Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Do you specialise in Network Security Management? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in December we’re focussing on Network Security Management.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Network Security Management solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Security IT Summit – Register now for free

960 640 Stuart O'Brien

Registration is now open for the summer 2020 Security IT Summit – don’t miss out on your free place!

Register for your complimentary guest place today.

Our Approach

Taking place on June 30th 2020 at the Hilton London Canary Wharf, the Security IT Summit allows senior professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their security strategies.

It’s entirely FREE for you to attend and your complimentary guest pass includes:

  • A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
  • Access to a series of seminars by industry thought-leaders
  • Networking with like-minded peers
  • Complimentary lunch and refreshments

How Do I Get Involved?

We have just 60 guest passes available, so register your free place today.

Security IT Summit

Smarter Payments Summit: Registration open!

960 640 Stuart O'Brien

Following an ultra successful debut this year, the Smarter Payments Summit will return in 2020.

Registration is now open for you to book your complimentary guest pass.

Book your FREE place here.

The Summit allows senior payment transaction professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their strategies.

Date: 8th September 2020

Venue: Hilton London Canary Wharf

It’s entirely FREE for you to attend and your complimentary guest pass includes:

• A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
• Access to a series of seminars by industry thought-leaders
• Networking with like-minded peers
• Complimentary lunch and refreshments
Secure your complimentary pass

We have just 60 guest passes available, so register your free place today.

Global IT security market to hit $151bn in 2023

960 640 Stuart O'Brien

The size of the information security technology market could reach $151.2 billion in 2023, driven by the banking and telecoms sectors.

That’s according to a report from PreciseSecurity.com, which predicts spending in the security technology market will reach $106.6 billion this year. 

The report asserts that information security technology spending continues to move forward with large investments from different companies and organisations around the world, with the whole market growing by 57% 2018 and 2023 from $96.3 billion to $151.2 billion. 

The banking industry is one of the sectors that is expected to invest the largest amount of funds in this market.

“Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions,” say the authors.

The report shows that the industries that will experience the fastest spending growth include government, telecommunications, and resources. They will be growing at a CAGR of 12.5%, 11.9% and 11.0% Compound Annual Growth Rate (CAGR), respectively. 

Although the growth in investment from companies and organizations in the security information technology market is expected to increase, the firms stresses its estimates could be conservative estimations. 

Justinas Baltrusaitis, the editor at PreciseSecurity.com, said: “Increasing investment in security products and services is a natural response to the growing number of various hacks and attacks companies experienced. In my opinion, this projection could be certainly realistic but I am not closed to think this number could be even higher.” 

Going phishing? Five emails you don’t want in your inbox

960 640 Stuart O'Brien

Phishing attacks are the most common form of cyber attack. Why? The simplicity of email gives cyber criminals an easy route in, allowing them to reach users directly with no defensive barriers, to mislead, harvest credentials and spread malicious elements.

All organisations think it won’t happen to them, but phishing isn’t a trap that only ensnares the gullible or those unacquainted with technology. Far from it. Gone are the days of poorly-worded, patently obvious attempts at scamming users out of their hard-earned cash. Some of today’s most sophisticated phishing attacks are almost indistinguishable from legitimate business communications – they’re well-written, thoroughly researched and establish a thread of communication with the victim before attempting to steal their credentials or bank balance.

Email is the single biggest attack vector used by adversaries who employ a plethora of advanced social engineering techniques to achieve their goal. Andy Pearch, Head of IA Services at CORVID, describes five common types of social engineering attack that no employee – from CISO to HR assistant – wants to see in their inbox…

1. Payment diversion fraud

Cyber criminals often masquerade as a supplier, requesting invoices are paid to alternative bank details. They can also pretend to be an employee, asking the HR department to pay their salary into a different account. Payment diversion fraud targets both businesses and individuals and the results can understandably be devastating.

There’s little point requesting someone to make a bank transfer or change payment details who isn’t authorised to do so – threat actors target finance and HR teams, who would expect to process payments and deal with changes to personal account details, so are more likely to comply with the fraudulent request.

2. CEO fraud

Impersonating a VIP – often the CEO – is big business for adversaries, knowing the recipient will often action the request straightaway. Threat actors research their executive target thoroughly to make sure their spoofed email is as convincing as possible, so it stands more chance of succeeding. They prey on users’ implicit trust of their seniors to coerce them into providing commercially sensitive information, personal information, or bank account details.

