Blog

Home|Blog

Cyber Risk vs Cyber Threat: Are They The Same Thing?

Cyber Risk vs Cyber Threat: Are They The Same Thing? After the term “cyber threat” began to enter common usage, its meaning became a bit fuzzy. The same goes for “risk” — we’ve all heard the term thrown around, but do we really know what it means and how it is used in IT? In this post, we will attempt to clarify these terms and their relationships. In today’s world, organisations must have high-level data security. Ensuring that client and vendor data isn't compromised is crucial. When customers, clients and vendors sign up to do business with you they expect that their information is deemed important enough for you to do everything in your power to keep it safe. Many clients with sensitive information will also require you to have a clear and thorough data security policy before doing business with you. That begs the question: “How confident are you

By |2021-03-06T22:01:43+00:00March 5th, 2021|Blog|0 Comments

Risk Assessment vs. Risk Analysis: An Overview

Risk Assessment vs. Risk Analysis: An Overview The recent growth of the extended enterprise has reached a tipping point. That means more organisations are expanding their businesses into the Cloud, staying leaner, and taking advantage of third-party support. At the same time, data breaches are at an all-time high. According to the Ponemon Institute, the average cost of a data breach in 2020 was $3.86 million. Across the globe, there is a growing awareness that organisations need to proactively manage their cyber risk. Often used as synonyms and easily confused, risk assessment and risk analysis are two unique cyber security processes that IT leaders need to understand to effectively address security issues to prevent data breaches. Below, find out about the differences between these processes and how they fit into a successful cyber security programme. What is a risk assessment? A cyber security risk assessment is the process of identifying,

By |2021-02-26T10:56:48+00:00February 26th, 2021|Blog|0 Comments

How to reduce your cyber risk with the FAIR cyber risk quantification model

How to reduce your cyber risk with the FAIR cyber risk quantification model Cyber risk is very real for organisations, who must constantly manage the risks and threats of cyber related attacks. According to the World Economic Forum's "The Global Risks Report 2021," cyber security failure ranks high among the top ten risks for business in terms of likelihood, outranked only by extreme weather events, livelihood crises and infectious diseases. But if cyber risk isn’t quantifiable, what’s the point? The key for any organisation is to understand exactly how much it's exposed to cyber risk and how much it's likely to lose. By quantifying that risk, you can set limits for your cyber security expenditures and calculate return on those investments. Read on to learn how you can make cyber risk more measurable for your organisation. Cyber Risk Quantification: Understanding the FAIR methodology A large concern in today’s boardroom is

By |2021-02-18T15:03:14+00:00February 18th, 2021|Blog|0 Comments

A better way to conduct security assessments?

A better way to conduct security assessments? The vendor security assessment process is too long, inefficient and time consuming.  A much better way to perform vendor security assessments would be to use the body of unbiased content that already exists in most companies: the security policy. Here we show you how. The traditional approach to security assessments In 2020, the global average cost of a data breach was $3.86 million, according to Ponemon’s Cost of a Data Breach Report. The report also notes that should a third party cause the data breach, the cost will increase — by more than $370,000. It is no wonder that in the wake of GDPR and large data breaches, organisations require due diligence from their third party vendors, usually in the form of security questionnaires. A security questionnaire assesses your, a vendor or third party's technology systems, physical security and policies. As illustrated in

By |2021-02-11T15:51:19+00:00February 11th, 2021|Blog|0 Comments

Simplifying Third-Party Vendor Risk Management

Simplifying Third-Party Vendor Risk Management For many organisations, setting up, managing and maintaining a third-party vendor risk management programme using questionnaires can be a complex, costly and time-consuming exercise. Vendors are often required to respond to similar questionnaires from multiple organisations. For vendors, this can be a tedious and complex process that takes time and, ultimately, money to answer. In this article we will look at some of the security questionnaire basics and explain how to avoid sending burdensome questionnaires, making your vendor management system more efficient and your questionnaire evaluation process more accurate and far less time consuming. Why is there a security questionnaire in my inbox? According to the Ponemon Institute, the average cost of a data breach in 2020 was $3.86 million. Third-party vendors are now, more than ever, a vital component of an organisation’s supply chain. In fact, research conducted by Gartner shows that third parties

