ReportWire

Tag: cyber attacks

  • How to Build a Cyber-Resilient Company | Entrepreneur

    How to Build a Cyber-Resilient Company | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    As businesses enter a new digital era marked by rapid innovation and interconnectedness, cybersecurity ceases to be an add-on and has transformed into a critical necessity. The digitization of business operations has amplified efficiency and accessibility, but it has also increased vulnerability to a wide range of cyber threats. With the evolution and escalation of these threats, the concept of cyber resilience has become more salient than ever.

    Cyber resilience refers to the ability of an organization to persistently deliver expected outcomes in the face of adverse cyber events. It’s not only about preventing cyber attacks but also how your company responds and recovers when these incidents inevitably strike. Building a cyber-resilient company is a journey that involves thorough risk identification, development of a comprehensive cybersecurity strategy, implementation of proactive and reactive defenses, and thorough training of your team. Each of these steps deserves careful attention and consideration.

    Related: Combating Cyber Crime: Your Company Needs To Be Resilient

    Risk assessment

    Every journey towards cyber resilience begins with risk assessment. It sets the foundation for your strategy by helping you understand your current status, exposing vulnerabilities and defining the potential implications of varying cyber threats. In a nutshell, a risk assessment consists of identifying your valuable assets that could be potential targets, such as hardware, software, data, networks and personnel.

    Next, you need to pinpoint the threats that these assets might encounter and the vulnerabilities that could be exploited. Then, these risks must be evaluated and prioritized based on their severity. This step is iterative and should be repeated frequently to account for new assets, emerging threats and detected vulnerabilities.

    Develop and maintain a cybersecurity strategy

    Having grasped potential risks, your next move is crafting a holistic cybersecurity strategy that mitigates them. Your strategy should kick off with a gap analysis, which juxtaposes your current cybersecurity measures against the desired state. Here, you’re essentially comparing your existing practices with industry standards or frameworks such as NIST or ISO 27001 to identify any gaps.

    Following the gap analysis is a thorough risk analysis, diving deeper into each risk identified during the risk assessment. This allows you to comprehend the nature of each risk better and informs the appropriate response measures. Additionally, as part of your strategy, you need to formulate a backup and recovery plan. Regular backups are instrumental in recovering data lost or compromised during a cyber incident. This plan should delineate what data should be backed up, how frequently it should be backed up and the process of data recovery during emergencies.

    A robust cybersecurity strategy also includes an incident response plan, which outlines your organization’s response in the face of a cybersecurity incident. It should cover who does what, the escalation procedures, communication strategies and steps for analyzing and learning from the incident. Lastly, conducting regular cybersecurity audits is essential to gauge the effectiveness of your security measures, identify weaknesses in your defense and inform necessary improvements.

    Implement proactive cybersecurity measures

    A robust cybersecurity strategy must be proactive, constantly identifying and addressing threats before they materialize. This involves staying updated with the latest cybersecurity threats and trends, which allows you to anticipate potential risks and enhance your defenses accordingly. Regular updates and patching of your systems and applications can prevent security vulnerabilities from being exploited.

    Implementing strong access controls is also crucial. Ensure employees only have access to the data they need to perform their roles to limit the potential damage in case of a compromised account. Additionally, employing Multi-Factor Authentication (MFA) adds an extra layer of security by requiring additional credentials beyond just a password.

    Related: Why Startups Should Consider A Cyber Resilience Strategy

    Implement reactive technical defenses

    Despite your best proactive measures, some cyber threats will infiltrate your defenses. Reactive defenses, such as firewalls and antivirus software, help to minimize damage when these incidents occur. Firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules, forming the first line of defense against cyber threats. Antivirus software complements firewalls by detecting, preventing and removing malicious software.

    Intrusion Detection and Prevention Systems (IDS/IPS) monitor your network for suspicious activities and potential threats, alerting you to a potential attack and, in some cases, taking action to mitigate the threat. Encryption is another valuable reactive measure that involves making your sensitive data unreadable to anyone without the appropriate decryption key, thus protecting it even if it falls into the wrong hands. Security Information and Event Management (SIEM) systems provide real-time analysis and reporting of security alerts generated by applications and network hardware. They help detect incidents early and respond promptly.

    Employee training

    Human factors are often the most vulnerable link in an organization’s cybersecurity defenses. Aware of this, cyber criminals tend to target employees with tactics like phishing. As such, thorough employee training is a vital part of building a cyber-resilient company. Employees should be made aware of their role in maintaining cybersecurity through regular awareness training, which covers common threats, safe online practices and the importance of security protocols.

    Depending on their roles, some employees may require specific cybersecurity skills, such as understanding how to use security tools, identifying and responding to specific threats or handling sensitive data securely. Regularly conducting simulated attacks, such as phishing drills, can help employees understand what a real attack might look like and how they should respond.

    Cyber threats are always evolving, and as such, your training should promote continuous learning and stay updated with the latest threats and defenses. Building a cyber-resilient company is a journey rather than a destination. It requires continuous effort, learning and adaptation. However, the payoff is immense: Not only does it protect your organization from devastating cyber attacks, but it can also confer a competitive edge. In an increasingly connected world, customers, partners and investors highly value organizations that take cybersecurity seriously.

    Related: Cybercriminals Aren’t Just Attacking Your Software — They’re Coming for Your Employees. Level Up Your Company’s Cybersecurity With These 4 Steps.

    In summary, cyber resilience is the ability to maintain your business operations despite adverse cyber events. It involves a rigorous risk assessment, crafting a comprehensive cybersecurity strategy, implementing both proactive and reactive measures and training your employees. By fostering a culture of cybersecurity across all levels, businesses can not only shield themselves from potential threats but also establish a level of trust with their customers, assured that their sensitive data is in safe hands. In a world where data breaches are becoming increasingly commonplace, building a cyber-resilient company is an investment in your company’s long-term sustainability and success.

    [ad_2]

    Jim Koohyar Biniyaz

    Source link

  • How to Mitigate Cybersecurity Risks Within Supply Chain Relationships | Entrepreneur

    How to Mitigate Cybersecurity Risks Within Supply Chain Relationships | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    The advent of the digital era has seen a progressive escalation of cyber threats targeting the global supply chain — a matrix-like network composed of manufacturers, suppliers, distributors and retailers. A single vulnerability within this intricate network can provide a gateway for adversaries to infiltrate and compromise the entire supply chain.

    Of particular concern are partners and vendors, who often possess privileged access to systems and data. This access, if not properly secured, could serve as a launching pad for cyber criminals.

    Understanding the supply chain cybersecurity landscape

    Supply chain cybersecurity refers to the gamut of strategies, practices and technologies deployed to shield the supply chain from digital threats. As our global economy grows more intertwined and digitized, the importance of implementing robust cybersecurity measures within the supply chain has never been more critical. The rise in high-profile cyber attacks, such as the SolarWinds hack, has underscored the vulnerability of supply chains, revealing the potential magnitude of these breaches and the consequent fallout.

    Identifying potential cybersecurity risks within the supply chain

    Cybersecurity threats pervading the supply chain are manifold and include advanced persistent threats (APTs), ransomware, spear phishing and Distributed Denial of Service (DDoS) attacks. The repercussions of these threats are far-reaching, leading to severe outcomes such as data theft, interruption of business continuity, reputational damage and substantial financial losses. A case in point is the NotPetya attack, which resulted in widespread disruption across multiple industries, culminating in global losses estimated to be around $10 billion.

    Detailed analysis of risks related to partners and vendors

    Partners and vendors, owing to their privileged access to sensitive data and critical systems, can inadvertently become conduits for cyber threats. The risks can stem from various factors such as inadequate security controls, lack of employee cybersecurity training, use of legacy systems and the absence of regular patching and updates. A notable example is the infamous Target breach, where cybercriminals exploited a vulnerability in an HVAC vendor’s system to gain unauthorized access to Target’s network.

    Partner risk assessment

    The complex risk landscape associated with partners and vendors necessitates regular partner risk assessments. Such assessments involve a thorough examination of a partner’s security posture, gauging the robustness of their security controls, compliance with relevant cybersecurity regulations and their capability to respond to incidents.

    Advanced tools and methodologies can be employed to facilitate these assessments. The use of standardized questionnaires such as the Standardized Information Gathering (SIG) or Vendor Security Alliance (VSA) questionnaire provides a structured way to assess a partner’s security controls. On-site audits offer a firsthand evaluation of a partner’s processes, while third-party certifications like ISO 27001 provide reassurance about a partner’s commitment to cybersecurity.

    Potential impact scenarios of cyber attacks on partners and vendors

    A cyber attack on a vendor or partner can have a domino effect. Consider a scenario where a threat actor compromises a vendor’s system, distributing malicious firmware updates to unsuspecting customers. Unknowingly, customers install these compromised updates, infecting their systems with malware, leading to widespread disruption and data theft. In another scenario, a cybercriminal could infiltrate a partner with high-level access privileges to your systems, making your network an easy target for exploitation.

    Cybersecurity mitigation strategies for supply chain partners and vendors

    Mitigation of cybersecurity risks requires a strategic, layered approach. It’s crucial to incorporate cybersecurity considerations right from the vendor selection process, choosing partners that demonstrate a robust security posture and adherence to best cybersecurity practices. Contractual agreements should clearly spell out cybersecurity expectations and requirements.

    Continuous monitoring and regular audits of partner and vendor security practices are paramount. This helps ensure that security standards are consistently maintained and that any deviations are quickly detected and addressed. Additionally, having an Incident Response (IR) plan detailing roles, responsibilities and actions during a cyber incident can expedite recovery and minimize damage.

    Technology’s role in securing the supply chain

    Emerging technologies such as artificial intelligence (AI) and machine learning (ML) can be instrumental in detecting and mitigating cybersecurity threats. These technologies can sift through vast amounts of data, identifying patterns and anomalies that could signify a security breach. Blockchain technology can further augment supply chain security by enhancing transparency and traceability, making it arduous for attackers to manipulate the system.

    Legal and regulatory aspects of supply chain cybersecurity

    Adherence to legal and regulatory frameworks governing cybersecurity in supply chains, such as the European Union’s General Data Protection Regulation (GDPR) or the U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), is critical. Non-compliance could result in significant penalties and loss of trust. Regularly updating your knowledge of the evolving regulatory landscape and embedding these requirements into contracts with partners and vendors is a prudent practice.

    Implementing a collaborative approach to cybersecurity

    Supply chain security necessitates a culture of collaboration and clear communication about cybersecurity expectations. Cultivating this culture means viewing cybersecurity as a business imperative that demands commitment from all levels within the organization. The Defense Industrial Base (DIB) sector’s threat information sharing initiative serves as an excellent example of the success of collaborative approaches.

    Future trends in supply chain cybersecurity

    With rapid advancements in technology, the cybersecurity landscape is also evolving. We anticipate trends such as AI-driven threat detection and the rise of quantum computing, which presents its unique challenges and opportunities. Businesses should strive to stay abreast of these trends, adapting their cybersecurity strategies as necessary.

    Securing the supply chain is a complex, continuous endeavor, and partners and vendors play a pivotal role. This necessitates a comprehensive understanding of the risks, thorough assessments of partner and vendor security practices, deployment of robust security controls, strategic use of technology, adherence to legal and regulatory requirements and fostering a culture of collaboration. In an increasingly interconnected world, prioritizing cybersecurity in supply chain management strategies is not an option but a business imperative.

    [ad_2]

    Jim Koohyar Biniyaz

    Source link

  • 10 Reasons to Use AI in Your Cybersecurity Practices | Entrepreneur

    10 Reasons to Use AI in Your Cybersecurity Practices | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Artificial intelligence (AI) is omnipresent in the digital landscape, pervading numerous industries to improve efficiency, enhance data security, elevate user experiences and boost profits.

    In addition to improving business operations, AI can help businesses improve their cybersecurity and offer effective threat detection and response. AI’s ability to process vast and intricate datasets, uncover hidden patterns and deliver precise predictions makes it an invaluable tool for defending against cyber threats.

    According to an IBM study, in 2022, organizations were 13% more likely to have adopted AI than in 2021. It indicates an expanding interest in embracing AI and automation as businesses endeavor to strengthen their security posture and stay ahead of potential threats.

    Here, I discuss the top 10 advantages of integrating AI with cybersecurity practices.

    Related: AI For Cybersecurity: Maximizing Strengths And Limiting Vulnerabilities

    1. Enormous data handling capability

    Given the massive data streams between users and businesses, cybersecurity experts have traditionally relied on filters and rule-based systems to detect anomalies and analyze potential threats in real-time. However, with the ever-increasing scale and intricacy of modern data, these traditional methods are no longer sufficient.

    In this respect, AI-powered systems, leveraging machine learning algorithms, offer highly efficient and accurate analysis of enormous data sets generated by diverse business activities. Furthermore, AI continuously learns from data patterns and adapts detection techniques, helping to stay ahead of evolving threats and emerging attack vectors and, in turn, making them invaluable in safeguarding business networks and sensitive information.

    2. AI models improve with more real-world data

    Through iterative training and exposure to new data, AI models can enhance their performance over time to tackle more challenges, including threat detection. For instance, an AI model trained for anomaly detection using historical data can analyze and understand new patterns in network traffic, enabling it to better identify and respond to emerging threats.

    Furthermore, AI algorithms can also leverage human feedback to enhance their performance. By incorporating insights provided by experts or end-users, AI systems can learn from these inputs and refine their decision-making processes.

    While AI algorithms can adapt to new threats, their adaptability often requires ongoing research, monitoring and manual intervention. Regular updates and retraining may be necessary to ensure their effectiveness in dynamic and ever-changing security environments.

