For an honest and secure world

Time 2020-07-05 18:03:06

Web Name: For an honest and secure world

WebSite: http://aminemekkaoui.typepad.com

ID:20031

Keywords:

honest,an,For,

Description:

Ransomware cyber attacks are growing and it can happen to anyone, anywhere. The attacks can be on a personal computer or even take down an entire network at a hospital. Organizations posing as law enforcement, government agencies, banks, and credit card companies are using deceptive links and websites to install malware - which essentially holds all of your files ransom, encrypts and demands payment to restore them.But this doesn’t have to happen to you. There are several very simple steps which can help safeguard you from attacks.Anti-virus software - Every personal computer should have it. There are a lot commercial anti-virus software programs to choose from, and they are worth the investment. Once you have the software, make sure that it’s installed correctly with the most up-to-date version, that it’s always on, and that you have it set to alert you when there are updates to install.If your computer does become infected and you don’t have an anti-virus program set up, you can install one to “clean” your computer, but you may need additional assistance to help restore your hard drive.Anti-virus programs are equally, if not more important, for businesses – but because most businesses have software on their computers which prohibit users from downloading software it’s up to the company’s IT department to keep their users protected. Most business updates need to be done via a server to all their user’s computers and devices; this includes not only anti-virus software, but operating systems and third-party applications. Businesses should conduct security training for their users, as to what is and isn’t acceptable on company devices, including mobile ones. In addition, there should be computer usage, security, and security awareness policies in place.Corporate IT departments need to routinely conduct risk assessments, as well as alert users of any new viruses or bogus and fraudulent emails that may be circulating.Back up Everything, Frequently – It is essential that you are backing up your files on a regular basis. If you are hit with ransomware or any other type of virus and your computer and its files can’t be saved, you will have your backups to do a system restore or rebuild.Consider The Cloud – Rather than keeping all of your files on a hard drive or server, consider moving bigger more important files to the cloud. Cloud storage will allow you to access your files remotely without the risk of them being infected by ransomware if your computer or server is hit.Keep Everything Up-To-Date – It’s not just your anti-virus software that you need to keep updated. You should also keep your operating system and all of your programs updated with the latest versions. By keeping them updated you’ll be on top of any issues that may arise, as well as alerted to security warnings from the software manufacturers.Avoid Suspicious Sites and Emails – If you are unsure of the sender, or an email comes with an attachment you aren’t expecting, delete it. Opening a suspicious email or clicking on a suspicious site could launch ransomware onto your computer.It’s important that you make sure that all of your family, co-workers and employees know the risks of ransomware and how to protect themselves and that they should never pay the ransom. Not only is it feeding into criminal activity, but there is no guarantee you’ll get the encryption code promised to get full functionality back to your computer. Tags: #computer viruses, #cyber attacks, #cybercriminals, #cybersecurity, #information security, #Ransomware, #risk management You’ve done everything to build and brand a great product and company, everything to keep your clients’ data safe…but sometimes things can go wrong and you will be the first one blamed.According to the World Economic Forum Global Risks 2012 report, on average, more than 25 percent of a company’s market value is directly attributable to its reputation, and that number continues to climb.Reputational risks are caused by many intended, and unintended events, for example: a cyberattack on a retailer’s credit card data, manipulating markets or making trades based on insider data, employing under-aged workers overseas for a “US-based” company, or accidently serving contaminated or expired food at a restaurant.Whether the event is intended or unintended, the responsibility ultimately belongs to the company’s CEO and their management team. Why, because it directly impacts revenue and the company’s brand.One of the major reputational risks today is systems interruptions and Cybersecurity. Any interruption to services - whether it be from a cyber attack, system-wide outage, human error, or security breach, is a business disruption that goes all the way up to the C-suite executives down to their clients, and can cost extremely valuable time and money to repair…not to mention the damage to your reputation.Some things are out of your control and customers will understand that; for example, a storm knocking out power and shutting down your systems. They won’t, however, be as understanding if you weren’t proactive in safeguarding your company. So how to do you stay ahead of the problems?If a third-party is hosting your data or is the hub of your operation you still need to remain in control. When their systems go down or are breached, your clients are coming to you with their complaints - because ultimately you are responsible. One