Cyber Defense eMagazine January 2021 Edition

More documents

Recommendations

Info

estrictions. Organizations have to be prepared for further uncertainty in 2021 and take action to manage their risk in the long term. What they can be certain of is that cyberattacks will continue to be a pain point and have the potential to spike again in 2021. ‘Work from Anywhere’ Security Operations Center (SOC) teams should be reviewing and reflecting on 2020 and thinking about how they will support dynamic working environments that aren’t just working from home or in the office but look more like “work from anywhere” scenarios. Most organizations have evolved tremendously over the last 12 months and SOC teams need to stay in-tune with current operational norms and expectations of both users and business managers. SOC teams should question the state-of-play for their organization in 2021 and ask if their business is prepared for a new dynamic and fluid working environment. They should ask themselves: 1. What did we learn about our systems and processes throughout 2020? 2. What changes do I need to make to optimize our approach to security in the new year? 3. How do we secure a workforce that is fluid and moving between remote and on-premises? 4. Are my security controls and infrastructure built for this, or am I taking additional risk? 5. What is the state of play for security visibility in this flexible environment? 6. How prepared are we to change and adapt in case we are ready to come back to a fully officebased operation by the summer? 7. What do our users want? How can we enable their success? 8. Where do we start with so much uncertainty? Based on their responses, they should take action to ensure that their security posture matches the organization’s requirements and ensure it is ready to flex and adapt as needed. There are a few basic steps all organizations in the Middle East should be evaluating and prioritizing. User Vulnerability The first step for SOC teams across the Middle East should be to re-enforce best practice within their organizations and spend time educating users about policies, guidelines and best practices. Internal communications to users drive awareness and understanding of security risks. This should be increased and combined with more training. If training took place at the beginning of the pandemic, then organizations should be revisiting this in 2021. Whether it is in the private or public sector, user-based threats, like compromised accounts, increase risk and exposure across organizations. Human nature is still a primary vulnerability in an already complex threat landscape. Endpoint is the Bottomline SOC teams need new levels of visibility that are built to serve both remote and office-based working. They should be focused on the collection and correlation of endpoint, VPN and other pertinent infrastructure data like employees connecting back into the corporate network, identity and access Cyber Defense eMagazine – January 2021 Edition 130 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
management, as well as monitoring collaboration technologies like Office 365, Teams, Zoom, and Slack. It is about gaining visibility and control over the users’ ICT ecosystem and understanding where to, from, and how employees are authenticating and accessing data and applications. When an intrusion is suspected, they need to be able to qualify the threat and assess its potential impact. They can only do that if they have captured a wide variety of activity occurring on their endpoints and servers in real-time. Every organization should be able to search rich forensic data to understand when and how the incident occurred, and then contain the compromise with an endpoint lockdown. Automate Everything While automating everything might not be possible today, SOC teams should be exploring automating as many processes as possible. They are capturing massive amounts of data, which has made automating security processes a necessity. Not only does it eliminate human error, it ensures that precise decisions can be made at speed. SOC automation tools reduce an organization’s time to qualify (TTQ) and mean time to respond (MTTR) to a security threat. TTQ refers to the average time it takes to determine whether an incident is benign or should be considered a threat that requires investigation. Research by the Ponemon Institute found that it took organizations an average of 280 days to identify and contain a data breach in 2020. For most private and public sector organizations, that “wait time” is way too long. In a risky and uncertain time, they can’t wait for a human to perform an action that could be executed by a Security Information and Event Management (SIEM) solution with Security Orchestration, Automation and Response (SOAR) capabilities. Reinventing the Wheel When it comes to visibility and automation, there’s no reason