    3. Enhanced endpoint security

    Endpoint security is crucial in protecting devices such as computers, mobile phones and IoT devices. However, with the increasing number of endpoints, traditional security measures may not be sufficient as relying on static rules and signatures to detect and prevent threats may struggle to adapt to the rapidly evolving tactics and techniques employed by cyber criminals.

    Additionally, the diverse range of devices and operating systems present different security challenges, as each may have unique vulnerabilities that can be targeted.

    To effectively protect against this expanding attack surface, more advanced AI-based security solutions, such as behavior-based detection and real-time threat intelligence, can be implemented. These approaches can provide proactive and adaptive protection to safeguard endpoints from a wide range of threats.

    4. Boosted threat detection and response speed

    The benefits of using AI in cybersecurity go beyond just improving accuracy; AI can significantly improve time efficiency as well. For instance, research reports have shown that AI can reduce the time it takes to identify security threats and breaches by up to 12%, allowing security teams to react quickly and minimize risks.

    AI also helps reduce the time taken to remediate a breach or implement patches in response to an attack by up to 12%, saving time and resources and minimizing potential damages.

    5. User and entity behavior analytics

    User and entity behavior analytics (UEBA) utilizes machine learning to detect anomalous user behavior. It records and stores data points like usernames, activity logs, computers accessed and IP addresses and then uses this information to create a baseline of user behavior.

    This baseline acts as a point of comparison for the AI to identify patterns and irregularities in user behavior. For instance, it is more likely to be a malicious action if a user suddenly accesses a lot of files or logs in from an uncommon IP address.

    The UEBA system will send alerts if any oddities are found, allowing more investigation into the issue. In addition, UEBA systems can monitor for insider threats, as they can detect when an internal user’s behavior deviates from the norm. This aids businesses in identifying and managing possible security concerns before they become a serious problem.

    Related: How Companies Can Utilize AI and Quantum Technologies to Improve Cybersecurity

    6. AI-driven personalization and security

    Businesses, driven by the need to navigate the constantly evolving cybersecurity landscape, are not only focusing on security but also on user engagement. This has led to a revolutionary shift in their strategies with the integration of AI-powered Identity and Access Management (IAM) solutions.

    With AI, businesses can optimize their approach to ensure a seamless and customized user experience, all while maintaining a robust security posture. One prime example of this is adaptive authentication. By harnessing machine learning algorithms, adaptive authentication continuously analyzes and evaluates user behavior and context, effectively assessing the risk associated with specific activities.

    Based on this risk assessment, the system dynamically adjusts authentication requirements and prompts for additional verification factors as necessary. This personalized approach minimizes unnecessary authentication steps for low-risk activities, providing a smoother and more streamlined experience. Meanwhile, for high-risk actions, additional layers of verification can be seamlessly introduced, reinforcing security without affecting user experience.

    7. Effective detection of false positives and false negatives

    AI systems can effectively minimize false positives and false negatives, typically produced by security systems usually built under strict regulations.

    False positives squander time and resources by reporting normal activity, which might create alert overload and fatigue. False negatives, on the other hand, may lead to malicious operations going undetected and causing damage.

    AI systems trained on vast, evenly distributed and unskewed datasets can better distinguish risky and acceptable activity and respond to new and emerging risks.

    8. Prevent zero-day exploits

    Zero-day exploits are unknown vulnerabilities — therefore, they do not have any immediate patches or fixes. Cyber criminals target these vulnerabilities with malware to steal sensitive information or disrupt business operations.

    However, by utilizing deep learning architectures and natural language processing techniques, AI systems can play a significant role in detecting zero-day exploits. Deep learning models trained on historical data learn the characteristics of such exploits and then apply that knowledge to find subtle or hidden patterns that might point to zero-day exploits or activities.

    On the other hand, natural language processing assists in scanning source code for potentially vulnerable or malicious code segments and flagging them for additional examination. As these models become more context-aware over time, they can recognize patterns that indicate an attack is imminent or underway.

    9. Threat intelligence

    Threat intelligence is the process of collecting, analyzing and scrutinizing data about both existing and possible threats. In other words, this process helps in getting a comprehensive understanding of cyber criminals, their tools, motives and TTPs (tactics, techniques and procedures).

    Since this process is extremely resource-oriented and time-consuming, incorporating AI-backed techniques can make it simple and straightforward. It involves scraping colossal amounts of data from various sources like traffic logs, social media, cyber forums, dark web forums and much more.

    The data collected through these sources is then processed and analyzed using ML algorithms, extracting valuable insights and identifying patterns or anomalies that indicate potential threats. This enables businesses to make data-driven decisions and proactively mitigate risks early on.

    10. Cost savings

    Businesses at the forefront of adopting AI-powered security technologies can achieve significant improvements, not just boosting security but also resulting in considerable cost reductions.

    According to an IBM study, businesses have increased their Return on Security Investment (ROSI) by over 40% while also reducing data breach-related financial losses by at least 18%. By doing so, they are freeing up resources to reinvest in other cybersecurity activities, enabling them to further enhance their security posture.

    Related: How AI Is Shaping the Cybersecurity Landscape

    Given the increasing prevalence of cyber attacks, incorporating AI in cybersecurity practices has become a necessity. With cybersecurity research predicting a whopping annual cost of $10.5 trillion due to cybercrime by 2025, it is imperative for businesses to expeditiously implement AI in their cybersecurity practices.

    However, AI alone cannot completely safeguard against cyber attacks. It must be combined with human expertise and vigilance. With this hybrid AI and human approach, businesses can proactively safeguard against cyber attacks and reduce the likelihood of devastating losses as a result.

    [ad_2]

    Deepak Gupta

    Source link

  • Schools Aren’t Safe From Cyberattacks. Here’s How to Navigate Cybersecurity in the Modern Classroom | Entrepreneur

    Schools Aren’t Safe From Cyberattacks. Here’s How to Navigate Cybersecurity in the Modern Classroom | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Education has always been at the forefront of societal progress, shaping the minds of future generations. In recent years, as we further delve into the modern age, the traditional classroom is undergoing a profound transformation. This digital shift in education has completely changed how we teach and learn, from tablets and interactive whiteboards to online learning environments and virtual reality. This shift, however, is not without difficulties.

    The proliferation of mobile devices and cloud workspaces broadens the attack surface, making it easier for bad actors to access your network. Schools, universities and other educational institutions hold vast amounts of sensitive data, like academic records, student and parent addresses, phone numbers etc.

    This makes them an enticing target for cyber attackers. Reports show that, from June 2022 to May 2023, there have been 190 known ransomware attacks against educational institutes. This is an 84% increase in attacks in the 6 months.

    Apart from the monetary repercussions of such attacks, the danger to a student’s privacy, the damage to these institutes, and their impact on society is genuinely troublesome. For instance, last year, Lincoln College, Illinois, a 157-year-old institution that had survived two great wars, the Spanish flu, the great depression, and the Covid pandemic, became a victim of multiple ransomware attacks and was finally forced to shut down.

    So, the seriousness of cybersecurity in education cannot be understated. Fortunately, cybersecurity training in schools has been gaining steam recently. In March, the governor of North Dakota signed a bill that makes cybersecurity training a mandatory part of the curriculum for K-12 students. However, safeguarding the privacy and securing endpoints and networks while providing an unhindered learning experience is tricky.

    Related: Will Colleges Survive in the Age of AI?

    The balancing act between security, privacy and productivity

    In an increasingly interconnected world, where technology is deeply integrated into education, protecting students, institutions and their data is a prime concern.

    The backbone of any institution’s security lies in its network infrastructure. The network infrastructure of every organization serves as the foundation for its cybersecurity. Strong firewalls, intrusion detection systems, secure network access controls and threat prevention systems are essential components of a secure network. Furthermore, to avoid unauthorized access and data breaches, monitoring the network and fixing any vulnerabilities regularly is essential.

    Along with the network, securing the endpoints is also pivotal as more and more schools provide computers, tablets, or mobile devices in the classroom. Instituting policies that require the use of strong, periodically updated passwords and regularly applying security patches and updates to operating systems are essential to keeping these devices secure. Alternatively, utilizing a Unified Endpoint Management (UEM) solution will provide endpoint security features such as enforcing strict password policies remotely pushing app and OS updates or patches etc.

    Related: Google Is Getting Sued for Collecting Data From Kids’ Educational Chromebooks

    Apart from securing endpoints, when the number of devices keeps increasing, managing them and ensuring they are not misused creates another hurdle. Provisioning all school-owned devices with a UEM allows administrators to hone these devices into focused learning tools. Its app management capabilities help push essential applications to the devices directly from the UEM console without any external user intervention.

    Moreover, any undesirable apps could be blocked or restricted from being installed on the devices. The web content filtering capability does the same with websites, preventing students from visiting unwanted or malicious sites. A UEM supporting multiple operating systems also removes the hassle of using a different solution for each OS.

    Educational institutions will always have a significant quantity of sensitive and personal data. Therefore, it is imperative to protect this data to retain the privacy and confidence of students, parents, and staff. The scariest part is that losing sensitive data, such as student records, can put students or their families at risk of dangerous attacks such as phishing scams or even identity thefts. One way to prevent this is to employ strong data storage procedures and encrypt data at rest and in transit.

    To that extent, deploying a Data Loss Prevention (DLP) solution goes a long way in protecting data privacy. A major element of avoiding breaches of such nature consists of closely monitoring the flow of sensitive data. DLP systems can help these institutes track and protect their data by enforcing preconfigured policies. Additionally, institutions must make it a top priority to comply with data privacy laws like the Family Educational Rights and Privacy Act (FERPA), the General Data Privacy Regulation (GDPR) or other legislations based on your location.

    Related: The How-To: Protect Your Business From A Data Breach

    Finally, no cybersecurity system is foolproof, which is why educational institutions must have a well-defined incident response and disaster recovery plan in place. The effect of a potential cybersecurity incident can be reduced by regularly backing up important data and testing disaster recovery plans, ensuring that the institution can recover quickly and carry on with business as usual. In the event of such an attack, having a cyber insurance policy offers a solution to diminish the fallout. An insurance policy covers the monetary expense in the face of ransomware, data breaches and other cybersecurity dilemmas.

    Promoting a culture of cybersecurity awareness

    A predestined step in constructing a formidable cyber defense is developing a culture of cybersecurity awareness. Strong password usage, recognizing phishing attempts, and preserving personal information are just a few of the safe online habits that may be inculcated through regular training sessions and awareness programs. The changes brought by North Dakota in its curriculum and pedagogy are a palpable example of promoting cybersecurity awareness.

    As educational institutions become more dependent on technology, addressing cybersecurity is not an option—it is a necessity. Schools and colleges move towards a more secure zero trust-based architecture by fostering a culture of cybersecurity awareness, installing secure network architecture, preserving data and privacy, enhancing endpoint security and developing proactive incident response procedures. With cyber scams getting more problematic to identify, going forward with a zero-trust mentality can bolster their security architecture and protect their students and data.

    [ad_2]

    Apu Pavithran

    Source link

  • How to Conduct a Comprehensive Cybersecurity Risk Assessment | Entrepreneur

    How to Conduct a Comprehensive Cybersecurity Risk Assessment | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In today’s digital landscape, cybersecurity has become a critical concern for businesses of all sizes. However, for small and medium-sized businesses (SMBs), the stakes are even higher. Startups often face numerous challenges, with limited budgets being one of the most significant hurdles.

    Nevertheless, ignoring cybersecurity risks can have devastating consequences. In this article, we will delve into the importance of cybersecurity for startups, the challenges they face and the significance of conducting a comprehensive risk assessment.

    Related: A Business Leader’s Beginner Guide to Cybersecurity

    Importance of cybersecurity for startups

    1. Protecting sensitive data: Startups often possess valuable intellectual property, customer data and other sensitive information. A breach could result in significant financial loss, tarnished reputation and potential legal liabilities.

    2. The evolving threat landscape: Cyber threats are continuously evolving, and attackers are increasingly targeting small businesses due to their potential vulnerabilities. Startups cannot afford to be complacent and must stay ahead of emerging threats.

    3. Regulatory compliance: Many startups operate in industries that have strict regulations regarding data protection and privacy. Compliance with these regulations is not only essential for avoiding penalties but also for building trust with customers and investors.

    Challenges faced by startups with limited budgets

    Startups often operate on shoestring budgets, allocating resources primarily to core business operations. This financial constraint poses unique challenges when it comes to implementing robust cybersecurity measures. Here are some challenges commonly faced by startups:

    1. Lack of expertise and resources: Startups may not have dedicated IT or cybersecurity personnel, making it difficult to address the complexities of cybersecurity effectively.

    2. Budget constraints: Allocating funds for cybersecurity tools, technologies and training can be a significant challenge for startups, especially when competing with other essential business expenses.

    3. Lack of awareness and prioritization: Startups may underestimate the importance of cybersecurity or fail to prioritize it amidst the various demands of growing their business.

    Related: 10 Cyber Security Best Practices for Your SMBs

    Understanding risk assessment

    Risk assessment is a systematic process of identifying, analyzing and evaluating potential risks that could impact an organization’s information assets and systems. It provides a framework for understanding the likelihood and potential impact of threats, allowing businesses to prioritize and implement appropriate security measures.

    To conduct an effective risk assessment, startups should focus on the following key components:

    1. Identifying assets and vulnerabilities: Startups must identify and understand their critical assets, including intellectual property, customer data, financial information and operational systems. Concurrently, vulnerabilities within the infrastructure, software and processes should be assessed to determine potential weak points.