These deceitful requests often convey a sense of urgency, and imply the interaction can only be carried out via email – the victim therefore has no time to question the validity of the request, and is unable to call the CEO to confirm if it’s genuine.

3. Whaling

The opposite of CEO fraud, whaling targets senior executives rather than impersonating them. These targets are often the decision-makers in a business who have the authority to give the go-ahead on financial transactions and business decisions, without further levels of approval. These phishing attacks are thoroughly researched, containing personalised information about the company or individual, and are written in the company’s tone, adopting fluent business terminology that’s well-known to the VIP target.

4. Spear phishing

Perhaps the most widespread form of email-based cyber attack, spear phishing targets individuals and specific companies with links to credential harvesting sites or requests for confidential information, such as bank details and personal data. Attackers study their victim’s online presence to include specific information which adds credibility to their request, such as purporting to be from a streaming service the victim is subscribed to, or a supplier that is known to the target company.

5. Sextortion

Not all phishing attacks are subtle. A form of cyber blackmail, sextortion is when cyber criminals email their target claiming to have evidence of them committing X-rated acts or offences, and demanding payment to stop the criminals from sharing the evidence with their victim’s family or employer.

Attackers count on their victim being too embarrassed to tell anyone about the email (although they haven’t done anything wrong), because it’s a taboo subject most wouldn’t feel comfortable talking about with others. They often make the email sound like they’re doing their victim a favour in keeping the details to themselves. The victim may decide to pay up to stop embarrassing details about their private lives being made public, regardless of whether they’re true or not. Payments are usually demanded in Bitcoin so the transaction is untraceable, meaning the adversary cannot be identified.

But if the victim knows they’re innocent, why do these attacks still work? It’s all about credibility – attackers harvest email addresses and passwords from previous cyber attacks, which are available on the internet, and include them in their email to add credibility. If an attacker emails you claiming to know one of your passwords and includes it for proof, you’re more likely to believe the rest of the email is genuine.

Conclusion

These common types of social engineering attack cannot be ignored by any organisation – these threats are very real and won’t disappear anytime soon. Email security and threat protection can be transformed by the use of multiple sophisticated detection engines and threat intelligence sources; employees shouldn’t have to carry the weight of identifying these threats, essentially plugging the gaps in flawed cyber security strategies. Organisations need to treat email as the serious security risk that it is and begin to put appropriate measures in place.

Fraud detection and content checking in real time automatically highlight phishing and social engineering techniques, which removes the burden from users and instead leaves technology to do its job. Furthermore, technology enables potentially concerning emails – such as those attempting to harvest credentials, mislead users or spread malicious elements – to be automatically flagged, meaning employees can make quick, informed and confident decisions as to whether the email should be trusted.

With such sophisticated technology available and a growing threat landscape that shows no sign of slowing, it’s time for organisations to make a change and adequately protect themselves from incoming attacks.

SAVE THE DATE: Security IT Summit 2020

960 640 Stuart O'Brien

If you couldn’t make the Security IT Summit this week, don’t panic! The first of two 2020 events will take place on June 30th.

It’s free for you to attend and could help you reduce your expenditure by matching you up with innovative suppliers who match your business requirements.

So register today to secue your place. Here’s why you should attend:

  • As one of our guests, you will be provided with a bespoke itinerary of face-to-face meetings with suppliers based on mutual agreement. No hard sell, and no time wasted.
  • You’ll have the opportunity to attend insightful seminars and interactive workshops.
  • Network with 60+ other cyber security professionals who share your challenges.
  • Enjoy complimentary lunch and refreshments.

Taking place on June 30th at the Hilton London Canary Wharf, the Security IT Summit provides a platform for new business connections.

But act swiftly! Register today!

Unwanted apps high on 2020 cyber threat list

960 640 Stuart O'Brien

So-called ‘fleeceware’ apps and aggressive adware software are among the key cyber threats posed to businesses and the public in 2020.

That’s according to the 2020 Threat Report, produced by SophosLabs to explore changes in the threat landscape over the past 12 months.

