Cyber Oregon https://cyberoregon.com Keeping Oregon Safe Online Fri, 20 Mar 2020 19:38:26 +0000 en-US hourly 1 https://cyberoregon.com/wp-content/uploads/2020/02/cropped-Cyber_Oregon_logo_favicon-32x32.jpg Cyber Oregon https://cyberoregon.com 32 32 Cyber News Roundup: Taking Cybersecurity Precautions Amidst Coronavirus Pandemic https://cyberoregon.com/2020/03/20/cyber-news-roundup-taking-cybersecurity-precautions-amidst-coronavirus-pandemic/ Fri, 20 Mar 2020 19:38:25 +0000 https://cyberoregon.com/?p=6274 If your life hasn’t already been turned upside down as a result of the COVID-19 pandemic, you will want to add cybersecurity precautions to your staying healthy list, in order to further protect yourself and your data. Hackers are exploiting the coronavirus and cyber experts are urging people to take extra precautions to when it…

The post Cyber News Roundup: Taking Cybersecurity Precautions Amidst Coronavirus Pandemic appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

If your life hasn’t already been turned upside down as a result of the COVID-19 pandemic, you will want to add cybersecurity precautions to your staying healthy list, in order to further protect yourself and your data. Hackers are exploiting the coronavirus and cyber experts are urging people to take extra precautions to when it comes to clicking links. According to an article in Fortune, the latest hacking techniques are coronavirus-themed phishing campaigns that when clicked, could prompt malicious malware on your system that could be used to steal victims’ personal data or freeze computers. Cybersecurity firm Nocturnus issued a report with these key findings about these new cyberattacks:

  • Coronavirus-themed Attacks: Multiple types of campaigns are occurring that specifically target regions most heavily impacted by the coronavirus with coronavirus-themed files and domains.
  • Leveraging Anxiety: Attackers are abusing the pandemic for their benefit by manipulating people’s anxiety over the virus to trick them into downloading malware.
  • Taking Advantage of Remote Workers: Attackers are taking advantage of the shift to remote work by promoting malware masquerading as VPN installers. This is particularly dangerous as businesses make the transition to remote work and suggest best practices to employees, including the use of VPNs.
  • Using Mobile Malware: Attackers are creating malicious mobile applications posing as legitimate apps developed by the World Health Organization to help individuals recover from coronavirus. Instead, the application downloads the Cerberus banking trojan to steal sensitive data.
  • Targeting Healthcare Organizations: Attackers are using ransomware to target healthcare organizations, arguably the most vital and overworked among us at this time.

Here are security precautions to take especially now, courtesy of Nocturnus:

  • Be Careful: To significantly reduce the likelihood of falling victim to a phishing attack, it is best to be careful while browsing online and checking email. Check the authenticity of the sender for any email you download information from, and check if the content makes sense to you. If there is any doubt, do not click on it and report it to your security team immediately.
  • Watch Out for Shortened Links: If you have any doubt about the validity of a link, open a new browser window and type the URL into the address bar. Examine the URL and make sure it is authentic.
  • Be Wary of Emails Asking for Confidential Information: Emails that ask for information such as credentials, credit card information, and other sensitive data are usually not legitimate. Legitimate organizations, including and especially banks, will never request sensitive information via email and will always redirect you to a secure website or other channels.
  • Only Download Files from Trusted Websites: Double check that a website you are using is legitimate and trusted. To download specific VPNs, search for the company’s official website and install directly from there. Avoid downloading cracked versions, since they are usually bundled with other software or malware and can cause damage to the machine.

In fact, just this week the U.S. Health and Human Services Department was hacked. Sarah Coble, covers the news in Infosecurity Magazine, writing that “the attack was thought to have been motivated by a desire to slow the agency down and spread misinformation among the public.” Jake Moore, cybersecurity specialist at ESET said, “Suffering a cyber-attack in the midst of a pandemic adds salt to the wound when organizations are already at full stretch. We all need to be more vigilant at the moment and take even more caution when communicating remotely.”

Working remotely imposed worldwide: Empowering workers, but precautions are prudent

In an interview with European cybersecurity agency ENISA, ZDNet highlights ENISA’s security recommendations while remote working taking place around the world is skyrocketing around the world. ENISA warns “Attackers are exploiting the situation, so look out for phishing emails and scams,” ENISA said. The agency warns remote workers to be suspicious of any emails asking them to check or renew their passwords and login credentials, even if they seem to come from a trusted source.

“Please try to verify the authenticity of the request through other means, do not click on suspicious links or open any suspicious attachments.”

ENISA says employers should:

  • Provide initial and then regular feedback to staff on how to react in case of problems. That means info on who to call, hours of service and emergency procedures.
  • Give suitable priority to the support of remote access solutions. Employers should provide at least authentication and secure session capabilities.
  • Provide virtual solutions. For example, the use of electronic signatures and virtual approval workflows to ensure continuous functionality.
  • Ensure adequate support in case of problems.
  • Define a clear procedure to follow in case of a security incident.
  • Consider restricting access to sensitive systems where it makes sense.

In the Forbes article, Cybersecurity When It Comes To Remote Work Means Zero Trust, author Jun Wu interviews Alex Willis with Blackberry who says, In today’s world, the remote worker needs to be able to do everything they can do from their desk if you want your organization to remain productive and competitive. Users won’t accept anything less, so it’s also a retention strategy. But, allowing employees to access critical business systems and data from machines and networks you don’t manage or trust means the risk grows exponentially.” What are immediate things medium-sized and small companies can do related to cybersecurity to enable their employees to work from home? Wu writes that regardless of organizational size, cybersecurity planning and response readiness is critical and achievable. NIST is a good resource for published cybersecurity frameworks. “One of the key things about developing a good cybersecurity process isn’t about the resources or the team. Cybersecurity is everyone’s job,” says Willis.

Partner blog of interest: Fortinet: CSO Strategies for Navigating Challenging Times

The post Cyber News Roundup: Taking Cybersecurity Precautions Amidst Coronavirus Pandemic appeared first on Cyber Oregon.

]]>
Special Edition: A Recap of RSAC 2020 https://cyberoregon.com/2020/03/03/a-recap-of-rsac-2020/ Tue, 03 Mar 2020 15:43:46 +0000 https://cyberoregon.com/?p=6245 Another RSA Conference is in the books! Big topics ranged from supply chain security, AI for Good, U.S. election security, and the coronavirus. With more than 40,000 people attending the world’s leading information security conference in San Francisco this year, what were Cyber Oregon sponsors and Oregon companies up to? In our Cyber News Roundup…

The post Special Edition: A Recap of RSAC 2020 appeared first on Cyber Oregon.

