por Rebeca | Abr 19, 2023 | Sin Categoria
La ciberseguridad se ha convertido en una preocupación creciente en la era digital, y ningún sector está exento de recibir amenazas cibernéticas. En Europa, varios sectores han sido objeto de ataques cibernéticos en los últimos años, según datos proporcionados por Enisa.
En este post, desgranamos los seis principales sectores afectados por ciberamenazas en la Unión Europea el pasado año.
24% Administración pública/gobierno
Los gobiernos y la administración pública han sido objeto de numerosos ataques cibernéticos en Europa. Estos ataques pueden tener graves consecuencias, como la filtración de información confidencial, el acceso no autorizado a sistemas gubernamentales y la interrupción de servicios públicos.
13% Proveedores de servicios digitales
Con el crecimiento del comercio electrónico y la digitalización de los servicios, los proveedores de servicios digitales también han sido blanco de amenazas cibernéticas. Esto incluye a empresas que ofrecen servicios online como plataformas de comercio electrónico, redes sociales, servicios de correo electrónico, entre otras.
12% Público en general
La población también se ha visto afectada por estas amenazas, incluyendo ataques de phishing, malware y estafas online. Los ciberdelincuentes a menudo aprovechan la falta de conciencia y conocimientos en ciberseguridad de los usuarios para llevar a cabo sus ataques.
12% Servicios
El sector de servicios, que incluye una amplia gama de industrias como transporte, logística, turismo, hotelería y más, también han sufrido las consecuencias de los ciber ataques. Estos pueden tener un impacto significativo en la operatividad y la reputación de las empresas del sector.
9% Finanzas/banca
El sector financiero, que maneja una gran cantidad de datos sensibles y transacciones financieras, ha sido durante mucho tiempo un objetivo atractivo para los ciberdelincuentes. Los ataques cibernéticos en este sector pueden tener graves consecuencias financieras, así como erosionar la confianza de los clientes.
7% Salud
El sector de la salud también ha aumentado su vulnerabilidad ante las amenazas, especialmente durante la pandemia de COVID-19. Los ataques a sistemas de atención médica pueden tener consecuencias graves, como la interrupción de los servicios de atención médica, el robo de datos médicos sensibles y la exposición de la información personal de los pacientes.
La ciberseguridad es esencial en todos los sectores en la era digital. Los datos proporcionados por Enisa (agencia europea de ciberseguridad), revelan que la administración pública, los proveedores de servicios digitales, el público en general, el sector de servicios, el sector financiero y el sector de la salud son algunos de los sectores más afectados en la Unión Europea. Es crucial que empresas e instituciones inviertan en medidas de ciberseguridad adecuadas para proteger su información y activos, así como garantizar la continuidad de sus operaciones y la confianza de sus clientes y usuarios.
Ayudamos a empresas de diversos sectores a proteger su entorno y a innovar eficazmente. Vea cómo Soffid puede ayudarle a mantenerse a la vanguardia en un mundo digital que evoluciona rapidamente.
¿Hablamos?
- Noticias Parlamento Europeo
por Rebeca | Ene 18, 2023 | Ciberseguridad
Cyber-Attacks Set To Become «Uninsurable»
This is the stark assessment from Mario Greco, chief executive at insurer Zurich, one of Europe’s biggest insurance companies, speaking to the Financial Times.
Amid growing concern among industry executives about large-scale cyber-attacks, Greco warned that cyber-attacks, rather than natural catastrophes, will become “uninsurable”. For the second year in a row, natural catastrophe-related claims are expected to top $100bn, the FT reported.
Cyber-attacks have continued to plague multiple industries in recent years, some of whom are doing little to prevent future attacks, when they opt to pay hackers and criminal gangs (against all security professional advice) to unlock their ransomware crippled systems or call off DDoS attacks.
Zurich’s Mario Greco praised the US government’s steps to discourage ransom payments. hence “If you curb the payment of ransoms, there will be fewer attacks,” he told the Financial Times.