    2. Assessing threats and likelihood: Threat assessment involves identifying potential threats and attack vectors that could target the startup’s assets. Researching current cybersecurity threats relevant to startups is crucial to stay informed about the latest attack techniques. Likelihood assessment evaluates the probability of each threat occurrence, considering both internal and external factors that may influence the likelihood.

    3. Determining potential impact: Assessing the potential impact of successful attacks is vital to understand the consequences a startup may face. The impact can be financial, operational or reputational. By considering the severity of each impact, startups can prioritize their risk mitigation efforts accordingly.

    4. Prioritizing risks based on severity: Once risks have been identified, assessed, and their potential impact determined, startups should prioritize them based on severity. This prioritization enables them to allocate their limited resources effectively and address the most critical risks first.

    Conducting a comprehensive risk assessment

    To ensure effective cybersecurity measures, startups need to conduct a comprehensive risk assessment that encompasses asset identification, vulnerability assessment, threat assessment, likelihood assessment and impact assessment. Let’s explore each of these components in more detail:

    1. Asset identification: Startups need to identify their critical data and systems, ensuring a clear understanding of what requires protection. This includes intellectual property, financial data, customer information and operational systems. By evaluating the value of each asset to the startup, appropriate security measures can be implemented.

    2. Vulnerability assessment: To assess vulnerabilities, startups must identify weaknesses in their infrastructure, software and processes. This can involve conducting vulnerability scans, penetration testing and code reviews. By proactively identifying and addressing vulnerabilities, startups can reduce the likelihood of successful attacks.

    3. Threat assessment: Startups should identify potential threats and attack vectors that could exploit their vulnerabilities. Staying informed about the latest cybersecurity threats and attack techniques is essential. By monitoring industry-specific threat intelligence sources and collaborating with cybersecurity experts, startups can enhance their threat assessment capabilities.

    4. Likelihood assessment: Evaluating the probability of each identified threat occurrence is crucial. Startups should consider internal factors such as existing security measures, employee awareness and incident response capabilities. Additionally, external factors like industry-specific trends, geopolitical risks and emerging cyber threats should be taken into account.

    5. Impact assessment: Assessing the potential consequences of successful attacks is vital for startups to understand the potential impact on their business. Financial losses, operational disruptions, damage to reputation and legal liabilities are some of the key considerations. By understanding the potential impact, startups can implement appropriate safeguards and response plans.

    Related: The Key to Securing Your Small Business in Today’s Cyber Landscape

    In an increasingly digital world, small and medium-sized businesses must prioritize cybersecurity to protect their valuable assets, maintain regulatory compliance and build trust with customers and investors. While startups face unique challenges due to limited budgets, a comprehensive risk assessment approach allows them to identify and prioritize their cybersecurity risks effectively. By conducting asset identification, vulnerability and threat assessments, and evaluating likelihood and impact, startups can make informed decisions and implement the necessary measures to safeguard their operations and future growth.

    [ad_2]

    Jim Koohyar Biniyaz

    Source link

  • How Leaders Can Create a Strong Cybersecurity Culture | Entrepreneur

    How Leaders Can Create a Strong Cybersecurity Culture | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In today’s interconnected digital landscape, cybersecurity has become a paramount concern for organizations of all sizes and industries. The increasing frequency and sophistication of cyber attacks highlight the critical need for robust security measures. However, effective cybersecurity goes beyond implementing technical solutions; it requires the establishment of a strong cybersecurity culture within the organization.

    This article delves into the role of leadership in creating a cybersecurity culture and how it fosters awareness and accountability across the organization.

    Related: The Importance of Training: Cybersecurity Awareness like a Human Firewall

    Understanding the elements of a cybersecurity culture

    A cybersecurity culture refers to the collective beliefs, values, attitudes and behaviors within an organization that prioritize and promote the protection of digital assets and information. It encompasses several key components that work together to create a secure environment:

    1. Awareness and education: A cybersecurity culture starts with educating employees about the risks and threats associated with cyber attacks. By raising awareness about the potential consequences of security breaches, leaders can empower employees to make informed decisions and take proactive measures to protect organizational assets.

    2. Accountability and responsibility: Leaders play a pivotal role in instilling a sense of accountability and responsibility among employees regarding cybersecurity. By setting clear expectations, defining roles and responsibilities, and establishing policies and procedures, leaders can ensure that everyone understands their role in safeguarding the organization’s digital assets.

    3. Continuous improvement and learning: Cybersecurity is an ever-evolving field, and organizations must foster a culture of continuous improvement and learning. Leaders should encourage employees to stay updated on the latest security practices, share knowledge and experiences related to cybersecurity incidents and provide opportunities for professional development to enhance their skills.

    4. Integration into organizational processes and practices: A strong cybersecurity culture integrates security considerations into all aspects of the organization. By incorporating cybersecurity into decision-making processes, performance evaluations and rewards systems, leaders can reinforce the importance of security as a core element of the organization’s operations.

    The role of leadership in fostering awareness

    Leadership plays a crucial role in fostering awareness of cybersecurity risks and promoting a proactive approach to mitigating those risks. Here are some key strategies that leaders can employ:

    1. Leading by example: Executives and senior leaders should serve as cybersecurity advocates by demonstrating their commitment to security measures. This includes adhering to best practices, following security protocols and actively engaging in cybersecurity initiatives.

    2. Implementing regular training programs and workshops: Leaders should establish comprehensive training programs and workshops to educate employees about cybersecurity threats, best practices and the organization’s policies and procedures. These initiatives should be ongoing to ensure that employees stay updated on emerging threats and security measures.

    3. Communicating the importance of cybersecurity: Leaders should effectively communicate the significance of cybersecurity to all employees, emphasizing the potential risks and consequences of security breaches. Regular communication through various channels such as meetings, newsletters and intranet updates can reinforce the importance of cybersecurity as a shared responsibility.

    4. Encouraging a proactive approach: Leaders should encourage employees to be vigilant and proactive in identifying and reporting potential security threats. Creating a culture where employees feel empowered to report suspicious activities or vulnerabilities fosters a sense of collective responsibility toward cybersecurity.

    Related: 3 Ways to Make Employees Your Best Cybercrime Fighters

    The role of leadership in fostering accountability and responsibility

    Leadership plays a critical role in instilling accountability and responsibility for cybersecurity practices throughout the organization. Here are some effective strategies:

    1. Setting clear expectations and standards: Leaders should establish clear expectations and standards regarding cybersecurity practices. This includes defining acceptable use policies, password protocols and guidelines for handling sensitive information. Clear communication and documentation of these standards ensure that employees understand their responsibilities.

    2. Establishing policies and procedures: Leaders should work with IT and security teams to develop comprehensive policies and procedures that outline the organization’s approach to cybersecurity. These documents should cover areas such as data protection, incident response, access control and employee training. Regularly reviewing and updating these policies ensures that they remain aligned with evolving threats and industry best practices.

    3. Assigning roles and responsibilities: Leaders should assign specific roles and responsibilities to individuals or teams responsible for managing and overseeing cybersecurity initiatives. This ensures accountability and provides a clear framework for addressing security issues, incident response and continuous improvement.

    4. Implementing monitoring and reporting mechanisms: Leaders should establish mechanisms to monitor and track compliance with cybersecurity policies and procedures. This can include implementing security controls, conducting regular audits and assessments and utilizing technologies for threat detection and prevention. Transparent reporting mechanisms enable leaders to identify vulnerabilities and take proactive measures to address them.

    Continuous improvement and learning

    A key aspect of a cybersecurity culture is a commitment to continuous improvement and learning. Leaders can foster this culture by implementing the following strategies:

    1. Promoting ongoing learning: Leaders should encourage employees to stay updated on the latest trends, threats and best practices in cybersecurity. This can be achieved through providing access to relevant resources, organizing training sessions and webinars, and encouraging participation in industry conferences and events.

    2. Sharing knowledge and experiences: Creating opportunities for employees to share their knowledge and experiences related to cybersecurity incidents fosters a collective learning environment. This can be done through regular team meetings, knowledge-sharing platforms or dedicated forums where employees can discuss and learn from real-life security incidents.

    3. Conducting regular assessments and audits: Leaders should conduct regular assessments and audits to identify areas for improvement in the organization’s cybersecurity practices. This includes vulnerability assessments, penetration testing and audits of security controls. The findings from these assessments should be used to drive enhancements and strengthen the organization’s security posture.

    4. Investing in professional development: Leaders should invest in the professional development of employees to enhance their cybersecurity skills and knowledge. This can be achieved through certifications, specialized training programs and opportunities for cross-functional collaboration. By equipping employees with the necessary skills, leaders empower them to contribute to the organization’s cybersecurity efforts.

    Related: 50 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity

    Integrating cybersecurity into organizational processes and practices

    To create a robust cybersecurity culture, leaders must integrate security considerations into all organizational processes and practices. Here are some effective approaches:

    1. Incorporating cybersecurity into decision-making: Leaders should ensure that cybersecurity is considered in all strategic and operational decision-making processes. This includes evaluating the security implications of adopting new technologies, selecting vendors and defining the organization’s risk tolerance. By making security a core element of decision-making, leaders ensure that it becomes ingrained in the organization’s DNA.

    2. Including cybersecurity in performance evaluations and rewards: Leaders should incorporate cybersecurity performance metrics into employee evaluations and rewards systems. Recognizing and rewarding individuals and teams who demonstrate exemplary security practices and contribute to the organization’s security goals reinforces the importance of cybersecurity and motivates employees to prioritize it.

    3. Collaborating with IT and security teams: Effective leadership requires collaboration between leaders and IT/security teams. By working closely with these teams, leaders can ensure that security measures align with business objectives, provide the necessary resources and support, and establish effective communication channels to address security-related concerns.

    4. Developing incident response plans: Leaders should work with IT and security teams to develop robust incident response plans that outline procedures for detecting, containing and recovering from cybersecurity incidents. Conducting regular drills and simulations helps identify gaps and ensures that the organization is prepared to respond effectively to security breaches.

    Creating a cybersecurity culture is a shared responsibility that requires effective leadership. By fostering awareness and accountability across the organization, leaders play a crucial role in protecting the organization’s digital assets and maintaining trust. Through strategies such as promoting awareness, instilling accountability, encouraging continuous learning, and integrating cybersecurity into organizational processes, leaders can build a strong cybersecurity culture that permeates every level of the organization.

    Leaders must lead by example, demonstrating their commitment to cybersecurity through their actions and behaviors. By implementing regular training programs and workshops, leaders ensure that employees are equipped with the knowledge and skills to mitigate cyber threats. Effective communication about the importance of cybersecurity helps create a shared understanding of its significance and encourages employees to be proactive in identifying and reporting potential risks.

    Accountability and responsibility are key elements of a strong cybersecurity culture. Leaders should set clear expectations and standards for cybersecurity practices, establish policies and procedures, and assign roles and responsibilities to ensure that everyone understands their part in protecting the organization’s digital assets. Regular monitoring and reporting mechanisms help track compliance and identify areas for improvement.

    Continuous improvement and learning are vital to staying ahead of evolving cyber threats. Leaders should promote a culture of ongoing learning, providing employees with opportunities to stay updated on the latest security practices and encouraging knowledge sharing. Regular assessments and audits help identify vulnerabilities and drive enhancements, while investing in professional development empowers employees to contribute to the organization’s cybersecurity efforts.

    Integrating cybersecurity into organizational processes and practices is essential for embedding it into the organization’s DNA. By considering security implications in decision-making processes, including it in performance evaluations and rewards systems, collaborating with IT and security teams, and developing robust incident response plans, leaders ensure that cybersecurity becomes an integral part of the organization’s operations.

    In conclusion, the role of leadership in creating a cybersecurity culture cannot be overstated. By fostering awareness and accountability, leaders set the foundation for a secure environment. Through continuous improvement, learning and integration into organizational processes, leaders establish a culture where cybersecurity is prioritized at every level. With effective leadership, organizations can build resilience, protect their digital assets and maintain the trust of customers, employees and stakeholders in an increasingly interconnected world.

    [ad_2]

    Jim Koohyar Biniyaz

    Source link

  • As Beijing’s intelligence capabilities grow, spying becomes an increasing flashpoint in US-China ties | CNN

    As Beijing’s intelligence capabilities grow, spying becomes an increasing flashpoint in US-China ties | CNN

    [ad_1]


    Hong Kong
    CNN
     — 

    For the second time this year, concerns of Chinese spying on the United States have cast a shadow over a planned visit to China by the US’ top diplomat as the two superpowers try to improve fractured ties while keeping a watchful eye on each other.

    US Secretary of State Antony Blinken is expected to land in Beijing over the weekend following the postponement of his earlier trip planned for February after a Chinese surveillance balloon meandered across the continental US, hovering over sensitive military sites before being shot down by an American fighter plane.

    But with Blinken poised to make a trip seen as a key step to mend fractured US-China communications, another espionage controversy has flared in recent days following media reports that China had reached a deal to build a spy perch on the island of Cuba.

    Beijing has said it wasn’t “aware” of the situation, while the White House said the reports were not accurate – with Blinken earlier this week saying China upgraded its spying facilities there in 2019.

    The situation is just the latest in a string of allegations of spying between the two in recent months. They underscore how intelligence gathering – an activity meant to go on without detection, out of the public eye – is becoming an increasingly prominent flashpoint in the US-China relationship.

    CIA Director Bill Burns secretly traveled to China in May to meet counterparts and emphasize the importance of maintaining open lines of communication in intelligence channels, CNN reported earlier this month.

