Cyber criminals can gain access to sensitive data through unauthorized access. Learn how to use security standards to set up preventative measures.
The end of the traditional perimeter
The traditional data center has gone through many fundamental changes over the years. There once was the concept of a self-contained data center and internal network that was protected at the external-facing boundaries by network and web application firewalls. In this scenario, within the physical building, corporate-owned endpoints were trusted so they could easily access data via the internal network.
With corporate data and applications moving to the cloud, the bring-your-own-devices (BYOD) paradigm, and growing adoption of remote work, the traditional security perimeter has disappeared. Organizations must now face the challenge of defining new security policies to mitigate the risks associated with a perimeter-less network: sensitive data leakage, and data privacy and regulatory compliance breaches.
With more than 550,000 new malware samples being discovered every day, closing the security gaps that enable these cyberthreats to access systems should be a priority for organizations. Unfortunately, many are leaving themselves needlessly exposed to risk
"Exploits are often associated with zero-day attacks that take advantage of vulnerabilities not yet known to the software provider, which means there are no patches yet available. A study by Google revealed there were 24 zero-days vulnerabilities exploited by attackers in 2020.
At the same time, 80% of attacks exploit a vulnerability that was reported at least three years ago..."
Cyberattacks are expected to cause $6 trillion in damages in 2021. They have already become the fastest-growing type of crime worldwide
"Every device connected to the internet can pose risks. But with vigilance, good security practices and an encrypted connection, you can stay safe.
Here are the key cybersecurity risks and how to defend against them:
1. Phishing Threats Across Platforms and Devices
Phishing attacks involving malicious emails, messages, or links continue to be the most common type of cyberattacks. Phishing attacks try to trick recipients into providing sensitive information or installing malicious software or apps, including ransomware..."
Get a clear, consolidated view of events and threats across your entire enterprise with SIEM (security and event management). Here's how to select the best SIEM solution based on your company's unique assortment of needs.
"To protect your enterprise against security threats, you need maximum visibility. That's the fundamental notion behind SIEM (security information and event management) software, which is essential to the security defenses of most large and many medium enterprises.
SIEM aggregates event and log data in real time from a range of network equipment, servers, system software, and other infrastructure to identify patterns, flag anomalies, and send alerts when potential threats are detected. SIEM can also play an important role in incident response..."
Paul Boulanger, senior security consultant at AT&T, discusses how organisations can go about choosing a trusted cyber security advisor
"Regardless of the industry vertical, organisations that have email, a website, a phone system, or even just people using computers, will require cyber security at some level to protect their abilities to keep their businesses running smoothly. Depending on the organisation, they will also be at varying stages of their digital transformations, whether they're going all-in on cloud or want a mix of cloud and on-prem solutions to support their business and applications. Added to this, every organisation has unique needs, regulatory requirements, budgets and priorities. Therefore, every organisation also needs to go through the process to understand each of these to create a roadmap for how they are going to protect themselves..."
Matt Dunn, associate managing director in Kroll's Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness
"Most of the problems with setting up Remote Desktop Protocol (RDP) for remote work involves making RDP accessible via the public internet. RDP itself is not a secure setup and therefore requires additional security measures to keep workstations and servers protected. Without proper security protocols in place, organizations face several potential risks, including the increased risk of cyberattacks. The typical targets of these attacks tend to be small businesses because they often lack the resources needed to protect against and respond to these threats..."
While multi-factor authentication (MFA) is a much-needed addition to an effective cyber defense strategy, it is by no means foolproof.
"In fact, no single security effort can ever be considered entirely effective when facing off against threat actors that use automation to evade detection and identify an enterprise's weak points. Instead, organizations must view MFA as another layer of security that helps mitigate against the risk of potential compromise..."
In one of the first major surveys of IT and Security professionals since the Covid19 pandemic, Hysolate together with independent global survey organisation Global Surveyz interviewed 200 IT and Security leaders at top US and UK companies with 500-10,000 employees to learn more about the challenges they are facing. The findings are fascinating.
"The survey found that 87% of respondents want to give their employees more IT Freedom. What does IT Freedom mean in this content? Respondents see it as giving their employees the freedom to do their jobs. The opposite of IT Freedom appears to be locked down devices, and this is where we see an interesting paradox. 79% of respondents believe that IT and Security need to add more IT restrictions to reduce risky employee behavior, and here we have a paradox. How can users get their jobs done, if security restrictions are getting in the way?..."
Passwords are the first line of defense when it comes to digital security
"For most businesses, each employee is going to have at least one username and password that they need to remember. In many cases, there will be many. This is, of course, is in addition to all of their personal accounts and passwords which are sometimes used on the same device as their work accounts.
With this in mind, it should come as no surprise that somewhere between 20% and 50% of calls to the helpdesk are related to accounts being locked, or password resets..."
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 69 has been released today.
It's a free download, no registration required
Table of contents
- Why threat hunting is obsolete without context
- Review: Group-IB Threat Hunting Framework
- Navigating the waters of maritime cybersecurity
- Defending against Windows RDP attacks
- The evolution of the modern CISO
- Understanding the cloud shared responsibility model
- Why is patch management so difficult to master?
- Preventing security issues from destroying the promise of IoT
- vReformulating the cyber skills shortage
- Cybersecurity industry analysis: Another recurring vulnerability we must correct
- For CISOs and artificial intelligence to evolve, trust is a must
- Quantum computing is imminent, and enterprises need crypto agility now
- When the adversarial view of the attack surface is missing, digital transformation becomes riskier
Get the latest issue of (IN)SECURE Magazine and subscribe for free.
LogRhythm was named a Leader in the 2021 Gartner Magic Quadrant for Security Information and Event Management (SIEM) report for the ninth consecutive time
"Once again, we are incredibly honored by this distinction and believe it is a testament to our dedication in the cybersecurity industry year after year.
The recognition comes at a time when the SIEM market is growing. This year, LogRhythm was one of 20 vendors included in the Gartner SIEM Magic Quadrant versus 16 in 2020. While the industry continues to transform, our mission to protect our customers from cyberthreats with the best innovations and solutions remains a top priority..."
With the increase in API usage, API attacks are also becoming more and more prolific. Many CISOs realize their API security needs a reality check
"The API economy is no stranger to many of us. Without two applications or databases communicating and sharing data through APIs, the digital experiences we have grown accustomed to, such as getting a text message when your Uber has arrived, are not possible. Building a business that relies on APIs has brought success to many companies...
Because APIs are becoming increasingly valuable to businesses, the usage of APIs has reached an all-time high. In the 2020 State of API Survey by Postman, 84.5% of participants stated that APIs are playing a significant role in digital transformation initiatives. What's even more interesting is that a third (30.6%) of the survey respondents said that APIs played a role in their ability to respond to COVID-19..."
Today, payment card fraud is a booming business with no signs of slowing-out of every hundred dollars spent with a bank card, roughly six dollars and change is stolen, according to Nilson Report numbers
"Gross losses from fraudulent card transactions are expected to hit 40 billion by 2027. Ouch-those stats don't exactly inspire faith in the payment card industry, right? For many customers, turning over highly sensitive personal and financial information requires an increasingly difficult leap of faith. Consider this-American consumers worried more about having personal or financial information stolen by hackers than being murdered in 2019..."
See all Archived IT - Security articles
See all articles from this issue