]]>
Another RSA Conference is in the books! Big topics ranged from supply chain security, AI for Good, U.S. election security, and the coronavirus. With more than 40,000 people attending the world’s leading information security conference in San Francisco this year, what were Cyber Oregon sponsors and Oregon companies up to? In our Cyber News Roundup RSAC 2020 Preview, we highlighted those companies that had a presence at last week’s mega conference.

Our own Charlie Kawasaki, vice chair of the Oregon Cybersecurity Advisory Council, and PacStars CTO, was onsite at RSAC 2020 to provide highlights:

CrowdStrike

At RSAC 2020, Crowdstrike won SC Media Excellence Award for best security company. SC Media states that the primary reason for this honor “is the company’s latest outstanding efforts at protecting the user community The solution defends customer workloads across on-premises, virtualized and cloud-based environments running on a variety of endpoints, on- or off-network.” For a complete list of the company’s product and service announcements, please read this Crowdstrike blog post.

Charlie explores a Crowdstrike dashboard to detect threats.

Eclypsium

Eclypsium was onsite to showcase its enterprise firmware protection platform. At the conference, it was named a winner in the Info Security Products Guide’s 2020 Global Excellence Awards, recognized as Best Security Startup for delivering the industry’s first enterprise firmware protection platform. Read the announcement here. In recent Wired coverage, Hundreds of Millions of PC Components Still Have Hackable Firmware, Eclypsium’s research was featured. “When I look at the industry at large, the PCs and servers being shipped, there isn’t a single device in the market that is entirely secured,” says Rick Altherr, principal engineer at Eclypsium. “If you look at any laptop, I guarantee there will be some unsigned component inside of it.”

Charlie with Ron Talwalker, vice president of products, Eclypsium, Inc.

Fidelis Cybersecurity

Ahead of RSAC 2020, Fidelis announced significant enhancements to its Elevate Platform to help organizations proactively defend their cyber terrain. Read the press release here. At RSAC 2020, Fidelis was named one of the 25 Hot Risk, Operations and Threat Intelligence Platforms. In CRN’s coverage, “Fidelis extends the platform’s capabilities to enable security operations teams to move quickly and accurately detect threats and anomalous behavior while also allowing incident responders to remotely bring an endpoint to their fingertips.”

Charlie gets a Fidelis demo about how to think like an attacker.

Fortinet

Fortinet showcased its Fortinet Secure SD-WAN, deployed by more than 21,000 customers globally. According to the company, “the ongoing creation and refinement of a WAN solution designed to support Fortinet’s rapidly expanding internal network of data centers, branch offices, and later, cloud-based services led to the development of a sophisticated, purpose-built SD-WAN solution built on the back of Fortinet’s market-leading FortiGate appliances for ultimate security.” It’s designed to maintain high network performance demands and processing massive amounts of data, and business-critical services such as streaming video. In the CSO article, 5 standout products from RSA 2020, Fortinet’s FortiAI security appliance was included as one to look into, since it can find and identify threats in real time.

Charlie “secures” a demo at Fortinet.

McAfee

McAfee highlighted cloud managed endpoint security: defend all devices, deploy your way. McAfee’s cloud security solutions offer data and workload protection across the entire cloud spectrum: “to enable rapid collaboration and a more responsive, elastic business.” McAfee just announced that it was named a 2020 Gartner Peer Insights Customers’ Choice for Cloud Access Security Brokers for its MVISION Cloud solution. Read more here. McAfee had a plethora of theater sessions at RSAC 2020 including Improve Your Cloud Security Risk Posture in Real Time, 5 Key Considerations for Cloud Native Threats, and Cloud Security: Reimagine Your Perimeter. Read all of the sessions here.

Charlie at McAfee’s booth, a core, cloud security player at RSAC 2020.

Palo Alto Networks

“Secure the enterprise, secure the cloud, secure the future.” Palo Alto Networks discussed several big issues, including the role of identity access management (IAM) in cloud security. Did you know that 84% of organizations use a multi-cloud strategy, according to RightScale. For more on getting IAM security right, read here. The company also showcased how groundbreaking AI systems are being used to tackle the fast-merging threat of deepfakes. The company featured entertainment A-listers, a fireside chat with CEO and chairman Nikesh Arora and actor Jake Gyllenhaal. More here. And a concert with Sheryl Crow.

Charlie navigates the Palo Alto Networks booth.

PKI Solutions’ president and founder, Mark Cooper, gave multiple presentations, including “The Secrets to Secret Management” and “Quantum Preparedness: Take Action Now Before the Crypto Sky Falls” in standing-room only partner booths. Lots of discussions generated with The PKI Guy!

Mark Cooper, aka The PKI Guy, gave several presentations.

Splunk

Splunk was just named a leader for the seventh consecutive time in Gartner’s 2020 Magic Quadrant for Security Information and Event Management. According to Splunk, “organizations around the world are going through a time of unprecedented change, driven by an explosion of new technologies and innovations. This change creates more data than ever imagined, which in turn creates wider attack surfaces and increasing security risk for organizations of all sizes.” Read the press release here. Additionally, the company discussed SOAR technology, the Security Orchestration Automation and Response, that enables the automation of work that security analysts would typically perform manually. “Automation targets many routine tasks to free up analysts to perform more proactive, higher-order activities,” says Oliver Friedrichs, vice president of security products at Spunk via an interview by SiliconANGLE.

Charlie in front of Splunk’s booth before a discussion about attack surfaces.

Zscaler

Zscaler was onsite with the message “eliminate your attack surface with Zscaler.” In recent research, the company shines a light on the IoT threat landscape. According to Deepen Desai, vice president of security research for Zscaler and director of ThreatLabZ, “the IoT threat landscape is continuously expanding and changing as manufacturers bring devices to market for consumers and businesses alike. With the space completely unregulated and devices being pumped out like candy, organizations are scrambling to gain an understanding of what is actually transpiring on the corporate network, what types of devices are communicating and transporting data, and how to secure the IoT ecosystem as a whole.” Desai believes that the U.S. is in a prime position to lead efforts toward improving IoT manufacturing security policies. “By creating visibility into your IoT devices, implementing sound zero trust network access policy, and helping to enact change in the way the world creates and regulates IoT devices, you can shine a light on shadow IoT to protect your organization and customers. More about this research can be found here.

Zscaler proclaims “eliminate your attack surface.”

