CS Jul-Aug 2023

More documents

Recommendations

Info

cyber attacks RUSSIA'S CYBER RAMPAGE BUSINESSES WARNED TO BRACE FOR IMPACT FROM BARRAGE OF ATTACKS Raghu Nandakumara, Illumio. Gavin Millard, Tenable Network Security. UK infrastructure faces destruction from Russian-backed cyber groups, says UK minister Oliver Dowden - a warning that further indicates the battle of wills and ideologies between the Kremlin and Western capitals following Russia's invasion of Ukraine. Dowden said these politically motivated groups were now rearing their heads on UK shores and pleaded with businesses to brace for their cyber impact. He outlined recent attempts from 'Wagner-like cyber groups' to damage UK critical national infrastructure. These adversaries are ideologically, rather than financially, motivated, he added, making them less likely to show the same level of restraint as national actors, sharpening concerns around these threats. In response, UK Government has made a series of announcements aimed at further strengthening UK resilience. These include: The National Cyber Security Centre (NCSC) issuing an official threat notice to operators to help protect the country Government to set "specific and ambitious cyber resilience targets" for all critical national infrastructure sectors to meet by 2025 Government exploring how to bring all private sector businesses working in critical national infrastructure within the scope of cyber resilience regulations Enhanced cyber security measures to protect the UK Government's critical IT systems, known as GovAssure. Gavin Millard, deputy chief technology, Tenable Network Security, points to how threats from state-based actors against critical infrastructure are nothing new and indeed a constant issue. "With an aging infrastructure and a vast attack surface vulnerable to known flaws, it's important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber-attack against critical assets could have wide-ranging impacts to the population and economy," he states. "Attacks, such as those seen against JBS foods and the Colonial Pipeline, leveraged flaws such as Remote Desktop Protocol (RDP) and exposed Virtual Private Networks (VPNs) to gain initial access. Once a foothold had been found, gaining privileges and distributing malicious code was concerningly easy. To prevent such actions from occurring, it's critically important that organisations take a pre-emptive approach to identifying and addressing these exposures before they are leveraged." In response to the comments made by Dowden, Raghu Nandakumara, senior director and head of industry solutions at Illumio, had this to say: ""The introduction of new targets is a positive move and will provide a uniform baseline for cyber resilience across all sectors. However, the 2025 timeline is aggressive and signifies the severity of the threat. It also raises the question as to what these targets will be and how achievable they will be in that timeframe. "As a nation, we have to shift the focus from simply preventing attacks to surviving them and that requires an 'assume breach mentality', along with the adoption of riskbased security models like Zero Trust. The UK government is leading the way in CNI. However, I anticipate that cyber resilience will become an industry-recognised metric for all companies to achieve and measure against." 10 computing security July/August 2023 @CSMagAndAwards www.computingsecurity.co.uk
ansomware WHY BEING AGILE MATTERS WHEN IT COMES TO A RANSOMWARE ATTACK STEVE USHER, SECURITY SERVICES MANAGER, BROOKCOURT SOLUTIONS, OFFERS HIS EXPERT INSIGHTS Over the course of the last few years, we have witnessed too many highprofile companies being featured in the media who have fallen victim to ransomware demands. In that moment, as a business leader, what are your first thoughts? Imagine for that moment what it might be like if your organisation was hit by an attack - would you be ready? Ransomware attacks are one of the most significant and rapidly evolving threats in the cybersecurity landscape. The damage a ransomware attack can cause to a business doesn't bear thinking about. The financial loss, data loss and operational disruption will all take a toll on the overall reputation of an organisation. For senior management, understanding how and why ransomware attacks happen is incredibly complex, especially without knowledge of vulnerabilities, code or a clear view of the methods, motivations and current activities of cybercriminals. In a recent example, a senior security analyst joined top executives from a Fortune 500 company. He joined the meeting cold, not knowing what to expect, and was able to eloquently conduct a live review of threat intelligence, using the latest technology. The client struggled to comprehend the level of detail and how exposed the business actually was, leading to a greater understanding and hence the security posture was elevated. The threat of ransomware is constantly evolving and we need to always remain 'threat aware'. It's a game of cat and mouse where we may often only learn from being exposed. However, our true strength comes from how we recover with agility. We need to educate business leaders to understand the threat will always be there. There is no escape; regularly reviewing your security posture and investing in your cyber security is paramount to protect your business, stakeholders and your data. Here's the five-point plan for better resilience: 1. Rapid Response: Time is of the essence in mitigating the impact of a ransomware attack - helping businesses understand the key next steps to identify and contain the attack, minimise its spread and prevent further damage. Delayed response can lead to increased data loss, extended downtime and higher financial costs for the affected organisation 2. Adaptive Solutions: Ransomware attacks constantly evolve, with new variants and techniques emerging regularly. Being ready to adapt tools, techniques and approaches to counter an evolving threat is paramount, having access to the latest threat intelligence, developing new detection and prevention mechanisms to help business with effective solutions to combat the specific ransomware strain they are facing 3. Collaboration and Information Sharing: Through active collaboration and information sharing with relevant stakeholders, including customers, industry peers, law enforcement agencies, we can foster a collaborative environment, pool resources, share insights and collectively respond to ransomware attacks more effectively 4. Incident Management and Recovery: Helping business to adopt a well-defined incident management process in place to handle ransomware attacks. This includes coordinating with customers, providing guidance on containment, facilitating communication and helping organisations return to normal operations as quickly as possible, as well as ensuring regular backups, including tests are put in place as part of on-going process 5. Continuous Improvement: By analysing attack patterns, post-incident reviews and lessons learned from every ransomware incident, we can refine better solutions for businesses to update their procedures and enhance their overall cyber resilience against future attacks. www.computingsecurity.co.uk @CSMagAndAwards July/August 2023 computing security 11
Page 1: Computing Security Secure systems,
Page 4 and 5: Secure systems, secure data, secure
Page 6: news Gary Barlet, Illumio. IBM EXPA
Page 9: DON’T SaaSSS GET YOUR KICKED! ! T
Page 13 and 14: privacy crisis an inconsistent pict
Page 15 and 16: Infosecurity Europe Matthew Syed's
Page 17 and 18: Computing Security Secure systems,
Page 19 and 20: workplace welfare within the cybers
Page 21 and 22: identity & access may cause operati
Page 23 and 24: managed services Unfortunately, man
Page 25 and 26: GDPR that bridges the gap between t
Page 27 and 28: GDPR legislation in other parts of
Page 29 and 30: AI enhance SOAR with a generative A
Page 31 and 32: cyber strategy SECURITY BY DESIGN N
Page 33 and 34: ansomware attacks While laws could
Page 35: Computing Security Secure systems,

CS Jul-Aug 2023

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?