The Report focuses on six areas where researchers noted particular developments during this past year – here are the key findings:-

  • Ransomware attackers continue to raise the stakes with automated active attacks that turn organizations’ trusted management tools against them, evade security controls and disable back ups in order to cause maximum impact in the shortest possible time. 
  • Unwanted apps are edging closer to malware. In a year that brought the subscription-abusing Android Fleeceware apps, and ever more stealthy and aggressive adware, the Threat Report highlights how these and other potentially unwanted apps (PUA), like browser plug-ins, are becoming brokers for delivering and executing malware and fileless attacks.  
  • The greatest vulnerability for cloud computing is misconfiguration by operators. As cloud systems become more complex and more flexible, operator error is a growing risk. Combined with a general lack of visibility, this makes cloud computing environments a ready made target for cyberattackers.
  • Machine learning designed to defeat malware finds itself under attack. 2019 was the year when the potential of attacks against machine learning security systems were highlighted. Research showed how machine learning detection models could possibly be tricked, and how machine learning could be applied to offensive activity to generate highly convincing fake content for social engineering. At the same time, defenders are applying machine learning to language as a way to detect malicious emails and URLs. This advanced game of cat and mouse is expected to become more prevalent in the future. 

Other areas covered in the 2020 Threat Report include the danger of failing to spot cybercriminal reconnaissance hidden in the wider noise of internet scanning, the continuing attack surface of the Remote Desktop Protocol (RDP) and the further advancement of automated active attacks (AAA).

“The threat landscape continues to evolve – and the speed and extent of that evolution is both accelerating and unpredictable. The only certainty we have is what is happening right now, so in our 2020 Threat Report we look at how current trends might impact the world over the coming year.  We highlight how adversaries are becoming ever stealthier, better at exploiting mistakes, hiding their activities and evading detection technologies, and more, in the cloud, through mobile apps and inside networks. The 2020 Threat Report is not so much a map as a series of signposts to help defenders better understand what they could face in the months ahead, and how to prepare,” said John Shier, senior security advisor, Sophos.

For additional and detailed information on threat landscape trends and changing cybercriminal behaviours, check out the full SophosLabs 2020 Threat Report at https://www.sophos.com/threatreport

Research highlights cyber threat to schools

960 640 Stuart O'Brien

There have been 301 attacks against UK and US schools so far in 2019, compared to 124 in 2018 and 218 in 2017. 

That’s according to Barracuda analysis of data compiled by the K-12 Cybersecurity Resource Center (K-12 CRC), which has been tracking reported attacks against U.S. schools since 2016.

This only accounts for the reported cases, however, and Barracuda says it’s highly likely that additional cases exist that went either unreported or even undetected, especially as stealthier malware that seeks to steal information, participate in botnets, or mine cryptocurrency is on the rise.

The National Cyber Security Centre (NCSC) recently published a report compiling cybersecurity-related findings from 430 schools across the UK. It found that 83% had experienced at least one cybersecurity incident, even though 98% of the schools had antivirus solutions and 99% had some sort of firewall protection.

Using a single source of open threat intelligence data and a list of all known websites belonging to U.S. and UK schools, Barracuda researchers found 234 unique malware samples that attempted to connect to school domain names.

It also found 123 IPs associated with the same set of schools that had negative reputation, which could point to additional malicious activity, in addition to disrupting activity at the school due to emails and web pages being blocked.

Among the highlighted threats are:-

Cyberattacks Against Schools — The most common threats targeting schools are data breaches (31%), malware (23%), phishing (13%), network or school infrastructure hacks(10%), and denial-of-service attacks (4%), based analysis of the 708 incidents reported to the K-12 Cybersecurity Resource Center since 2016. The remainder of the incidents were made up of accidental disclosure of data (16%) and other incidents (3%). 

Barracuda says many school districts only have one or two IT personnel to service the district, let alone any dedicated cybersecurity staff. Plus, the steady increase in school-issued devices in recent years drastically expands the attack surface along with the number of systems that need to be secured. 

This, it says, makes schools largely a target of opportunity as well as subject to the massive campaigns spreading scams and malware indiscriminately. Lowered security postures due to budget constraints, combined with a large user base of minors who don’t have the critical-thinking skills to properly assess potential attacks, makes both types of attacks more effective, unfortunately.

