Cyber Defense eMagazine December 2019

More documents

Recommendations

Info

79 Consequently, companies of all sizes will find themselves faced with more costly, sophisticated, and disruptive cyber attacks. Although technology threats remain mostly the same with cybercrime-as-aservice, from an enterprise perspective, it’s important to remember that more people are able to partake in cybercrime as a result. Moreover, the malicious hacker delivering the service is likely to have carried out their attack many times before. As such, the danger posed by cybercrime-as-a-service must be understood by businesses in order to mitigate its damage. This is where the importance of data visibility becomes most apparent, which means keeping on top of shadow IT -- no mean feat. Although a pertinent problem in companies of all sizes, the issue is (somewhat ironically) exacerbated when a company experiences rapid growth and success -- whether that’s through a string of fresh hires to keep up with new business or a long-awaited acquisition. In all other aspects, business might be booming, which is brilliant -- but as growth increases, so does the struggle for IT teams to keep on top of threats, both on and off the company network. This can be particularly difficult for mid-market and high-growth businesses, such as startups and scaleups, where it can be a struggle to keep on top of threats amid a continually increasing headcount. We need cyber binoculars, if you will, to see ahead, identify threats early, and give the experts the chance to analyse and take appropriate action. Here, a forward-thinking cyber security operations centre (CSOC), supported by a hands-on team of analysts, can really help -- which means a CSOC that’s both reactive and proactive. The CSOC team should undertake specific research into cybercrime-as-a-service as well. Compliance is the cornerstone to all of this because, as networks and requirements change, disparate security systems across the IT environment create a significant compliance headache for businesses, making it almost impossible to accurately assess compliance adherence across a multitude of interfaces. The result? A fragmented view of compliance that is prone to error. Now, however, technology and systems exist that are designed to monitor for compliance to multiple standards -- across different geographies, if needed. The specific nature of this form of monitoring relieves a heavy burden when adhering to regulations such as European GDPR, as real-time compliance monitoring can be continually illustrated to anyone from a regulator to a supplier. This is achieved by collecting, aggregating and correlating system and network information. What makes this so important is that strong cyber security protection relies entirely on data visibility -- if an organisation can’t keep track of its data or its stored insecurely, this paves the way for a host of possible cyber security threats, from simple phishing scams to ransomware attacks. By taking a proactive approach to security protection, it becomes possible to use threat intelligence to prevent attacks, rather than just react to imminent threats. Beyond technology, this should take the form of trusted team of third-party experts who have the time and wider resources to spend on cyber security protection. In doing so, it becomes possible to limit the chaos of added cost and simplify security to focus on business strategy and risk. After all, when it comes to security, it’s the actionable information, integration, and the end-to-end capabilities that equips businesses with the tools they need to take on cybercrime-as-a-service -- giving them that much-needed edge to survive.