The post Special Edition: A Recap of RSAC 2020 appeared first on Cyber Oregon.

]]>
Cyber News Roundup: RSAC 2020 Preview https://cyberoregon.com/2020/02/21/cyber-news-roundup-rsac-2020-preview/ Fri, 21 Feb 2020 15:00:00 +0000 https://cyberoregon.com/?p=6207 The industry is heading to the world’s leading information security conference, RSA Conference, taking place February 24-28, 2020 in San Francisco. What will be hot at this year’s conference? According to Mirko Zorz, editor-in-chief of Help Net Security, in an interview with Mark Cooper, aka The PKI Guy in The PKI Guy’s Q&A Series, “I’ve…

The post Cyber News Roundup: RSAC 2020 Preview appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

The industry is heading to the world’s leading information security conference, RSA Conference, taking place February 24-28, 2020 in San Francisco. What will be hot at this year’s conference? According to Mirko Zorz, editor-in-chief of Help Net Security, in an interview with Mark Cooper, aka The PKI Guy in The PKI Guy’s Q&A Series, “I’ve been coming to RSAC for nearly 20 years and it’s definitely the place where you can find out what industry leaders are thinking.” Zorz anticipates these topics will get a lot of attention this year:

  • Voting, election security and the impact of disinformation campaigns
  • Using machine learning and artificial intelligence
  • IoT, the insecurity of medical devices, car hacking
  • The implications of GDPR and the introduction of CCPA
  • The insecurity of Industrial Control Systems and the increased convergence of IT and OT
  • The impact of open source tools on product security

Oregon companies will at RSAC 2020 in full force. Here are Cyber Oregon sponsors that will have a presence:

CrowdStrike, Booth 5345 (North Hall)

CrowdStrike continues to expand its CrowdStrike Falcon platform, adding new capabilities and gaining important new partnerships. CrowdStrike will present throughout the conference, including a keynote, “Hacking Exposed: Global Threat Brief” on Wednesday, February 26. For details about presentations, please visit the blog post: CrowdStrike’s Approach Echoed in RSA 2020 Theme, “Human Element.”

Eclypsium, Booth 29 (Early Stage Expo)

Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today. At the conference, it will showcase its enterprise firmware protection platform.

Fidelis Cybersecurity, Booth 1441 (South Hall)

Fidelis Cybersecurity will be presenting the APT28 attack simulation. APT28 is the advanced persistent threat that targeted the Democratic National Committee email system in the 2016 Presidential Election. According to the Fidelis blog post, “APT28, commonly referred to as “Fancy Bear,” employs sophisticated methods consistent with the capabilities of nation-state sponsored threat actors.”

Source: Fidelis Cybersecurity

The human element is the overarching theme at this year’s RSA Conference. Fidelis offers these 5 tips for putting the human element front and center; read more on the blog post:

  1. Enable your Cyber Warriors to know the terrain better than your adversary.
  2. Understand the attacker’s motives and objectives.
  3. Engage the attacker prior to impact.
  4. Decide and act faster than the attacker.
  5. Shape the attacker’s experience.

Fortinet, Booth 5855 (North Hall)

Fortinet will discuss secure SD-WAN and the need to protect branch connectivity, building Zero-Trust network access, and the latest innovations in AI-driven security operations, and dynamic cloud security. Ken Xie, Fortinet’s founder, chairman, and CEO will deliver a keynote “On the Edge of Something Big: Security’s Next Frontier,” on Thursday, February 27. For more information on presentations and activities, please visit the blog post Fortinet at RSA 2020: Building the Secure Network of Tomorrow.

McAfee, Booth N-5745 (North Hall)

McAfee has extensive presentations planned, including a keynote, “Obvious and Not-So Obvious Lessons Learned on the Path to Cloud-First IT,” on Monday, February 24. McAfee’s senior principal engineer and chief data scientist, Celeste Fralick, says that AI and humans have equally important roles in cybersecurity. “There are tasks that humans currently excel at that AI could potentially perform someday. But these tasks are ones that humans will always have a sizable edge in, or are things AI shouldn’t be trusted with.” For a schedule of presentations, please visit the blog post.

Palo Alto Networks, Booth N-5995

Palo Alto Networks has worked with tens of thousands of organizations to prevent cyberattacks. It will be showcasing its Security Operating Platform that combines the latest breakthroughs in security, automation, and analytics. Greg Day, vice president and CSO, EMEA at Palo Alto Networks, is on the committee that selects presentations for the conference. In his blog post, What the Cybersecurity Industry Needs to Discuss at the RSA Conference 2020, he outlines key topics that will be discussed – or should be – at this year’s conference:

  • Fakes and deep fakes are the new buzzwords.
  • Smartphones are being used in surveillance attacks.
  • Ransomware is getting more sophisticated as companies pay out.
  • Supply chain attacks are on the rise.
  • DevOps speeds up software development but increases security risks.
  • Emulation and decoy environments must be credible.
  • Cloud incident response requires new tools and skills for in-house security teams.
  • Artificial intelligence and machine learning.
  • Hardware and firmware attacks are back.
  • Power users need protection.
  • The security industry is finally taking action on DNS spoofing.

PKI Solutions will be crypto adventuring throughout RSAC. Mark Cooper, president and founder of PKI Solutions, aka The PKI Guy, will be presenting “Quantum Preparedness: Take Action Now Before the Crypto Sky Falls” and “The Secrets to Secret Management” in partner booths. Read the blog post, The PKI Guy’s Next Crypto Adventure, for details. You can participate in the RSAC 2020 contest, “Name The PKI Guy’s Next Adventure Contest and Win!” whether you are attending in person, or in spirit. Simply fill in the blank, “The PKI Guy and ________” and submit to thepkiguy@pkisolutions.com and post on social media and tag #ThePKIGuyAdventure for your chance to win two complimentary online PKI courses taught by The PKI Guy himself. Contest details are available here: https://www.pkisolutions.com/the-pki-guys-next-crypto-adventure/

Source: PKI Solutions

Splunk, Booth N-5865

Splunk will be showing its Security Operations Suite (SOC) that can spot fraudsters, malicious insiders, and APTs with machine learning-based detection. The company will be showcasing a variety of use cases through demos and theatre presentations; for a full list, please visit the blog post: Security is Everything at RSAC 2020. Splunk will be presenting “Modernizing the Security Operations Center: A Security Leader Panel.” For a complete listing of presentations and activities, please visit: https://www.splunk.com/en_us/about-us/events/rsa.html

Zscaler, Booth 1143 (South Hall)

Zscaler believes the perimeter has expanded and that security teams must now look at ways to provide secure access to apps across hybrid environments — and ensure that data remains protected as they do so — without getting in the way of transformation and without introducing risk. Read the blog post, “Zscaler at RSA: They Can’t Attack What They Can’t See,” for more information.