to reinvent the wheel. SOC teams don’t have to develop all of this themselves. Instead, they should look for one-click, out-of-the box automation solutions that help them meet local compliance requirements and quickly deliver for their organizations. In markets like the Kingdom of Saudi Arabia, predefined reports and use cases can be made immediately available to organizations so they can meet local cybersecurity controls. This can be a way to quickly enhance an organization’s security posture while being able to demonstrate compliance. It also increases cost-efficiencies and enables local organizations to bridge skills gaps in the Middle East and benefit from both local and global expertise. Pre-defined use cases and reports can make it simpler and easier to deploy and enhance security in 2021. 2021 and Beyond Rapid digitalization across the private and public sector in the Middle East is only going to continue in 2021. The digital transformation and flexible working boom that started in 2020 will accelerate. This means that cybersecurity has to continually evolve to match the needs of rapidly changing ICT ecosystems. Adaptability and agility are critical and that starts with a secure foundation. Throughout Cyber Defense eMagazine – January 2021 Edition 131 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
3 Email Hacking Techniques to Watch
Page 3 and 4:
The Rising Tide of Security Threats
Page 5 and 6:
@MILIEFSKY From the Publisher… Ne
Page 7 and 8:
Welcome to CDM’s January 2021 Iss
Page 9 and 10:
Cyber Defense eMagazine - January 2
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
3 Email Hacking Techniques to Watch
Page 25 and 26:
3. Hijacking email threads When Emo
Page 27 and 28:
etween the data sets and filter out
Page 29 and 30:
The Bottom Line AIOps is a journey,
Page 31 and 32:
handle the IT and security challeng
Page 33 and 34:
Businesses Must Protect Their Most
Page 35 and 36:
Tokenization also allows businesses
Page 37 and 38:
Lately, Zero Trust is all the buzz,
Page 39 and 40:
Let's look at what's the same. They
Page 41 and 42:
Cryptocurrency Ransomware Is on The
Page 43 and 44:
commission from you. That is why co
Page 45 and 46:
The second national lockdown in Nov
Page 47 and 48:
Communication Streaming Challenges
Page 49 and 50:
the plaintext ends up with some sig
Page 51 and 52:
create new global admins, add them
Page 53 and 54:
Cybersecurity Maturity Model Certif
Page 55 and 56:
est practices into your core busine
Page 57 and 58:
Businesses Should See Security as A
Page 59 and 60:
Businesses must increasingly focus
Page 61 and 62:
Cybersecurity risk not only help un
Page 63 and 64:
- Mapping sensitive data assets (su
Page 65 and 66:
ACRR Formula The ACRR is based on t
Page 67 and 68:
Development Model This indicated if
Page 69 and 70:
About the Author Gyan Prakash is a
Page 71 and 72:
Understanding the Industrial IoT Wh
Page 73 and 74:
E-Merchants: Secure Your Online Sal
Page 75 and 76:
Damaged Reputation - Damage can ext
Page 77 and 78:
IT Automation Software and the Atta
Page 79 and 80: How To Keep Your Children Safe In R
Page 81 and 82: About the Author Nevin Markwart, Ch
Page 83 and 84: The cause? More remote work, fear o
Page 85 and 86: About the Author Jody Paterson is a
Page 87 and 88: Identifying personal data breaches
Page 89 and 90: Brave New World: Safari Content Blo
Page 91 and 92: AdGuard, EasyList and uBlock filter
Page 93 and 94: When Businesses Get Hacked- Who Are
Page 95 and 96: failing to enforce adequate securit
Page 97 and 98: Security and Remote Management: Wha
Page 99 and 100: Looking Ahead to 2021, and Beyond A
Page 101 and 102: workforces and education. However,
Page 103 and 104: About the Authors Steve Hanna is th
Page 105 and 106: As solutions for eXtended Detection
Page 107 and 108: 2. Threats against MSPs, cloud serv
Page 109 and 110: Why 'Thinking Small' Is the Way to
Page 111 and 112: Simplification of micro-segmentatio
Page 113 and 114: commonly used by IT orgs -- can int
Page 115 and 116: ServiceNow Discovery Documentation
Page 117 and 118: Are Your Organization’s Critical
Page 119 and 120: ● Gaining insight into how attack
Page 121 and 122: MITRE Shield introduces active defe
Page 123 and 124: How Next-Gen Identity Governance an
Page 125 and 126: • performing access reviews and c
Page 127 and 128: and intent-based authentication pol
Page 129: Innovation, Automation and Securing
Page 133 and 134: Peer-To-Peer Cybersecurity Insights
Page 135 and 136: Transitioning to Remote Work: The A
Page 137 and 138: Traqq also performs automatic track
Page 139 and 140: 6. Tool to Prevent Inefficient Task
Page 141 and 142: Cyber Defense eMagazine - January 2
Page 143 and 144: You asked, and it’s finally here
Page 145 and 146: 9 Years in The Making… Thank You
show all

Cyber Defense eMagazine January 2021 Edition

Create successful ePaper yourself

Delete template?

Save as template?