Cyber News Roundup: Is it time to do a security checkup?

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

As security breaches become commonplace, it’s important that C-level executives and board members not only understand the impact that a breach can have, but understand where their organizations need to strengthen their security structure. Now might be the right time to do a security check-up. Healthcare IT News’ How’s your cybersecurity posture? Answer these 5 crucial security questions highlights questions that executives should be asking to help protect their company’s networks. Asking these questions now will help protect your company in the future.

Addressing phishing scams
According to research by FireEye researchers, one in every one hundred emails has malicious intent. Companies need to be able to state very clearly how they are filtering and blocking incoming phishing emails, and that they identify external emails as external.

What’s the policy for privileged accounts?
“Granting elevated system privileges should be carefully controlled and managed, a policy often referred to as ‘least privilege,’” the National Cyber Security Centre stated. “This principle of least privilege should be assessed as staff leave, join and move departments.”

What’s the process for applying software patches?
While every company uses software patches, updates don’t happen as often as you might think. Policies need to be put in place to identify, examine and fix software flaws. Companies should also have end of life plans for legacy devices that are no longer being supported.

What type of security is used with third-party vendors?
Most companies share data with partners and suppliers, which means that policies need to be in place to protect all parties, and those policies must be monitored regularly. The NCSC recommends that, even if there are agreements in place, your company realizes that partners and suppliers will be compromised at some point.

Do you know how your company controls access?
While every employee must use passwords, there aren’t enough rules in place when it comes to protecting your company’s sensitive data. Using two-factor authentication is highly recommended.

Know your enemy

Cyberattacks come in all shapes and sizes, and from a variety of sources. While most people think there are large rooms with hackers based in Eastern Europe and the Far East, the reality is that hackers come in all forms. And hackers don’t just try to penetrate corporate servers. There are many ways for hackers to take advantage of unsuspecting employees who share too much information on social media and by those who send fake friend requests on Facebook.

According to the Seattle Post-Intelligencer, companies across multiple industries can be targeted for a variety of reasons including:

  • Media companies lose sleep over the possibility of stolen pre-release assets that can be held for ransom or leaked to (or by) fans.
  • A social-media network can lose its appeal if members are subjected to an organized campaign of cyberbullying or if its platform is exploited by users that mainstream consumers find repugnant.
  • A law firm can be flagged by hacktivists when it takes on a controversial client or matter, and so can its software vendors and other solution providers.
  • Major corporations can offer ripe targets for everyone from industrial rivals to the radical fringe.

With hackers coming in different forms and from multiple geographies, it’s important that companies consider where attacks may be coming from in order to properly defend themselves. Once that is determined, it’s important to think about what type of technologies are available for the hackers to use. “Narrowing down your list of realistic suspects will help you align your countermeasures appropriately. You’ll want to define and document security technologies, employee and partner education campaigns, crisis communications plans, and whatever else the situation may call for.”

CIOs talk about data protection

Most articles about cybersecurity suggest that hackers will always be one step ahead of security experts at most companies. With financial, political and social incentives on the dark side, it’s hard for IT professionals to be confident that they are protecting their own companies.

In Information Age’s A CTO guide: standout technology predictions for the cyber security space, four CTOs offer suggestions that companies should consider when trying to stay ahead of the bad guys.

  • Avishai Wool, CTO, Algosec: Focus on the cloud. “Cloud is going to be huge. It’s already huge, but it’s going to get more important. It’s going to change the threat landscape along with the security industry’s answer to the challenges it poses.”
  • Michael Wignall, CTO, Microsoft UK: Machine learning and AI will be a big help when it comes to increasing security. “I think a combination of signals coming from IoT with more and more devices around this space with signals across the IT infrastructure, and then using AI and machine learning on those signals will be some of the biggest tech innovations in the future of this space.”
  • Sridhar Muppidi, CTO, IBM Security: Predictive analytics “help to find things and evaluate risk faster. It’s also not just about being able to find out about an attack before it happens, it’s also about being able to reduce the risk of a transaction.”
  • Uri Sarid, CTO, Mulesoft: Automation and machine learning are key. “As we build out application networks that have very well declared intent, it will become more and more mandatory to leveragemachine learning and then automation to secure these landscapes. These landscapes are just far too complex, far too diverse, for people to do anything manually and so what you’ll start to see is with all this declared intent, there will be machine learning that looks at this and understands, okay, here is what’s normal and here is what’s not.

Cyber Oregon partner blog post of interest