Email Security: The Crucial Double Check

Despite innovations and sophistication in hacking methods, one of the main means of data loss is insiders, including employees making mistakes. Humans make errors – stressed, distracted employees will make even more mistakes. And with sensitive information on the line, such as regulatory compliance to safeguarding Intellectual Property (IP), companies are increasingly concerned about the risk of inadvertent data loss. But how can this threat be mitigated? This article emphasises the importance of implementing a crucial double check to improve email security culture.

Read more...

Why You Should Care About Cyber Supply Chain Risk Management

To remain competitive in this new business and complex IT environment, organizations must be fully aware of the threats affecting their supply chains and should work effectively to mitigate them before they pose risks to their customers and business operations. This article sheds light on the term Cyber Supply Chain Risk Management (C-SCRM), outlines the most common threats, and lists mitigations to lower their impact.

Read more...

The Role of Data Governance in Cybersecurity

Data is a critical enterprise asset that underpins operations, drives decision-making, makes personalised end-to-end service delivery possible, unlocks competitive advantage and more. Unfortunately, all this data represents a rich prize for cyber criminals looking to steal, hijack, or hold data to ransom. Which is why cybersecurity has become a top strategic priority for today’s organisations, given the exponential rise of ransomware, phishing and other cyber threats.

Read more...

What exactly is Security Assurance?

If you are a regular reader of Cybersecurity Magazine, you may have come across Security Assurance before. In this article, we take a look at what is behind this abstract term and why it is so important.
Security assurance is an umbrella term for several processes aimed at ensuring individual system components can adequately protect themselves from attacks. Doing so requires not just a one-time effort, but actually spans the complete system lifecycle. After all, what is considered an acceptable security posture may change over time depending on, for example, newly emerging threats or changes to how the system itself is utilized.

Read more...

Why should banks be concerned with DDoS attacks?

Distributed Denial of Service (DDoS) attacks first appeared on the radars of security experts around 1999, when a wave of cyberattacks brought down countless websites, including resources of major corporations, such as CNN, eBay, Amazon, and E-Trade.
Many years later, DDoS attacks have not lost their relevance, on the contrary, DDoS attacks are growing more and more destructive. Financial institutions are increasingly becoming the targets of malicious actors, their financial and commercial losses inflicted by DDoS, lost revenue, customer churn, and hits to reputation, far exceeding operating losses.
DDoS then is a real and pressing threat for banks. But why are DDoS attacks in this industry that much more prevalent?

Read more...

The Importance of Cloud Security Governance

Cloud security, and in particular cloud security governance, is becoming an increasingly important area for security professionals to pay attention to. Cloud security has been on our radar since the inception of the whole cloud concept, but with the increase in the number of different cloud environments available, some special and some general, and the move to cloud-first deployments for companies around the world, having governance in place for the security of these clouds is becoming a business-critical issue.

Read more...

TPA Auditing to Enhance the Privacy and Security in Cloud Systems

Over the last decade, many enterprises around the world migrating from traditional infrastructure to cloud resources in order to cut down operational and capital expenditure. With cloud computing, huge amount of data transactions is communicated between cloud consumers and cloud service providers. However, this cloud computing enables surplus security challenges associated to unauthorized access and data breaches. We proposed in this paper a trusted third-party auditor (TPA) model which uses lightweight cryptographic system and lightweight hashing technique to ensure data security and data integrity to audit the cloud users outsourced data from cloud service providers.

Read more...

The Thriving Underground Economy and How It’s Increasing Hacker Capabilities

The spread of ransomware has reached unprecedented levels; every few days, there are headlines about new attacks crippling major companies or organizations. Some of these attacks have resulted in 8 figure ransoms, but the damage caused by downtime and data leaks is much larger than losses to ransoms.
A lot of the profits hackers are raking in get reinvested in enhancing their capability. All of this cash is driving the growth of an increasingly advanced and sophisticated underground economy, and with it, an expansion in hacker capabilities.

Read more...

Prevention is Better Than Cure: The Ransomware Evolution

With the number and frequency of ransomware attacks increasing, not to mention the innovation in distribution methods, this should be a wake up call for organisations to strengthen their defences. By taking a preventative approach, businesses can take the necessary steps to strengthen their cybersecurity posture. This includes a combination of education, processes, hardware and software to detect, combat and recover from such attacks if they were to arise.

Read more...