way to be proactive with a third-party vendor is to have them comply with your own internal requirements.Make sure you have a tested disaster/incident recovery plan in place. Disaster/incident recovery planning is a huge undertaking and touches every part of your organization, but having a plan and testing it will help you face any challenges down the road.When something goes wrong you will need the entire company on board, not just the IT team who’s going to work around the clock to remedy the situation. Your top management teams, PR professionals, customer support, and even your marketing staff need to be involved, and know what the company response is, and how it’s being communicated.Be proactive. Invest in data analytics that will enable you to analyze real- time data, such as pattern detection and recognition. Keep on top of social media using text analysis that will pinpoint conversations about your company. Social media combined with big data analysis will help you get ahead of the crisis and lessen the impact. This combination could be the most important and impactful decision you make, better than business liability insurance!Learn from mistakes. Hopefully you are not the target of a company-wide disruption, be it human error or cyber attack, but chances are some company, somewhere around the world is being hit right now. Most won’t make the front page news of the Wall Street Journal, but you need to be ready to respond to incidents whether they are the result by cyber security attacks, third-party partner action or employees’ mistakes. Loss of reputation is beyond repair if not properly and systematically addressed.Make sure that you know what your business risks are and that you are up to date with managing them all the time. Managing your business risks are not a one-time event. Each component that contributes to the risks must be monitored in real time. There are multiple tools and technologies that will facilitate managing and monitoring both your business and operational risks.In the end it’s your company name, your reputation, and your responsibility to ensure the integrity of your brand. Tags: business disruption, Business Reputation, Cybersecurity, Reputational risks, Risk With just one click your files, credit cards, medical records and other personal information could be hacked with ransomware malware. Earlier this month, a cyberattack on Hollywood Presbyterian Medical Center took the hospital’s medical records hostage, demanding ransom in the form of Bitcoins.Bitcoin is a virtual currency. Transactions are made anonymously without bank involvement. Since Bitcoins aren’t tied to any country or subject to any regulations, international payments are easy and cheap. Every user has a Wallet ID, but the names of the buyers and sellers are never revealed. This level of anonymity provides the perfect breeding ground for transactions such as ransomware.It would be nice if there was a list of things to look for to help prevent these attacks, but ransomware is evolving. Hackers are finding new ways to completely lock your computer systems and block access to all of your files and encrypt them. Emails that look like they are coming from utility companies, credit card companies, and even banks contain files that once they are clicked will overtake your system.While Hollywood Presbyterian Medical Center chose to pay the ransom via Bitcoin citing the need to get back patient medial records and the hospital back up and running as soon as possible, paying ransom isn’t the way to go.First, even if you pay whatever is being asked there is no guarantee you’ll get the encryption code to access your files, and since nearly all of these ransom requests are made through anonymous payment methods – like Bitcoin – there’s no tracing where the money went, therefore no way to go after the attacker.Second, if you pay the ransom the hackers may see you as an easy target and come back for more.Third, by paying ransom you are feeding into the criminality of the entire operation. Providing money to these hackers will allow them to up their game with new malware and build out the ransomware malware network.If anything looks suspicious in your email don’t click it, and if you think you’ve been infected by malware shut down your computer and disconnect it from any server in order to minimize the risk of infecting the entire network.There are five fundamental thinks you should always remember to do when working on your computer while connected the Internet:Count to ten and think before you click: Do not click on any URL embedded in an email, even from someone you know, unless you confirm that email came from the sender.Update everything: Keep your operating system updated otherwise you might be dismissing an important security update.Backup your files: If you fail to do anything else, this is the most important task you must do on a daily basis. There are many external trusted sites you can use to backup your computerSecure you wireless network: Make sure you use a strong password when setting up your Wi-Fi routerUse strong password: Avoid using your cat and dog names. Instead include at least one number, a capital letter, symbols such as # or $, and make your password is at least six characters. Cloud-based solutions are no longer the wave of the future they are a necessary driver for most Enterprise businesses. The “cloud” which is really just a very large, remotely-connected server to store and access data isn’t a new phenomenon, but there are still the same old concerns about how secure data really is out