Charlie Kawasaki, vice chair of the Oregon Cybersecurity Advisory Council, and PacStars CTO, will be onsite at RSAC 2020 next week as Cyber Oregon’s roving reporter.

Stay tuned for more news and updates next week!

The post Cyber News Roundup: RSAC 2020 Preview appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Attacks on Critical Infrastructure, Small Towns https://cyberoregon.com/2020/02/07/cyber-news-roundup-cyber-attacks-on-critical-infrastructure-small-towns/ Fri, 07 Feb 2020 18:37:30 +0000 https://cyberoregon.com/?p=6186 Our country’s critical infrastructure in the energy sector is vulnerable, with increased risks for cyber threats and shutdowns, especially with the increase of global attacks. Federal Computer Week reports that three federal agencies are taking action to improve our energy infrastructure, with more collaboration on defenses and cyberattack responses. The U.S. Department of Energy (DOE),…

The post Cyber News Roundup: Cyber Attacks on Critical Infrastructure, Small Towns appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Our country’s critical infrastructure in the energy sector is vulnerable, with increased risks for cyber threats and shutdowns, especially with the increase of global attacks. Federal Computer Week reports that three federal agencies are taking action to improve our energy infrastructure, with more collaboration on defenses and cyberattack responses. The U.S. Department of Energy (DOE), U.S. Department of Homeland Security (DHS), and U.S. Department of Defense (DOD) signed a new memorandum of understanding this week. “Through this agreement, we will strengthen the partnership between DOE, DHS, and DOD to enable intergovernmental cooperation and bolster our ability to proactively address cyber threats to critical energy infrastructure, and to respond effectively should those threats materialize,” said Karen Evans, DOE’s assistant secretary of cybersecurity, energy security and emergency response, in a February 3 statement.

Sharing threat information among government agencies and critical infrastructure providers has increased in urgency, states editor Mark Rockwell, especially because of recent military confrontations and cyber threats from Russia, China, and Iran. “In an increasingly dangerous global cyber environment, privately owned U.S. energy infrastructure could bear the brunt of a possible Iran-backed retaliatory cyberattack,” writes Rockwell. “The U.S. government is a keystone in defense of the mostly commercially-owned energy sector infrastructure.”

Ransomware attacks in manufacturing

Hackers are attacking not only the critical infrastructures, such as energy and power grids, but operations in manufacturing and utilities – referred to as industrial control systems (ICS). “The ICS-specific nature of the targeted processes indicates an evolvement brazenness,” states Joe Slowik, principal adversary hunter at Dragos, in a ZDNet article. What happens when a manufacturer is attacked? Attackers can take over critical systems and demand ransoms for the unlocking keys. Any outage or downtime to these environments could have a serious impact.

Small communities: big target

Local governments – especially those in small communities – are another big target for hackers looking to access personal data for ransom. What are they looking for? Social Security numbers, tax records – any personal informational that they can hold you hostage. A recent ransomware attack took place in Western North Carolina. According to the news report ABC WLOS, hackers broke into the Eastern Band of Cherokee Indians’ network, shutting down 1,000 computers across the police department and public health – and interrupting 911 communication. Bill Travitz, who works in the IT Department for the Eastern Band of Cherokee Indians, said, “It’s like lobbing a grenade into the network and letting it just hit everything.” John Barnard, co-founder of Know Network Risk, says small governments are increasingly the targets because they lack big IT budgets, they lack people resources – they are “the soft underbelly that is easier to attack.”

Latest report on cyberattacks: malware is skyrocketing

There are 1,200 malware variants discovered daily – that’s 440,000 malware variants in 2019 alone. So reports SonicWall in its latest cyber threat report. “Cybercriminals are honing their ability to design, author and deploy stealth-like attacks with increasing precision, while growing their capabilities to evade detection by sandbox technology,” said SonicWall President and CEO Bill Conner. Report findings include:

  • Cybercriminals change approach to malware: “Spray-and-pray” tactics that once had malware attack numbers soaring have been abandoned for more targeted and evasive methods aimed at weaker victims.
  • Targeted ransomware attacks cripple victims: Highly targeted attacks left many state, provincial, and local governments paralyzed and took down email communications, websites, telephone lines, and even dispatch services.
  • The Internet of Things (IoT) is a treasure trove for cybercriminals: Bad actors continue to deploy ransomware on ordinary devices, such as smart TVs, electric scooters and smart speakers, to daily necessities like toothbrushes, refrigerators and doorbells.
  • Cryptojacking continues to crumble: The volatile shifts and swings of the cryptocurrency market had a direct impact on threat actors’ interest to author cryptojacking malware.
  • Fileless malware targets Microsoft Office/Office 365, PDF documents: Cybercriminals used new code obfuscation, sandbox detection, and bypass techniques, resulting in a multitude of variants and the development of newer and more sophisticated exploit kits using fileless attacks instead of traditional payloads to a disk.
  • Encrypted threats are still everywhere: Cybercriminals have become reliant upon encrypted threats that evade traditional security control standards, such as firewall appliances that do not have the capability or processing power to detect, inspect and mitigate attacks sent via HTTPs traffic.
  • Side-channel attacks are evolving: These vulnerabilities could impact unpatched devices in the future, including everything from security appliances to end-user laptops. Threat actors could potentially issue digital signatures to bypass authentication or digitally sign malicious software.

Could it be that process, not technology, is a big reason behind information getting exploited and breached? The latest research from Forrester suggests that failure to perform due diligence is behind the top cybersecurity threats. Says Forrester principal analyst, Josh Zelonis, “Security products can’t save you from broken processes.”

