CS Nov-Dec 2020

More documents

Recommendations

Info

hacking surge Adrian Rowley, Gigamon: a much stricter privilege regulation policy is needed - a Zero Trust one. Joe Hancock, MDR Cyber: "Many of the targets of sophisticated cyber-attacks are nameless or their experience is tempered by being part of an organisation that can protect them. many ways remain the same, points out Chris Goettl, director of security solutions, Ivanti. "This means businesses can cut through this sophistication and prioritise measures to maximise their cybersecurity strategies. For this reason, they should look to cybersecurity frameworks, such as the CIS Critical Security Controls. THE RIGHT MEASURES "By following the top five CIS guidelines and adhering to basic cyber hygiene measures, it's possible to eliminate 85% of modern cyber threats. Take vulnerability management, for example: if IT and security teams don't treat vulnerability management as an ongoing process, business infrastructure will be exposed, as hackers can find and weaponise vulnerabilities faster than these teams can patch. Automating this process can further protect the organisation by minimising the gap between the onset of new knowledge and remediation, reducing the period in which cybercriminals can strike." Goettl also recognises how businesses have faced an entirely new security challenge over recent months due to the added risks of a remote workforce. "For companies that weren't prepared to support remote workers, this was a drastic change. It's important that IT and security teams implement tailored measures to counter this drastic shift in attack surface, as remote working looks set to continue in some capacity for the foreseeable future. "For example,", he also points out, "patching a remote or fluid workforce may require the implementation of a hybrid or cloud-based patch management solution that can implement patches to companyowned devices and BYOD, and that won't take up valuable VPN bandwidth with update traffic." With workers undefended away from their offices and targeted by malicious actors, companies must keep security front of mind as they familiarise themselves with the 'new normal', says Adrian Rowley, senior director Sales Engineering EMEA at Gigamon. "As flexible working becomes the go-to, employees will be shifting between on-premise and remote working, combining user-owned and company devices (not to mention personal WiFi connections). This will make network perimeters even harder to define and to protect. "Traffic flows will also be impacted, with users switching from LAN to WAN and back - so inspecting encrypted and unencrypted data will be critical for IT and security teams to keep abreast of potential threats. Ultimately, the only way to drive security in these difficult circumstances is minimising blind spots and ensuring unclouded visibility throughout the network." To create security resilience in times of uncertainty, companies must move away from the idea that any asset or user within the network perimeter can be trusted, and a much stricter privilege regulation policy is needed - in other words, a Zero Trust (ZT) architecture, he continues. "This security strategy consists of scrutinising asset behaviour and only granting access based on this information, rather than based on pre-existing credentials. Because it's impossible to monitor what you can't see, companies need a clear view of everything that happens on their network to enable a ZT approach. "What many businesses haven't grasped yet is that ZT isn't a product they can buy, deploy and use to dispel their security woes," states Rowley. "It's a mindset which must be applied to every IT and security decision. Shifting to a ZT model is no easy feat, but it's imperative to ensure fool-proof protection at a time when IT environments are complicated by a fluid workforce and cyberattacks are fiercer than ever." 28 computing security Nov/Dec 2020 @CSMagAndAwards www.computingsecurity.co.uk
product review HORNETSECURITY 365 TOTAL PROTECTION Microsoft 365 is by far the most prevalent cloud email service for businesses, but this popularity brings inherent risks, as it also makes it the top target for cybercriminals. Email security features are provided by Microsoft, but these are widely used, comparatively basic and, consequently, easier to circumvent. To provide greater protection, businesses must implement a multi-layered defence - and Hornetsecurity offers a cost-effective and highly efficient solution. Its 365 Total Protection cloud service provides a wealth of email security measures, which includes AI intelligence-based protection, allowing it to evolve as new threats emerge. Two options are available, with the Business version providing all key threat defence measures, along with live email tracking, content control and compliance filtering. The Enterprise version augments these with ATP (advanced threat protection) cloud sandboxing, URL malware controls, email archiving, e- discovery and forensics analysis tools. Onboarding from the cloud panel is swift, as you change your domain's MX records, go to the registration link provided and authenticate with your account from the standard Microsoft 365 login screen. Using its Azure connector, 365 Total Protection synchronises all your users, with the entire process taking as little as 30 seconds. Protection starts immediately, as the default settings activate full spam and malware protection, which blocks suspicious emails before they reach your mailbox. The Spam and Malware filter uses over 15,000 heuristics to reject nuisance messages, such as newsletters and those sent from mass marketing campaigns. The cloud panel opens with an email live tracking view that shows logs of all inbound and outbound email activity. This is vastly superior to Microsoft's logging, as you can view every detail about individual emails, including header information, and each one is colour coded to clearly show its classification. Multiple filters can be applied to refine the list and clicking on the coloured icon for an email loads a drop-down menu where you can add the sender to deny or allow lists, report it as spam or release it. Enterprise users can also pass suspect emails to the ATP service for further examination. Self-service features lighten the support burden, as users can review their emails in the portal and release them, where permitted. Regular reports for each user can be generated and show spam activity, quarantined attachments, plus the reasons for rejection. The ATP sandbox recognises emails with encrypted attachments and, if the password is in the email message body, it will use it to scan these files. The URL rewrite feature deals efficiently with email web links, as Hornetsecurity opens a web session to its secure proxy to check where the link connects to and see if it includes harmful downloads or other threats. Fraudulent emails that appear to be legitimate are handled by a targeted forensics filter, which uses first and last name combinations in order to check for authenticity. The compliance filter provides more granular control of emails by applying DLP-like rules to outbound messages that check for specific keywords in the body, subject and attachment. The continuity service will prove invaluable when the Microsoft 365 services go down, as it keeps copies for three months back for you to use during the outage and transfers them back to your account when the service comes up again. Rule-based encryption for outbound messages is just as easy to implement, as all certificates are centrally managed for you. Hornetsecurity's 365 Total Protection lives up to its name, as it delivers a smart email security solution that integrates seamlessly with Microsoft 365. It fills the security holes Microsoft leaves behind and, with prices for the Business version starting at only $2 per user per month, is affordable for organisations of all sizes. Product: 365 Total Protection Supplier: Hornetsecurity Web site: www.hornetsecurity.com Contact: info@hornetsecurity.com Price: From $2 per user per month www.computingsecurity.co.uk @CSMagAndAwards Nov/Dec 2020 computing security 29
Page 1 and 2: Computing Security Secure systems,
Page 3 and 4: comment TIME TO TAKE GDPR UP A GEAR
Page 5 and 6: Pragmatic and experienced risk mana
Page 7 and 8: editor's focus "Well trained staff
Page 9 and 10: health monitoring within the compan
Page 12 and 13: smishing SMISH, SMASH, BASH! A RELA
Page 14 and 15: smishing scams, while the Associati
Page 16 and 17: industry insights THE NEW ORDER IS
Page 18 and 19: mergers & acquisitions HITTING THE
Page 20 and 21: Data privacy BEYOND THE EU-US PRIVA
Page 22 and 23: contact tracing WE HAVE CONTACT THE
Page 24 and 25: contact tracing smartphones in mind
Page 26 and 27: hacking surge HACKERS FOR HIRE HACK
Page 30 and 31: threat intelligence APTS AND COVID-
Page 32 and 33: gender inequality TIME TO REBALANCE
Page 34 and 35: gender inequality equates to - and
Page 36: NEW Sensitive Data Discovery and Re

CS Nov-Dec 2020

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?