there in Cyber Space.The truth is you can control the safety of your data. Your overall cloud strategy and your use of the technology play a large part in the security process. It can range from choosing what you put on the cloud; to different models of service delivery like IaaS, PaaS, or SaaS; to what cloud-based server you use.There are some very big, well-known companies with pretty good track records, like Rackspace, Microsoft, Amazon, and Google that have teams of people working around the clock on security and monitoring and can immediately identify, assess and remedy potential risks or threats. That’s something that most locally housed IT infrastructures can’t match. By storing data in the cloud businesses free up local IT infrastructure and are able to cut costs, but with any investment you must weigh the risk versus the reward.So what are some of the things you need to consider before putting certain information in the cloud?Data Breach: One of the major concerns when using the cloud is a data breach. The cloud presents greater challenges since you’re dealing with hypervisors and other external shared networked infrastructure. Data breaches can release personal information such as a person’s social security number or access to their credit or debit cards. Over the past couple of years, companies such as Target, Experian and Anthem BlueCross Blue Shield have been hit with major data breaches exposing personal information of millions of customers.Data Loss and Recovery: While the data breach is considered a malicious of intrusive action, a data loss maybe a result of sever or storage malfunction. If your provider goes off-line and your data is lost, can it be recovered? Data sent to the cloud is encrypted as one of the many steps to ensure privacy. The downside is that encrypted data is harder to recover, especially if the encryption key is lost too.Data Access: What information are you putting out there and who is going to have access to it? Sensitive, classified, or confidential information may not warrant storage on the cloud. You want to be able to monitor who has access to your data and their activities. Are these people authorized to access the data, and if not they need to be shut out of the network. You may also want to limit access to certain levels of individuals to mitigate any potential misuse of your data.Data Availability: Storing data externally means you don’t have complete control of it anymore. Your cloud storage could go offline and someone else is now responsible for getting it back up. You want to make sure that whatever provider you chose has a proven record of highly available data and a quick turnaround for getting the system back on-line should it go down. All this needs to be spelled out in a Service Level Agreement (SLA).Cloud-based solutions offer benefits for companies large and small, local and worldwide. What works best for a large company may not for a smaller one, but there are many options available that can make storing, sharing and accessing data more efficient and cost-effective no matter what business you are in. Mobility is the trendof the new generation. Increased access to tablets, smartphones, robust datanetworks and even Wi-Fi everywhere has extended the capabilities of theprofessional in the field. When the BlackBerry first emerged on the market, theenterprise acquired, provisioned and controlled the mobile device for theworkforce, enabling access to key applications and information, while alsomonitoring activity. The demand for increased mobility has spurred a new phenomenon – BYOD. Employeesare opting for the Bring Your Own Device to work strategy, balancing personaland professional conversations and information on the same device. TheBlackBerry is no longer the smartphone of choice as the iPhone and Androiddominate the market. BYOD has proven to be an effective strategy with the rightpolicy in place, but how can it truly support the initiatives of theenterprise?There are a few realities that accompany the adoption of BYOD:Employees select the brand and type ofdevice – while employeesenjoy the freedom of selecting their own preferred brand and operating system,enterprise IT recognize the different challenges working in variedenvironments. It may be more effective for the corporate policy to allow BYODto only include selected, approved brands, models and operating systems. Employees control the level of personalinformation contained on the device– this is an important point if there is no separation between personal and corporateinformation. For example, if baby pictures are mixed with corporate or customersproprietary information, that’s a problem. Employees should be allowed to loadtheir own information on their own device, but it’s up to IT to provide thetechnology and information to keep personal and professional informationseparated on the device with the application of mobile applications. Employees access websites, applicationsand file sharing services not normally permitted by the enterprise – this is a critical threat for anynetwork. Users may be accessing a vulnerable hotspot, uploading information toa file share site lacking the appropriate protections or downloadingapplications with malicious software. The enterprise BYOD policy should includeguidelines to acceptable practices and mobile device management applicationscan be installed that prevent risky activities. The key to the successfulapplication is to inform employees as to these rules and the consequences ifthose rules were to be broken. Employees may allow other people to usetheir