Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Guest Post

Is email security training a waste of your time?

960 640 Guest Post

If users are the ones being tricked, train users and they won’t get tricked. Easy! Except it doesn’t quite work like that.

Can user training ever hope to keep pace with the constantly evolving threat landscape?

And who decided user training was the right solution in the first place?

Click here to read the latest advice from Corvid.

INDUSTRY SPOTLIGHT: Falanx penetration testing

960 640 Guest Post

To minimise risks from hackers you need to think and act like a hacker.

Penetration testing does just that, pseudo hackers attack your systems to help expose and fix vulnerabilities.

Whether it’s web applications, internal networks, mobile devices or wireless networks, penetration testing is critical to ensure high levels of cyber security. But why, when and how often should you penetration test?

Find out more at: https://falanx.com/cyber/why-when-and-how-often-should-you-pen-test/

Save £35k by deleting emails from your CEO

960 640 Guest Post

You work in finance. You get an email from your CEO addressing you by your first name, apologising for the late Friday email, but requesting you make an urgent payment to a regular supplier, with account details helpfully provided in the email. You’d pay it, right?

CEO fraud is an increasingly common type of phishing attack, where a threat actor impersonates a senior executive, and attempts to coerce an employee into transferring funds or personal information to the attacker’s account.

The average cost of this attack has risen to £35,000, but how do they keep getting away with it? Check out the latest advice from Corvid:

https://www.corvid.co.uk/blog/save-yourself-35k-delete-ceo-emails

FREE GUIDE: How to reduce the security vulnerabilities in Office 365

960 640 Guest Post

You’re likely to follow the path of least resistance, attacking wherever you have the biggest chance of success on the most widely used programs.

You will put out Phishing emails, Malware attacks, simple extortion mailers and Business Email compromise (BEC) attacks to gain entry to the target system.

Many enterprise organisations’ SaaS technology of choice is Microsoft Office 365 due to its mobility, ease of use and opportunities for collaboration. Office 365 provides the latest versions of Excel, Word, PowerPoint and Outlook, as well as cloud-based collaboration and productivity platforms OneDrive, Exchange Online, Yammer and SharePoint Online.

Many have come to see Microsoft Office as the gold standard for enterprise businesses. However, being a major player in the market also makes you a major target.

In this comprehensive guide, EveryCloud covers the 10 steps you can take to ensuring improving your office 365 security posture.

Click here to download the free guide.

The Rising Email Threat: Are instant messaging tools the answer?

960 640 Guest Post

By Barracuda Networks

At Barracuda we believe two heads are better than one. Following that logic, we can’t argue the value of the opportunity to hear from our peers on industry trends. We recently discovered through such means that, for the channel, email security is its biggest focus in 2019, as partners are increasingly helping their customers fight the battle against email attacks.

This got us thinking: how do end users view email security? And does it match with their channel counterparts? Are they too prioritising it over the next 12 months?

To answer our question, we quizzed 280 high-level decision makers across different industries throughout EMEA on their email security measures, where it falls on their ever-changing priority list, and ultimately how equipped they are for the inevitable attack.

Attacks are going up, up, up 

The results pointed to an industry already aware of – and often affected by – the rising new wave of email threats. Of the 280 decision makers polled, a majority (87%) predicted email threats to increase in the coming year. Perhaps unsurprisingly, the majority (75%) also said they had witnessed a steady increase in email attacks over the past three years against their own organisation. 

Breaking those attacks down, in the last year, almost half (47%) were attacked by ransomware, 31% were victim to a business email compromise attack, and a huge 75% admitted to having been hit with brand impersonation. This final statistic gives credence to our recent spear phishing report, which found that 83% of all the email attacks we analysed focused on brand impersonation. Clearly the criminal’s favourite choice, and for good reason.

Email remains the weakest link

However, regardless of this awareness, many organisations admit to being vastly unprepared when it comes to email security. Despite email being used since the 1990s, a staggering 94% admitted that email is still the most vulnerable part of organisations’ security postures. 

Unsurprisingly, finance departments seem to experience the most attacks, with 57% identifying it as the most targeted department. What was surprising was the rise in customer support attacks; a not insignificant 32% identified this as their most attacked department in what could indicate a new emerging trend for would-be attackers.