Partner blog of interest: McAfee: Top 10 Cloud Privacy Recommendations for Businesses

The post Cyber News Roundup: Cyber Attacks on Critical Infrastructure, Small Towns appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats https://cyberoregon.com/2020/01/24/cyber-news-roundup-phishing-malware-foreign-cyber-threats/ Fri, 24 Jan 2020 16:38:19 +0000 https://cyberoregon.com/?p=6171 “Lost ring” or “Add me to your LinkedIn network.” Those could be the email subject lines for a phishing campaign that could trick employees in clicking, according to a recent phishing report.  No doubt that 2019 was a big year for successful phishing attacks. In fact, the report states that 55 percent of organizations surveyed…

The post Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

“Lost ring” or “Add me to your LinkedIn network.” Those could be the email subject lines for a phishing campaign that could trick employees in clicking, according to a recent phishing report.  No doubt that 2019 was a big year for successful phishing attacks. In fact, the report states that 55 percent of organizations surveyed dealt with a phishing attack last year. An InfoSecurity Magazine article reports that infosecurity professionals reported a high frequency of social engineering attempts across a range of methods including spear-phishing attacks, business email compromise (BEC), and social media attacks. Joe Ferrara, senior vice president and general manager of security awareness training for Proofpoint recommends “taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.” A Financial Post article says that “management has to build a culture of security, figure out who is being attacked and the types of attacks they face, and be ready to adapt if your threat climate changes.”

If it isn’t phishing, it’s malware

Security companies are seeing a resurgence in malware, specifically Emotet, a powerful email malware that is used to attack U.S. government and military targets, according to an article in TechRepublic,. How it works is “the malware attacks email accounts and spreads by infiltrating other contacts in the inbox and responding to threads with malicious links or attachments.” Researchers from Cisco Talos, a security intelligence and research group, say that Emotet has the ability to mimic email language, even adding previous email threads to a message, making it difficult for anti-spam systems to stop. According to the researchers’ blog post, “one of the most vivid illustrations…can be seen in Emotet’s relationship to the .mil (U.S. military) and .gov (U.S./state government) top-level domains (TLDs). Talos saw a rapid increase in the number of infectious Emotet messages directed at the .mil and .gov TLDs in December 2019.”

How to prepare your employees

With constant cybersecurity threats – including in your inbox – what can organizations do? Bob Bruns, chief information officer with Avanade, writes that there are two doors that malicious actors will use to gain entry to your environment and data. In his Forbes article, he says that door one is your technology and door two is your people. He recommends strengthening your technology. Sounds easy enough, but what specifically? Bruns outlines the importance of focusing on the foundational pillars of your cybersecurity program: multifactor authentication, information protection tools, and trust but verify as a mandate. As for employees, Bruns encourages a comprehensive and consistent training and education program. Here’s what he suggests to get started:

  • Understand your unique needs, strengths and weaknesses. You need to have input to build your program and focus your efforts. You can get this input through security behavior surveys or any other security metrics you may have. This valuable data can help you understand where you need to grow and build the program’s short- and long-term goals.
  • Create a culture of shared responsibility. This objective should be part of the goals of your employee cybersecurity program. The general idea is to develop an employee culture committed to protecting your company, clients, work, data and assets. Shared responsibility means the onus isn’t just on the company to protect against cyberattacks; it’s also on each employee.
  • Educate continuously. It’s vital to make good security behavior understandable and consumable. Make participation creative and fun, not tedious. Look at your efforts as an internal marketing campaign. Activities must be compelling and creative. Security quizzes or apps, mock phishing campaigns, incentive programs and ways to introduce a little friendly competition will motivate and engage your employees to be the best cybersecurity champions in their departments.
  • Integrate cybersecurity training with onboarding. This includes security behavior training to help employees build secure behaviors from day one. This could include 30-, 60- and 90-day check-ins to reinforce training and behavior further.

Government taps cybersecurity companies for information

As covered in the last Cyber Oregon News Roundup, the U.S. government is on high alert for global cyber threats and cyberattacks from foreign countries. The latest NPR piece covers the fact that private cybersecurity firms have often been the ones sounding the alarm and selling their services to the U.S. intelligence community. “The U.S. government says it welcomes help from tech companies,” says Shelby Pierson, who works for the acting director of national intelligence, Joseph Maguire. “FireEye and CrowdStrike, for example, have done really good work, where based on the analysis, expertise and information analysis that they do, those are products and services that they can sell to the U.S. government.”

Partner blog of interest: CrowdStrike: CrowdStrike Services Report Focuses on Trends Observed in 2019 and the Outlook for 2020

The post Cyber News Roundup: Phishing, Malware, Foreign Cyber Threats appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyber Threats on the Horizon https://cyberoregon.com/2020/01/10/cyber-news-roundup-cyber-threats-on-the-horizon/ Fri, 10 Jan 2020 19:35:20 +0000 https://cyberoregon.com/?p=6160 Welcome to 2020! Welcome to a new decade already rich in global cyber threats. The biggest news of the year has been the Iran-U.S. crisis. Though the two nations ratcheted back physical attacks, the FBI and Department of Homeland Security warn that Iran poses an ongoing cyber threat to the U.S. According to a CNN…

The post Cyber News Roundup: Cyber Threats on the Horizon appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Welcome to 2020! Welcome to a new decade already rich in global cyber threats. The biggest news of the year has been the Iran-U.S. crisis. Though the two nations ratcheted back physical attacks, the FBI and Department of Homeland Security warn that Iran poses an ongoing cyber threat to the U.S. According to a CNN report, the intelligence bulletin issued by the FBI and Department of Homeland Security outlines that Iran is continuing to prepare for cyberattacks against the U.S. and its allies that could cause “temporary disruptive effects.” CNN states that the Department of Homeland Security issued a separate alert to American cybersecurity teams, urging them to “enhance monitoring of network and email traffic,” including email phishing attempts.

A Washington Post article reports that pro-Iranian hackers have launched a series of digital strikes including spreading misinformation through hacked Twitter accounts. Sen. Gary Peters (Mich.) remains “very concerned about possible retaliatory cyberattacks on the U.S.” He warns that “a major incident could severely disrupt our energy, financial, and telecommunications networks.” The New York Times writes that “cybersecurity experts and government officials are already monitoring an uptick of malicious activity by pro-Iranian hackers that they believe are harbingers of more serious computer attacks from Tehran, including possible efforts aimed at destroying government databases.” Warns Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, the Department of Homeland Security’s computer security arm, “You need to get in the head space that the next breach could be your last.”

Electric grid cybersecurity needed; bipartisan effort proposed

Public utilities remain vulnerable to foreign operatives and attacks on the U.S. electric grid could compromise the country’s electric supply. A recent report from the Ponemon Institute found the rate of cyberattacks is worsening. Fifty-six percent of those surveyed reported at least one shutdown or operational data loss per year, and 25% were impacted by a mega attack, reports Pittsburgh Business Times. The article states that regulators are already on high alert and “hardening cybersecurity defenses is an absolutely critical step utilities must take to protect themselves and the grid from being compromised by malicious actors.” Recently, the PROTECT Act, a bill passed by the Senate Energy Committee, will direct the Federal Energy Regulatory Commission (FERC) to give incentives to electric utilities to encourage them to boost their cybersecurity technology, states the article. The intention of the bill is to “stimulate the considerable investment in technology, human resources, and training needed to address this ever-evolving threat.”