    “Crisis communications are arguably in their worst state since 1979. This puts a premium on both countries’ ability to gather intelligence to understand each other’s capabilities, actions, and strategic intent around the globe,” said Lyle Morris, a senior fellow at the Asia Society Policy Institute’s Center for China Analysis.

    That pushes intelligence gathering itself to become “another factor that is complicating US-China relations,” he said.

    That’s especially the case, experts say, as China continues to expand its own intelligence gathering capabilities – catching up in an area where the US has traditionally had an edge.

    “It’s fair to say that we’ve been spying on each other at various scales for a long time,” said former Central Intelligence Agency (CIA) China analyst Christopher Johnson.

    “No doubt there’s been an uptick from both sides, but probably more so on the Chinese side, simply because they’ve gotten larger, more influential, richer, and therefore have more resources to devote than they did in the past,” said Johnson, who is now president of the China Strategies Group consultancy.

    Chinese leader Xi Jinping has also pursued a far more assertive foreign policy than his predecessors during his past decade in power.

    That’s been accompanied by “a consistent emphasis on enhancing intelligence capabilities, modernizing technology, and improving coordination among different security agencies,” according to Xuezhi Guo, a professor of political science at Guilford College in the US.

    China’s main intelligence activities fall under departments within the People’s Liberation Army and its vast civilian agency known as the Ministry of State Security (MSS). Other arms of the Communist Party apparatus also play a role in activities beyond conventional intelligence gathering, experts say.

    The MSS, established in 1983, oversees intelligence and counterintelligence both within China and overseas. Its remit has encouraged analogies to a combined CIA and Federal Bureau of Intelligence. But the sprawling Beijing-headquartered MSS is even more secretive – without even a public website describing its activities.

    The agency is “expected to play an even more significant role in China’s domestic and international security and stability” in the coming years, amid mounting challenges at home and abroad, Guo said.

    In the context of both China’s growing clout and geopolitical frictions, experts say it’s no surprise Beijing is allegedly seeking to establish or expand surveillance facilities in Cuba – or other places around the world – with the US as a key target, but not the only one.

    Meanwhile, intelligence gathering in China has become harder.

    Xi has consolidated his power and become increasingly focused on security – including building out the state’s ability to monitor its citizens, both online and through China’s extensive surveillance infrastructure.

    “The task of collecting intelligence in China is arguably harder than ever and yet more necessary than ever,” said Johnson, the former analyst, pointing to challenges of gaining insight into the government under the centralized leadership of Xi, who maintains a “very small circle of knowledge or trust.”

    China’s building of a domestic “surveillance panopticon” has also enabled its counter-intelligence, according to Johnson.

    US intelligence has difficulties having operational meetings or “going black” (dodging surveillance) within China, he said, especially during the Covid-19 pandemic when movement was tightly controlled and even more digitally monitored than usual.

    CIA operations also suffered a staggering setback starting in 2010, according to The New York Times, when the Chinese government killed or imprisoned more than a dozen sources over two years.

    In 2021, CNN reported that the agency was overhauling how it trains and manages its network of spies as part of a broad transition to focus more closely on adversaries like China and Russia.

    A tower of security cameras near Shanghai's Lujiazui financial district in May.

    This contrasts with what some US lawmakers and commentators believe has been a too relaxed approach to national security with regards to China, where even private businesses are beholden to the ruling Communist Party, which also seeks to keep tabs on its citizens overseas.

    Experts have also warned about the overlap between espionage efforts and operations like those of China’s United Front – a sprawling network of groups that manage the party’s relationship with non-party industries, organizations and individuals around the world.

    Heightened concern and awareness about Chinese intelligence gathering – or the potential for it – has exploded in the US in recent years.

    That’s played out in debates about the use of Chinese telecoms equipment and social media platforms – think Huawei and TikTok – as well as in government efforts to prosecute economic espionage cases and prevent any influence campaigns from impacting American democracy.

    Beijing has said repeatedly that it does not interfere in the “internal affairs” of other countries. Both Huawei and Tiktok have repeatedly denied that their products present a national security risk or would be accessed by the Chinese government.

    In the US, there’s also been concern about over-hyping the threat and sparking anti-Chinese sentiment.

    The US Justice Department last year ended its 3-year-old China Initiative, a national security program largely focused on thwarting technology theft, including in academia, after a string of cases were dismissed amid concerns of fueling suspicion and bias against Chinese Americans.

    US intellectual property had long been a traditional target of Chinese espionage.

    A survey of 224 reported instances of Chinese espionage directed at the United States since 2000, conducted using open source data by the Center for Strategic and International Studies (CSIS) think tank in Washington, found nearly half involved cyber-espionage, while over half were seeking to acquire commercial technologies.

    Beijing appears to be increasingly pushing back on what it sees as a double standard – as the US’ international surveillance efforts have also been well-documented.

    The 2013 leak produced by former National Security Agency contractor Edward Snowden, for example, revealed Washington’s vast global digital surveillance capabilities, against both rivals and allies alike. Meanwhile, the US intelligence community is widely understood to have its own overseas facilities for collecting signals intelligence.

    Last month, Beijing released a report from a national cybersecurity agency titled “‘Empire of Hacking’: The US Central Intelligence Agency.” It accused the US of promoting the internet in the 1980s in order to further its intelligence agencies’ efforts to launch “Color Revolutions” and overthrow governments abroad.

    “The organizations, enterprises and individuals that use the Internet equipment and software products of the USA have been used as the puppet ‘agents’ by CIA, helping it to be a ‘shining star’ in global cyber espionage wars,” the report also claimed.

    China’s own internet is heavily censored with access limited by a “Great Firewall” – part of its extensive efforts to control the flow of information alongside its extensive digital surveillance of its own population.

    China’s Foreign Ministry last month again pointed its finger at the US after Washington released a warning alleging that a Chinese state-sponsored hacker had infiltrated networks across US critical infrastructure sectors.

    Earlier this month, the ministry also slammed the US for sending what it said were more than 800 flights of large reconnaissance aircraft “to spy on China” last year – though no assertion was made of crossing into Chinese airspace.

    The comment came after each country’s military accused the other of misbehavior after a Chinese fighter jet intercepted a US spy plane in international airspace over the South China Sea.

    TikTok CEO Shou Zi Chew testifies at a House Energy and Commerce Committee hearing on Capitol Hill in Washington, DC on Thursday, March 23, 2023.

    Experts say this rhetorical back-and-forth over each other’s clandestine activities is likely only to continue as US-China competition drives both to ramp up their intelligence gathering – and China continues to expand its own prowess, including through technological advancements such as satellite networks, surveillance balloons and data processing.

    “China increasingly has capabilities (that the US has been known for) … this is moving from a one way street historically to a two-way street,” said John Delury, author of “Agents of Subversion: The Fate of John T. Downey and the CIA’s Covert War in China.”

    He pointed to how China had long been subject to US offshore surveillance and – prior to the restoration of diplomatic relations in the 1970s – direct aerial surveillance.

    “There’s a psychological dimension to this as well,” Delury added, noting that the spy balloon incident earlier this year brought this to the fore – giving Americans the unnerving sense that China “can do this to us now, they have technical capabilities and can look at us.”

    Meanwhile, there’s much at stake in how well the two governments can repair official communication – seen as a key element of Blinken’s expected visit on Sunday and Monday.

    “When there’s less communication, the two intelligence communities inside the two governments have to do more and more guesswork,” said Delury. “Then there’s a lot more room for faulty assumptions.”

    [ad_2]

    Source link

  • Why In-Office Work Is The Real Threat to Cybersecurity | Entrepreneur

    Why In-Office Work Is The Real Threat to Cybersecurity | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Imagine a home filled with sophisticated locks, CCTV cameras, and a state-of-the-art security system. Yet, the owner leaves the back door wide open. This is precisely what’s happening in the world of corporate cybersecurity. As organizations fret over the potential risks of remote work, new research suggests the real dangers lurk within the office itself. That finding from a groundbreaking study from the Farmer School of Business at Miami University is definitely a surprise to me and my clients who I help transition to hybrid and remote work, and it will inform some valuable conversations going forward.

    The unexpected benefits of remote work on cybersecurity

    The Farmer School of Business researchers discovered that remote workers exhibit a higher level of cybersecurity awareness and take more security-related precautions than their in-office counterparts (forthcoming in the July issue of Computers & Security). That’s right — working from home might actually make employees more vigilant when it comes to cybersecurity. In my emailed interview with the author Joseph K. Nwankpa, he told me “When we surveyed remote workers, we expected the results to reveal cybersecurity complacency, but surprisingly, the survey revealed remote cyber vigilance.”

    This surprising outcome can be attributed to the so-called “Peltzman Effect” and the complacency framework, which the study draws upon to explore how remote working may trigger a moral hazard regarding employee cybersecurity awareness and security-based precaution-taking. Remote employees tend to feel a heightened sense of responsibility for their own cybersecurity, while office workers often become complacent, trusting their companies to handle cyber threats on their behalf.

    Related: Employers: Hybrid Work is Not The Problem — Your Guidelines Are. Here’s Why and How to Fix Them.

    Complacency: The Achilles’ heel of office workers

    Imagine being on a cruise ship with an impeccable safety record. You might feel so secure that you skip the safety drill and neglect to learn the location of the lifeboats. This is the complacency effect in action. Office workers, surrounded by the perceived safety of their company’s cybersecurity measures, may be less likely to follow best practices and take necessary precautions.

    The study cites prior research that reveals how employees working within the corporate office and boundaries trust their firms to develop, maintain and update security countermeasures to mitigate cybersecurity threats and risks. As a result, these employees are not apt or mindful of security threats and concerns, leading to constrained cybersecurity awareness.

    On the other hand, remote workers, like sailors navigating stormy seas, understand that they must be constantly vigilant. This heightened awareness leads them to take more security-based precautions, ultimately keeping their company’s digital assets safer.

    Indeed, the human element of security is enhanced through a switch to remote work. Thus, Nwankpa stated “Our study found that working from the office within corporate firewalls and security boundaries induced employees to exhibit risky cybersecurity behavior, such as diminished cybersecurity awareness and precaution-taking. However, switching to remote work made employees feel insecure, leading to heightened cybersecurity awareness and cybersecurity precautionary measures.”

    The pivotal role of information security policy compliance

    The study also found that information security policy compliance played a significant role in remote workers’ heightened cybersecurity awareness. This suggests that companies must prioritize and enforce their security policies to ensure that all employees, whether in the office or at home, are adequately prepared to handle cyber threats.

    The research model used in the study examined the impact of remote working on security-based precaution-taking and the role of cybersecurity awareness in the relationship between remote working and security-based precaution-taking. The data collected from 203 remote workers across the U.S. provided strong support for the research model, indicating that remote working is positively associated with cybersecurity awareness and security-based precaution-taking.

    Furthermore, the study reveals that as remote workers gain cybersecurity awareness, they are more likely to apply security-based precaution measures. This reinforces the idea that fostering cybersecurity awareness among remote workers can lead to better protection of organizational information assets against threats.

    Related: Why Cybersecurity Needs to be Prioritised as Small Businesses Face the Cost-of-Living Crisis

    Remote Work: A potential solution to cybersecurity woes

    Contrary to popular belief, the findings of this study demonstrate that remote work can actually improve cybersecurity. Companies can leverage this knowledge to their advantage, promoting remote work arrangements and fostering a culture of vigilance and cybersecurity responsibility among their employees.

    One way to achieve this is by understanding the relationship between cybersecurity awareness and security-based precaution-taking. By focusing on this relationship, organizations can clarify how and when remote working can create positive cybersecurity behavior among end-users, as suggested by the study.

    Organizations should not shy away from embracing remote work arrangements, as the study reveals that these can lead to better cybersecurity outcomes. By fostering a culture of trust, personal responsibility, and cybersecurity awareness among remote employees, companies can empower their workforce to take the necessary precautions and maintain a high level of vigilance, ultimately leading to a more secure digital environment.

    The importance of training and employee engagement

    To further enhance cybersecurity in a remote work setting, organizations should invest in comprehensive training programs that cover both technical and behavioral aspects of cybersecurity. By making employees aware of the potential threats and risks, as well as providing them with the tools and knowledge needed to protect themselves and the company, businesses can significantly reduce their vulnerability to cyberattacks.

    In addition, organizations should actively engage their remote employees and encourage open communication about cybersecurity issues. By involving employees in the decision-making process and addressing their concerns, companies can create a sense of ownership and shared responsibility for the organization’s cybersecurity.

    Reevaluating Cybersecurity Strategies for a Hybrid Workforce

    As the business world moves towards a more hybrid workforce, with a mix of office-based and remote employees, it is crucial for organizations to reevaluate their cybersecurity strategies. Companies must consider the unique challenges and opportunities presented by remote work and adapt their policies and practices accordingly.

    This may involve updating security protocols, implementing new technologies, and rethinking the traditional office-centric approach to cybersecurity. By embracing the unexpected benefits of remote work and adapting to the evolving digital landscape, organizations can create a more secure and resilient future.

    The groundbreaking study from the Farmer School of Business at Miami University opens the door for further research into the distinctions between remote and office work and their implications on cybersecurity. Future research could explore how different remote work arrangements, such as hybrid models or fully remote workforces, may impact cybersecurity awareness and precaution-taking behavior among employees.

    Moreover, researchers could investigate the role of various factors, such as organizational culture, leadership, and technology, in shaping employees’ cybersecurity behavior in both remote and office environments. This would provide valuable insights to help organizations develop more effective strategies for managing cybersecurity in an increasingly connected and remote world.