Without proper employee training, these attacks will continue to succeed. However, training is still hugely lacking across most organisations we spoke to, with the most popular answer (29%) being from respondents who receive it just once a year. Shockingly, 7% stated they’d either never had training or that they weren’t sure.

The lack of training is clearly leaving employees either confused or unaware of security protocol, as over half (56%) stated that some employees do not adhere to security policies. Of those, 40% said their employees used a ‘workaround’ to do so, perhaps referring to shadow IT solutions and the issues they continue to cause in enterprise IT environments. Both of these issues could be solved by regular and in-depth employee security training.

Not all doom and gloom

That being said, we’d be amiss to ignore those taking measures to reduce email threats. For the 38% whose security budgets are increasing next year, we’d hope security awareness training will play a key role in where the funds will be spent – after all, regardless of whether you have the latest technology, your employees are still the last line of defence. 

However, with 62% of security budgets to either stay the same or decrease over the next year, it seems that organisations are taking to other ways to try and reduce the rising email threat. Over a third (36%) are implementing instant messaging applications such as Slack or Yammer, to reduce email traffic.

This approach comes with a warning from us: while we haven’t yet seen attacks using messaging platforms such as Slack, this may well change in the future and doesn’t necessarily mean that these platforms are immune to attacks. Any organisation going down this route should do so with care, as if we know anything about cyber attackers, it’s that they’re always trying new ways to catch their victims out.

Interestingly, those companies using instant messaging tools are more likely to use Office 365 (78%), compared to an average of 56% across the rest of the study. They were also slightly more likely to pinpoint email as the weakest link (97%) versus 92%. With that in mind, security should be front of mind in order to ensure Office 365 environments are fully protected in the move away from Exchange.

In the short term, while a shift away from email to communications tools such as Slack might be tempting in order to temporarily ease the email burden, it might not work out in the long run, as we wouldn’t be surprised if cyber attackers just changed their tactics in response. In the longer term, the right combination of technology and security awareness training is the key to email attack protection. Attacks will always increase in sophistication, but as long as you stay ahead of the game, it is possible to keep the bad guys out. After all, even at 30 years old, email attacks are still proving profitable for cyber criminals, so they won’t stop any time soon… 

Image by rawpixel from Pixabay

More than half of companies have over 1,000 exposed sensitive files

960 640 Guest Post

By Matt Lock (pictured), Director of Sales Engineers UK, Varonis

All an attacker needs to steal your valuable data is access.

Unfortunately, many companies unknowingly give attackers access to their critical data. Personal identifying information on employees and customers, intellectual property, and more can easily make their way from secured systems to unprotected files and emails. 

To make matters worse, companies don’t have time to update global access groups, fail to archive old data, and skip monitoring who has access to what information. Once attackers slip through the cracks, they — and corrupt insiders alike — have the access they need to steal your data.

To shed light on the state of overexposed data, we analysed a random sample of 785 Data Risk Assessments, including more than 54 billion files. The results, available in the report Data Gets Personal: 2019 Global Data Risk Report from the Varonis Data Lab reveal that companies are failing to shore up their sensitive data. 

Some key findings from the report include:

  • Every employee, on average, can access 17 million files.
  • More than half (53%)of companies had at least 1,000 sensitive files open to all employees. 
  • Over one in five (22%) of all folders were accessible, on average, to every employee. 
  • 38% of users had passwords that never expire, up from 10% last year. 
  • Six in 10 companies had over 1,000 enabled, but stale, “ghost” users — accounts belonging to former employees that can still access your network.
  • Financial services firms had the most exposed sensitive files, with an average of 3,791 exposed, sensitive files per TB.
  • Retail organisations had the lowest number of exposed sensitive files, with an average of 858 exposed, sensitive files per TB.

Despitedire warnings of heavy fines under the GDPR and the steady stream of breaches and attacks in the news, companies are not prioritising their data. Take action with a data-centric security approach to ensure you are not giving malicious insiders and external attackers an all-access pass to your data. 

Could your most trusted employee be your biggest threat?