device – this reality isdifficult to address from the corporate side. Employees may be educated on therisks involved with allowing other users to access their device, but completecontrol in this area is difficult. Monitoring and management applications canhelp control what the individual may do while using the device, however, whichis an important step towards protection.Employees may not demonstrate diligencein keeping track of their device– regardless of how much the employee uses his or her mobile device, it canstill be lost or stolen. If that happens, the finder will have access to a widerange of network applications, proprietary information, authenticationinformation and so much more. This is where keeping personal and privateinformation separate is crucial as IT management can remotely wipe the deviceclean of any information that puts the enterprise at risk. Likewise, theemployee can opt to wipe everything if personal information lost will also putthem at risk. While this list justscratches the surface in terms of the realities that can affect BYOD and theenterprise, they are important points to ensure success in this newenvironment. Any corporation can resist the trend and instead purchase mobiledevices for all employees, but that may not always be the optimal choice. Byunderstanding the realities that exist in a BYOD environment, the enterprise ismore likely to benefit. The use of mobiledevices among the global workforce is not a new concept, but the introductionof user ownership is a trend that has just gained momentum in the last fewyears. Professionals in a wide range of industries are relying on their ownmobile devices to support the balance between work and home, introducing awhole new set of risks for the corporate network when the proper policies andcontrols are not in place. While BYOD (Bring Your Own Device) offers plenty of benefits for the enterpriseand the employee, a strategic approach is necessary to mitigate the risksassociated with users accessing the network and supported applications fromoutside of the corporate firewall. Let’s take a look at some of the threatsthat exist with BYOD and what you need to do to protect your network, yourusers and your proprietary information. Lacking a Robust Policy – Now thatusers are accustomed to relying on their own devices to access the network andtheir personal email, they also need to know what is acceptable use, who hasaccess to their device(s), and what will happen if the device or theinformation contained within the device is compromised. An effective policyoutlines expectations and outcomes, while also providing for the proper sharingof information so all employees are informed. Weak Authentication Methods – It’s agiven that employees will need unique user names and passwords to access thecorporate network, but it’s also a given that such information is easilycaptured by hackers. It’s critical that IT management implements and enforcesstrong authentication methods and limits access to applications. Strongauthentication methods demand constant monitoring and regular updates to ensureany breach is immediately identified and mitigated. No Visibility or Control over Devices –Employees often prefer BYOD as a concept as it suggests they have completecontrol over their mobile device. While the physical control may remain, ITmanagement establishes its own control over the device with mobile devicemanagement or other applications that provide remote access and completevisibility. Access to such technology ensures IT always knows what devices areaccessing the network and can immediately locate, lock and wipe clean anycompromised or lost device. Applications – While a number ofapplications exist to promote the activities of the professional in the field,a larger number exist to waste time or access proprietary information withmalicious intent. Any applications downloaded by the user without IT approvalare a risk to the corporate network. The simple scan of a QR code could quicklylaunch malware on the device, with reach into any network to which it isconnected. The corporate policy must define what constitutes an approvedapplication and how to avoid downloading malicious software. While this listmerely scratches the surface of the threats that exist with BYOD, it stillprovides clear insight into what you need to consider within your ownenvironment. Whether yours is a large enterprise, small- to medium-sizedbusiness or sole proprietorship, any mobile device used to access your network,server or other IT assets presents a threat to your operation. Before allowingBYOD to flourish, put the right strategy in place to support only the safe useof all mobile devices. Spanish authorities have arrested twenty people suspected of havingfacilitated an international money laundering operation through thesale of drugs. The investigation was initially launched in May 2008,when Police became suspicious over several substantial transfers ofmoney to Colombia. Police reports suggest that the group wasresponsible for transferring in excess of 3 million euros during 2007and 2008, which was sent from Spain to bank accounts in China, Panama,Venezuela and the United States and were eventually collated at a fakedentistry foundation in Colombia. The Police statement went on to saythat the suspected ringleader of the Colombian network was detained byUS police in Miami, whilst the remaining suspects were detained bySpanish police in raids carried out across Spain. At the same time, thePolice confiscated 5 vehicles; 32 mobile telephones; a quantity ofcocaine; 6 fake passports