    Related: Cybersecurity Practices That Protect Your Small Business

    Cognitive Biases and their Impact on Cybersecurity

    Cognitive biases can significantly influence how employees perceive and respond to cybersecurity threats, both in remote and office settings. By understanding the impact of these biases, organizations can tailor their cybersecurity strategies to address these psychological factors and promote more effective security behaviors among their workforce. Let’s explore two specific cognitive biases that may impact cybersecurity in the context of remote work and office environments: the status quo bias and the optimism bias.

    The status quo bias refers to the tendency for people to prefer maintaining their current state or situation, even when change could potentially bring about benefits or improvements. In the context of cybersecurity, employees working in a corporate office environment may be more prone to the status quo bias, as they might assume that their organization’s existing security measures are sufficient to protect them from cyberthreats.

    This complacency can lead to a lack of personal responsibility and a decreased likelihood of adopting new security behaviors or updating existing practices. The Farmer School of Business study highlights this issue, revealing that employees working in corporate offices often trust their organizations to handle cybersecurity threats and, as a result, may neglect their own role in safeguarding company data and assets.

    To counteract the status quo bias, organizations should continuously emphasize the evolving nature of cyber threats and the importance of individual responsibility in maintaining security. Encouraging employees to stay updated on the latest security best practices and providing regular training on new threats can help keep cybersecurity at the forefront of their minds and reduce the impact of the status quo bias.

    The optimism bias refers to the inclination of individuals to underestimate the likelihood of negative events occurring, while overestimating the probability of positive outcomes. In the context of remote work and cybersecurity, the optimism bias may manifest as office-based employees believing that they are less likely to fall victim to cyberattacks than their remote counterparts.

    This overconfidence may lead office-based workers to overlook potential security risks and neglect precautionary measures, such as adhering to company security policies. The Farmer School of Business study supports this assumption by showing that remote workers are more likely to have a higher level of cybersecurity awareness and take more security-related precautions than those working in an office.

    To mitigate the effects of optimism bias, organizations should provide remote employees with clear and realistic information about the cybersecurity risks associated with remote work. Sharing real-life examples of cyberattacks targeting office-based as well as remote workers and emphasizing the importance of personal responsibility can help raise awareness and encourage employees to be more vigilant.

    Conclusion

    The study from the Farmer School of Business at Miami University serves as a wake-up call for organizations to rethink their approach to cybersecurity in the age of remote work. By embracing the benefits of remote work, fostering a culture of cybersecurity awareness, and adapting their strategies to the evolving digital landscape, companies can ensure the protection of their valuable digital assets and navigate the treacherous waters of the cyber world with confidence.

    [ad_2]

    Gleb Tsipursky

    Source link

  • Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur

    Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Here’s a sobering truth: 95% of cyberattacks can be traced to human errors. The more employees you have, the greater your risk of being a cybercrime victim. We all imagine legions of hackers trying to tear through our firewalls, and yes, occasionally, some will make it through. But the much-more-common truth is that unsuspecting employees inadvertently grant those cybercriminals access to corporate systems and data, or they are influenced by these hackers to perform questionable (or even illegal) actions.

    Even worse are the willful fraudulent actions of the humans sitting between the keyboard and the chair. Some employees themselves try to cheat the system by changing amounts, bank account details, or other data to benefit their personal financial situation. Then, there are other outside humans up to no good, such as when a supplier or partner sends fake or altered documents to the company, such as vendor invoices with fake bank account details or wrong amounts.

    None of these occurrences are an indictment of company leaders, security practices or judgment. They just highlight that technology alone can’t stop every cyberattack. The key to maximizing protection and minimizing exposure to these attacks is to combine technology with the human touch.

    Related: Cybercrime Will Cost The World $8 Trillion This Year — Your Money is in Danger. Here’s Why Prioritizing Cybersecurity is Crucial to Mitigate Risk.

    1. Secure data starts and ends with humans

    Many cyberattacks succeed due to simple but preventable human error or improper reaction to a scam. For example, an employee might reveal usernames and passwords after clicking on a link in a phishing email. They might open an email attachment that unknowingly installs ransomware or other equally destructive malware on the corporate network. Or they might simply choose easily guessed passwords. These are just a few examples that can allow cyber thieves to attack.

    To minimize human error-related risks, consider implementing the following measures to ensure your business stays well-protected.

    • Strengthen employee awareness and training: Arrange periodic training on cybersecurity best practices, recognizing phishing emails, avoiding social engineering attacks, and understanding the importance of secure data handling. In 2022, around 10% of cyberattack attempts were thwarted because employees reported them, but they can only report such attempts if they recognize them.
    • Build a culture of security: Make sure everyone in their role is actively protecting company assets by promoting open communication about security issues, recognizing employees who demonstrate sound security practices, and incorporating security into performance evaluations.
    • Employ stricter access controls: Access controls limit who can view or change sensitive company data and systems. Applying the “principle of least privilege” access controls and educating employees on the risks of account sharing can limit unauthorized accesses and data leaks.
    • Use password managers: Strong passwords are difficult to crack but challenging to remember. Password manager software can create and store difficult-to-guess passwords without users having to “write them down.”
    • Enable multifactor authentication (MFA): MFA adds an extra layer of security by requiring an additional verification method — such as a fingerprint or a one-time code — just in case a bad actor does snitch an employee’s password.
    • Implement fraud detection processes for incoming documents: These processes attempt to identify fraudulent documents (like fake invoices) on receipt before they can be processed.

    2. Reduce exposure to cyberattacks and fraud with technology and automation

    While lack of awareness, training, recognition and processes account for the success of most cyberattacks, you still need technology barriers to try and keep determined hackers out of your systems. Finance and accounting offices are top targets for cyberattacks and fraudsters, so the accounts payable (AP) systems are a prime target if they do get in.

    In fact, 74% of companies experience attempted or actual payment fraud. Accounts payable fraud exploits AP systems and the associated data and documents with mischief like:

    • Creating fake vendor accounts and fake invoices for them.
    • Altering payment amounts, banking details or dates on valid invoices.
    • Tampering with checks.
    • Making fraudulent expense reimbursement.

    Related: What Is Phishing? Here’s How to Protect Against Attacks.

    3. Keeping the bad guys out

    Of course, you’ll want your IT department to use technology to thwart unauthorized attempts to access the network and systems in the first place. Besides the venerable firewall, some trusty systems include:

    • Intrusion Detection and Prevention System (IDPS) monitors network traffic for malicious activities or policy violations and can automatically take action to block or report these activities.
    • Artificial Intelligence (AI) plays a significant role in cybersecurity by using machine learning algorithms to analyze volumes of data, identify patterns, and make predictions about potential threats. It can identify attack vectors and respond to cyber threats quickly and efficiently that humans can’t match.
    • Data Encryption ensures that only authorized parties with the correct decryption key can access a file’s content, protecting sensitive data at rest (stored on devices) and in transit (across networks).

    4. Protecting against fraud from the inside

    Whether a cybercriminal slips through all those barriers or an unscrupulous employee is bent on committing AP fraud, various types of automation can detect and prevent the cyber attack from succeeding.

    • Automated monitoring of employee activities: This can help identify suspicious behavior and potential security risks. The software tracks user activity, analyzes logs for signs of unauthorized access, and regularly audits user access rights. Of course, employees should know they are being monitored and to what extent.
    • Automating the payment process end-to-end on a single platform: It takes human error (and human scruples) out of the equation, except when there’s an exception. Encrypted receipt/intake of electronic invoices from suppliers, automated matching of invoices to orders, and electronic payments —all without human intervention — are examples of how automation removes the opportunity (and temptation) to commit AP fraud.
    • Document-level change detection takes this protection one step further: This automated technology can detect when a sneaky cyberthief with access to the underlying systems makes unauthorized access attempts, modifications, or deletions to sensitive documents, including orders, invoices, and payment authorizations. These tools alert administrators and provide detailed audit trails of document activity, helping detect and prevent AP fraud, whether it comes from outside or inside.
    • Detection of unusual data patterns: Alert AP staff to take a further look before allowing the invoice to be processed and paid. Using machine learning and AI, automated systems can compare data with historical data, flagging suspicious changes in bank details, vendor’s legal name, and address as well as unusual payment amounts.

    Related: How AI and Machine Learning Are Improving Fraud Detection in Fintech

    It’s almost impossible to protect yourself entirely against cyber theft and AP fraud, especially when most of the vulnerabilities and culpabilities are human. You must focus your security efforts on the perfect balance between state-of-the-art technology and the humans between the keyboard and the chair. Proper and continuous training can reduce the human errors that allow cyberattacks to succeed. And technology and automation can help prevent attacks from reaching people in the first place. But the right combination of the two, though, is the key to defeating would-be fraudsters.

    [ad_2]

    Francois Lacas

    Source link

  • How to Secure Your Small Business in Today’s Cyber Landscape | Entrepreneur

    How to Secure Your Small Business in Today’s Cyber Landscape | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In today’s digital age, small businesses face an ever-evolving threat from cybercriminals. And while many entrepreneurs believe their company is too small to be targeted, the reality is that no business is immune to attack. That’s why it’s crucial for small business owners to implement effective security measures such as Attack Surface Management (ASM) or Cyber Exposure Management to safeguard their assets and customer data from cyber threats.

    In this article, we’ll explore what ASM is, its importance in today’s cyber landscape, best practices for implementation and what the future holds for this critical aspect of cybersecurity. So buckle up, and let’s dive into the world of ASM!

    Related: Cybersecurity Practices That Protect Your Small Business

    What is attack surface management?

    Attack surface management (ASM) is an essential cybersecurity concept that refers to the process of identifying and managing all points or areas in a system, network or application where an attacker could exploit vulnerabilities. The goal of ASM is to reduce the attack surface by minimizing potential entry points for cyber threats.

    ASM involves assessing, monitoring and controlling security risks associated with various components such as hardware devices, software applications, databases, APIs and even human factors such as social engineering. It requires businesses to identify their digital assets, understand how they are connected with each other and assess their exposure to potential threats.

    Effective ASM entails continuous risk assessment through vulnerability scans and penetration testing activities to ensure that your organization’s security posture remains robust against emerging threats. By adopting proactive ASM measures like patch management, access controls implementation and user education programs, small businesses can secure themselves against malicious actors who seek unauthorized access into sensitive data.

    Attack surface management is a critical aspect of cybersecurity that every business should take seriously if they want to remain protected in today’s constantly evolving threat landscape.

    Understanding the cyber landscape

    In today’s digital age, the cyber landscape is constantly evolving and becoming increasingly complex. With the proliferation of technology comes a greater risk of cyber threats, making it essential for businesses to have a strong understanding of this environment.

    One aspect of the cyber landscape that small business owners should be aware of is the variety and sophistication of attacks. Cybercriminals are continually developing new methods to breach security measures and access sensitive information. From phishing scams to malware attacks, businesses face a multitude of potential threats.

    Another key factor in understanding the cyber landscape is recognizing that no organization is immune from attack. Small businesses may assume they are not at risk because they do not hold as much data or financial resources as larger corporations. However, any business can be targeted by attackers seeking to exploit vulnerabilities in their systems.

    It’s also important for small business owners to understand that cybersecurity requires ongoing vigilance and attention. Implementing security measures once does not guarantee protection over time since attackers will continue searching for ways into your system.

    Keeping up with industry developments regarding cybersecurity risks can help keep your company safe against continuously changing threat landscapes.

    In summary, understanding the complexities within an ever-changing cyberspace environment helps small business owners recognize emerging threats early on while implementing proactive steps towards addressing them before impact occurs.

    Related: What Small Business Owners Need to Know About Cybersecurity

    Importance of attack surface management in small businesses

    Small businesses are often the target of cyber attacks because they usually have limited security measures in place. Attackers find it easier to breach their systems, steal sensitive information and cause significant damage. This is where attack surface management comes into play.

    By implementing effective attack surface management practices, small businesses can identify potential vulnerabilities and take necessary actions to mitigate them before attackers exploit them. It involves analyzing all the possible ways that an attacker could gain access to a company’s resources or data and putting measures in place to reduce these risks.

    Attack surface management helps small businesses stay ahead of emerging threats by continuously monitoring their systems for any potential weaknesses or gaps in their security posture. It also assists them in identifying outdated software, misconfigured devices, unsecured endpoints and other areas that pose a threat.

    Small business owners must prioritize attack surface management as part of their cybersecurity strategy. By doing so, they can minimize the risk of cyber attacks and protect themselves from financial losses, reputational damage and legal liabilities that come with such incidents.

    Best practices for attack surface management

    To effectively secure your small business, it is crucial to implement attack surface management practices. Consider these best practices:

    Firstly, regularly perform vulnerability scans and penetration testing to identify potential weaknesses in your systems and networks. By doing so, you can proactively stay ahead of potential attackers. This action can be automated by implementing an Attack Surface Management or Cyber Exposure Management product.

    Secondly, restrict employee access to sensitive information, and implement a robust password policy across all accounts.

    Thirdly, ensure that all software is up-to-date with the latest security patches and updates. Outdated software can create vulnerabilities that cybercriminals can exploit.

    Fourthly, implement two-factor authentication wherever possible, which provides an extra layer of security beyond just passwords.

    It’s also essential to educate your employees on cybersecurity best practices such as avoiding suspicious emails or links and avoiding public Wi-Fi networks. Doing so can reduce the risk of attacks.

    By implementing these best practices for attack surface management in your small business, you can significantly reduce the risk of cyber attacks and keep sensitive data safe from harm.

    Related: How to Protect Your Small Business From Cyber Attacks Right Now

    Future of attack surface management

    The future of attack surface management (ASM) is quickly evolving as technology continues to advance and cyber threats become more sophisticated. To keep up with these changes, businesses need to adapt their strategies for identifying and mitigating risks.