How schools can protect against the threat

Barracuda says the only way for schools to truly protect against cyberattacks is a complete security portfolio including perimeter security, internal network security, incident response capabilities, and a knowledgeable security staff to configure these solutions and handle incidents:-

1. Perimeter security

Perimeter security generally consists of network firewalls, web filters, email protection, and application firewalls. While affordable and easy-to-configure solutions are available, obtaining the budget for a full security portfolio can prove difficult for many school districts, and without all areas covered, attack vectors will undoubtedly still exist. 

2. Internal network security

While internal security such as intrusion detection, data backup, and anti-malware solutions are important for catching any breaches in perimeter security, the additional risk of insider threats that schools face make these measures even more critical. While Windows Defender offers decent anti-malware protection these days, upgrading existing machines to Windows 10 to take advantage of this feature can be costly and is often overlooked by many organisations. Regardless of the software being used, though, keeping up with security patches is critical because it helps patch exploits that can potentially be leveraged by attackers. 

3. Incident response capabilities

In the event of an incident, intrusion detection and incident response solutions both assist in discovering incidents and helping security staff isolate and remediate them. Data backup as part of internal network security can also assist during an incident if data is corrupted, encrypted, or deleted.

4. Knowledgeable staff

Maintaining a capable IT security staff is challenging for many school districts because IT staffing needs often compete with other much needed positions, such as additional teachers to keep up with enrollment rates. Without this staff, though, it can be difficult to patch systems and respond to potential incidents or even properly configure security solutions to maximise their benefit. 

£36m public funding for hack-resistant chips

960 640 Stuart O'Brien

The UK government has partnered with Arm to develop chip technologies that are more resistant to cyber threats, backed by £36 million in funding.

The move kicks off the the next phase of the government’s Digital Security by Design initiative, which is also backed by Google and Microsoft.

Official figures say the average cost of a cyber-attack on a business – where a breach has resulted in loss of data or assets – has increased by more than £1,000 since 2018 to £4,180.

In addition to robust software, the government says innovative hardware and systems solutions are critical to defend advanced technology and our defence systems.

This project is aiming to prevent hackers from remotely taking control of computer systems as well as targeting cyber-attacks and breaches, meaning more businesses providing online services are better protected. It will also create new business opportunities and help boost productivity.

A further project, backed by £18 million government investment through the Strategic Priorities Fund (SPF), will tackle some of the dangers of the online world from privacy abuses and wrongful use of data like disinformation and online fraud.

The initiative will help provide solutions to some of the issues identified in the government’s Online Harms white paper, which sets out plans for world-leading legislation to make the UK the safest place in the world to be online. The project will help understand what businesses and individuals need to reduce the harm they are exposed to by using online platforms and will aim to develop more trustworthy technology.

This, the government says, will help to prevent incidents of online fraud, phishing emails, impersonating organisations online and viruses or other malware like ransomware, which cost the UK economy millions of pounds in lost productivity.

Business Secretary Andrea Leadsom said: “Cyber-attacks can have a particularly nasty impact on businesses, from costing them thousands of pounds in essential revenue to reputational harm.Cyber-criminals operate in the shadows, with the severity, scale and complexity of breaches constantly evolving. It’s critical that we are ahead of the game and developing new technologies and methods to confront future threats, supporting our businesses and giving them peace of mind to deliver their products and services safely. Investing in our world-leading researchers and businesses to develop better defence systems makes good business and security sense.”

Minister for Digital and Broadband Matt Warman added: “The government wants the UK to be the safest place to be online and the best place to start and grow a digital business. As these investments show, we are determined to create the right environment to foster our thriving digital economy while giving people renewed confidence and trust in online services.We will always be firm in our support for the UK’s tech sector. Thanks to our work with the UK’s world-leading academic institutions and our business-friendly environment, we are helping entrepreneurs use technology to improve people’s lives and find solutions to future challenges.”

Building an effective cyber security culture

960 640 Stuart O'Brien

There are three methods that make an effective defence against cybersecurity: tools, processes and arguably the most important factor, people.

And the vast majority of data breaches take advantage of your people in order to succeed, whether it be an employee opening a malicious attachment, letting a criminal tailgate into the office, or revealing their password over the telephone.

Building an effective cyber security culture with collective awareness training is essential to protecting your organisation against cyber criminals.