Cyber Security

5 Cyber Security Tips to Keep Your Business Safe

5 Cyber Security Tips to Keep Your Business Safe A major concern for CISO's, IT teams, SOC teams and other cyber security personnel during 2022 has been protecting their organisations from cyber security attacks. But are you taking all the necessary steps to keep your organisation's data and online presence secure? As businesses become more reliant on technology, they also become more exposed to cyber threats. However, knowing where to start in terms of protecting your business can be daunting. Here is "5 Cyber Security Tips to Keep Your Business Safe": a guide to help businesses navigate the world of cyber threats. Keeping information safe and secure has been a challenging task for businesses of all sizes over the last few years. Meteoric shifts from in-person-, to online-, to hybrid workplaces forced companies to change, or at least reexamine, their cyber security practices and protocols. Far too often they weren’t

By |2023-03-30T17:09:13+00:00November 16th, 2022|Blog|Comments Off on 5 Cyber Security Tips to Keep Your Business Safe
Read More

The Anatomy of a Data Breach

The Anatomy of a Data Breach Arguably no phrase has dominated the tech world the last 24 months more than the term “data breach.” From breaches that have impacted critical infrastructure like the Colonial Pipeline event, to hackers compromising healthcare records at UC San Diego Health. The last two years have been thoroughly saturated by headlines of cyber security mishaps. Yet, despite the prevalence of the breach-centric newscycle, many everyday individuals may not know what exactly a data breach is, how they typically start, and why they occur. Elasticito has dissected the topic and compiled "Anatomy of a Data Breach" to help you understand the ins and outs of the topic. According to IBM, the average time it takes an organisation to identify that a breach has occurred is a whopping 287 days. IBM furthermore reports that the average time it takes to contain a breach is an astounding 80

By |2023-03-30T17:09:13+00:00October 26th, 2022|Blog|Comments Off on The Anatomy of a Data Breach
Read More

7 Questions to Ask About Cyber Insurance

7 Questions to Ask About Cyber Insurance As more and more aspects of our lives move into the digital realm, the risks we face from cyber threats are also increasing. This warrants the need for a plan to protect ourselves from the repercussions of such dangers. Enter the realm of cyber insurance policies. This topic, at first, may seem difficult to navigate. For this reason, Elasticito has compiled a list of 7 questions to ask about cyber insurance to make the journey as easy to understand as possible. Defining Cyber Insurance In today's digital age, organisations face a range of cyber threats that are constantly evolving. The Identity Theft Resource Center’s (ITRC) 2021 Annual Data Breach Report revealed there were more “cyberattack-related data compromises” (1,603) in 2021 than “all data compromises” in 2020 (1,108). These attacks increased in nearly every primary business sector. Cyber insurance can help protect your organisation financially in the

By |2023-03-30T17:09:14+00:00September 20th, 2022|Blog|Comments Off on 7 Questions to Ask About Cyber Insurance
Read More

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine It was only 60 years ago when the world feared a global nuclear war. Fortunately, we made it through that period. But with geopolitical tensions at an all-time high, the risk of a devastating global cyber war is becoming more and more likely. This is why each of us needs to do our part to reduce cyber risk. Understanding cyber risk exposure for vendors in Russia and Ukraine should be a priority for all businesses with vendors in those countries. Recently, the United States (US)  and other countries imposed sanctions on Russia for its invasion of Ukraine. These sanctions have sparked a considerable amount of concern, especially surrounding the issue of cyber attacks on US organisations and those based in allied countries. These are uncertain times, but many experts predict that the attacks will be wide-ranging. They'll involve ransomware and

By |2023-03-30T17:09:15+00:00March 10th, 2022|Blog|Comments Off on Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine
Read More

How to Take Back Control of Your Data

How to Take Back Control of Your Data From social media to online shopping, our lives and the digital world become more and more intertwined everyday. And while the digital world has afforded us a whole new level of convenience and access to information, it is imperative that consumers remember the best practices for protecting their personal data and ensuring it is being used the right way. Here's how to take back control of your data in a few steps: learn to better manage your personal information, make informed decisions around your data and understand how it is being used. By 2020, it was estimated that 1.7 MB of data was generated by every individual worldwide every second. This includes data about an individual’s activities, behaviours, and interests. Data comes in many forms; there is personal data, like social security and driver’s license numbers and there is physical data, like

By |2023-03-30T17:09:32+00:00February 2nd, 2022|Blog|Comments Off on How to Take Back Control of Your Data
Read More

