Cyber Defense eMagazine December 2019

More documents

Recommendations

Info

21 Below we look at the top eight mistakes in cybersecurity that you should dodge in the coming years. 1. Poor Password Management Weak passwords are among the principal reasons for most of the cybercrimes including brute force attacks. An instance of a successful brute force attack is the March 2018 Magento case where almost 1,000 user accounts were compromised due to weak user account passwords. Examples of weak passwords that are still used include “123456,” “password,” and “qwerty.” Listed below are some of the best practices in password management that can improve cybersecurity: • Use of complex passwords that incorporates alphanumeric and special characters. • Enable 2-Factor Authentication (or 2FA) that can be used with strong passwords to safeguard user access. • Avoid the use of the same passwords in multiple business accounts. • Use of desktop or smartphone apps that can securely store (or even regenerate) passwords instead of writing them down on a post-it or note pad. • Maintain the habit of periodically changing passwords for all your accounts. 2. Perception of Being Exempt from Online Attacks Small-scale business enterprises or SMBs have this false opinion that their business is too small or trivial to be targeted by hackers. The fact is that every business, large or small, are possible targets for hackers. A 2018 study on the state of cybersecurity in small and medium-sized businesses revealed that 67% of the SMBs have encountered a cyberattack while another 58% have had a data breach in the previous 12 months. Furthermore, companies that do not manage credit card data or any customer information believe that cybercriminals will not target their security network. In truth, hackers are targeting several computer networks to find vulnerabilities and obtain sensitive information or cause damage. The fact is if your business has a digital presence, you are at risk and must adopt cybersecurity as a business strategy to guard both your stored data and website resources. 3. Public Wi-Fi Usage Be it at the local coffee shop or at the airport, public Wi-Fi hotspots are becoming extremely common and free for public use. But free Wi-Fi does not necessarily mean that you should always use them whenever available to you. Internet networks such as public Wi-Fi are often not secure and are increasing the number of man-inthe-middle (or MITM) attacks that are used to intercept confidential data like credit card details and login credentials.
22 You can prevent (or decrease) the chances of such cyber-attacks by: • Curbing the use of public Wi-Fi connections for performing sensitive tasks like making online payments or file sharing. • Employ a Virtual Private Network (or VPN) when accessing from a public place. The use of VPNs keeps your online activities safe from being intercepted by hackers. 4. Ineffective Privilege Management Are you providing the bulk of your users with unrestricted rights and privileges to your security network? Or do you have many users with “admin” privileges? Neglecting the security risk posed by human users can be harmful to any business. This can involve granting admin privileges or access to critical business data to temporary workers, freelancers, consultants, or even your clients. The April 2018 Credit card data breach reported by Lord & Taylor that compromised 5 million credit cards along with other data breaches in 2018 could have been prevented through proper privilege management. As most security networks allow full account privileges to admin users, hackers try to break into admin accounts to gain access to the backend data. The following privilege management practices can be useful in improving cybersecurity: • Restricting the number of admin users to only those who actually need it. • Assigning user rights and privileges on the basis of user roles. • The additional approval process for high-risk tasks such as deletion done by admin users. • Withdrawing access rights with third-party users at the end of the working relationship. • Annual training programs with employees to understand safe cybersecurity practices. 