Cyber Defense eMagazine November Edition for 2021

More documents

Recommendations

Info

Empowering Your Employees To Prevent Cyberattacks In A Remote Work Era By Bill DeLisi, CEO of GOFBA – a leading secure search engine and communication platform Cybercrime’s business impacts reached $1 trillion in 2020. This staggering sum represented around one percent of global GDP. It reflected the total costs incurred with implementing security measures, lost productivity and profits, ransomware payments, and other considerations. Cybercrime is a global problem that impacts companies big and small. An August 2021 survey from CNBC found 56 percent of small business owners were concerned about an attack, and 59 percent of those surveyed were majorly confident they could quickly handle any attack. However, only 28 percent had a plan in place to combat cybercrime, and many of those plans would likely prove insufficient against a sophisticated hacker group. For small business owners and managers, overconfidence about preparations and capabilities, and a lack of concern are a troublesome mix. To fix this dynamic, they need to focus efforts on preventing cyber intrusions. The best place to start is by focusing on staff members actions, as people are often the conduit for hackers through phishing schemes, malware, and personal devices. Cyber Defense eMagazine – November 2021 Edition 108 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Stop Phishing in its Tracks The Delta variant COVID-19 surge prompted cybercriminals to develop fake “vaccination requirement” emails. These phishing schemes were sent to millions of workers, with official looking forms and links asking for recipients to confirm their vaccination status while providing valuable personal information. It is a common tactic for phishing schemes to prey on people’s fear and uncertainty along with a message of urgency and possible consequences. Hackers enjoy phishing schemes because they are easy to deploy and can provide fast access into networks. The recipient clicks a link or opens an email or an attachment, and that launches malware which can infect a computer and give the hacker administrative control. And, once they have control, they encrypt the data and hold it for ransom. Preventing phishing schemes requires staff training. They need to understand the risks of opening emails and downloading attachments from unrecognized senders. Be sure to conduct training sessions with images of phishing emails, pointing out common tricks like misspelled URLs, poorly constructed sentences, and other signs of non-genuine emails. Here are some other signs of phishing emails employees should be aware of: • URLs do not match the purported business. Users can hover over the URL (place your curser over the URL or email address) to see the real destination or address • Emails asking for Social Security Numbers, bank account information, and other personal data are always fake • Emails that attempt to elicit panic and suggest the recipient ‘must act’ are always suspicious • Phishing schemes often change to reflect current events, such as vaccination, political decisions, COVID “cures”, and other hot topic issues For employees, deletion is always the answer. If there is any doubt about the veracity of an email, they can simply contact the organization or individual that sent the message. Institute a policy that no worker will be in trouble if they delete a genuine email if they thought it came from a shady sender. Managing Remote Workers: Flexibility vs. Safety It is obvious remote work is here to stay. For new hires it is now considered a standard condition of employment, instead of a rare sought-after benefit. With remote work comes inherent hazards for businesses to manage devices and employee actions as they relate to cybercrime risks. Ideally, business owners will provide employees with dedicated laptops and phones for work. These will come preloaded with malware protection, firewalls, and strict access points for reaching company data. It is a better route than ”BYOD” as workers tend to use their own devices for riskier behaviors that can offer convenient entry points for bad actors. There is also privacy and support benefits with corporate-provided devices. IT can control company property without worrying about stumbling across an employee’s photos or their Facebook posts. Cyber Defense eMagazine – November 2021 Edition 109 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
The Top 3 Cyber Security Mistakes a
Page 3 and 4:
How To Effectively Secure Connected
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - November
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
2. Technology and System It is also
Page 37 and 38:
NetOps Enhances Security Growing nu
Page 39 and 40:
the businesses utilizing an indepen
Page 41 and 42:
Sensitive data exposure and the ser
Page 43 and 44:
You’ve Been Attacked by Ransomwar
Page 45 and 46:
● Stop the bleeding: Segregate th
Page 47 and 48:
Digital Transformation Security: Gu
Page 49 and 50:
When the partners and solutions hav
Page 51 and 52:
Why The Integration of Netops And S
Page 53 and 54:
organizations, where siloed operati
Page 55 and 56:
How to protect yourself from cyber
Page 57 and 58: Five Cloud Telephony Security Vulne
Page 59 and 60: By encrypting all data end-to-end a
Page 61 and 62: The following signs may indicate a
Page 63 and 64: The 5 Most Common Cyber-Attacks on
Page 65 and 66: social engineering attacks by reduc
Page 67 and 68: throughout your everyday operations
Page 69 and 70: protect critical systems, applicati
Page 71 and 72: • Protect Data There are various
Page 73 and 74: Overcoming the Limitations of VPN,
Page 75 and 76: • VPN cannot limit access control
Page 77 and 78: About the Author Burjiz Pithawala i
Page 79 and 80: A Work in Progress The Advanced Tec
Page 81 and 82: SOAR Into More Integrated Cybersecu
Page 83 and 84: analyst requires more data to reall
Page 85 and 86: Critically, this survey found that
Page 87 and 88: About the Author Mike East is Vice
Page 89 and 90: complete security strategy should i
Page 91 and 92: Financial Institutions Leveraging C
Page 93 and 94: CIAM is an area that is increasingl
Page 95 and 96: (Image source: Statista) Attacking
Page 97 and 98: than actually going to the server.
Page 99 and 100: and have complete control over all
Page 101 and 102: What Do Spear Phishing Attacks Look
Page 103 and 104: Our report also suggests that emplo
Page 105 and 106: Keeping Your Guard Up: Protecting A
Page 107: create significant security risks t
Page 111 and 112: Lateral Movement - The Key Element
Page 113 and 114: isolating endpoints, MDR analysts c
Page 115 and 116: When Does a Vulnerability Become a
Page 117 and 118: So, what if I change my query from:
Page 119 and 120: How To Bring Your Own Key to Hybrid
Page 121 and 122: Absence of sole control - is BYOK t
Page 123 and 124: On-premise versus virtual HSMs To b
Page 125 and 126: Protect Data with Deep Packet Inspe
Page 127 and 128: This type of Data Breach Prevention
Page 129 and 130: We buy more products...and we’re
Page 131 and 132: Access over Ownership Cybersecurity
Page 133 and 134: How To Do Disruptive Innovation Rig
Page 135 and 136: 3. Verify all patents, trademarks,
Page 137 and 138: Cyber Defense eMagazine - November
Page 149 and 150: CyberDefense.TV now has 200 hotseat
Page 151 and 152: Books by our Publisher: https://www
Page 155: Cyber Defense eMagazine - November
show all

Cyber Defense eMagazine November Edition for 2021

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?