por Rebeca | Feb 1, 2023 | Ciberseguridad
The first step in fixing any IAM problem is to understand it. basically Common mistakes or risk of a data breach.
IAM is the information technology security framework of policies that ensures the right users have the appropriate access to the resources they need to do their jobs well. basically It requires managing the lifecycle and roadmap of your users’ identities, governing their access, and properly monitoring the use of their identities and credentials through identity analytics.
Effective IAM ensures that adequate controls are in place to control the ability of users to interact with critical systems, for which they require «privileged» access basically the basis of Privileged Access Management (PAM).
But this isn’t the only way threat actors find security gaps, which is why businesses must avoid the most common identity and access management (IAM) mistakes.
The most common IAM mistakes:
- Poor or partial IAM implementations
- No clear IAM governance results
- No executive leadership team “buy-in” or clear guidance for employees.
- A lack of skilled cybersecurity experts as IAM engineers, architects, and managers.
- Multiple systems of record with duplicate identity credentials.
- Political infighting over data and application ownership or responsibility.
- A lack of organizational change management processes to resolve issues and stay ahead of hackers’ latest tactics.
- A fear of automation, causing a reliance on risky, time-consuming manual processes.
- Uncleaned data lifted and shifted into new IAM systems.
- Unrealistic IAM roll-out basically approaches that aren’t effective.
And above all, identity security should never rely on the CISO or CIO to manage and communicate. All business leaders must share the same strategic vision around IAM and drive it within the organization to succeed also including the CEO, CFO, and COO.
Common mistakes or risk of a data breach
Don’t wait until it’s too late to fix the problems in your IAM strategy, and get ahead of the curve by fixing the easy mistakes you’re making today.
Shall we talk?
Sources:
(1) Spiceworks
(2) Computerweekly
Image: Kris in Pixabay
por Rebeca | Ene 25, 2023 | Ciberseguridad
Automated Threats in the retail sector
According to the most recent studies, 62% of the threats that retail organizations faced were automated, and that suggests an increasing threat level that corporations need to be aware of.
Online retailers have seen a tenfold increase in the proportion of attacks carried out through frameworks designed to preserve anonymity. If last year the proportion was only 3.5%, this year it has shot up to 33% with all elements considered and taken into account.
In the past 12 months, nearly 40% of traffic hitting the average ecommerce website was not generated by humans, but instead came from often-malicious bots running automated tasks. Nearly a quarter of traffic – 23.7% – was attributable to advanced bots using cutting-edge evasion techniques to mimic human behaviour and avoid detection.
Last year, bot-related attacks grew by 10% during October and another 34% in November. Providing clear evidence that the actors behind such automated bot networks. Are keenly aware of the value of the holiday period to retailers. Indeed, one variety of automated bot has become known as a Grinch Bot. Scooping up inventory that is in high-demand and hoarding it, making it harder for legitimate consumers to purchase gifts online.
Other malicious bots
The attackers behind these bots are generally using leaked customer details in credential stuffing attacks. In an indication of the volume of their activity. Imperva found 22.6% of all login attempts on retail websites are malicious.
With limited staff and conflicting priorities, retailers face the challenge of combating security threats. Many retailers still delegate key security activities to auditors, contractors and stores. Finally, many retailers lack a governance process and focus instead. Regulatory compliance at the expense of a framework that governs information.
Sources:
- Digitalinformationworld.com
- Computerweekly.com
- Businesswire.com
por Rebeca | Ene 18, 2023 | Ciberseguridad
Cyber-Attacks Set To Become «Uninsurable»
This is the stark assessment from Mario Greco, chief executive at insurer Zurich, one of Europe’s biggest insurance companies, speaking to the Financial Times.
Amid growing concern among industry executives about large-scale cyber-attacks, Greco warned that cyber-attacks, rather than natural catastrophes, will become “uninsurable”. For the second year in a row, natural catastrophe-related claims are expected to top $100bn, the FT reported.
Cyber-attacks have continued to plague multiple industries in recent years, some of whom are doing little to prevent future attacks, when they opt to pay hackers and criminal gangs (against all security professional advice) to unlock their ransomware crippled systems or call off DDoS attacks.
Zurich’s Mario Greco praised the US government’s steps to discourage ransom payments. hence “If you curb the payment of ransoms, there will be fewer attacks,” he told the Financial Times.
In September 2022, Lloyd’s of London defended a move to limit systemic risk from cyber attacks by requesting that insurance policies written in the market have an exemption for state-backed attacks. A senior Lloyd’s executive said the move was «responsible» and preferable to waiting until «after everything has gone wrong».
Identifying those responsible for an attack is challenging, making such exemptions legally fraught, and cyber experts have warned that rising prices and bigger exceptions could put off people buying any protection.
There was a limit to how much the private sector can absorb. Especially In terms of underwriting all the losses coming from cyber attacks, Greco said. He called on governments to «set up private-public schemes to handle systemic cyber risks that can’t be quantified. Following Similar to those that exist in some jurisdictions for earthquakes or terror attacks».
These are the data:
- According to Security Magazine. There are over 2200 attacks each day which breaks down to nearly 1 cyberattack every 39 seconds
- With around 2,220 cyberattacks each day, that equates to over 800,000 attacks each year.
- According to Cybint, nearly 95% of all digital breaches come from human error.