2020: The year for small businesses to wake up

Big or small, we know that all businesses are a target for cyberattacks. According to a Forbes article, 2020 will be the year for small businesses to wake up to increased cyberattack by implementing much more stringent and disciplined cybersecurity defenses. The author, Paul Lipton, CEO of BullGuard, believes that ransomware will become more sophisticated and that there will be an increase of blackmail attacks and phishing scams by which attackers will use information as a “springboard for accessing supplier/client networks.” Lipton stresses the importance of religiously applying upgrades of antivirus software on endpoint devices, “critical to nullify zero-day threats, quarantine infected devices and proactively monitor for breaches.”

Partner blog of interest: PKI Solutions: A look back at conversations with the brightest minds in cybersecurity

The post Cyber News Roundup: Cyber Threats on the Horizon appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? https://cyberoregon.com/2019/12/09/cyber-news-roundup-cyberattacks-of-the-past-decade-mobile-threats-even-your-new-tv/ Mon, 09 Dec 2019 10:00:00 +0000 https://cyberoregon.com/?p=6136 Game-changing cyberattacks of the decade TechRepublic recounts the top cyberattacks of the past decade, not ranked by their size, but by their importance and impact. In his article, Jonathan Greig interviews Etay Maor, chief security officer at IntSights, who sums up the list, “For me, the largest hacks of the decade are not just the…

The post Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Game-changing cyberattacks of the decade

TechRepublic recounts the top cyberattacks of the past decade, not ranked by their size, but by their importance and impact. In his article, Jonathan Greig interviews Etay Maor, chief security officer at IntSights, who sums up the list, “For me, the largest hacks of the decade are not just the ones that were the biggest, but the ones that were game-changers in how we approach security. If we had this talk 10 years ago, we would be blown away by the numbers, but now, the numbers don’t really affect us that much.” Here’s the list – read the article for a complete breakdown:

  • Yahoo, 2013
  • Equifax, 2017
  • Sony Pictures, 2014
  • Marriott Hotels, 2018
  • Ashley Madison, 2015
  • Target, 2013
  • Capital One, 2019
  • The United States Office of Personnel Management, 2015
  • First American Financial, 2019
  • Stuxnet, 2010

“All of a sudden, we’re in the age of career-ending or career-altering hack. Honestly in 2011, if you had a hack with over a million credentials, everyone would lose their mind,” Maor said. “Today, you probably won’t even read about hacks that happen with a couple million credentials stolen.”

Your newest TV is a threat

The FBI has warned that your newly-purchased TV could be a window into your home by crooks. According to Independent, the FBI says hackers can take control of your TV’s cameras and microphones. The Portland, Oregon-based FBI issued a statement cautioning consumers that stalkers could use your TV for bad and stalk consumers. Here are tips the FBI recommends to protect your family:

  • Know exactly what features your TV has and how to control those features. Do a basic Internet search with your model number and the words “microphone,” “camera,” and “privacy.”
  • Don’t depend on the default security settings. Change passwords if you can – and know how to turn off the microphones, cameras, and collection of personal information if possible. If you can’t turn them off, consider whether you are willing to take the risk of buying that model or using that service.
  • If you can’t turn off a camera but want to, a simple piece of black tape over the camera eye is a back-to-basics option.
  • Check the manufacturer’s ability to update your device with security patches. Can they do this? Have they done it in the past?
  • Check the privacy policy for the TV manufacturer and the streaming services you use. Confirm what data they collect, how they store that data, and what they do with it.

BYOD continues to pose security risks and privacy challenges for organizations

Organizations need a mobile threat defense strategy, according to an article in IT Web, that contends that mobile defense solutions are an essential component of cybersecurity strategies. “It is imperative for organizations to safeguard sensitive enterprise data from cyber threats that exploit mobile users, apps, and devices,” urges author MJ Strydom. He contends that bringing your own device presents potential leakage or disclosure of enterprise data. Gartner is also an advocate of mobile threat defense solutions and strategies. Gartner emphasizes that organizations’ focus should be on improving overall security hygiene, rather than countering malicious threats.

Employee privacy and data protection in a mobile world

In the Dark Reading article, “Employee Privacy in a Mobile Workplace,” there is discussion about the way businesses handle the personal data of their own people. It discusses the use of personal smartphones in the workplace, and how this presents a challenge to both safeguard information, while also protecting employees’ privacy. BOYO is certainly nothing new. The article states the challenge that there is bound to be some crossover between personal and business data. “When businesses collect and monitor employee data, how can they approach this crossover in a responsible way that does not infringe on personal privacy or compromise any security measures,” writes author Michael J. Covington, Ph.D. He suggests that organizations use a four-pillar framework to implement best practices for how they should collect store and use their employees’ personal information. The pillars are: user identity, user activity, policy, and transparency.

Partner blog of interest: Splunk: A Look at 2020: Where Data Packs Its Biggest Punch

The post Cyber News Roundup: Cyberattacks of the Past Decade, Mobile Threats, Even Your New TV? appeared first on Cyber Oregon.

]]>
Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication https://cyberoregon.com/2019/11/22/cyber-news-roundup-give-the-gift-of-encryption-and-two-factor-authentication/ Fri, 22 Nov 2019 15:00:13 +0000 https://cyberoregon.com/?p=6110 ‘Tis the season for shopping. Alas, ‘tis the season for cybercriminals. In his Dark Reading article, Jai Vijayan writes that criminals have begun ramping up their efforts to divert dollars their way via malicious domains, coupons, gift card scams, and counterfeit goods. “Domain-based attacks top the list of threat that retailers face this shopping season,”…

The post Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

‘Tis the season for shopping. Alas, ‘tis the season for cybercriminals. In his Dark Reading article, Jai Vijayan writes that criminals have begun ramping up their efforts to divert dollars their way via malicious domains, coupons, gift card scams, and counterfeit goods. “Domain-based attacks top the list of threat that retailers face this shopping season,” writes Vijayan. Brand impersonation is another big issue, often used to promote phishing campaigns to direct users to sites that download malware, according to Ashlee Benge, a threat researcher at ZeroFox.