In September 2022, Lloyd’s of London defended a move to limit systemic risk from cyber attacks by requesting that insurance policies written in the market have an exemption for state-backed attacks. A senior Lloyd’s executive said the move was «responsible» and preferable to waiting until «after everything has gone wrong».
Identifying those responsible for an attack is challenging, making such exemptions legally fraught, and cyber experts have warned that rising prices and bigger exceptions could put off people buying any protection.
There was a limit to how much the private sector can absorb. Especially In terms of underwriting all the losses coming from cyber attacks, Greco said. He called on governments to «set up private-public schemes to handle systemic cyber risks that can’t be quantified. Following Similar to those that exist in some jurisdictions for earthquakes or terror attacks».
These are the data:
- According to Security Magazine. There are over 2200 attacks each day which breaks down to nearly 1 cyberattack every 39 seconds
- With around 2,220 cyberattacks each day, that equates to over 800,000 attacks each year.
- According to Cybint, nearly 95% of all digital breaches come from human error.
Cyber security experts share their prediction for the most impactful threat vectors and cyber risks of 2023, so when they were asked in mid-2022 by Cyber Security Hub which threat vectors posed the most dangerous threat to their organizations on 2023, 75% of cyber security professionals said social engineering and phishing.
Since the survey closed, multiple organizations such as Dropbox, Revolut, Twilio, Uber, also LastPass and Marriott International have suffered from such attacks further highlighting the importance to cyber security practitioners of staying aware of phishing threat.
Privileged account management is the IT security process of using policy-based. Software and strategies to control who can access sensitive systems and information. Basically Privileged accounts rely on credentials (passwords, keys, and secrets) to control access. By creating, storing, and managing these credentials in a secure vault. Also Privileged account management controls authorized access of a user, process, or computer to protected resources across an IT environment.
Sources:
- Silicon.co.uk
- Insuranceinsider.com
Imagen Arthur Bowers in Pixabay
por Rebeca | Dic 7, 2022 | Sin Categoria
Cybersecurity Trends in 2023
According to a report recently published by the insurer Hiscox, but cyberattacks in Spain have an average cost per company of 105.000 euros, almost double compared to 2020, which was 55,000 euros. The cost per company reaches, on average, 78,000 euros worldwide.
The reputational damage must be added to the economic cost. Becouse a security breach can cause reluctance or fear among users but clients when hiring their services.
Today we share the trends in cybersecurity in 2023.
Cybersecurity Culture
Businesses will continue to fight phishing, ransomware, and DDoS. Remote work is here to stay, along with the security risks that come with it. Unshielded home networks, untrained employees, and the absence of a cybersecurity culture. Will pose a serious threat to organizations unless they take the proper precautions. A new geopolitical reality. The ongoing war, coupled with the energy crisis, may result in attacks on critical energy infrastructure.
Security Practices improvement
The CISO is responsible for setting the strategy, additionally cannot implement that strategy if there is no buy-in from other areas of the organization. It is up to the members of each department to apply the controls that the security team recommends or requires. This disconnect between the expectations of the security team and the actual implementation is where things fall apart. In 2023, organizations will look another to solve this problem and place more departmental emphasis on implementing security best practices.
Zero-Trust Architecture
Businesses will address ransomware threats from several ways, from improving cyber skills by working with the security team, to the right security tools such as multi-factor authentication, and training courses. Zero-trust architecture investment to validate access and improve security will increase.
Transparent Cybersecurity with customers
The way companies interact and communicate with their customers will. Need to change in 2023 as the public becomes increasingly aware of ransomware threats and data privacy issues.
As data breaches become increasingly public, rather than trying to downplay or hide the incident, organizations will need to admit the problem and provide details about the steps they are taking to mitigate the problem and prevent future breaches.