    One major trend in the future of ASM is automation. As attacks become more complex, automated tools can help identify vulnerabilities and reduce the time it takes to remediate them. This will allow businesses to stay ahead of potential breaches while minimizing disruption to day-to-day operations.

    Another important aspect of ASM’s future is a focus on risk assessment. With so many different types of devices connected to networks, it’s essential that companies have an accurate understanding of their overall security posture. Risk assessments help organizations prioritize which areas they should address first and allocate resources accordingly.

    The rise of cloud computing has introduced new challenges for ASM. Businesses must ensure that all aspects of their cloud infrastructure are secure — from public-facing applications down to backend systems controlling access rights or storage permissions.

    As the threat landscape continues to evolve at lightning speed, those companies that invest in the latest ASM technologies and practices will be best positioned for long-term success in securing their business against cyber attacks.

    As technology continues to evolve rapidly, so will the cyber landscape. Small business owners should stay informed about new threats and solutions that arise to keep up with these changes. It is crucial for them to invest time and resources in securing their business from potential cyber attacks.

    The importance of attack surface management cannot be overstated as it provides a robust defense system against various types of malicious activities carried out over the internet. By adopting these best practices mentioned above, you can ensure your company stays protected from any potential harm posed by hackers or other malicious actors online.

    [ad_2]

    Jim Koohyar Biniyaz

    Source link

  • Hackers Target Hospitals, Disrupt Ability To Offer Patient Care | Entrepreneur

    Hackers Target Hospitals, Disrupt Ability To Offer Patient Care | Entrepreneur

    [ad_1]

    Hospitals have become an increasingly common target for cybercriminals in recent years, and the aftermath can be costly and life-threatening for patients.

    Annual ransomware attacks on hospitals more than doubled from 2016 to 2021, according to a new report published on the JAMA Network. The number of incidences jumped from 43 in 2016 to 91 in 2021. Of the targeted hospitals, 44% said their ability to deliver healthcare was impacted by the breach.

    John Riggi, a senior adviser for cybersecurity and risk at the American Hospital Association, wrote in a report that “a ransomware attack on a hospital crosses the line from an economic crime to a threat-to-life crime.”

    “Not only are cybercriminals more organized than they were in the past, they are often more skilled and sophisticated,” he wrote.

    One affected hospital, Johnson Memorial Health in Franklin, Indiana was targeted by the ransomware group “Hive,” and the hackers demanded $3 million in Bitcoin in October 2021, NPR reported.

    After consulting with cybersecurity experts at the FBI, Johnson Memorial did not pay the ransom and instead disconnected its servers following the attack.

    However, the hospital had to revert to more old-fashioned ways to carry out healthcare — including physically guarding the obstetrics unit where newborns are typically protected from unauthorized parties by security bracelets and nurses using Google translate to communicate with patients after remote translation technology was shut off after the attack.

    The hospital’s chief operating officer, Rick Kester, told NPR that it took nearly six months to “resume normal operations.”

    Related: The Jaw-Dropping Range of Cybercrimes is Due to the Gap in the Cybersecurity Workforce

    According to the Department of Justice, the Hive is responsible for over 1,500 cyberattacks since 2021 and has received more than $100 million in ransom payments. One of the affected hospitals also had to resort to analog methods to treat patients (similar to Johnson Memorial) and was unable to accept new patients immediately following the attack, the Department of Justice added.

    For hospitals, the fear of being hacked isn’t just monetary — it puts patients’ lives at risk by derailing the technology necessary to carry out patient care.

    “You ask many CEOs across the country, ‘What keeps you up at night?’ Of course, [they’re] talking about workforce, financial pressures, and they say, ‘The possibility of a cyberattack,’ Riggi told NPR.

    Related: This Type of Cyber Attack Preys on Your Weakness. Here’s How to Avoid Being a Victim.

    [ad_2]

    Madeline Garfinkle

    Source link

  • How AI Is Shaping the Cybersecurity Landscape | Entrepreneur

    How AI Is Shaping the Cybersecurity Landscape | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    As a CTO with over one and a half decades of expertise in the ever-changing field of cybersecurity, I have been observing the immense impact that artificial intelligence (AI) has had on the wide technological landscape. Also, I have witnessed how AI-based solutions have emerged as a crucial aspect of enhancing processes in various fields and disciplines over the years. And the cybersecurity field is no exception.

    The ability of AI-based machine learning (ML) models to identify patterns and make data-driven decisions and inferences present a highly innovative approach to quickly identifying malware, directing incident response and even predicting potential breaches before they occur.

    Given the significant potential of AI in the field of cybersecurity, this article explores how AI fits into the broader cybersecurity landscape and how it can be effectively leveraged to enhance the security of businesses and their users, along with some of its limitations.

    Related: AI For Cybersecurity: Maximizing Strengths And Limiting Vulnerabilities

    Exploring the intersection of Artificial Intelligence and cybersecurity

    In the modern era of digitization, data is exponentially generated, and a larger amount of metadata is either saved or received online, whether directly or indirectly. Moreover, for the data to attain its intended location or be utilized for specific purposes, it is frequently crucial to transmit it across a network or store it in a specific database or server.

    Here is where cybersecurity practices are implemented to ascertain the ultimate safeguarding of data transmission, storage and access — which is a crucial aspect of the battle against cyberattacks.

    As the technological landscape advances, cybercriminals tend to execute a diverse array of illicit activities, leading to substantial disruption in the online community. However, businesses can harness the power of AI and cybersecurity to mitigate risks and enhance security by detecting fraudulent activities and cyberattacks.

    Having said that, AI serves as a crucial factor in machine-based decision-making. For example, a sophisticated AI system could detect dubious actions on the network and impede access until the requisite authorization is provided. These AI techniques are predicated on machine learning algorithms, empowering programmers to train algorithms using data collected over an extended duration.

    The AI algorithm is designed in such a way that it can recognize and differentiate between legitimate access and fraudulent access. Accordingly, it improves a business’s security by making attacks and irregularities more predictable.

    Furthermore, AI technologies have a computational and analytical speed that surpasses human efforts and can determine abnormalities far more quickly than present techniques. As a result, AI and ML techniques can together help businesses defend against cyberattacks that could cost them millions of dollars.

    Related: How Companies Can Utilize AI and Quantum Technologies to Improve Cybersecurity

    How to leverage AI in the cybersecurity landscape

    As previously discussed, AI has many advantages and applications in various fields, including cybersecurity. Given the rapidly evolving nature of cyberattacks and the development of sophisticated attacking mediums, AI can benefit businesses by staying up-to-date in terms of security.

    AI can improve threat detection through automation and provide a more effective response compared to traditional security systems and manual techniques. This helps businesses optimize their cybersecurity measures and stay ahead of potential threats. Here are some key benefits of leveraging AI in the cyber security landscape.

    Threat detection:

    Businesses can tremendously benefit from AI-based cybersecurity practices in identifying cyber threats and disruptive activities by cyber criminals. In fact, the proliferation of new malware is happening at an alarming rate, making it extremely challenging for traditional software systems to keep up with the evolving threat landscape.

    AI algorithms, however, discover patterns, recognize malware and find any unauthorized activities done before they impact a system. This makes AI a valuable tool for protecting against cybercrime and maintaining the security of business operations.

    In fact, AI and ML-based cybersecurity solutions can significantly shorten the time required for threat identification and incident response, and they can immediately notify the business of unusual behavior.

    Bot defense:

    Another realm where AI is employed to combat digital threats is the defense against bots. In today’s virtual landscape, a considerable volume of web traffic is generated by bots, some of which pose potential security hazards. Bots, also identified as automatic scripts or software, are used by cybercriminals to initiate attacks on websites, networks and systems.

    Furthermore, bots can be utilized for a variety of malicious activities, such as Distributed Denial of Service (DDoS) attacks, takeovers of accounts and the scraping of sensitive information.

    AI-based solutions can be used to detect and block bot traffic by analyzing the patterns and behaviors of the incoming traffic. Machine learning algorithms can be trained to identify and flag suspicious activity, such as high volumes of artificial traffic coming from bot networks or abnormal requests.

    With AI, businesses can effectively discover the answers to questions like “what seems like a normal user journey?” and “what would be a potentially harmful atypical experience?” by looking at data-based behavioral patterns.

    Phishing detection:

    AI can greatly benefit the cybersecurity landscape by detecting sophisticated phishing attempts. AI-based machine learning models can analyze and classify incoming emails and messages to identify whether they are legitimate or fraudulent.

    By leveraging natural language processing techniques, AI can scan for keywords, phrases and other indicators that are commonly associated with phishing attacks. This lowers the possibility of a successful phishing attack by enabling security teams to swiftly identify and address possible risks.

    Moreover, AI algorithms can detect and flag suspicious URLs and domains. Phishing attackers often use deceptive URLs to trick users into revealing sensitive information. AI-based cybersecurity systems can analyze URLs and domain names to identify whether they are genuine or fake. These systems can then block access to malicious websites or display warning messages to users before they interact with the site.

    Related: The Rise of Artificial Intelligence in Cyber Defense

    Limitations of AI in cybersecurity

    AI systems, despite their ever-increasing sophistication, remain beholden to limited knowledge. These systems can only function with the aid of their trained data sets, thus making them potentially impotent in the face of novel or intricate threats that lie beyond their recognized realm. Furthermore, such limitations render them susceptible to both false negatives and false positives, thus facilitating both instances of unidentified threats and unnecessary alarms.

    Another crucial risk confronting AI systems is the presence of inherent biases and resultant discrimination. Such biases can emerge as a consequence of unbalanced data sets or faulty algorithms, thus engendering either unfair or inaccurate assessments, potentially leading to serious consequences.

    Finally, there exists the formidable threat of an over-reliance on AI systems, which can lead to risky complacency and, eventually, a false sense of safety. This could then lead to a regrettable lack of focus on other crucial aspects of cybersecurity, such as user education, the enforcement of policies and regular system updates and patches.

    The application of AI in detecting and combating cybercrime is undoubtedly a game-changer, bringing new and improved levels of efficacy to the cybersecurity domain. Also, it goes without saying that incorporating human intelligence along with AI can overcome any possible limitations posed by AI systems.

    There’s presently an extensive acceptance that AI plays an important part in data security, and this acceptance is anticipated to expand over the upcoming years as businesses realize its advantages. In fact, the commercial appraisal of AI in data security is expected to attain $66.22 billion by 2029, growing at a CAGR of 24.2% between 2020 and 2027.

    In order to stay ahead of cyber threats, businesses ought to invest in developing and implementing novel AI-based cybersecurity solutions. The continued breakthrough of AI expertise will doubtlessly influence the prospect of data security, and businesses that leverage AI effectively will be best postured to safeguard themselves against cyber threats and provide exceptional user satisfaction, thereby sustaining a competitive advantage.

    [ad_2]

    Deepak Gupta

    Source link

  • Hackers Can Open Garage Doors Remotely By Enabling Nexx Devices | Entrepreneur

    Hackers Can Open Garage Doors Remotely By Enabling Nexx Devices | Entrepreneur

    [ad_1]

    On April 4, Sam Sabetan, an offensive security engineer at Amazon, published findings that Nexx’s smart device products are subject to chilling vulnerabilities — including hackers being able to remotely open users’ garage doors without their consent. Other vulnerabilities include being able to take control of alarms and switch smart plugs on and off for any user.

    Sabetan stated that hackers could open garage doors from anywhere in the world.

    “It is estimated that over 40,000 devices, located in both residential and commercial properties, are impacted,” he wrote in a Medium blog post. “Furthermore, I determined that more than 20,000 individuals have active Nexx accounts.”

    Related: Apple to Roll Out First of Its Kind Technology to Protect Users from Hackers, Spyware

    Sabetan also stated that Nexx has “consistently ignored” all attempts at communication from him, the media and the Department of Homeland Security. Sabetan advises any Nexx users to immediately disconnect all devices until the issues are confirmed to be resolved.

    The Cybersecurity and Infrastructure Security Agency also posted a warning about the Nexx Garage Door Controller, Smart Plug and Smart Alarm’s vulnerabilities.

    Nexx has not responded to the claims. However, on its website, the tabs for Garage, Alarm and Plug all show a “Page Not Found” message as of Thursday morning.

    Screenshot of Nexx’s Smart Garage tab on Thursday, April 6, 2023, at 11:01 a.m.

    Related: Hackers Steal $620 Million in Massive Gaming Crypto Heist

    [ad_2]

    Madeline Garfinkle

    Source link

  • Cybersecurity Expansion Doesn’t Have to Be an Uphill Battle. Here’s Why | Entrepreneur

    Cybersecurity Expansion Doesn’t Have to Be an Uphill Battle. Here’s Why | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    How much cybersecurity does a person actually need?

    Well, it depends on who you ask. Cyberattack damage will rise to $10.5 trillion by 2025, and security advocates say you can never be too careful when fortifying your data and devices. Of course, cybersecurity on both home and office devices is essential to navigating any digital space, and it’s vital to keep one’s information and sensitive data protected. But in day-to-day life, trying to keep your devices secured can quickly get convoluted.

    That’s partially because of the disparate state of the cybersecurity industry. Users are spoiled with protection options from multi-factor authentication (MFA) to VPNs, password managers and good old antivirus programs. But the issue doesn’t come from the selection available. Rather, it’s that most of these cybersecurity tools are not in conversation with each other.

    Yes, having your cybersecurity products connected can put them at risk to some extent should one of them become compromised. However, when an individual exclusively uses a password manager, a Google-generated “difficult” password, or MFA on one single account, are they really any safer?

