Blog

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2 In this second part of our review of key cyber and security-related technology trends in banking in the post-pandemic world, we look at the top cyber threats targeting banking and financial services organisations in 2021. We also look at some of the emerging cyber technologies being adopted and considered by banking and financial services organisations around the world. Over the last decade, cyber attacks have become an ever-growing threat for banks. Technology has advanced rapidly and threat actors have learned that banks are a lucrative target. Threat actors have evolved their techniques to make it difficult for any company to fend off the attacks. Cybersecurity is not an issue limited to industries involving technology only. It holds a critical value in banking since banks make millions of transactions each day, most of which are done on digital payment platforms. Without

By |2023-03-30T17:09:33+00:00June 30th, 2021|Blog|Comments Off on Post-Pandemic Technology & Cyber Security Trends in Banking – Part 2
Read More

Post-Pandemic Technology & Cyber Security Trends in Banking – Part 1

Post-Pandemic Technology & Cyber Security Trends in Banking - Part 1 The banking sector is in the midst of a digital transformation that is causing its attack surface to grow, exposing organisations to increased levels of cyber threat activity. As more organisations adopt digital banking solutions, having effective cybersecurity programs has become more important than ever before for the banking industry. In this article we explore the post-pandemic technology and cyber security trends in banking.   Elasticito was recently approached by a financial services firm to provide some analysis on new technology and cyber trends within the banking and financial services industry.  A summary of our findings make up this blog post, but one common theme that we observed was that, despite the pandemic, the unstoppable momentum of digital transformation is causing a huge impact in the way that banking services are and will be delivered to customers over the

By |2023-03-30T17:09:33+00:00June 23rd, 2021|Blog|Comments Off on Post-Pandemic Technology & Cyber Security Trends in Banking – Part 1
Read More

Mitigating a Ransomware Attack – Can Security Awareness Training Assist?

Mitigating a Ransomware Attack – Can Security Awareness Training Assist? As the frequency and cost of ransomware attacks continue to rise, solutions for ransomware mitigation and prevention must be at the top of every IT leader and department's list of priorities. Where most see crisis, cybercriminals see opportunity. In this article, learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks. Is security awareness training the answer? Traditional ransomware tricks users into running it and then it replicates itself on various endpoints across the network. It then encrypts those systems and demands a ransom — usually some type of cryptocurrency — in exchange for a decryption key to rescue data and files. Since the start of the pandemic, there has been a global surge in ransomware attacks. 40% of organisations in the UK, US, Canada, and Germany have suffered from a ransomware attack in the last

By |2023-03-30T17:09:33+00:00June 16th, 2021|Blog|Comments Off on Mitigating a Ransomware Attack – Can Security Awareness Training Assist?
Read More

Security Assessment Questionnaire Response Automation

Making the case for Security Assessment Questionnaire Response Automation Business partnerships require trust – without it, success is very difficult to attain. In the current business landscape, however, it's increasingly difficult to tell whether a vendor is trustworthy and deserving of that trust. As information technology becomes more advanced, so do the ways in which trust can be broken. Today, the potential for intentional or unintentional breakage of it has increased multifold. Assessing security risk with questionnaires is one method to effectively understand the security risk that a vendor may pose to the business, particularly if you entrust them with your data. If you are reading this article, you’ve more than likely handled your fair share of security assessment questionnaires. Like us, you are probably frustrated by the entire process too. We would like to make the case for automated security questionnaires in the article below. The traditional approach to

By |2023-03-30T17:09:33+00:00May 25th, 2021|Blog|Comments Off on Security Assessment Questionnaire Response Automation
Read More

Building the case for Security Validation

Building the case for Security Validation Image credit: USA Today Events of the last month have shown that, despite best efforts and assumptions on how well protected corporate networks are, damaging Ransomware attacks and other cyber threats, continue to wreak havoc on companies and organisations in all industry sectors. Just in the last month, we have seen crippling Ransomware attacks on Colonial Pipeline, the Irish Health Service, the University of Portsmouth, and many others.  In most, if not all, of these cases, the IT and information security teams will undoubtedly have told their management teams and oversight Boards, that they had invested in adequate security controls and that they conduct regular penetration testing. So, it begs the question: why are corporate networks still so vulnerable to these attacks?  The answers to this are probably wide ranging, but one consistent theme is an assumption that corporate networks are protected because certain

By |2023-03-30T17:09:33+00:00May 18th, 2021|Blog|Comments Off on Building the case for Security Validation
Read More