Visibility and security of connected devices
Leading organizations will target connected device cyber practices by establishing or updating related policies and procedures. Updating inventories of their IoT connected devices, monitoring and patching devices, refining device acquisition and disposal practices with security in mind , correlating IoT and IT networks, monitoring connected devices more closely to further secure those endpoints, manage vulnerabilities, and respond to incidents.
Supply chains threats
Today’s hyper-connected global economy has led organizations to rely heavily on their supply chains, them threats evolving in complexity, scale, and frequency, so organizations will continue the drive to innovate and mature their transformation capabilities. risk and security.
Organizations are focusing on implementing and operating identity and access management (IAM) capabilities. But trust is at zero that they enforce authorized third-party access to systems and data, and reduce the consequences of a compromised third party.
Shall we talk?
Fuentes:
- Spiceworks.com
- Venturebeat.com
por Rebeca | Dic 8, 2021 | Noticias, Recursos, Soffid
There is no “one size fits all” when it comes to cybersecurity.
Over the last six months, we have seen an escalation in the number of reported cyberattacks, in their range, sophistication and in their long-lasting impact on businesses such as the Colonial Pipeline attack, and SolarWinds to name just two. These events obviously highlight the importance of having an effective cybersecurity strategy per organization, one size fits all because even if an organization undergoes such an attack, there should be company processes in place to mitigate the severity of the consequences. To do that, companies must monitor and be aware of the main existing security risks and effectively respond to these types of incidents as they occur.
Still, each organization is different in its make-up, business needs, productivity measurements and workflows. Each organization has different network architectures and software. There is no “one size fits all” when it comes to cyber security.
CISOs
Security teams are usually aware that they need to identify the cyber risks most likely to affect their own business’ smooth running and build a security infrastructure aligned with the company’s risk tolerance level. But that is easier said than done.
Even now, with everything that has occurred, many enterprises do not prioritize personnel and budgets for this purpose, often leaving the CIO or CISO and her/his team to “fend” for themselves. Without the appropriate resources and without full company involvement and support, that is a very tall order.
In addition to organizational support, with the plethora of different approaches and tools, identifying the optimal security path requires adopting proactive and scalable methods and the ability to prioritize the different types of cyber threats.
Whether you obsess about cybersecurity every day or you are completely new to the process, there are certain things that you should consider to make your company’s cybersecurity strategy successful. In this post, we’ll reveal five elements you should include in your strategy, regardless of whether you are the sole proprietor of a brand new business or looking to transform the security posture of a large, well-established organization.
-
-
Understand the difference between compliance and security.
In any instance where your company collects personal information or data as part of your relationship with your customers or vendors, you have an ethical if not legal obligation to be a responsible steward of that data. It is not enough to say “we won’t share your personal information” or be able to produce required audit reports if asked, because that’s not really security. The first step to creating a security strategy is knowing what data you collect, where it’s stored, who has access to it, and why. This enables you to establish what is “normal” data use for your organization and makes it much easier to see when someone is trying to steal it.
-
Make data security everyone’s responsibility.
Forrester Research recently reported that 80% of security breaches involve privileged credentials. That means an insider either unwittingly or with malicious intent exposed their credentials, and likely sensitive personal data, to a cyber-criminal. Another pillar of a cybersecurity strategy should be educating employees on the fundamentals of how to proactively limit exposing their credentials. This can be as simple as asking people to log out of sensitive databases when finished with them or helping them identify a likely phishing attack. An organization like the National Cyber Security Alliance offers great resources to get you started. It’s also important to consider data access control issues. With the right technology, organizations can apply role-based user privilege access control rules to align individuals; privilege levels with the actual requirements of their job function. Not just once, but on a continuous basis.
-
Account for the roles of your cloud vendors and ISPs.
Organizations large and small share sensitive data with cloud-native architectures for a myriad of reasons. AWS’ very useful Shared Responsibility Model explains; very well that cloud vendors provide secure architectures in which their customers can store data; but it’s the customer’s responsibility to apply their security policy to the data. This detail seems to be lost on the vast majority of organizations. Gartner reports that at least 95% of cloud security failures until 2022 are predicted to be the customer’s fault.