    Related: Amazon Ring Is the Latest Target of Notorious Ransomware Gang

    Likewise, if a cybersecurity feature a consumer uses gets compromised or hacked, it could discourage them from exploring other security products while they cope with being burned by a clever hacker. Of the millions of accounts exposed in the LastPass breach, many of the consumers using the program probably assumed they were properly fortifying their devices and sensitive information.

    Although it’s likely not the best idea to merge every cybersecurity measure under one umbrella, entrepreneurs should see the value in trying to connect the industry’s loose threads.

    Making cybersecurity more seamless could end up keeping more people safe in the long run. Building bridges to improve user experience and creating solutions that cover multiple bases also spreads out the long-term viability of a cybersecurity company by expanding its security reach.

    If an entire security company’s business rests on the stability and success of one product, it will undoubtedly lose revenue and consumer trust should that one product get breached. And they would need plenty of luck to build up that goodwill without the PR artillery that Big Tech companies have.

    Another factor to consider in helping unify cybersecurity lies in its cost. While many programs operate through donations or are free to use in exchange for user data, most serious cybersecurity products come with a price tag.

    Around 61% of users in the U.S. rely on free antivirus software, according to an annual report from Security.org. No surprise there, but the same report states roughly 33 million households pay for some type of security software, albeit with no distinction as to how that is spread across VPNs, secure browsers, and other features. This indicates users are willing to pay for personal protection, but only for certain kinds of products.

    Likewise, while an individual might pay for an antivirus program or a VPN, it can be hard to convince users to pay for multiple security products unless the individual is a business owner or regularly deals with highly sensitive information.

    Related: A Successful Cybersecurity Company Isn’t About Fancy Technology

    Outside of home-bound device security, mobile devices have also pushed privacy and security issues to the forefront of tech conversations as they reach near-universal use. Consumers, in general, have become much wearier about their data privacy and how to secure smartphones from malware and attacks, given how much personal information these devices now hold.

    But most people don’t read the permissions they allow apps and programs to access on devices, and many don’t go the extra mile to secure their phones outside of the built-in safeguards developed by Apple or Android. As more users search for ways to “declutter” their mobile experience, this shows another clear gap in cybersecurity interoperability.

    Companies such as privacy-preserving mobile developer Unplugged are already banking on the need for cybersecurity convergence, offering a multi-pronged app suite to boost mobile and desktop privacy and security. The project operates through a subscription-based model, which creates a new pathway to access high-level security products without having to pay exorbitant fees for each new program.

    Despite the siloing of cybersecurity, changes are clearly on the horizon from both a developer and regulatory level. In March 2023 alone, the U.S. government unveiled a beefed-up National Cybersecurity Strategy to set new regulatory standards and corporate responsibilities surrounding cybersecurity. The extensively-updated strategy outlines key pillars, including support for critical infrastructure, addressing the cybersecurity skills gap, setting regulatory baselines and fostering collaboration between the public and private sectors.

    Although we have yet to see how these new frameworks will affect consumer-level cybersecurity, the U.S. government, echoing collaboration and connection, shows its necessity in building a resilient cybersecurity future.

    Security should be a tenet of any tech product, given how sophisticated attacks can get. As more facets of our daily lives move to the digital realm, there is an imperative to improve security processes before it turns catastrophic. Entrepreneurs should be considering projects in this sector that are working to build common ground and security seamlessness to cut through the general malaise that users might have around protecting their devices.

    [ad_2]

    Ariel Shapira

    Source link

  • How Phishing Is Threatening the Cybersecurity Landscape | Entrepreneur

    How Phishing Is Threatening the Cybersecurity Landscape | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In our recent Consumer Cybersecurity Trends report, RAV researchers delved into the threats facing consumers over the last year. It was relatively unsurprising when once again, phishing took the top spot for cybercriminal activity.

    There are various types and various ways for threat actors to pull off a phishing attack. Let’s dive into the most prevalent, and also the sneakiest, of ways that phishing is currently threatening the cybersecurity landscape for consumers today.

    Related: What Is Phishing? Here’s How to Protect Against Attacks.

    Email phishing

    It may sound like old news by now, but phishing attacks by email don’t seem to stop coming — and it’s surprising how many people still fall victim to them.

    This February, Reddit employees were victims of an email phishing campaign that affected hundreds of company contacts and employees. According to a Reddit statement at the time, “the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway in an attempt to steal credentials and second-factor tokens.”

    Whether this attack could have been avoided is up for debate. At the very least, the fact that an employee was aware enough to understand what was underway and raise the alarm to their security team is vital. The sooner an attack can be mitigated, the better.

    As well as email phishing via malicious links and attachments, the weaponization of office documents sent via email has also increased. Office documents that hide macro code are still very common, and 2022 saw many files sent as phishing documents to lure users to run the malicious code.

    Related: 4 Things Your Employees Are Doing Right Now That Are Compromising Your Network

    Spear phishing

    Unlike the traditional “spray and pray” approach, whereby mass phishing emails are sent to as many recipients as possible in the hopes they’ll get at least a few hits, “spear phishing” is a targeted phishing attack aimed at a specific individual or organization.

    Cybercriminals will research their target in order to personalize the attack and increase their credibility, with the intent of persuading the target to disclose sensitive information or trick them into making payments.

    While finance teams and executives would seem to be the most likely targets of spear-phishing campaigns, sales departments might also see an increase — mainly because a sales team member is more likely to receive emails from outside an organization. These employees could be a viable entry point for hackers trying to infiltrate an organization.

    Social media is also a factor here, as many employees that use social media, either for personal or professional use, underestimate just how vast their digital footprint may be. In Q1 of 2022, LinkedIn users accounted for 52% of all spear-phishing targets globally, and users were cautioned to be on their guard for a rise in spear-phishing campaigns.

    The biggest takeaway here should be that criminals are looking for the weakest link in a company, no matter who they are trying to target. One wrong click from an unsuspecting employee is all it takes, so they will keep trying again and again to ensnare their next victim.

    And taking spear phishing attacks to the next level, “whale phishing” targets the most senior-level company members, like the CEO or CFO. Whaling phishing techniques may involve impersonating these figureheads, in order to trick an employee into authorizing high-value money transfers to the attacker or disclosing vital company information.

    Related: Is Your Business Prepared for a Cyber Attack? (Infographic)

    Smishing

    In general, users are misguidedly more trusting of text messages than they are of email. In actual fact, as most smartphones can receive text messages from any number in the world, smartphone users aren’t really afforded any SMS privacy at all.

    Phishing conducted via SMS, also known as “smishing,” will entice a victim into revealing personal information via a link through compelling SMS text messages. Unfortunately, not enough users are aware of the dangers of clicking links in text messages.

    These links may lead to credential-phishing sites or inject malware designed to compromise the phone itself. The malware can then be used to spy on the victim’s smartphone data or silently send sensitive data to an attacker-controlled server.

    Compromised privacy

    But what is it that we are afraid of? What can a phishing attack lead to? Once a threat actor has access to data, they can set to work to use it for their own nefarious purposes — be it holding the data ransom, using it for financial theft or creating further disruption for a company (e.g., doxing or cyber espionage).

    For example, Atlassian recently suffered a cybersecurity breach in the form of a phishing attack that compromised customers and business insider information, including company floor plans. The attack is thought to have been achieved through using an employee’s credentials. We see from this that phishing can lead to unwanted and unwarranted prying eyes into a company’s inner sanctums, and it puts both consumers and businesses at risk for further interference. The plethora of phishing techniques is presumably why it ranks as the preferred method of attack for so many cybercriminals.

    To protect against phishing attacks, whether as a consumer, employee or business owner, following some basic guidelines will be invaluable:

    • Be wary of unsolicited mail and unexpected emails, especially those that call for urgency.

    • Double-check transactions or data disclosure through a secondary means of communication (e.g., phone calls or face-to-face).

    • Watch out for telltale signs of phishing attempts, such as the misspelling of words, the incorrect use of URLs and completely irrelevant messaging.

    • Additionally, pay attention to emerging technologies on the market — it remains to be seen whether newly available clever AI chatbots could be used to construct phishing emails.

    Above all, ensure all staff has cybersecurity training. All employees should be aware of basic tactics used in spear phishing emails, such as tax-related scams, CEO fraud and other social engineering tactics via email. Education and awareness are key defense skills as the majority of these phishing techniques will only actually succeed due to human error.

    [ad_2]

    Andrew Newman

    Source link

  • US introduces new rules to protect water systems from hackers | CNN Politics

    US introduces new rules to protect water systems from hackers | CNN Politics

    [ad_1]


    Washington
    CNN
     — 

    The US Environmental Protection Agency on Friday announced new requirements for public water facilities to boost their cybersecurity while expressing concern that many facilities have failed to take basic steps to protect themselves from hackers.

    The new EPA memo requires state governments to audit the cybersecurity practices of public water systems — and then use state regulatory authorities to force water systems to add security measures if existing ones are deemed insufficient.

    “Cyberattacks that are targeting water systems pose a real and significant threat to our security,” EPA Assistant Administrator Radhika Fox told reporters Thursday.

    It’s the latest move in a full-court press by the Biden administration to use its regulatory and policy powers to try to raise the cyber defenses of US critical infrastructure that is frequently targeted by cybercriminals and foreign government-backed hackers.

    The EPA memo comes a day after the White House released a national cybersecurity strategy that calls for software makers to be held liable when their products leave gaping holes for hackers to exploit.

    A wakeup call for cybersecurity in the water sector came mere weeks into the Biden administration, in February 2021, when a hacker infiltrated a Florida water treatment facility and tried to increase the amount of sodium hydroxide to a potentially dangerous level, according to local authorities.

    The facility stopped the attack before harm could be done, but the episode alarmed officials in Washington and led to greater federal scrutiny of the water sector’s security practices.

    The FBI and US Cybersecurity and Infrastructure Security Agency have warned about multiple ransomware attacks on the computer networks of water and wastewater facilities from California to Maine.

    That greater public attention on the issue has brought improvements; the Water Information Sharing and Analysis Center (WaterISAC), an industry hub for cyber threat data and best practices, says its membership now includes facilities that provide water to most of the US.

    “Multiple water sector associations embrace the need to help water systems bolster cyber resilience,” Jennifer Lyn Walker, the WaterISAC’s director of infrastructure cyber defense, told CNN. “The larger systems have been leading the charge for years, so I think we can adapt that effort toward the medium and smaller systems for the greater good of the sector.”

    But the sprawling US water sector, which includes more than 148,000 public water systems, has sometimes struggled with funding and personnel to protect systems.

    At public water systems, “top-down authorization for major cybersecurity projects, unfortunately, usually only happen after an incident,” Chris Grove, director of cybersecurity strategy at industrial security firm Nozomi Networks, told CNN.

    “Within the municipalities that manage the public water systems, they are choosing between a library expansion, cameras for the police, or cybersecurity for water and wastewater treatment systems,” Grove said.

    [ad_2]

    Source link

  • Top US cyber official warns software firms aren’t doing enough to stop damage from hackers from China and elsewhere | CNN Politics

    Top US cyber official warns software firms aren’t doing enough to stop damage from hackers from China and elsewhere | CNN Politics

    [ad_1]


    Washington
    CNN
     — 

    Chinese hackers are too frequently going “unidentified and undeterred,” and software companies aren’t doing enough to secure their products from cyber-attacks that “can do real damage” to US interests through the loss of trade secrets, a top US cyber official said Monday.

    “The risk introduced to all of us by unsafe technology is frankly much more dangerous and pervasive than the spy balloon, but somehow we’ve allowed ourselves to accept it,” US Cybersecurity and Infrastructure Security Agency Director Jen Easterly said in a speech at Carnegie Mellon University.

    Easterly was referring to a suspected Chinese surveillance balloon that flew over multiple US states before the US military shot it down on February 4. The episode has increased tensions in US-China relations and caused US Secretary of State Antony Blinken to postpone a trip to Beijing.

    Easterly’s speech reflects frustration from US officials that major software programs used by millions of people are routinely released with gaping flaws that can be exploited by hackers. After a series of high-profile hacks, the Biden administration introduced cybersecurity regulations for sectors such as pipelines. US officials have not ruled out more regulation in an effort to raise defenses.

    While the balloon caused a public uproar, cybersecurity officials from across the US government have been warning for years that China has been quietly amassing US government and corporate secrets through hacking. Beijing denies the allegations.

    The alleged Chinese cyber espionage campaigns have often exploited wildly popular software that has allowed them a foothold into US government agencies and corporations alike. In late 2021, for example, suspected hackers used a popular password management software to breach multiple US defense contractors, according to researchers.

    Easterly, who spent years working on offensive cyber operations with the US National Security Agency, said the frequent hacks of US organizations by China and other foreign governments and criminal groups are merely a “symptom” rather than a cause of US insecurity in cyberspace.

    The bigger problem, she said, is that too many major software makers are not designing their products mores securely and making it easy on the user to maintain that security.

    Easterly did not single out specific companies for poor software design, but instead cited statistics from Twitter and Microsoft saying just a fraction of users or enterprise customers are using an extra layer of security when signing into their accounts.

    “[T]he burden of safety should never fall solely upon the customer,” Easterly said. “Technology manufacturers must take ownership of the security outcomes of their customers.”

    She called on technology manufacturers to “embrace radical transparency” by sharing more of their software design plans publicly so they can be scrutinized by experts.