Cyber security experts share their prediction for the most impactful threat vectors and cyber risks of 2023, so when they were asked in mid-2022 by Cyber Security Hub which threat vectors posed the most dangerous threat to their organizations on 2023, 75% of cyber security professionals said social engineering and phishing.
Since the survey closed, multiple organizations such as Dropbox, Revolut, Twilio, Uber, also LastPass and Marriott International have suffered from such attacks further highlighting the importance to cyber security practitioners of staying aware of phishing threat.
Privileged account management is the IT security process of using policy-based. Software and strategies to control who can access sensitive systems and information. Basically Privileged accounts rely on credentials (passwords, keys, and secrets) to control access. By creating, storing, and managing these credentials in a secure vault. Also Privileged account management controls authorized access of a user, process, or computer to protected resources across an IT environment.
Sources:
- Silicon.co.uk
- Insuranceinsider.com
Imagen Arthur Bowers in Pixabay
por Rebeca | Ene 11, 2023 | Ciberseguridad
Transforming risk into an advantage
The need for a conscious and holistic approach to governance, evidently risk and compliance (GRC) has never been more critical for organizations. As the business environment changes, companies need to evolve their GRC strategies to maintain a holistic view of interconnected risks, fourthly understand the financial implications of those risks and make more informed decisions at all levels.
How to take a proactive approach to transform risk into a strategic advantage:
- As your business prepares for inflation, economic uncertainty, and the global risk of stagflation, you must build resiliency to recover from obstacles with minimal business impact. despite Resiliency has gained importance in recent years. It integrates with enterprise-wide risk management and works across the organization, basically providing a comprehensive view of what’s at stake. Agility and resilience complement each other.
- Technology leaders, like CIOs, now at the center of corporate decisions, are becoming critical decision-makers in core business functions such as marketing, sales, product development, and finance.
- To build and maintain customer trust in third-party vendors, you need a proactive approach to third-party risk management. Amid escalating economic uncertainty, you need to look closely at third-party companies as businesses – which vendors are mission-critical and which ones you can eliminate with minimal negative impact. Most companies conduct some due diligence, but many don’t monitor third-party risks beyond an annual checklist. By then, information could be outdated, vendors noncompliant, and your business at risk. With the right tools and clear communication, your business can manage vendor risks to protect yourself and your customers.
- More than 80% of consumers believe companies should actively shape ESG guidelines, and almost all (91%) business leaders believe their organization is responsible for acting on ESG issues. Additionally, 86% of employees want to work for businesses that share their values.
- A resilient organization requires flexible and adaptable structures in all operational areas. While hybrid work offers employees flexibility, it also increases operational risk.
Risk management is everyone’s responsibility. Cultivating a culture of resiliency and taking control of third-party relationships will improve your risk attitude.
Source:
- Learn.g2.com
- PwC
- Logicgate.com
- Worldbank
por Rebeca | Ene 4, 2023 | Ciberseguridad
Cybersecurity Law Code
There is a European Directive, Directive 2016/1148, regarding the measures aimed at guaranteeing a high common level of security in the networks and information systems of the Union. This Directive has a couple of articles related to the security of networks and information systems for essential service operators and digital service providers.
Article 14 states that «Member States shall ensure that operators of essential services shall take appropriate and proportionate technical and organizational measures to manage the risks to the security of the networks and information systems» used in their operations. Adequate and proportionate measures to manage the resulting risks to the security of the networks and information systems» used in their operations. Given the situation, these measures will guarantee a level of security of the networks and information systems that is adequate in relation to the risk posed.”
Likewise
The competent authority or the CSIRT (acronym for Computer Security Incident Response Teams) must also be notified without undue delay of incidents that will have significant effects on the continuity of essential services provided so that they can be taken. Institutional or national measures in this regard, where appropriate.
In addition, in June 2019 the EU Cybersecurity Regulation entered into force, and introduced:
- A certification system for the whole EU,
- A new and strengthened mandate for the EU Agency for Cybersecurity.
The EU has established a single EU-wide certification framework that builds trust. It increases the growth of the cybersecurity market and facilitates trade across the EU.
In Spain we have a Cybersecurity Law Code, published in the Official State Gazette. Ensuring the aforementioned cybersecurity.
Regarding cybersecurity
At a technical and organizational level it is necessary to take into account the new European Data Protection Regulation. Regulation (EU) 2016/679. As well as the existence of other types of international protocols or standards. Especially those related to the international transfer of data, such as the Privacy Shield.
These are just some of the rules that protect cyberspace. But there are many more detailed ones that regulate even more specific aspects.
Therefore, cybersecurity covers many subjects related to criminal and civil law, and the protection of honor or privacy, among others, that are also applied in the real and physical world. The resulting impact due to the fact of occurring in the digital world.
Also, on 15 September 2022 The European Commission published a proposal for a Cyber Resilience Act (the ‘Regulation’), which aims to:
- improve transparency so that users can take cybersecurity into account when selecting and using a product with digital elements.
The Regulation will affect a wide range of parties in the technology supply chain. Here you will need to consider how the additional cybersecurity requirements will affect your manufacturing and distribution processes. Although most of the obligations will take effect 24 months after entry into force. Manufacturers will only have 12 months to comply with the Act’s reporting obligations.
Sources:
- technologylawdispatch
- enisa.europa.eu