Part of your security strategy should be working with all your cloud-native vendors to ensure that their environments. Many retail and services organizations use ISPs to host their websites. They depend on their ISPs to keep their websites up and running regardless of traffic levels.
If your website were ever subject to a Distributed Denial of Service (DDoS) attack; an incident whose sole purpose is to make your website and servers unavailable to legitimate users; you could be facing an existential threat. In many instances, to ensure the other websites they host are not subject to diminished performance. One size fits all an ISP will simply shut down a website under a DDoS attack until it stops. Part of your security strategy needs to account for DDoS attacks and have a solution in place to disperse; illegitimate web traffic without shutting down your website and ensure real customer traffic reaches your organization.
-
Have a plan for if you are breached.
In spite of best efforts, breaches happen and your data security strategy needs to account for what happens next. You should have a disaster recovery plan in place to secure your network; prevent further damage and identify the breach source as well as inform stakeholders and law enforcement. The plan should turn the incident into a positive by ensuring knowledge gleaned.
While these elements are essential, they are not all you need. We strongly recommend working with cybersecurity experts to accurately evaluate your specific threat landscape; and help you build a sustainable data security strategy for today and the future.
Today’s hyperconnected and decentralized workforce maneuvers within dynamic network; architectures and programs that have moved to the edge and the cloud. Therefore any effective cyber defense strategy must start with open communication between the CIO/CISO. One size fits all security teams, and company executives.
This open line of communication is especially important since 2020.
one size fits all
With the increased number of employees working remotely, security officers face the added challenge of providing remote workers with additional layers of security, as the organization is more exposed to cybercriminals.
Integrating business operations with security personnel helps employees understand security better. It also allows cybersecurity professionals to consider the organization’s business strategy and priorities. While establishing cyber security policies and managing cyber risk solutions and monitoring.
Additionally, establishing the following core security principles and policies empowers the CIO/CISO; to focus both on individual applications and the broader company infrastructure.
Sources:
(1) Security Boulevard
(2) CIO.com
(3) The World Economic Forum
Picture: <a href=’https://www.freepik.es/fotos/negocios’>Foto de Negocios creado por rawpixel.com – www.freepik.es</a>
por Rebeca | Jun 23, 2021 | Ciberseguridad, Soffid
Management and authentication of identities
While IAM controls provide authentication of identities to ensure; that the right user has the right access as the right time. PAM layers on more visibility, control, and auditing over privileged identities. Management and authentication of identities is really important.
In a Tuesday session, titled «Security Leader’s Guide to Privileged Access Management,» Gartner research director Felix Gaehtgens said privileged access management is a crucial component of any security program because of the increasingly large scope of IT environments, users, administrative tools, and IAM data such as passwords, and certificates.
Organizations face multiple challenges on Management and authentication of identities:
More over, insufficient oversight and auditing: Most organizations lack adequate controls to regulate the privileges and use of highly privileged accounts. However, but regulations such as Sarbanes-Oxley (SOX), J-Sox and GLBA dictate that organizations must demonstrate who has access to what data and resources, when, why and who approved such access and defined rights.
Importance of Auditing over privileged identities
Shared access to account IDs and passwords; The typical problem with shared accounts is that everyone uses the same ID and password, which creates compliance challenges, as it is impossible to determine who has access to the accounts and who actually performed a specific action.
So, inadequate segregation of duties: IT resource personnel who use and maintain privileged; accounts are often the largest access holders in any organization. Certain highly privileged accounts, also especially those designed for emergency operations and incident management; can allow misuse to go virtually undetected or leave no traceability. Organizations must choose between compliance and the ability to recover or resolve problems quickly.
It is a pleasure to invite you to our new webinar we are celebrating today, 23rd June.
During the webinar we will discuss about how PAM is emerging as one of the hottest topics in cybersecurity; and why it must be a part of your overall IAM strategy.