As we are headed into the holiday shopping blitz, it’s not all baubles and glitz. Major retailer, Macy’s, has already experienced a data breach, exposing customer credit card information. According to the TechRepublic article, hackers injected malicious card-skimming code into Macy’s website, resulting in criminals accessing thousands of customer names, credit card information, and addresses. Criminals may have used the information themselves or sold it on the dark web, according to the article. “These types of attacks, called Magecart, are becoming increasingly common as more people open small online businesses and fail to encrypt their sites while recording customer information,” writes reporter Jonathan Greig.

What’s the one thing that retailers can do? Encrypt. Says Charity Wright, cyber threat intelligence advisor, “So many retailers don’t have their point-of-sale processors encrypted and they’re storing credit card data unencrypted, which we can guarantee is the source of most of these breaches.” The article cites experts’ tips for retailers to protect themselves from data breaches:

  1. Widespread encryption
  2. Have an SSL certificate installed to protect consumers
  3. Do frequent audits of their security systems, websites, content management systems, and software
  4. Establish policies and procedures to verify that Internet-facing infrastructure is securely configured
  5. Restrict third-party vendors’ access to sensitive data

Retailers, banks, even Disney

If it’s not retailers, it’s banks. In the CSO article, “How a bank got hacked (a study in how not to secure your networks), reporter J.M. Porup covers the vigilante hacker Phineas Phisher and the intrusion of Cayman National Bank. The article is a study in how vulnerable our financial institutions are to attackers. Phisher boasts, “Give a person an exploit and they’ll have access for a day, teach them to phish and they’ll have access the rest of their lives.” The heist involved hacking tools – off-the-shelf penetration testing tools, in fact – phishing, malware, and a malicious email. It turns out that Phisher was in the bank’s networks for five months, without being discovered.

Just as soon as Disney Plus, the new streaming service, was rolled out, hackers were busy hacking. Thousands of Disney Plus accounts were hacked and sold online for as little as $3, reports Washington Post. “It’s no surprise that cybercriminals jump on the same bandwagon as everyone else when there’s a big consumer launch,” says Niels Schweisshelm, technical program manager at HackerOne. The article states that other streaming services including Amazon Prime, Hulu, and Netflix have faced similar struggles with hackers. “One thing Disney+ could do to help users would be to roll out support for multi-factor authentication, a simple solution that would prevent attacks relying on password reuse,” states Catalin Cimpanu in his ZDNet article.

Cyber Oregon in the news

In Cyber Oregon-related news, the Oregon State University Security Club (OSUSEC) completed in the U.S. Department of Energy (DOE)’s CyberForce Competition. The team, which includes Zander Work, placed first regionally for the third time in a row — and sixth nationwide.

In other news, Peggy Miller, CEO of PacStar, a cybersecurity pioneer with the company’s advanced communications solutions for the U.S. Department of Defense and a Cyber Oregon sponsor, wins Gold Stevie Award for Executive of the Year. News release here.

Cyber Oregon partner news of interest and a special shoutout to Charlie Kawasaki, Oregon Cybersecurity Advisory Council leader, who is the first inventor of this new cybersecurity patent: PacStar Awarded Patent for IQ-Core Crypto Manager Encryption Management and Setup Software

The post Cyber News Roundup: Give the Gift of Encryption and Two-Factor Authentication appeared first on Cyber Oregon.

]]>
Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors https://cyberoregon.com/2019/11/01/cyber-oregon-news-roundup-scariest-hacks-tips-to-manage-phishing-extending-cybersecurity-to-vendors/ Fri, 01 Nov 2019 14:00:44 +0000 https://cyberoregon.com/?p=6082 What are some of the top hacks and vulnerabilities in 2019? Taking a look back at cybersecurity this year – eek! It has been a banner year for cybersecurity threats and hacks with exploits, backdoor hacks, and data breaches affecting users, companies, and governments around the world. There have been supply-chain attacks, corporate ransomware, and…

The post Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors appeared first on Cyber Oregon.

]]>
Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

What are some of the top hacks and vulnerabilities in 2019? Taking a look back at cybersecurity this year – eek! It has been a banner year for cybersecurity threats and hacks with exploits, backdoor hacks, and data breaches affecting users, companies, and governments around the world. There have been supply-chain attacks, corporate ransomware, and high-profile government hacks, as well as hacks and malware on our devices, in our applications, at our gas station, on our planes. In his ZDNet article, The Scariest Hacks and Vulnerabilities of 2019, reporter Catalin Cimpanu gives a complete rundown of the past 10 months of security disasters that would scare anyone. Cyber threats abound. Here’s a snapshot:

  • Severe vulnerabilities in Apple FaceTime
  • Hackers steal data from South Korea’s Defense Ministry
  • Oklahoma data leak exposes FBI investigation records
  • Iranian hackers suspected in worldwide DNS hijacking campaign
  • Websites can steal browser data via extensions APIs
  • Malware found preinstalled on Android devices
  • New malware can make ATMs spit out cash
  • Hiding malware using the CPU
  • Hackers take tornado sirens offline before major storm
  • Chrome zero-day under active attacks
  • Hacks at French gas stations
  • Smartphone unlocking
  • United Airlines covers up seat cameras
  • Tens of thousands of cars left exposed to thieves
  • The Weather Channel goes off the air for 90 minutes after ransomware infection
  • Facebook admits to storing plaintext passwords for millions of Instagram users
  • Indian government agency left details of millions of pregnant women exposed online
  • Unsecured server exposes data for 85% of all Panama citizens
  • Google replaces faulty Titan security keys
  • London Underground to begin tracking passengers through Wi-Fi hotspots
  • Hackers breached 10 telecom providers
  • NASA hacked because of unauthorized Raspberry Pi connected to its network
  • Hackers put patient data for sale online
  • Vulnerabilities found in GE anesthesia machines
  • Louisiana governor declares state emergency after local ransomware outbreak
  • Employees connect nuclear plant to the internet so they can mine cryptocurrency
  • Moscow’s blockchain voting system cracked a month before election
  • U.S. military purchased $32.8M worth of electronics with known security risks
  • Database leaks data on most of Ecuador’s citizens
  • Massive wave of account hijacks hits YouTube creators
  • Ransomware incident to cost company a whopping $95 million
  • Alexa and Google Home devices leveraged to phish and eavesdrop on users

