For this week’s “In the News”, locate an article that discusses one of the following:
- new security threats
- changing security threats
- reduced security threats?
In regards to the threats that you have identified, how does the threat change the steps that the organization would take to mitigate, or lessen, the risk from that threat?
Cybersecurity mesh, security-savvy boards of directors, and remote working all made this year’s security and risk trends.
As cybersecurity and regulatory compliance become the top two biggest concerns of corporate boards, some are adding cybersecurity experts specifically to scrutinize security and risk issues.
Adding a cybersecurity expert directly to the board is just one of the eight Gartner security and risk trends for 2021, many of which are driven by recent events such as security breaches and the COVID-19 pandemic.
“In the past year, the typical enterprise has been turned inside out,” says Peter Firstbrook, VP Analyst, Gartner. “As the new normal takes shape, all organizations will need an always-connected defensive posture, and clarity on what business risks remote users elevate to remain secure.”
https://www.gartner.com/smarterwithgartner/gartner-top-security-and-risk-trends-for-2021/
ooof! Good article. Compliance is a HUGE concern. I mean I’ve had a Statement of Work stuck with Legal for two weeks. The processes surrounding compliance are every IT person’s nightmare. There are so many regulations depending on your industry. Slightly less in you aren’t publicly traded but it’s still in the nest interest of the organization to practice Due Diligence and stay on the “Best Practice” standard. Public trust is rarely ever given twice. One major breach can cost millions upon millions and people are now hyper aware of the power of data in the wrong hands. Taking the proactive stand and a defensive posture is critical to an organization’s mitigation strategy!
Hi Jerry!
Cool article! I like the graphic illustrating Gartner’s top security risks and trends for 2021. Having a security-savvy board of directors, advised by an SME, is definitely a drastic change from the norm and is long overdue. Also, vendor consolidation is a good strategy. While we can’t have one UTM solution from one vendor, organizations can have better visibility with the reduced noise, and maybe save the org some $$$ in the process.
Vinny,
Great point! The article says that 12% of CISOs have 46 or more different tools from cybersecurity vendors. While I assume these are CISOs of bigger companies, I find it hard to believe that 46 different tools from different vendors is an efficient (or particularly effective) set up.
[note – this post is on behalf of Vanessa Marin)
https://www.securitymagazine.com/articles/95714-digital-signatures-cybersecurity-vulnerabilities-everything-you-need-to-know
Publish Date: July 27, 2021
Author: Dan Mary
The threat landscape has never been at the forefront as it is today. Hacks left and right in both the private and public sector. Government agencies, political threat actors, ransomware. anything you can think of – name it. As the workforce was forced to work from home in the onslaught of COVID-19 digital signature companies became “market leaders” using Public Key Infrastructure in the signature models. Yes… your simple PDFs can be hacked too. The ever-evolving digital signature threats. Think about the content of these PDF documents — contractual agreements, patents, NDAs, legal, private, confidential, top secret but regulation requires a signature, and you work from a remote location as do all your colleagues. Hackers use different methods to hack into your poor PDF:
Hide attacks which are little nuggets of code or malicious content hidden in a link or an image. Replace attacks with entails the “replacements of minor objects of a legitimate form” i.e. changing fonts can change the code behind a document. The combination of these two is your third more sophisticated attack – hide and replace where hackers replace the entire document and hide their sneaky code. The signee knows no better and signs away enabling the hacker to reveal the true document when it is sent back.
Considering digital signatures and how valuable they are in the industry it’s imperative to partner with legitimate, reliable, and experienced partners that provide a high level of assurance — DocuSign or Adobe Sign are good examples. Like any other mitigating controls — policies, followed by training, communication with your employees. Encouraging teams to report scams and having a process in place to do so empowers the team to be on the lookout. Having a robust patch management policy is key and continuous monitoring and logging of adverse or suspicious events is critical.
Hi Vanessa,
Interesting article!
Jeez, is there anything hackers won’t hack, am I right!?
The constant evolving threat landscape is a very scary place much like the woods of Camp Crystal Lake. But here, it is a digitized version of Jason Voorhees that is stalking unsuspecting organizations and slashing through their defenses. We must be vigilant!
Vincent am on the same thought train with you, what wont these chaps hack!
I think as regards to PDFs, they should not be shared via email but rather use share point or designated file access systems.
Work from Home Attacks
Not new but a continuing trend in attacks is the WFH attack. Security experts say that soon attackers will be able compromise numerous insecure home networks concurrently to perpetrate a large scale breach. Since many employees are using a home broadband connection for their job, the enterprise attack surface has dramatically.
Solving his problem means utilizing Identity and Access Management (IAM) (the foundation of Zero Trust). IAM has tools capable of intelligently analyzing user activity, resource requests and corporate connective habits to allow streamlined sign-in when it’s safe to do so but require extra authentication if potential problems are detected.
I know, I know… I champion Zero Trust. But it should be. All the cool kids are doing it!
https://www.ibm.com/security/identity-access-management
https://securityintelligence.com/articles/cybersecurity-trends-and-emerging-threats-2021/
Covid and WFH have changed so much in our day-to-day! This reminds me of the issue that the FBI warned was happening in hotels. People would rent a hotel room to use the fast internet (or hide from kids haha) during the workday. Bad folks caught on and started taking advantage of insecure hotel WiFi or setting up “evil twin” WiFi hotspots nearby to trick guests into joining their network.
https://www.pcmag.com/news/fbi-warns-against-using-hotel-wi-fi-for-work
Thanks for the article, i guess we might need to start installing firewalls to protect our home devices in the near future even though its a costly its a costly option. Many IoTs don’t meet the basic standards of security which leaves homes exposed to attacks as mentioned in the article.
[note – this post is on behalf of Amelia Safirstein]
Ransomware has been around for a while but the number of attacks has increased significantly recently. Ransomware attacks rose 158% from 2019 to 2020. With the jump in the use of IoT devices, things like critical infrastructure, hospital devices, and schools’ learning devices have been connected to the internet. The government has responded to these attack increases with a stronger legislature on cybersecurity. Organizations will have to take new laws into account when building or revising their security programs. The number of victims that pay ransomware increased from 2019 to 2020 by 300%, incentivizing hackers to continue using this type of attack. Unfortunately, the increased losses has lead to higher costs for insurance, making it out-of-reach for some organizations. On the bright side, these types of incidents seem to have pushed organizations to take cybersecurity more seriously. The number of companies with a cybersecurity policy increased from 25% in 2016 to almost 50% in 2020. We definitely have a ways to go but it’s a start!
https://www.pbs.org/newshour/nation/why-ransomware-attacks-are-on-the-rise-and-what-can-be-done-to-stop-them
https://www.govtech.com/education/k-12/schools-out-but-cyber-criminals-are-here-to-stay
Amelia,
This article reflects the challenges being faced today due to IoTs, As mentioned hospitals are using them on the internal network and connecting them to the internet which enables them to do their jobs.
In my opinion, one way to try and secure the network that has IoTs connected is to segregate these devices from the core or critical infrastructures. They need to either sit behind a firewall or in DMZ. From there, if they have to access the core network, they need to be re authenticated.
Jerry,
Absolutely! You make a great point about segregating the network. That would make a huge difference in the case of potential ransomware attacks. I haven’t worked with IoT in hospital systems before but I have worked with IoT in fairly critical environmental settings. I’ve found that critical systems/devices are often the ones that are being connected to the internet so that users can remotely check data output and adjust settings. With the all-too-common lack of security in IoT, I’m honestly surprised that there haven’t been more attacks on these types of systems.