By |2021-02-04T14:04:06+00:00February 4th, 2021|Blog|0 Comments

Attack Surface Management: How To Enable Your Company’s Cyber Defence

Attack Surface Management: How To Enable Your Company's Cyber Defence In a new worldwide digital work landscape accelerated by the Covid-19 pandemic, the threats posed by Shadow IT and attack surface expansion have been turbocharged. The attack surface of businesses has rapidly expanded and includes publicly facing infrastructure, domains, users, email addresses, social media, IoT, Cloud and web components. These complex attack surfaces have evolved at an ever-increasing rate, making their management and control difficult. And as its digital attack surface expands, so does the number of potential attacks a business could suffer. Considering that the digital attack surface will only continue to evolve in the future, businesses that are aware of and understand their attack surface will be better enabled to adjust their risk posture to defend themselves. Shadow IT & Digital Attack Surface Shadow IT resources include software, apps, systems and devices that are not approved by the

By |2021-01-21T14:39:17+00:00January 21st, 2021|Blog|0 Comments

Ransomware: Develop and Test Your Response Strategy Using Simulation

Ransomware: Develop and Test your Response Strategy Using Simulation In this blog I want to take a look at Simulating a Ransomware Attack and how you would go about developing and testing a Response Strategy. I’ve already covered the basics of a Ransomware attack in this blog article: https://elasticito.com/ransomware-do-you-have-a-tried-and-tested-strategy-in-place/ The object of this exercise is twofold: Maintain business continuity – or in other words a ransomware attack should have little to no disruption to business; Contain and eliminate the attack quickly with minimal effort; Throughout this blog I am going to focus on behaviour rather than specific IoCs. Please also note that the information provide here is a high-level guide and not an exhaustive task list and is focused on the endpoint only. In a future blog post I will cover network security controls. While User Awareness Training is recommended is hasn’t been included as part of validating security controls.

By |2020-10-14T14:11:48+00:00October 14th, 2020|Blog|0 Comments

Ransomware: Do you have a tried and tested strategy in place?

Ransomware: Do you have a tried and tested strategy in place? With the recent Garmin outage that is still ongoing, which has allegedly been caused by a Ransomware attack, a large number of Executives are going to be asking tough questions about how Ransomware could impact their own organisations, as there is a good chance that this outage has had a direct effect on their daily lives. TL:DR – Ransomware attacks are preventable, however organisations need to have a tried and tested strategy in place to prevent these attacks. Breach and Attack Simulation provides the visibility needed to develop and test a Ransomware prevention strategy. While my intention with this article is not to speculate on the Garmin outage specifically, the points below are important factors that YOUR business should consider as important attributes of your Cyber Incident Response Protocol. Due to a lack of transparent communication with their clients

By |2020-07-28T07:54:34+00:00July 27th, 2020|Blog|0 Comments

How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises

How to Test your Security Controls for Resilience to Australian Cyber Security Centre (ACSC) Advisory 2020-008: Copy-paste Compromises In conjunction with an announcement by the Australian Prime Minster, Scott Morrison, on National Television, the Australian Cyber Security Centre (ACSC) recently published an advisory (Advisory 2020-008: Copy-paste compromises) giving the MITRE Tactics, Techniques and Procedures (TTPs) used against multiple Australian organisations seen in recent campaigns by a sophisticated threat actor.   The title “Copy-paste compromises” is derived from the actor’s heavy use of tools copied almost identically from open source. One of the ACSC recommendation is that:   “It is imperative that Australian organisations are alert to this threat and take steps to enhance the resilience of their networks.”   And while the Advisory also recommends the following:   Prompt patching of internet-facing software, operating systems and devices Use of multi-factor authentication across all remote access services Implementing the remainder of the

By |2020-07-06T13:21:28+00:00July 6th, 2020|Blog|0 Comments

How to Protect Your Customers and Your Brand from Stolen Credential Misuse

How to Protect Your Customers and Your Brand from Stolen Credential Misuse During 2020 a number of Online Retailers have made headline news due to the media erroneously reporting that their customer Portals had been breached. These include Tesco Clubcard Members (https://www.techradar.com/uk/news/tesco-clubcard-holders-warned-of-major-security-issue) and most recently, Wiggle (https://cyclingindustry.news/security-breach-reported-on-wiggles-customer-accounts). In both these instances there was no exploitation of a cyber vulnerability. Threat Actors in all likelihood gained access to these Portals Accounts using a database of credentials stolen from other platforms or possibly via a Spear Phishing campaign.    The obvious questions here are: How was this possible? and How can this be prevented in the future? I prefer a shared responsibility model so let’s answer the above questions with this in mind:   How was this possible? Many subscribers have the same username (email address) and password for all online portals and web applications. Therefore, if one Portal account is compromised,

By |2020-07-22T07:25:55+00:00June 17th, 2020|Blog|0 Comments