    [ad_2]

    Source link

  • How AI and Machine Learning Are Improving Fraud Detection in Fintech

    How AI and Machine Learning Are Improving Fraud Detection in Fintech

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Internet fraud is a menace in our various financial institutes, and many fintech companies have been victims of this fraud game. Detection of these attacks comes in two ways: through inconsistent traditional methods or using ever-growing artificial intelligence mechanisms.

    Traditional methods, such as the rule-based method, are still widely used by most fintech companies in contrast to AI. At the same time, some are adjusting to leverage machine learning and artificial intelligence, improving ways to detect fraud. Hence, bringing us to the question below.

    How have AI and machine learning improved fraud detection in the fintech industry? What specific applications does this technology touch, and what mechanisms complement it? We have compiled key areas where its application has become highly beneficial.

    Related: Fraud Detection In Fintech: How To Detect And Prevent Frauds In the Lending Industry

    Fishing out identity thieves before they penetrate a server

    Identity theft is common, but with the rise of AI, its effect on the fintech industry has been reduced drastically. Users are bound to become more susceptible to fraud in this area when activities like creating accounts, submitting applications or filing tax returns become more computerized. Digitized data is easier to access, giving identity thieves more possibilities to penetrate the server. For instance, identity thieves can create accounts in someone else’s name, get access to that person’s benefits or even steal their tax returns using the stolen identification information. In curbing these anomalies, AI is to the rescue. AI-driven identity theft detection systems such as pattern recognition are pretty good at reducing the danger of such scams and spotting them early on. Depending on the circumstance, the models may be able to identify suspicious transactions, behaviors or information in the supplied documents that do not fit the customer’s usual patterns of behavior, therefore averting a possible danger.

    Quick detection of credit card fraud through identification of unusual transactions

    Customers may secure their credit card and account information in various ways, such as by utilizing virtual private networks or virtual cards or checking the website certifications. However, with fraud tactics becoming more sophisticated, organizations handling credit card transactions and transfers must scan them to avoid any risks. AI methods such as data mining have been provided with a sizable dataset that includes both kinds of transactions (i.e., card transactions and transfers) to be trained to spot fraudulent behavior. By analyzing it, the model can spot fraud red flags. Are there possible ways the illegal transaction can be flagged and detected on time? Yes, for instance, a rapid spike in the customer account’s weekly or monthly transaction values or a purchase made in a store that doesn’t ship to the country where the account holder resides. All these can be swiftly detected with the help of AI, and fraud can be mitigated on time to avoid running losses.

    Related: How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks

    Detection of money laundering amidst account activities

    Fintech companies and banks use deep learning AI algorithms such as neural networks to uncover undiscovered connections between criminal conduct and account activity. Money laundering is difficult to identify with traditional approaches since the signs are frequently quite subtle. Still, since the emergence of artificial intelligence, every action is carefully considered because such practice typically involves large sums of money and is carried out by organized criminal organizations or entities that appear to be genuine.

    Despite a thorough mechanism put in place, individuals are undoubtedly susceptible to errors. It gets challenging to spot money laundering-related acts among cover-up activities because they leave no room for suspicion, but AI has been at the forefront of detecting such. For instance, a wrong transfer of funds might be the key to revealing a set of illegal activities. In addition, there are situations when several transactions on an individual’s account come together but don’t appear legitimate when scrutinized. These patterns could be quickly identified by AI systems put in place, and fraudulent activity could be prevented on time.

    Early detection of fraudulent loan and mortgage applications

    In recent times, most fintech companies and banks heavily rely on fraud detection AI technologies to assess loan and mortgage applications by fraudsters. It is a crucial component of their risk assessment and aids the analysts in their day-to-day job. With machine language, they can extract pertinent data from the applications and analyze them using a model developed through a dataset that includes both legitimate applications and those flagged as fraudulent. The essence of AI in this area is to detect trends that can likely lead to fraud so that alarms can be swiftly raised, whether accurate or not. It allows the analyst in charge to scrutinize further, which could either lead to acquittal or fraud prevention. It also helps fintech companies to predict the chance of a customer committing fraud as it can help forecast trends by examining consumer behavior data.

    Related: Digital Twins: AI & ML Transforming the Fintech Landscape

    Banks and fintech companies still occasionally believe that rule-based methods are safer and more straightforward. Traditional rule-based methods and AI tend to support one another but will likely change sooner. This is due to the complexity of rule-based systems having their bounds and the fact that fraud efforts are getting more sophisticated and dynamic than in the past. The rule-based method is a losing struggle since it necessitates the creation of new rules each time new patterns appear. Instead of constantly being one step behind, fintech companies can actively foresee fraud using AI and machine learning techniques to safeguard their financial integrity.

    [ad_2]

    Taiwo Sotikare

    Source link

  • North Korean hackers extorted health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics

    North Korean hackers extorted health care organizations to fund further cyberattacks, US and South Korea say | CNN Politics

    [ad_1]


    Washington
    CNN
     — 

    North Korean government-backed hackers have conducted ransomware attacks on health care providers and other key sectors in the US and South Korea and used the proceeds to fund further cyberattacks on government agencies in Washington and Seoul, US and South Korean officials warned Thursday.

    Some of those follow-on hacks have specifically targeted Pentagon networks and US defense contractors, according to the advisory from US and South Korean intelligence and security agencies.

    It’s the latest in a drumbeat of warnings from US officials that North Korea is adopting cybercriminal tactics to fund dictator Kim Jong Un’s ambitions, including the regime’s pursuit of nuclear weapons.

    The statement from the US Federal Bureau of Investigation, US National Security Agency, South Korean National Intelligence Service and others does not mention Kim’s weapons programs, but US officials have previously warned that a portion of the money Pyongyang steals through hacking can go to weapons development.

    North Korea’s use of stolen cryptocurrency to fund its weapons programs is part of the regular set of intelligence products presented to President Joe Biden, a senior administration official told CNN this week.

    “They need money, so they’re going to keep being creative,” the official said. “I don’t think the North Koreans are ever going to stop looking for illicit ways to glean funds because it’s an authoritarian regime … under heavy sanctions.”

    The news comes as North Korea displayed nearly a dozen advanced intercontinental ballistic missiles at a nighttime military parade on Wednesday.

    The new US-South Korea advisory did not identify hospitals that the North Korean hackers had allegedly victimized. The Justice Department has previously accused Pyongyang-backed hackers of hitting a medical center in Kansas in 2021, encrypting computer systems the facility relied on to operate key equipment, and another medical provider in Colorado.

    The advisory follows a similar warning from US agencies in July that North Korean hackers had used ransomware to disrupt services at health organizations for “prolonged periods.”

    In the statement released Thursday, US and South Korean officials accused North Korean hackers of taking pains to try to hide their identities – even posing as a notorious Russian ransomware gang. The North Koreans are also emulating non-state criminals in dumping online the private data of victims who do not pay, officials said.

    The hackers have used a popular software used in small and medium-sized hospitals in South Korea to spread their malicious code with the aim of locking up computers, according to the advisory.

    In addition to hacking, suspected North Koreans have posed as other nationalities to apply for work at IT firms and send money back to Pyongyang, US agencies have publicly warned. A CNN investigation found at least one cryptocurrency entrepreneur who unwittingly paid a North Korean tech worker tens of thousands of dollars.

    [ad_2]

    Source link

  • This Type of Cyber Attack Preys on Your Weakness. Here’s How to Avoid Being a Victim.

    This Type of Cyber Attack Preys on Your Weakness. Here’s How to Avoid Being a Victim.

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    You may not realize it, but social engineering attacks are the most common form of cyber attack out there. And, do you know why they are so popular?

    For starters, to carry out a cyber attack, social engineering is incredibly effective. You can gain access to systems and data simply by tricking the owner into giving up their login credentials or other sensitive information. Social engineering attacks are difficult to detect because they rely on human interaction. Yes, there have been so many successful attacks using this method, but it’s interesting to know that it can be controlled. In this article, I’ll be exposing you to different forms of social engineering attacks and how you can protect yourself from them.

    Related: How Small Businesses Can Shield Themselves Against Cyberattack

    What is social engineering?

    Social engineering is the art of gaining unauthorized access to a network or sensitive information by exploiting human behavior or psychology. Social engineering is a popular component used as an initial access vector to gain access to a network.

    Social engineering is carried out mostly via email — phishing. One example of such an attack is the 2016 FACC hit. According to this report, the CEO and CFO of FACC got fired as a result of the whaling incident that cost the company $47 million. An email, claiming to be from the CEO, asked an employee to transfer funds to support an acquisition. After the cybercriminal was long gone with the funds, it was discovered that both the email and the deal were fake. This describes how dangerous social engineering is — as it relies on human error and not some sort of software or operating systems.

    In recent years, there has been an increase in sophisticated social engineering attacks plaguing organizations. Examples of sophisticated social engineering attacks are reverse tunneling and URL shorteners, which are used by cybercriminals to launch virtually undetectable phishing campaigns.

    While cyber attackers often use social engineering tactics to try and get their targets to reveal sensitive information such as passwords and financial data, it is very important you know that this method of attack is so effective and has a high success rate because people are often the weakest link in an organization’s security. Hackers can use social engineering to bypass technical security measures, such as firewalls and antivirus software, by exploiting the trust and willingness of individuals to help others or follow instructions. More so, social engineering attacks are often relatively low cost, as they don’t require the attacker to invest in expensive tools or infrastructure.

    Additionally, social engineers are very calculative, clever and manipulative. Most cybercriminals employ social engineering to gain initial access to a network because it’s easier to manipulate and fool people than break into a secure system. Here are the four major types of social engineering to watch out for:

    Phishing: Phishing attacks are the most widely used form of social engineering you need to watch out for. It involves acquiring personal and sensitive information about an individual or an organization via email by disguising itself as a trustworthy entity in electronic communication.

    Pretexting: Pretexting is also another type of tricky social engineering technique to watch out for. In this kind of attack, the threat actor creates a false scenario where the victim feels compelled to comply. The attacker typically acts as someone in executive rank to intimidate and persuade the victim to follow their order.

    Vishing: Vishing is another type of social engineering attack technique that has a high rate of success. It is important to watch out for this kind of attack that is done over voice communication. Typically, the visher pretends to be from a legitimate company and tries to urge you to share your sensitive information, like the example highlighted earlier.

    Baiting: Baiting is another form of social engineering that exploits human weakness. The attacker puts up something enticing or compelling to lure the victim into a social engineering trap. For example, you might get “Congratulations, you are a lucky winner of an iPhone 14. Click on this link to claim it.” “Download this premium Adobe Photoshop software for $69. Offer expires in two hours.”

    As an active internet user, you might have come across this or not; well, it’s advisable to pass without clicking because it’s most likely a trap!

    Related: Hackers Aren’t The Only Unseen Enemy Behind Cyber Attacks — Your Board’s Ignorance Could Be To Blame, Too. Here’s What You Can Do About It.

    Social engineering attacks are successful because they exploit human vulnerabilities

    In this digital age where so much of our personal information is out there for the taking, it is easy for cyber attackers to gain our trust and get what they want. Moreover, it is not just clicking on phishing emails that can leave you open to an attack. It can be as simple as answering a phone call from someone who is pretending to be from your bank or tech support.

    Social engineering attacks are incredibly easy to execute. All it takes is a little bit of knowledge about how people work and some basic hacking skills. Then with it, a skilled hacker can easily get information from innocent victims, information that can be used to gain access to networks or steal identities.

    However, that does not mean you are powerless against them. Well, here are key tips that can help you recognize and prevent social engineering attacks from happening to you.

    Common telltale signs that indicate you’re under the web of social engineering attackers:

    1. When you keep receiving unusual emails and phone calls from unknown sources especially when they contain attachments and links to click on.
    2. When an unknown person keeps requesting your sensitive and personal information such as name, address, DOB, credit card numbers and so on.
    3. When an unknown person creates a sense of urgency and pressure just to get you to act swiftly without proper thoughts or analysis on matters related to work or personal accounts. And many more.

    How can you protect yourself from social engineering attacks?

    • Firstly, be aware of the dangers of social engineering attacks. These attacks are becoming more and more common, so it is crucial to be vigilant.
    • Be suspicious of unsolicited emails, calls or texts and never give out your personal information unless you are sure who you are dealing with. For example, if you receive an email from someone you do not know asking for sensitive information, do not respond. If you are not sure whether an email is legitimate or not, do not hesitate to reach out to the sender to verify its authenticity.
    • Only enter your information on trusted websites and make sure the URL starts with “HTTPS.”
    • Make sure the security software of your computer is up-to-date.
    • Use two-factor authentication, which is an extra layer of security that requires something you know (like a password) and something you have (like a physical security key or mobile app).
    • Make sure your passwords are strong and unique. Do not use the same password for multiple accounts, and ensure that your passwords are a mix of letters, numbers, and symbols.
    • Keep your personal information private. Do not share your passwords or login credentials with anyone, and be careful about the information you post online. Keep your personal information private!

    Social engineering attacks thrive in exploiting the human factor. People are often the weakest link in cybersecurity, and attackers know how to take advantage of that using social engineering.

    Remember that this is one of the most common ways cyber attackers gain access to your systems. That means they use deception to gain your trust and then extract information from you, like your passwords or login credentials.

    Now you have learned what you can do to keep yourself safe, remember that cyber attackers are experts at getting people to click on links and open attachments. Therefore, be vigilant when you are browsing the web and emailing.

    To fortify yourself against social engineering attacks, you have to stay up-to-date on the latest security threats. How do you do that? Do that by subscribing to a cybersecurity newsletter and reading blog posts on cybersecurity, such as this one, to stay informed.

    [ad_2]

    Ejiofor Francis

    Source link