80 About the Author Mark Belgrove is the Head of <strong>Cyber</strong> Consultancy of Exponential-e. With over 25 years’ experience in the information security field, Mark runs the global cyber security consultancy team at Exponential-e and is the technical lead.Mark combines a strong background as a Chief Information Security Officer (Yell Ltd) with almost 10 years of security and risk consulting delivery into a range of clients including Merrill Lynch, Cable & Wireless (NTL), Scottish & Southern Electric and Chase Manhattan Bank. Mark has experience in a wide range of specialist topics including risk management, business continuity, compliance and cyber security governance.Mark is a Certified Information Systems Security Professional (CISSP), Payment Card Industry Professional (PCIP – former QSA) and ISO 27001 Lead Auditor.Mark can be reached online at LinkedIn and at our company website https://www.exponentiale.com//
Page 1 and 2:
1 8 Most Common Cybersecurity Mista
Page 3 and 4:
2
Page 5 and 6:
4 The Internet Got Safer In 2019: A
Page 7 and 8:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10:
8
Page 11 and 12:
10
Page 13 and 14:
12
Page 15 and 16:
14
Page 17 and 18:
16
Page 19 and 20:
18
Page 21 and 22:
20 8 Most Common Cybersecurity Mist
Page 23 and 24:
22 You can prevent (or decrease) th
Page 25 and 26:
24 While it’s not feasible to res
Page 27 and 28:
26 The major difference is the addi
Page 29 and 30: 28 Oh, my! PerCSoft’s Irony By Ch
Page 31 and 32: 30 • Conduct cybersecurity traini
Page 33 and 34: 32 Persistent Cybersecurity Industr
Page 35 and 36: 34 Automation is welcome and seen a
Page 37 and 38: 36 Protecting Against Modern Cybera
Page 39 and 40: 38 Conclusion Unfortunately, no tec
Page 41 and 42: 40 For 2020 The Death of Traditiona
Page 43 and 44: 42 The Next Five Years The End of E
Page 45 and 46: 44 Government Agencies Are Prime Ta
Page 47 and 48: 46 It’s a basic fact of contempor
Page 49 and 50: 48 simpler way to approach these pr
Page 51 and 52: 50 Why Outsmart Cyber Attackers Whe
Page 53 and 54: 52 Depending on how you look at it,
Page 55 and 56: 54 devices. Russian actors can extr
Page 57 and 58: 56 How to Become a Cybersecurity Sl
Page 59 and 60: 58 industry. Perform online searche
Page 61 and 62: 60 The Security Challenges of Robot
Page 63 and 64: 62 The typical approach in providin
Page 65 and 66: 64 The Blockchain And Wireless Tech
Page 67 and 68: 66 systems. As is quite well-known,
Page 69 and 70: 68 Benefits of Having an SSL Certif
Page 71 and 72: 70 Google has made SSL compulsory s
Page 73 and 74: 72 This year, privacy and security
Page 75 and 76: 74 The Perspectives Of The 5th Indu
Page 77 and 78: 76 The balance between offense and
Page 79: 78 The Rise of Cybercrime-As-A-Serv
Page 83 and 84: 82 the conflict. Practically, it’
Page 85 and 86: 84 fact is something that would see
Page 87 and 88: 86 Furthermore, Tessian in 2019 del
Page 89 and 90: 88 Automatic for The SOC People How
Page 91 and 92: 90 Allows Transparency and Drive Le
Page 93 and 94: 92 Only large enterprises can benef
Page 95 and 96: 94 The Growing Costs of Cyber Attac
Page 97 and 98: 96 After suffering a cyber attack m
Page 99 and 100: 98 Some of the most damaging Inside
Page 101 and 102: 100 Out-Smarting the Cybersecurity
Page 103 and 104: 102 Empower Other Teams Network and
Page 105 and 106: 104 New Security Report Highlights
Page 107 and 108: 106 The Threat Lab team also analyz
Page 109 and 110: 108 Drive, AWS, Office 365, etc. It
Page 111 and 112: 110 former governor, this bill also
Page 113 and 114: 112 I mean, if you want to be able
Page 115 and 116: 114 Is It Safe to Connect to Public
Page 117 and 118: 116 5. Safe Browsing Additional dil
Page 119 and 120: 118 flawed method in which Evernote
Page 121 and 122: 120 Really, Imagine a Day Without W
Page 123 and 124: 122
Page 125 and 126: 124
Page 127 and 128: 126
Page 129 and 130: 128
Page 131 and 132:
130
Page 133 and 134:
132
Page 135 and 136:
134
Page 137 and 138:
136
Page 139 and 140:
138 Meet Our Publisher: Gary S. Mil
Page 141 and 142:
140 Free Monthly Cyber Defense eMag
Page 143 and 144:
142
Page 145 and 146:
144
Page 147 and 148:
146 Nearly 8 Years in The Making…
Page 149 and 150:
148
Page 151:
150
show all

Cyber Defense eMagazine December 2019

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?