and other documentation.Many companies embark on their risk management strategiesfrom a single perspective, and do little more than put automated tools in placethat will monitor activities for patterns and trends, and alert appropriatepersonnel when an abnormal or out of the ordinary event occurs. However, risk management is not nearly that simple. Related strategies are complex andmulti-faceted. Even the slightestoversight can put sensitive or confidential data in jeopardy – and result instiff monetary penalties or negative impact to the company’s image andreputation. So, in order to ensureoptimum security of their IT infrastructure, organizations must make their riskmanagement initiatives as comprehensive as possible. A truly complete risk management strategy must include thefollowing steps: Risk assessment. Identify all probable threats, and prioritize them based on their likelihood and their potential impact. Asset audit. Build a list of all information assets, including databases, applications, files, and other sources that contain data that may subject to breach. Carefully evaluate each, and assess their vulnerability to an attack. Process definition. Create and document the procedures for the ongoing monitoring and analysis of all software, hardware, and virtual information assets. These defined activities must be readily accessible to and clearly understandable by all key stakeholders. They must also be strictly enforced, with specific penalties outlined for those who put information at risk by failing to adhere to written guidelines. Tool selection. Determine what types of technology solutions may be needed, and evaluate and select a suite of automated tools to assist in the monitoring and alerting process. Incident response. Define step-by-step workflows for responding to and investigating (when needed) a potential breach. This must not only include a list of all required tasks and activities, but rigid timelines for executing them. Assignment of resources. Determine who will be responsible for the various aspects of risk management, and clearly highlight the roles and responsibilities of each key stakeholder. Be sure to define a chain of command, as well as a contingency or succession plan to minimize disruption to risk management when assigned resources are unavailable, or when they leave the company. The last, and perhaps most important, step is ongoing enhancement. Continuously test and evaluate thevarious components of the strategy, including tools and technologies beingutilized, and make refinements as needed. This is particularly important after the detection of a breach event,when a post-response de-brief can help facilitate the creation of bestpractices (for those processes that proved to be effective) and result inlessons learned (for those procedures that did not work). companies. Yet, few reallyunderstand what a comprehensive risk management strategy entails, or how toeffectively implement one across their entire enterprise. That’s why many businesses are turning to the NationalInstitute of Standards and Technology (NIST) for guidance. NIST has designed a methodology forimplementing comprehensive and consistent risk management guidelines andprocesses throughout the federal government. The goal is to maximize protection of classified informationcontained within IT systems and services by ensuring that common tools, solutions,and procedures are deployed and utilized among all agencies. At the same time, the NIST methodologystrives to create a secure technology environment, without hindering the neededinformation sharing between federal, state, and local offices. Because it is so comprehensive, corporations are seeking to leveragethis framework for their own risk management purposes. For example, the NIST approach has alreadytaken into consideration all the factors that have put information systems atgreater risk than ever before, including: need to balance security with real-time collaboration and data access and sharing requirementsAdditionally, the NIST technique utilizes a phased approachto risk management that can act as a guide to other companies, helping themtake the needed steps to implement true, enterprise-wide risk management, suchas: Prioritizing threats based on likelihood, extend of potential damage, and acceptability Identifying those staff members who will be responsible for risk management, and outlining their roles Selecting, purchasing, and deploying the needed tools Configuring all systems, databases, and services for maximum protection Setting, documenting and enforcing security monitoring procedures Creating response processes to be executed in the event of a breach Conducting ongoing auditing and analysis of current procedures, and continuous refinement as neededAnd, because NIST created their recommendations to addressbroad, nationwide security requirements, as well as the needs of variousindividual federal agencies, they offer maximum flexibility. This is particularly important forlarge, global organizations that need to standardize its risk managementactivities, while allowing each department, office, or business unit to adjusttechniques as needed to satisfy unique security requirements. Risk management initiatives require a tremendous amount of time andresources. So, instead of startingfrom scratch, companies should look to NIST, and use their existing frameworkas the basis for their projects. This will accelerate the development and implementation of riskmanagement strategies, while ensuring success through the use of proventechniques and methodologies.As