960 640 Guest Post

95% of cyber security breaches are due to human error, which in reality means it could be any user, at any time. The best bit? They probably won’t even know they’re doing something wrong, but they have inadvertently just become an unintentional insider threat. As Andy Pearch, Head of IA Services, CORVID, explains, organisations need to stop playing the blame game and pointing fingers at users when the system is compromised and instead ensure they have the right technology in place to take back control of their security defences.

Unintentional insider threats

A person becomes an unintentional insider threat when they unwittingly allow a cyber attacker to achieve their goal – whether that’s a breach of systems or information, or diverting payments to a criminal’s account. This can be through negligence or lack of knowledge, but can also be a result of just doing an everyday job.

Unintentional insider threats are particularly dangerous because the traditional methods of identifying insider threats don’t work – they don’t try to hide emails or files, because as far as they’re aware, they’re not doing anything wrong. If an attacker presents themselves as a legitimate person with the right credentials to request a change, the unsuspecting employee will probably respond exactly as the attacker was hoping.

Trusted employees have access to company-sensitive information, assets, and intellectual property, and permission to make financial transactions – often without requiring any further approval. Threat actors target these privileged, trusted people – impersonating suppliers, regulators, and known colleagues – and try to encourage them to do something they have permission to do, but shouldn’t.

Removing reliance on users

Email allows threat actors to communicate with users with almost no defensive barriers between them. Even the most diligent employee gets distracted, rushed, or slightly too tired, which is all it takes for a malicious email to achieve its objective – whether that’s clicking a link, opening an attachment, or trusting the email’s source enough to reply. Employees don’t expect to be attacked in a safe office environment but threat actors prey on this perceived safety to catch them off guard and socially engineer them into doing something they shouldn’t.

Many people think they know what a spam email looks like, but 97% of people are unable to identify a sophisticated phishing email. This is hardly surprising when considering there are, comparatively, so few highly-convincing fake emails; because they aren’t seen every day, employees aren’t always looking out for them. Then there are some methods of impersonation that organisations can’t realistically be expected to detect – for example, spotting the difference between a 1, l, and I (1, L, and i, respectively). Attackers know that employees aren’t meticulously scanning every email for tiny details like this, so they take advantage. If an organisation’s email security currently relies on users correctly identifying malicious emails 100% of the time, quite simply, their defences are going to succumb to attack.

Preventing the unintended

Research shows that 90% of organisations feel vulnerable to insider attacks, so now is the time for change. Monitoring normal access and behaviour patterns can give early warning signs of potential intentionally malicious activity, but the same can’t be said for unintentional insiderthreats. The attacker’s request could be comfortably within the scope of an employee’s daily duties.

The information available to users is often insufficient for them to determine whether an email is legitimate. As such, they should be suspicious and challenge requests, especially if they’re unexpected or urgent. Checks should also be put in place for a second pair of eyes to confirm certain requests before any action is taken, for example, changing payment details or making unscheduled wire transfers. If the request is for a financial transaction or asks for sensitive or personal information, phone the person who made the request (or better still, speak to them face-to-face) to confirm it’s genuine.

There is only so much humans can do. By having technology in place that alerts users to potentially malicious content and enables them to make an informed decision about an email’s nature and legitimacy before acting on it, organisations can take back control of their security defences instead of playing the blame game and pointing fingers at users when the system is compromised.

Cybersecurity’s biggest asset: Why use the cloud?

960 640 Guest Post

The cloud is one of those hot buzzwords that gets thrown around a lot both in the tech world and in our daily lives.

No longer reserved for IT departments alone, the cloud has become something that we depend upon greatly, especially in the way companies go about their business. And it’s about to become even more important.

In fact research shows that companies are looking to drastically increase their investment in the cloud in the coming years. Morphean recently conducted an independent survey of more than 1500 IT decision makers across Europe to discover their views on cloud services. The survey reported:

  • 78% expect their spending on the cloud to increase in the next two to five years
  • 47% said their internal data would be cloud processed within the same time frame
  • 45% said they would definitely consider migrating their physical security systems, such as video surveillance, to the cloud

There’s no doubt that the cloud is becoming a more important part of everyday business dealings, but some people still have reservations about the safety of this storage system, and whether or not it is worth it. We believe it is, and let us tell you why. 

But what exactly is the cloud?

