Blog

10 Tips for Detecting and Mitigating Phishing Attacks

10 Tips for Detecting and Mitigating Phishing Attacks Despite being a well known problem, phishing remains a significant issue for companies. Notwithstanding the increased sophistication of new malware and advanced persistent threats, phishing is still one of the most effective ways to breach networks, steal money and credentials, and exfiltrate data. Phishing can be the first stage in a sophisticated information-stealing attack. It's a tried and true method that cyber criminals have been using for years but are now adapting to their own needs. It remains pervasive because phishers get away with it so often. Read on for ways to detect and mitigate phishing attacks. There are many types of phishing attacks organisations must be wary of. The main outcomes of all phishing attempts are to steal credentials, instigate a ransomware attack, install malware or trick a person into making a payment for a fictitious service. “Phishing emails are one

By |2023-03-30T17:09:34+00:00May 11th, 2021|Blog|Comments Off on 10 Tips for Detecting and Mitigating Phishing Attacks
Read More

Ransomware: Facts, Risks, and Countermeasures

Ransomware: Facts, Risks, and Countermeasures Ransomware has been a major threat to cyber security in the past few years. The malware encrypts files, locking them and demanding a ransom to unlock them. These ransomware attacks have affected organisations, hospitals, schools, municipalities and enterprises. Ransomware is becoming more sophisticated and difficult to stop, with attackers increasingly encrypting data before demanding money to decrypt it. One thing is certain: ransomware attacks have many different appearances and come in all shapes and sizes. Continue reading to find out about the latest development in the fight against ransomware. Malware with a ransom note Ransomware is a type of malware that is used to encrypt files held on a computer in such a way that they can only be unencrypted by paying a ransom. Victims are told that they must pay the ransom, or risk to lose access to their files forever. Users are shown

By |2023-03-30T17:09:34+00:00May 4th, 2021|Blog|Comments Off on Ransomware: Facts, Risks, and Countermeasures
Read More

Cats, Dogs and Cyber Security

My wife is a cat person.  We have two fluff-ball Ragdoll cats, who are not allowed outside - mainly because we know that they have the capability to scale our garden wall, but probably not the ability to find their way home again! Recently, we adopted a rescue dog.  She is however, allowed into the garden; much to the chagrin of the cats.  This is because, to our knowledge, we do not believe that the dog has the capability of scaling our outer perimeter. In the information security world, we at Elasticito, spend a lot of time working with information security teams and senior management helping them to understand and manage cyber risks, threats and threat actor capabilities within the context of their businesses.  It seems to me, that the complex world of cyber security is actually not much more complex than the dynamics between cats, dogs and garden fences.

By |2023-03-30T17:09:34+00:00April 27th, 2021|Blog|Comments Off on Cats, Dogs and Cyber Security
Read More

The Ransomware Revolution

The Ransomware Revolution In recent years, we’ve seen a fundamental shift in how threat actors approach ransomware. Threat actors today are not as interested in taking credit for encrypting files and escaping with stolen funds or valuable data. They’re more focused on destroying backups and exfiltrating data before they can be recovered. According to Forbes, this significant alteration has increased the scope of cyber attacks, raising ransom payments much higher than prior averages. Forbes emphasises that average ransomware payments have steadily risen over the past five years, from less than $300 in 2015 to $6,700 in 2018 to $111,000 in 2020. Continue reading to find out more about the ransomware revolution. The State of Ransomware in 2021 Ransomware was the most common cyber threat to organisations in 2020. It is especially prevalent among finance, e-commerce, and healthcare companies. In addition to the costs of security incidents, ransomware also has a negative impact on victim companies'

By |2023-03-30T17:09:34+00:00April 20th, 2021|Blog|Comments Off on The Ransomware Revolution
Read More

Security Awareness Training – are organisations doing enough?

Security Awareness Training – are organisations doing enough? Security awareness training is a vital way to prepare employees for the threats that surround them. After all, your employees are your cyber security team's first line of defense. The strength of your cyber security program depends on the security awareness your employees possess. In order for you to establish a security aware culture, it's essential that you have an ongoing commitment from everyone: managers, all departments, and people in your organisation. It essentially means everyone needs to be on board, aware of what goes on, and supportive of the effort. An effective security awareness training program must be informed by regular training sessions, not just a single quarterly email about phishing.  The key benefit of security awareness training lies in the fact that it equips employees with the knowledge they need to combat these threats. Continue reading to find out if

By |2023-03-30T17:09:34+00:00April 13th, 2021|Blog|Comments Off on Security Awareness Training – are organisations doing enough?
Read More

