Cyber Defense eMagazine February 2021 Edition

More documents

Recommendations

Info

Redefining Digital Risk: 3 Considerations for Your Cybersecurity Strategy in 2021 As we enter a new era of interconnected cybersecurity threats, companies and organizations would be wise to overhaul their entire view of the online landscape in order to be fully prepared, writes Karl Swannie, Founder of Echosec. By Karl Swannie, Founder, Echosec Systems The coronavirus pandemic has forced rapid change across every level of an enterprise, and cybersecurity is no exception. Security teams have quickly learned that real-world events and online risk are highly interconnected. As digital risk diversifies, cybersecurity has also become more relevant across many business roles, not just IT. It not only encompasses organized cybercrime but also cyber-enabled threats such as targeted misinformation or physical risks to individuals and assets. As threats become more integrated, many organizations have failed to adapt their security strategy accordingly. An incident may be delegated as a cybersecurity issue even if it has organization-wide consequences. Risks can also be overlooked without considering connections between the wide variety of social media, deep web and dark web networks that are now relevant for security teams. With all this in mind, the question becomes how can CISOs and IT managers move forward better equipped for a more integrated threat landscape? Cyber Defense eMagazine – February 2021 Edition 84 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Approach cybersecurity as an org-wide strategy Far too often, digital risks are treated as an IT problem rather than a business priority. Increased digital transformation means that online risks impact all business areas and have greater, longer-lasting effects on revenue and operations as a whole. According to IBM’s 2020 Cost of a Data Breach report, organizations incur $1.52M, on average, in lost revenue per breach. And these business impacts aren’t just due to increased cybercrime like phishing and ransomware— cyber-enabled threats are implicating a variety of business operations. For example, damaging viral content or misinformation, evidence of theft or internal threats, and physical security risks are all facilitated by and discoverable through online sources. This information is now valuable for cybersecurity and marketing, compliance, and physical security teams, to name a few. So how can CISOs and IT managers tackle digital risks more holistically? For one, security teams should rethink their toolkit. While threat intelligence tooling is valuable for cybersecurity personnel, security teams should consider software that is also accessible for non-technical teams like compliance who require digital risk data. Security officers must also communicate digital risks to executives and board members as business risks—how do online threats, from data disclosure to theft, translate to lost business in dollar value? This will ensure that digital risk is clearly understood through the lens of business impact and prioritized by leadership accordingly. Prioritize breadth of data As digital risk covers a greater diversity of use cases, more online spaces are relevant for detecting risk and defending your organization. Beyond standard threat intelligence sources—like technical feeds and the dark web—security teams now need to consider a broader set of sources. These could include mainstream and fringe social media sites (which tend to emerge quickly), deep web forums, and messaging apps. For example, platforms like 8kun or Telegram could host compromised information or other targeted risks, but may not be standard data sources in a security team’s toolkit. Any one of these sources is not necessarily valuable on its own. However, access to a combination of social, deep, and dark web data alongside technical cyber threat intelligence can help security teams follow breadcrumbs more comprehensively across the web. Security teams require multiple threat intelligence solutions to do their jobs effectively. But tools that prioritize data diversity (rather than focusing only on the dark web or social media, for example) can streamline toolkits, save analysts time, and provide more valuable context. Rethink how you conceptualize the internet These considerations point nicely to a third shift: integrating not only cybersecurity strategies and data sources but also our understanding of the internet. Adversaries are not segregated to distinct web spaces—and neither should threat intelligence strategies. The internet has long been conceptualized as fragmented surface, deep, and dark web networks (so Cyber Defense eMagazine – February 2021 Edition 85 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
The 2021 Perspective - Challenges a
Page 3 and 4:
Does Sunburst Have Your Confidentia
Page 5 and 6:
@CYBERDEFENSEMAG InfoSec Knowledge
Page 7 and 8:
Cyber Defense eMagazine - February
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
The 2021 Perspective - Challenges a
Page 23 and 24:
A slice of the anti-virus pie? We s
Page 25 and 26:
Additionally, we saw explosive grow
Page 27 and 28:
2021 Predictions: Addressing the Ch
Page 29 and 30:
About the Author Ankur is the found
Page 31 and 32:
An independent study conducted by P
Page 33 and 34: Cyber Defense eMagazine - February
Page 35 and 36: The Boomers’ lack of trust in Fac
Page 37 and 38: While it’s unclear if historical
Page 39 and 40: Cyberattacks On K-12 Education Care
Page 41 and 42: About the Author Saryu Nayyar is th
Page 43 and 44: Third-party vendor risk management
Page 45 and 46: Cyber Resiliency Will Become the Ne
Page 47 and 48: About the Author Drew Daniels is th
Page 49 and 50: Phishing Threat actors are taking a
Page 51 and 52: Vulnerability Patching: Why Does It
Page 53 and 54: with any degree of efficiency is to
Page 55 and 56: the nature and its technological ou
Page 57 and 58: kind of the communication streaming
Page 59 and 60: it’s logical to realize that the
Page 61 and 62: eason they will be that hidden part
Page 63 and 64: channeling hotspots are diverse and
Page 65 and 66: Ransomware is Evolving - Agencies M
Page 67 and 68: About the Author Nick Psaki is the
Page 69 and 70: 3GPP Release 15 defines the 5G secu
Page 71 and 72: • Suppliers must prioritize cyber
Page 73 and 74: Does Sunburst Have Your Confidentia
Page 75 and 76: About the Author Randy Reiter is th
Page 77 and 78: Global Reach and Accessibility Plan
Page 79 and 80: About the Author Trevor Daughney is
Page 81 and 82: typical work environment. Public Wi
Page 83: increasingly interested in implemen
Page 87 and 88: Are Encrypted Communication Apps us
Page 89 and 90: How SaltDNA’s platform prevents c
Page 91 and 92: are turning to new technologies lik
Page 93 and 94: The Best Network Protection: Go Dee
Page 95 and 96: Top Tips For Securing Your DevOps E
Page 97 and 98: Continual Learning Is Necessary The
Page 99 and 100: a prime target for cyber attacks. I
Page 105 and 106: FREE MONTHLY CYBER DEFENSE EMAGAZIN
show all

Cyber Defense eMagazine February 2021 Edition

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?