Prioritizing Cyber Security in a Hybrid Workplace

Prioritizing Cyber Security in a Hybrid Workplace In this day and age, employees are more connected than ever. The hybrid workplace is here to stay, and for employees, this means relying on connected devices from their home office setups. According to recent data, smart home systems are set to rise to a market value of $157 billion by 2023, and the number of installed connected devices in the home is expected to rise by a staggering 70% by 2025. In this new normal where smart devices and consequently online safety are a must, here are some tips for securing those devices. Remember smart devices need smart security Make cyber security a priority when purchasing a connected device. When setting up a new device, be sure to set up the privacy and security settings on web services and devices bearing in mind that you can limit who you are sharing information

By |2023-03-30T17:09:32+00:00October 27th, 2021|Blog|Comments Off on Prioritizing Cyber Security in a Hybrid Workplace
Read More

Celebrate Cyber Security Awareness Month 2021

What are you planning for Cyber Security Awareness Month 2021? Cyber Security Awareness Month is coming up in October. This collaborative effort between government and industry aims to provide all people with the resources they need to stay safe and secure online. What is Cyber Security Awareness Month? Cyber Security Awareness Month was launched by the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 in a broad effort to help all citizens stay safer and more secure online. The initiative calls for a collaborative effort from government, public and private partners, schools, law enforcement agencies, and individual citizens to participate in a worldwide effort to raise public awareness about cyber threats. When Cyber Security Awareness Month began, the advice was to update antivirus programs twice a year. This was in line with similar advice to change smoke alarm batteries bi-annually during daylight savings

By |2023-03-30T17:09:32+00:00September 2nd, 2021|Blog|Comments Off on Celebrate Cyber Security Awareness Month 2021
Read More

Are dashboards the future of cyber security reporting? Part 1

Are dashboards the future of cyber security reporting? Part 1 Today, C-level executives are making more of an investment in IT security than ever before. In response, information security officers are now regularly needed to report on the security posture of their organisation and communicate their findings to the board. Now more than ever, CISO's and their lieutenants are in need of robust reports that provide visibility into security-related metrics. The legacy reporting tools that used to be the standard for CISO’s are becoming obsolete and ineffective. More cyber security activities than ever before require detailed and condensed reports. Pulling together a few useful documents and summaries is no longer enough; CISO's need deep dives that provide visibility into critical security metrics. Join us as we explore new technologies to answer a single question: are dashboards the future of cyber security reporting? Data visualisations and considerations Data is only as

By |2023-03-30T17:09:35+00:00March 31st, 2021|Blog|Comments Off on Are dashboards the future of cyber security reporting? Part 1
Read More

Ransomware: Develop and Test Your Response Strategy Using Simulation

Ransomware: Develop and Test your Response Strategy Using Simulation In this blog I want to take a look at Simulating a Ransomware Attack and how you would go about developing and testing a Response Strategy. I’ve already covered the basics of a Ransomware attack in this blog article: https://elasticito.com/ransomware-do-you-have-a-tried-and-tested-strategy-in-place/ The object of this exercise is twofold: Maintain business continuity – or in other words a ransomware attack should have little to no disruption to business; Contain and eliminate the attack quickly with minimal effort; Throughout this blog I am going to focus on behaviour rather than specific IoCs. Please also note that the information provide here is a high-level guide and not an exhaustive task list and is focused on the endpoint only. In a future blog post I will cover network security controls. While User Awareness Training is recommended is hasn’t been included as part of validating security controls.

By |2023-03-30T17:09:53+00:00October 14th, 2020|Blog|Comments Off on Ransomware: Develop and Test Your Response Strategy Using Simulation
Read More

How to Protect Your Customers and Your Brand from Stolen Credential Misuse

How to Protect Your Customers and Your Brand from Stolen Credential Misuse During 2020 a number of Online Retailers have made headline news due to the media erroneously reporting that their customer Portals had been breached. These include Tesco Clubcard Members (https://www.techradar.com/uk/news/tesco-clubcard-holders-warned-of-major-security-issue) and most recently, Wiggle (https://cyclingindustry.news/security-breach-reported-on-wiggles-customer-accounts). In both these instances there was no exploitation of a cyber vulnerability. Threat Actors in all likelihood gained access to these Portals Accounts using a database of credentials stolen from other platforms or possibly via a Spear Phishing campaign.    The obvious questions here are: How was this possible? and How can this be prevented in the future? I prefer a shared responsibility model so let’s answer the above questions with this in mind:   How was this possible? Many subscribers have the same username (email address) and password for all online portals and web applications. Therefore, if one Portal account is compromised,

By |2023-03-30T17:09:53+00:00June 17th, 2020|Blog|Comments Off on How to Protect Your Customers and Your Brand from Stolen Credential Misuse
Read More