Are dashboards the future of cyber security reporting? Part 1

Are dashboards the future of cyber security reporting? Part 1 Today, C-level executives are making more of an investment in IT security than ever before. In response, information security officers are now regularly needed to report on the security posture of their organisation and communicate their findings to the board. Now more than ever, CISO's and their lieutenants are in need of robust reports that provide visibility into security-related metrics. The legacy reporting tools that used to be the standard for CISO’s are becoming obsolete and ineffective. More cyber security activities than ever before require detailed and condensed reports. Pulling together a few useful documents and summaries is no longer enough; CISO's need deep dives that provide visibility into critical security metrics. Join us as we explore new technologies to answer a single question: are dashboards the future of cyber security reporting? Data visualisations and considerations Data is only as

By |2023-03-30T17:09:35+00:00March 31st, 2021|Blog|Comments Off on Are dashboards the future of cyber security reporting? Part 1
Read More

4 Tips for a successful cyber threat intelligence program

4 Tips for a successful cyber threat intelligence program The information security threat landscape is constantly evolving, becoming more complex and in many cases, overpowering the security environment. The number of successful hacker attacks each day is increasing. Cyber criminals are continually developing new ways to disrupt organisations via cyberextortion, supply chain hacks, and other cunning tactics. An organisation's security team must be more proactive in planning for and dealing with these threats. One of the ways to do this is to make use of cyber threat intelligence (CTI). Here’s how to get the most from your CTI program. What is cyber threat intelligence? In essence, cyber threat intelligence can identify and analyse cyber threats to your organisation. It’s what becomes of data after it’s been gathered, processed and analysed. CTI relies heavily on analysis: sifting through large amounts of data to spot realistic problems and then deploying suitable solutions

By |2023-03-30T17:09:35+00:00March 23rd, 2021|Blog|Comments Off on 4 Tips for a successful cyber threat intelligence program
Read More

Vendor Risk Assessments in 60 Minutes

Vendor Risk Assessments in 60 Minutes When  information security teams are overburdened, evaluating vendor and enterprise risks can quickly consume far too much time and budget. Many organisations rely on a one-size-fits-all assessment, delivering a selection of PDF's, MS Word documents, Excel spreadsheets, and emails linking to a variety of online portals. These assessments are inflexible and time-consuming, allowing for only a limited amount of data to be processed. The review process also ends up frustrating both staff and vendors, the makings of an efficiency nightmare. Assessing vendors for cyber risk is important and necessary, particularly if you share data with an external party, currently taking 4 weeks on average per entity to complete cyber risk assessments. The good news is that it doesn't have to be that way. This article shows how cyber risk assessments can be completed to the same level of detail in as little as 60

By |2023-03-30T17:09:52+00:00March 15th, 2021|Blog|Comments Off on Vendor Risk Assessments in 60 Minutes
Read More

Cyber Risk vs Cyber Threat: Are They The Same Thing?

Cyber Risk vs Cyber Threat: Are They The Same Thing? After the term “cyber threat” began to enter common usage, its meaning became a bit fuzzy. The same goes for “risk” — we’ve all heard the term thrown around, but do we really know what it means and how it is used in IT? In this post, we will attempt to clarify these terms and their relationships. In today’s world, organisations must have high-level data security. Ensuring that client and vendor data isn't compromised is crucial. When customers, clients and vendors sign up to do business with you they expect that their information is deemed important enough for you to do everything in your power to keep it safe. Many clients with sensitive information will also require you to have a clear and thorough data security policy before doing business with you. That begs the question: “How confident are you

By |2023-03-30T17:09:52+00:00March 5th, 2021|Blog|Comments Off on Cyber Risk vs Cyber Threat: Are They The Same Thing?
Read More

Risk Assessment vs. Risk Analysis: An Overview

Risk Assessment vs. Risk Analysis: An Overview The recent growth of the extended enterprise has reached a tipping point. That means more organisations are expanding their businesses into the Cloud, staying leaner, and taking advantage of third-party support. At the same time, data breaches are at an all-time high. According to the Ponemon Institute, the average cost of a data breach in 2020 was $3.86 million. Across the globe, there is a growing awareness that organisations need to proactively manage their cyber risk. Often used as synonyms and easily confused, risk assessment and risk analysis are two unique cyber security processes that IT leaders need to understand to effectively address security issues to prevent data breaches. Below, find out about the differences between these processes and how they fit into a successful cyber security programme. What is a risk assessment? A cyber security risk assessment is the process of identifying,

By |2023-03-30T17:09:52+00:00February 26th, 2021|Blog|Comments Off on Risk Assessment vs. Risk Analysis: An Overview
Read More
© Copyright Elasticito Limited | Privacy Policy | Cookie Policy | Site Map | Website designed by Crazy Gecko Limited California Consumer Privacy Act (CCPA) Opt-Out Icon Your Privacy Choices
LinkedInX