Phishing attacks on the rise; how to protect your business

One attack method that continues to gain momentum is phishing. Nearly one third of all data breaches involve phishing, according to Verizon’s 2019 Data Breach Investigations Report. And phishing is not just hitting companies. Research indicates that phishing was present in 78% of cyber espionage incidents and the installation and use of backdoors. Lance Whitney explains in his TechRepublic article that cybercriminals who employ phishing as their attack method use various tricks and techniques to lure their victims into divulging private information. He says, “Cybercriminals are leveraging some of the world’s largest tech companies to trap users.” A recent report, Akamai 2019 State of the Internet/Security Phishing: Bating the Hook, states that criminals are exploiting top global brands and their users through highly organized and sophisticated phishing operations, with users of Microsoft, PayPal, DHL, and Dropbox as the biggest targets for phishing attacks. Akamai offers these tips for businesses to protect themselves against phishing attacks:

  1. Awareness training. You can and should train your employees to spot and report basic and generic phishing attacks. Cybercriminals have learned to adapt to basic awareness training models. In fact, targeting the natural workflow of an intended victim is how phishers have been able to launch more business email compromise attacks.
  2. Phishing simulations. A good defense requires a good offense. As such, phishing simulations can help organizations better protect themselves and decrease the odds of a security incident. However, such simulations should be customized to the individual or business unit. For example, a phishing simulation sent to people in human resources could spoof resumes for a recent job posting. A simulation sent to sales employees could spoof lead generation responses following a recent event.
  3. Endpoint protection. Beyond training and simulations, protecting your endpoints is another way for you to stay ahead of the phishing game.

What about your vendors’ cybersecurity practices?

While you have been focused on implement cybersecurity practices within your organization, have you considered your third parties that you do business with? Any organization outside of your company that provides a product or service and has access to your system could put you at risk: cloud providers, professional services, payment processor, payroll, etc. If cybersecurity incidents occur as a result of these third-party relationships, it’s the companies themselves that are on the hook for regulatory fines, penalties, and reputation, according to ZDNet article, Extending cybersecurity awareness of the third-party ecosystem. Alla Valente, an analyst at Forrester, recommends that organizations:

  1. Create and maintain a central repository for third-party relationships.You can’t manage what you can’t measure and won’t be able to thoroughly assess the risk of each relationship if you don’t know how many third-parties you have or who those third-parties are. More than half of all organizations don’t keep an active catalog of third-parties.
  2. Think beyond outdated nomenclature that limits your scope and creates blind spots.Third-parties go by many names: vendor, supplier, IT service provider, affiliate, associate, consultant, etc. Don’t limit cybersecurity assessment to software vendors alone. With digital transformation and IoT, almost every single third-party relationship involves storing, processing, or transmitting sensitive data.  Think of every relationship as a link along the value chain, including your HVAC repair technician.
  3. Take cybersecurity precautions at the end of the relationship.For many organizations, one critical step is missing from their third-party cybersecurity process. Very often, they overlook or forget to terminate the third-parties access to critical systems when a contract is completed. The offboarding process is essential for mitigating downstream risks. Create a process whereby the owner of the third-party relationship notifies the proper channels before announcing contract termination, this way, security can monitor for irregular access – in case the third-party wants to take any souvenirs at your expense — and ensure access has been terminated at the end of the contractual period.

Cyber Oregon partner blog of interest

The post Cyber Oregon News Roundup: Scariest hacks, tips to manage phishing, extending cybersecurity to vendors appeared first on Cyber Oregon.

]]>
Cyber Oregon Annual Cybersecurity Summit: November 8 https://cyberoregon.com/2019/10/21/cyber-oregon-annual-cybersecurity-summit-november-8/ Mon, 21 Oct 2019 14:00:35 +0000 https://cyberoregon.com/?p=6024 Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will…

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>
Cybersecurity threats are here, there, and everywhere – no organization is safe from threats, but there are prevention and defense strategies and best practices to implement. Whether your organization is an enterprise, small business, school, government, healthcare, or financial institution, you can learn from some of the great cybersecurity minds across the state, who will share their insight and expertise to navigate today’s cyber challenges. The Cyber Oregon Annual Cybersecurity Summit, taking place November 8, 2019 in Bend. For more information and to register: http://www.techoregon.org/events/oregon-annual-cybersecurity-summit

TAO and Oregon Cybersecurity Advisory Council (OCAC) present this year’s Cyber Oregon Annual Cybersecurity Summit that will feature government leaders, CISOs from Oregon’s largest healthcare providers, and executives from regional community banks. The day will include a keynote and a lunch panel for all attendees focused on the global cyber landscape and the components of a cybersecurity plan that are often overlooked – including cyber insurance and crisis communication – in the event of a data breach.

There will be two tracks with multiple sessions: Technical Track for cyber practitioners and Business Track leaders to learn best practices. Who should attend? Corporate legal teams, data privacy professionals, business owners, C-Suite executives, and technology managers from all industries.

Here is the schedule:

9:00 a.m. – Opening Keynote

SCHEDULE

Phil R. Slinkard, Special Agent, Federal Bureau of Investigation, Cyber Division

10:30 a.m. – Track Sessions 1

TECHNICAL

Pragmatic Security Addressing INTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Healthcare and Privacy

MODERATOR: Leslie Golden, president, Instill Security LLC

PANEL

Ron Buchannan, CISO, St. Charles  

Brian Hole, cyber-security program manager and deputy CISO, Legacy Health        

Steve Person, CISO, Cambia Health Solutions

11:45 a.m. – Lunch Panel

Ancillary Services Critical to Your Cybersecurity Strategy

MODERATOR: Stephanie Hooper, senior account manager, 52 Limited

PANEL

Vic Martinez, commercial account executive, PayneWest              

Lora Haddock, founder & CEO, Lora DiCarlo            

Brian Ventura, information security architect, City of Portland

1:00 – Track Sessions 2

TECHNICAL

Pragmatic Security Addressing EXTERNAL Risks

Ryan Comingdeer, chief technology officer, Five Talent Software

BUSINESS

Best Privacy Practices by Community Banks

MODERATOR: Ben Gallo, president, Redhawk Network Security

PANEL

Nikki Hoffman, VP IT Manager, People’s Bank of Commerce          

Gary Propheter, COO, Bank of Eastern Oregon

 

The Cyber Oregon Cybersecurity Summit will take place at OSU-Cascades Graduate & Research Center, 650 SW Columbia Street, Room 209 and 110, in Bend, Oregon. Register today to secure your spot!

Sponsors for this Summit include Fortinet, McAfee, PayneWest, and PKI Solutions.

The post Cyber Oregon Annual Cybersecurity Summit: November 8 appeared first on Cyber Oregon.

]]>