CS Nov-Dec 2023
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
news<br />
Daniel Hofmann, Hornetsecurity.<br />
HORNETSECURITY UNVEILS ITS<br />
NEW 'ESSENTIAL COMPANION'<br />
Cybersecurity provider Hornetsecurity has<br />
published 'Microsoft 365: The Essential<br />
Companion Guide', designed for IT administrators<br />
who manage a Microsoft 365<br />
environment. The guide can be accessed<br />
here. It is also aimed at decision-makers<br />
looking to gain an overview of what to<br />
expect when migrating to the cloud and<br />
ways they can adopt services in Microsoft<br />
365 (M365). It complements Hornetsecurity's<br />
recent launch of Plan 4 'Compliance &<br />
Awareness' of its flagship solution 365 Total<br />
Protection.<br />
"The new Plan 4 of Hornetsecurity's cloudbased<br />
solution is its most comprehensive,<br />
taking M365 security management and data<br />
protection to the next level by encompassing<br />
email security, backup and recovery, compliance,<br />
permission management and security<br />
awareness," says the company.<br />
Comments Hornetsecurity CEO Daniel<br />
Hofmann: "Administrators have a big, and<br />
often complex, job on their hands that can<br />
become overwhelming, given the pace<br />
at which technology and business needs<br />
continue to advance." The guide will play<br />
an important role in delivering a thorough<br />
understanding of Microsoft 365 and how<br />
to use it to the best of its abilities, he adds.<br />
"With this guide, we want to save time and<br />
hassles for M365 administrators, helping<br />
them work smarter and not harder."<br />
HOW ATTACKERS EXPLOIT EMAIL TO BREACH AN ACCOUNT<br />
Anew Threat Spotlight by Barracuda researchers shows<br />
how attackers can misuse inbox rules in a successfully<br />
compromised account to evade detection. Meanwhile,<br />
amongst other things, they quietly move information out of<br />
the corporate network via the breached inbox. Not only this,<br />
but attacks can also ensure that the victims don't see security<br />
warnings, filing selected messages in obscure folders, so the<br />
victim won't easily find them or delete messages from the<br />
senior executive they are pretending to be, in an attempt<br />
to extract money. Says Prebh Dev Singh, manager, email<br />
protection product management, at Barracuda: "Malicious<br />
rule creation poses a serious threat to the integrity of an organisation's<br />
data and assets. Because it is a post-compromise<br />
technique, it's a sign that attackers are already in your<br />
network. Immediate action is required to get them out."<br />
THE STRUGGLE TO ALIGN CYBERSECURITY WITH BUSINESS OUTCOMES<br />
Aworrying 97% of respondents' organisations face<br />
challenges in trying to align cybersecurity priorities with<br />
business outcomes. That is one finding a study conducted by<br />
Forrester Consulting on behalf of WithSecure (formerly<br />
F-Secure Business). WithSecure chief information security<br />
officer Christine Bejerasco says it requires cybersecurity<br />
professionals to develop a different strategic approach to how<br />
they think about their jobs. "It can be difficult for security<br />
practitioners to see their work in relation to a business'<br />
purpose or objectives, but that's really how many boards<br />
or executives view security work," she states. "However, the<br />
transition to outcome-based security doesn't necessarily<br />
involve abandoning traditional metrics. It means explicitly<br />
recognising the value of those metrics in relation to how<br />
they benefit the organisation and its objectives."<br />
Prebh Dev Singh, Barracuda.<br />
Christine Bejerasco,<br />
WithSecure.<br />
ALMOST 340 MILLION PEOPLE HIT BY DATA BREACHES IN FOUR MONTHS<br />
The 'Independent Advisor' has just launched<br />
a new Company Data Breach Tracker for <strong>2023</strong>.<br />
A regularly updated, month-by-month timeline<br />
of the latest such breaches and hacks in <strong>2023</strong>, it<br />
also tracks overall business breach statistics for the<br />
year. With almost 340 million people affected by<br />
business data breaches in the first four months<br />
of <strong>2023</strong> alone, staying secure online remains a<br />
growing concern for companies. More and more<br />
fall victim to cyber-attacks, phishing scandals and<br />
ransomware, leading to data leaks, huge payouts and often lawsuits. Lead writer and researcher<br />
Camille Dubuis-Welch comments: "Like it or not, cybercrime is prolific."<br />
6<br />
computing security <strong>Nov</strong>/<strong>Dec</strong> <strong>2023</strong> @<strong>CS</strong>MagAndAwards www.computingsecurity.co.uk