5. The “Outdated Network” Problem Regardless of which network technology or tool that you use, they have to be regularly updated to fix any crucial security bugs that hackers can abuse. The 2018 case of the Spectre and Meltdown security flaws in computer CPUs affected a bulk of computer processing equipment that needed the release of security patches and fixes for hardware & software, along with operating systems. While countering every attack may not be possible, you must be well-versed in the overall architecture and structure of your security network and implement practices to keep all your tools and website components updated to their latest version. Along with the latest anti-virus software tools, deploying
Page 1 and 2: 1 8 Most Common Cybersecurity Mista
Page 3 and 4: 2
Page 5 and 6: 4 The Internet Got Safer In 2019: A
Page 7 and 8: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10: 8
Page 11 and 12: 10
Page 13 and 14: 12
Page 15 and 16: 14
Page 17 and 18: 16
Page 19 and 20: 18
Page 21: 20 8 Most Common Cybersecurity Mist
Page 25 and 26: 24 While it’s not feasible to res
Page 27 and 28: 26 The major difference is the addi
Page 29 and 30: 28 Oh, my! PerCSoft’s Irony By Ch
Page 31 and 32: 30 • Conduct cybersecurity traini
Page 33 and 34: 32 Persistent Cybersecurity Industr
Page 35 and 36: 34 Automation is welcome and seen a
Page 37 and 38: 36 Protecting Against Modern Cybera
Page 39 and 40: 38 Conclusion Unfortunately, no tec
Page 41 and 42: 40 For 2020 The Death of Traditiona
Page 43 and 44: 42 The Next Five Years The End of E
Page 45 and 46: 44 Government Agencies Are Prime Ta
Page 47 and 48: 46 It’s a basic fact of contempor
Page 49 and 50: 48 simpler way to approach these pr
Page 51 and 52: 50 Why Outsmart Cyber Attackers Whe
Page 53 and 54: 52 Depending on how you look at it,
Page 55 and 56: 54 devices. Russian actors can extr
Page 57 and 58: 56 How to Become a Cybersecurity Sl
Page 59 and 60: 58 industry. Perform online searche
Page 61 and 62: 60 The Security Challenges of Robot
Page 63 and 64: 62 The typical approach in providin
Page 65 and 66: 64 The Blockchain And Wireless Tech
Page 67 and 68: 66 systems. As is quite well-known,
Page 69 and 70: 68 Benefits of Having an SSL Certif
Page 71 and 72: 70 Google has made SSL compulsory s
Page 73 and 74:
72 This year, privacy and security
Page 75 and 76:
74 The Perspectives Of The 5th Indu
Page 77 and 78:
76 The balance between offense and
Page 79 and 80:
78 The Rise of Cybercrime-As-A-Serv
Page 81 and 82:
80 About the Author Mark Belgrove i
Page 83 and 84:
82 the conflict. Practically, it’
Page 85 and 86:
84 fact is something that would see
Page 87 and 88:
86 Furthermore, Tessian in 2019 del
Page 89 and 90:
88 Automatic for The SOC People How
Page 91 and 92:
90 Allows Transparency and Drive Le
Page 93 and 94:
92 Only large enterprises can benef
Page 95 and 96:
94 The Growing Costs of Cyber Attac
Page 97 and 98:
96 After suffering a cyber attack m
Page 99 and 100:
98 Some of the most damaging Inside
Page 101 and 102:
100 Out-Smarting the Cybersecurity
Page 103 and 104:
102 Empower Other Teams Network and
Page 105 and 106:
104 New Security Report Highlights
Page 107 and 108:
106 The Threat Lab team also analyz
Page 109 and 110:
108 Drive, AWS, Office 365, etc. It
Page 111 and 112:
110 former governor, this bill also
Page 113 and 114:
112 I mean, if you want to be able
Page 115 and 116:
114 Is It Safe to Connect to Public
Page 117 and 118:
116 5. Safe Browsing Additional dil
Page 119 and 120:
118 flawed method in which Evernote
Page 121 and 122:
120 Really, Imagine a Day Without W
Page 123 and 124:
122
Page 125 and 126:
124
Page 127 and 128:
126
Page 129 and 130:
128
Page 131 and 132:
130
Page 133 and 134:
132
Page 135 and 136:
134
Page 137 and 138:
136
Page 139 and 140:
138 Meet Our Publisher: Gary S. Mil
Page 141 and 142:
140 Free Monthly Cyber Defense eMag
Page 143 and 144:
142
Page 145 and 146:
144
Page 147 and 148:
146 Nearly 8 Years in The Making…
Page 149 and 150:
148
Page 151:
150
show all

Cyber Defense eMagazine December 2019

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?