you have a strong password for each of your accounts. Your employees should be educated regarding what constitutes a strong password. In addition, it is a good practice to change your password often. Two-factor Authentication According to privacy advocate of Comparitech, Paul Bischoff, two-way authentication is the best way to keep all your social media accounts secure. He says, Whenever an employee logs in from a new device, they are required to input a PIN sent to the account owner via an app, SMS, or email. This not only protects you from stolen passwords but can ensure that whoever is in charge of the accounts is present when logging in on new devices. Although some social media channels provide this facility, it is better to enable it for all your accounts with all the channels to ensure social media security. Summing up Social media is an integral part of business today. Companies need it to interact with customers to build brand image. However, social media security is a concern as technology is improving every second. Criminals are upgrading themselves with new tactics and techniques to hack accounts. Therefore, it is vital to follow and ensure stringent social media security best practices for your accounts to confirm your business's safety, avoiding going sensitive information to the wrong hands. Frequently Asked Questions Are social media channels safe for businesses? Social media is an integral part of marketing today. Therefore, it has to be handled with utmost care and vigilance. It will harm your business if you do not adhere to essential social media security measures, as hackers can get into your accounts quickly. What are some of the social media threats for businesses? There are many social media threats for businesses. Some are unmonitored social media accounts, imposter accounts, vulnerable third-party apps, human error, and phishing attacks and scams. { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [{ "@type": "Question", "name": "Are social media channels safe for businesses?", "acceptedAnswer": { "@type": "Answer", "text": "Social media is an integral part of marketing today. Therefore, it has to be handled with utmost care and vigilance. It will harm your business if you do not adhere to essential social media security measures, as hackers can get into your accounts quickly." } },{ "@type": "Question", "name": "What are some of the social media threats for businesses?", "acceptedAnswer": { "@type": "Answer", "text": "There are many social media threats for businesses. Some are unmonitored social media accounts, imposter accounts, vulnerable third-party apps, human error, and phishing attacks and scams." } }] }

Read More

Best Cybersecurity Tips for Remote Workers

Article | March 2, 2020

Remote working and cybersecurity risks, unfortunately, go hand in hand. As the COVID-19 pandemic appears to be far from over, cyber threats to individuals and businesses continue to loom large. The only solution at the moment is to invest in robust technology solutions that protect your network and to train employees in cybersecurity so that they develop healthy remote working practices. If you allow a bulk of your employees to work remotely, it is important to adopt a few basic habits to protect your devices and your business network from cyber criminals. Here’s a quick look at a few basic tips for remote workers that can go a long way in enhancing the overall security posture of your organisation. Passwords provide the first line of defense against unauthorized access to your devices and personal information. By creating a strong, unique password, you increase protection levels tremendously. You make it more challenging for cybercriminals to gain access and disrupt your systems networks. Rule number two is never to ignore those little pop-up windows that tell you that software updates are available for your device. Once you get such a notification, be sure to install the latest software as soon as possible. Timely software updates (including antivirus updates) help patch security flaws and safeguard the computer system. Are you busy with your work and don’t like to be distracted by such notifications? We highly suggest you encourage your employees to select auto-update for software on both mobile devices and computers. It will help you and your staff to prevent problems caused by delayed system updates.

Read More

Spotlight

Corelight, Inc

Corelight (formerly Broala) was founded by the scientists and technologists who created the Bro network monitoring platform, now protecting thousands of organizations worldwide including some of the largest and most complex. We aim to build exceptional tools for cybersecurity and network monitoring, and to generate an ongoing revenue stream for the open-source Bro project.

Events