Short for ‘cloud computing’, the cloud is essentially a terrestrial home for your data. So instead of being stored on the computer in front of you, it’s stored somewhere else, or in multiple places, and it is up to a network of servers to take you to it.

Some everyday examples you may recognise include the Apple iCloud, Dropbox, Google Drive, Microsoft OneDrive, and even Netflix.

Is the cloud the future of cybersecurity?

Unfortunately, the cloud has received some negative press in the last few years in regards to security and safety. In fact, according to the Morphean survey, 45% of people cited security risks as being their biggest obstacle to instigating a full move across to the cloud. 

The only way to truly protect your information is to lock it up underground, but you can rest assured that the cloud is far safer than information stored on a local device. Cloud computing services have more complicated security methods in place than the average computer owner can come up with. Any wannabe hackers would then have to get past the cloud system’s first line of defence; encryption.

Encryption is the practice of using complex algorithms to protect your data. In order to get past these algorithms, the hackers would need something called an encryption key. 

But it’s not all down to these intricate and convoluted systems. In fact one of the biggest threats to cloud security is the barriers set by individual people. In other words, easy-to-guess password and security questions. 

Above we talked about negative press aimed at the cloud over the past few years, most notably the infamous Apple hack where celebrities had photos stolen and leaked. The media reported that the cloud had been hacked, which led to a drop in public confidence and has no doubt contributed to people’s existing fears. In reality the cloud itself wasn’t hacked, but rather the accounts of individuals who used the cloud to store their data.  

The truth is that the cloud is incredibly safe and secure, but it’s up to individual users to do their part. That means choosing strong passwords by adding letters, numbers and symbols, using different passwords for different accounts, and avoiding using passwords that relate to your personal life.

But if that’s not enough to convince you of the cloud’s excellent security systems, did you know that online retailing giant Amazon runs its entire business off of its own cloud service, AWS? 

Other benefits of using the cloud

It’s not only the increased security that comes along when you start using the cloud. Here’s a few more that you can expect for your business.

Continuity

No matter what kind of industry you are in, having a continuity plan in place is vital for protecting your sensitive data and systems. Disasters can strike at any time and for a whole multitude of reasons, ranging from the weather and natural disasters to power failures. By having your information stored off-site in the cloud, you can rest assured that it is backed up and protected in a secure and safe location. Even if you have to move office, you will be able to access and download your data from any location with internet, therefore minimising your downtime and avoiding loss of productivity.

Working flexibility

The world is getting smaller. Not literally of course but modern technology is drastically reducing businesses’ needs for a physical office with staff present 100% of the time. The cloud helps to make this even more possible by granting flexibility in staff’s working practices. Once employees are able to access their work from home, on their commute or even on holiday – anywhere with an internet connection – suddenly the whole world is your office.

Scalability

When it’s time to scale your business up, purchasing and installing upgrades to your storage needs can be both expensive and incredibly time consuming. But when you work with the cloud, everything can be done quickly to suit your exact needs. Whoever provides your cloud computer services will be able to handle all upgrades for you, leaving you free to get on with the important task of running your business.

It’s natural for any business owner to be concerned about the safety and security of their important data. Your business is your baby, and you of course want to protect it. The cloud is undoubtedly the best option and as research shows, more and more businesses will be placing their trust in this extraordinary technology, for more than its safety benefits, to further their growth and secure a strong future.

Image by Patricia Alexandre from Pixabay

Cybersecurity and Financial Services – How Can Organisations Combat the Threat?

960 640 Guest Post

By Genevra Champion, Sector Marketing Manager, IT Governance

The financial services industry is naturally a lucrative target for cyber criminals. Financial organisations trade and control vast amounts of money, as well as collect and store customers’ personal information so clearly, a data breach could be disastrous for an industry that is built on trust with its customers. 

The financial services industry is second only to retail in terms of the industries most affected by cyber crime –  the number of breaches reported by UK financial services firms to the FCA increased 480 per cent in 2018, compared to the previous year. While financial servicesorganisations are heavily regulated and cybersecurity is becoming more of a business priority, there is still much more to be accomplished when it comes to businesses understanding what measures must be taken – from the C-suite down – to effectively protect organisations against inevitable breaches.  

So how can financial services firms proactively equip themselves to respond to increased regulatory scrutiny and mitigate the impact from the growing number of threats they will face? 