organizations begin to place a greater emphasis on thedevelopment and implementation of broad-reaching IT security strategies, theyare receiving a rapidly increasing number of alerts from the varioustechnologies and devices they have deployed. As a result,they faced with the challenge of effectively managing, prioritizing, andresponding to them. Real-time correlation is an emerging technique that takesthe raw data generated by potential security events, and transforms it intoinformation that is easy to interpret, and more importantly – actionable. Most security management tools and methodologies triggeralerts based on specific actions taken by system users. However, they don’t necessarilyinterpret what those activities mean, and whether or not they require animmediate investigation. Thatresponsibility lies with systems administrators and others who oversee ITprotection. Additionally, the disparate activities that make up breaches– and the data that they generate – are often spread out over numerousapplications and devices, making them more difficult to detect. Therefore, stakeholders must manuallysift through multiple logs, and analyze the related event information to makesense of it all. On the other hand, real-time correlation extends thecapabilities of “point” systems, using a sophisticated algorithm that consolidatessecurity data from various solutions, mines it for sequential patterns, andgenerates intelligence about the safety status of the entire network. It dynamically identifies vital trendsin cryptic security event information, and leverages built-in rules to instantlytranslate those trends into something meaningful and useful. As a result, it can help detect andpinpoint the root cause of attacks in progress, and anticipate the next stepsin multi-stage attacks. What are the primary benefits of this approach? Withreal-time correlation, companies can: the time to respond to attacks by more rapidly initiating countermeasures or launching investigations More effectively identify and react to multi-phase or multi-prong attacks Minimize the number of false positive alertsAs hackers and other cyber-criminals become smarter, and acquire theknowledge and skills needed to divert traditional security managementsolutions, the attacks they launch will become more sophisticated and harder toexpose. Therefore, the need forreal-time event correlation will become more and more critical in order forcompanies to mitigate all potential risks, and maintain full protection acrosstheir network from end to end. Every day, security analysts and the other professionals responsible for infrastructure monitoring and protection receive a series of alerts from the various hardware and software components that make up their technology architecture. The key challenge lies in prioritizing these alerts, and determining which ones require immediate attention. False positives, incidents where security alerts are triggered even though no breach event has actually occurred, are becoming more and more common. Many intrusion detection systems are designed to uncover even the slightest unauthorized activity, looking not just for actual intrusions, but for any possible intrusion. As a result, they are often configured in such a way that a high number of false positives are also generated in addition to valid alerts. These can cost companies a tremendous amount of time and money, and distract incident responders from those alerts that really do require further investigation. However, industry experts recommend several ways to reduce the number of false positives. These suggestions include: Fine-tuning systemsMany security systems are, by default, extremely sensitive. But, their configurations can often be easily adjusted, to allow for more rigid definition of the criteria and thresholds that will trigger an alert. Begin by reviewing past audit logs to identify those actions that most often result in false positives, and set system controls to ignore those activities. Using intelligent event correlationMany experts believe that the future of enterprise security monitoring lies in event correlation, the ability for systems to leverage human-type intelligence to more effectively weed out false positives. For example, multiple failed logins alone may not be enough to warrant a full-blown investigation. Many of the more advanced systems will be able to dynamically perform further analysis and gather additional evidence, such as determining which IP address the logins were attempted from, before triggering an alert. Applying visualization techniquesA study conducted by the Department of Computer Science at the University of Virginia suggests that – particularly in massive data sets – the textual relaying of suspicious activity data alone can create an unacceptable number of false positives. The report goes on to claim that by allowing system administrators and security analysts to visually analyze the same information using sophisticated graphics, it will be easier for them to identify the activity that represents low or no threat, and allow for faster detection of true malfunctions and breaches. Conducting more in-depth trainingWhile false alarms cannot be eliminated completely, they can be more rapidly dismissed. By training incident response teams to better tell the difference between a real alert and a false one, companies can avoid wasting precious staff time and incurring unnecessary expenditures.

TAGS:honest an For 

<<< Thank you for your visit >>>

Information Security, cyberattacks, fraud, and everything in between.

Hot Websites