10 Tips for Detecting and Mitigating Phishing Attacks

10 Tips for Detecting and Mitigating Phishing Attacks Despite being a well known problem, phishing remains a significant issue for companies. Notwithstanding the increased sophistication of new malware and advanced persistent threats, phishing is still one of the most effective ways to breach networks, steal money and credentials, and exfiltrate data. Phishing can be the first stage in a sophisticated information-stealing attack. It's a tried and true method that cyber criminals have been using for years but are now adapting to their own needs. It remains pervasive because phishers get away with it so often. Read on for ways to detect and mitigate phishing attacks. There are many types of phishing attacks organisations must be wary of. The main outcomes of all phishing attempts are to steal credentials, instigate a ransomware attack, install malware or trick a person into making a payment for a fictitious service. “Phishing emails are one

By |2023-03-30T17:09:34+00:00May 11th, 2021|Blog|Comments Off on 10 Tips for Detecting and Mitigating Phishing Attacks
Read More

Ransomware: Facts, Risks, and Countermeasures

Ransomware: Facts, Risks, and Countermeasures Ransomware has been a major threat to cyber security in the past few years. The malware encrypts files, locking them and demanding a ransom to unlock them. These ransomware attacks have affected organisations, hospitals, schools, municipalities and enterprises. Ransomware is becoming more sophisticated and difficult to stop, with attackers increasingly encrypting data before demanding money to decrypt it. One thing is certain: ransomware attacks have many different appearances and come in all shapes and sizes. Continue reading to find out about the latest development in the fight against ransomware. Malware with a ransom note Ransomware is a type of malware that is used to encrypt files held on a computer in such a way that they can only be unencrypted by paying a ransom. Victims are told that they must pay the ransom, or risk to lose access to their files forever. Users are shown

By |2023-03-30T17:09:34+00:00May 4th, 2021|Blog|Comments Off on Ransomware: Facts, Risks, and Countermeasures
Read More

Cats, Dogs and Cyber Security

My wife is a cat person.  We have two fluff-ball Ragdoll cats, who are not allowed outside - mainly because we know that they have the capability to scale our garden wall, but probably not the ability to find their way home again! Recently, we adopted a rescue dog.  She is however, allowed into the garden; much to the chagrin of the cats.  This is because, to our knowledge, we do not believe that the dog has the capability of scaling our outer perimeter. In the information security world, we at Elasticito, spend a lot of time working with information security teams and senior management helping them to understand and manage cyber risks, threats and threat actor capabilities within the context of their businesses.  It seems to me, that the complex world of cyber security is actually not much more complex than the dynamics between cats, dogs and garden fences.

By |2023-03-30T17:09:34+00:00April 27th, 2021|Blog|Comments Off on Cats, Dogs and Cyber Security
Read More

The Ransomware Revolution

The Ransomware Revolution In recent years, we’ve seen a fundamental shift in how threat actors approach ransomware. Threat actors today are not as interested in taking credit for encrypting files and escaping with stolen funds or valuable data. They’re more focused on destroying backups and exfiltrating data before they can be recovered. According to Forbes, this significant alteration has increased the scope of cyber attacks, raising ransom payments much higher than prior averages. Forbes emphasises that average ransomware payments have steadily risen over the past five years, from less than $300 in 2015 to $6,700 in 2018 to $111,000 in 2020. Continue reading to find out more about the ransomware revolution. The State of Ransomware in 2021 Ransomware was the most common cyber threat to organisations in 2020. It is especially prevalent among finance, e-commerce, and healthcare companies. In addition to the costs of security incidents, ransomware also has a negative impact on victim companies'

By |2023-03-30T17:09:34+00:00April 20th, 2021|Blog|Comments Off on The Ransomware Revolution
Read More

Security Awareness Training – are organisations doing enough?

Security Awareness Training – are organisations doing enough? Security awareness training is a vital way to prepare employees for the threats that surround them. After all, your employees are your cyber security team's first line of defense. The strength of your cyber security program depends on the security awareness your employees possess. In order for you to establish a security aware culture, it's essential that you have an ongoing commitment from everyone: managers, all departments, and people in your organisation. It essentially means everyone needs to be on board, aware of what goes on, and supportive of the effort. An effective security awareness training program must be informed by regular training sessions, not just a single quarterly email about phishing.  The key benefit of security awareness training lies in the fact that it equips employees with the knowledge they need to combat these threats. Continue reading to find out if

By |2023-03-30T17:09:34+00:00April 13th, 2021|Blog|Comments Off on Security Awareness Training – are organisations doing enough?
Read More