Mitigating the threat

Financial institutions were able to defend against two-thirds of unauthorised fraud attempts in 2018, but the scale of attacks significantly increased. Significant market players including Tesco Bank, Metro Bank and HSBC all reported breaches in the last year. Clearly, the banks’ cybersecurity defences have not developed at a fast enough pace. Cyber criminals can and will dramatically outspend their targets with increasingly sophisticated attack methods. In addition, many of the traditional banks struggle with large, cumbersome legacy systems, which pose significant reliability issues, as well as flaws in security. 

Last year’s IT banking disaster led to thousands of TSB customers being locked out of their accounts, leading to fraudsters exploiting the situation by posing as bank staff on calls to customers in order to steal significant sums of money from customers. The breach occurred while the company was conducting an upgrade on its IT systems to migrate customer data to a new platform. This wasn’t just bad luck for TSB, but a failure to adequately plan and assess the risks that come with such a huge project. The bank has since pledged to refund all customers that are victims of fraud, a move which will likely see other banks reviewing their approach to the rise of this particular type of cyber crime. 

The industry must understand that security incidents are an ever-present risk. However, organisations can be prepared – scoping a defence strategy specific to the firm, with processes for implementation, will mean an attack can be quickly identified, isolated and resolved, minimising business impact.

Appropriate defence strategy

The FCA has set out various cybersecurity insights that show how cybersecurity practices of UK financial services firms are under the regulatory microscope, as the cyber threat continues to grow. The approach from the FCA includes practices for organisations to put into action such as those that promote governance and put cyber risk on the board agenda. The advice also covers areas such as identifying and protecting information assets, being alert to emerging threats and being ready to respond, as well as testing and refining defences. With cyber crime tools and techniques advancing at a rapid pace, and increasing regulations, it’s no wonder that many organisations struggle to keep up to ensure their defences stay ahead of the game.

In order for in-house security teams to keep up to date with current and evolving threats and data protection issues, firms must invest in regular training. Specialist skills are required to mitigate cyber risk, which for some could be cost-prohibitive.  As an alternative, an insourced model allows you to leverage a dedicated and skilled team on an ‘as you need’ basis to deliver an appropriate strategy. With a Cyber Security as a Service (CSaaS) model in place, organisations can rapidly access a dedicated team with the knowledge and skills to deliver a relevant and risk appropriate cyber security strategy. 

Crucially, in addition to completing a gap analysis and a multi-layered defence strategy, the model will also apply to people and processes. Attackers will generally aim at the weakest point of an organisation – often it’s staff. Human nature means passwords are forgotten, malware isn’t noticed, or phishing emails are opened, for example. Therefore, a blended approach of technology, processes and shared behaviour is required that promotes the need for staff awareness and education of the risks, in order to effectively combat the threat.  

Conclusion

With increased regulatory attention across security and privacy, firms must take steps to improve their defences, or risk severe financial and reputational damage. The issue of cybersecurity risk must become as embedded within business thinking as operational risk. Anyone within an organisation can be a weak link, so the importance of cybersecurity defences must be promoted at all levels – from the board all the way through to the admin departments. It’s everyone’s responsibility to keep the organisation protected against threats. 

While the threat of cyber attack is real, financial services firms do not have to take on the battle alone. With a CSaaS model in place, organisations can start to take back control of their cybersecurity strategy and embed it as a trusted, cost-effective and workable core part of the business’ process. 

Image by Jason Goh from Pixabay

Shadow IT is everywhere – are you at risk?

960 640 Guest Post

By EveryCloud

Cloud services – SaaS and IaaS – are everywhere. Businesses rely on their flexibility and the productivity they deliver.

But what about the cloud services you don’t see? Business-led cloud services, or “Shadow IT”, have sprung up in dozens of departments and project teams. In every corner of the business and outside the control of IT.

Make no mistake, the workforce relies on Shadow IT as much as it does the services provided by IT. Possibly even more so.

But it also means risk. Shared sensitive and commercial data. Undetected insider threats. Unchecked malware. Lack of compliance with privacy regulations.

What if you can have the best of both worlds? Best of breed productivity and security controls that guard data everywhere? Learn more with our infographic.

  • 1
  • 2