Cyber Security

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine

Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine It was only 60 years ago when the world feared a global nuclear war. Fortunately, we made it through that period. But with geopolitical tensions at an all-time high, the risk of a devastating global cyber war is becoming more and more likely. This is why each of us needs to do our part to reduce cyber risk. Understanding cyber risk exposure for vendors in Russia and Ukraine should be a priority for all businesses with vendors in those countries. Recently, the United States (US)  and other countries imposed sanctions on Russia for its invasion of Ukraine. These sanctions have sparked a considerable amount of concern, especially surrounding the issue of cyber attacks on US organisations and those based in allied countries. These are uncertain times, but many experts predict that the attacks will be wide-ranging. They'll involve ransomware and

By |2023-03-30T17:09:15+00:00March 10th, 2022|Blog|Comments Off on Understanding Cyber Risk Exposure for Vendors in Russia & Ukraine

How to Take Back Control of Your Data

How to Take Back Control of Your Data From social media to online shopping, our lives and the digital world become more and more intertwined everyday. And while the digital world has afforded us a whole new level of convenience and access to information, it is imperative that consumers remember the best practices for protecting their personal data and ensuring it is being used the right way. Here's how to take back control of your data in a few steps: learn to better manage your personal information, make informed decisions around your data and understand how it is being used. By 2020, it was estimated that 1.7 MB of data was generated by every individual worldwide every second. This includes data about an individual’s activities, behaviours, and interests. Data comes in many forms; there is personal data, like social security and driver’s license numbers and there is physical data, like

By |2023-03-30T17:09:32+00:00February 2nd, 2022|Blog|Comments Off on How to Take Back Control of Your Data

Prioritizing Cyber Security in a Hybrid Workplace

Prioritizing Cyber Security in a Hybrid Workplace In this day and age, employees are more connected than ever. The hybrid workplace is here to stay, and for employees, this means relying on connected devices from their home office setups. According to recent data, smart home systems are set to rise to a market value of $157 billion by 2023, and the number of installed connected devices in the home is expected to rise by a staggering 70% by 2025. In this new normal where smart devices and consequently online safety are a must, here are some tips for securing those devices. Remember smart devices need smart security Make cyber security a priority when purchasing a connected device. When setting up a new device, be sure to set up the privacy and security settings on web services and devices bearing in mind that you can limit who you are sharing information

By |2023-03-30T17:09:32+00:00October 27th, 2021|Blog|Comments Off on Prioritizing Cyber Security in a Hybrid Workplace

Celebrate Cyber Security Awareness Month 2021

What are you planning for Cyber Security Awareness Month 2021? Cyber Security Awareness Month is coming up in October. This collaborative effort between government and industry aims to provide all people with the resources they need to stay safe and secure online. What is Cyber Security Awareness Month? Cyber Security Awareness Month was launched by the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) in October 2004 in a broad effort to help all citizens stay safer and more secure online. The initiative calls for a collaborative effort from government, public and private partners, schools, law enforcement agencies, and individual citizens to participate in a worldwide effort to raise public awareness about cyber threats. When Cyber Security Awareness Month began, the advice was to update antivirus programs twice a year. This was in line with similar advice to change smoke alarm batteries bi-annually during daylight savings

By |2023-03-30T17:09:32+00:00September 2nd, 2021|Blog|Comments Off on Celebrate Cyber Security Awareness Month 2021

Are dashboards the future of cyber security reporting? Part 1

Are dashboards the future of cyber security reporting? Part 1 Today, C-level executives are making more of an investment in IT security than ever before. In response, information security officers are now regularly needed to report on the security posture of their organisation and communicate their findings to the board. Now more than ever, CISO's and their lieutenants are in need of robust reports that provide visibility into security-related metrics. The legacy reporting tools that used to be the standard for CISO’s are becoming obsolete and ineffective. More cyber security activities than ever before require detailed and condensed reports. Pulling together a few useful documents and summaries is no longer enough; CISO's need deep dives that provide visibility into critical security metrics. Join us as we explore new technologies to answer a single question: are dashboards the future of cyber security reporting? Data visualisations and considerations Data is only as

By |2023-03-30T17:09:35+00:00March 31st, 2021|Blog|Comments Off on Are dashboards the future of cyber security reporting? Part 1

Ransomware: Develop and Test Your Response Strategy Using Simulation

Ransomware: Develop and Test your Response Strategy Using Simulation In this blog I want to take a look at Simulating a Ransomware Attack and how you would go about developing and testing a Response Strategy. I’ve already covered the basics of a Ransomware attack in this blog article: https://elasticito.com/ransomware-do-you-have-a-tried-and-tested-strategy-in-place/ The object of this exercise is twofold: Maintain business continuity – or in other words a ransomware attack should have little to no disruption to business; Contain and eliminate the attack quickly with minimal effort; Throughout this blog I am going to focus on behaviour rather than specific IoCs. Please also note that the information provide here is a high-level guide and not an exhaustive task list and is focused on the endpoint only. In a future blog post I will cover network security controls. While User Awareness Training is recommended is hasn’t been included as part of validating security controls.

By |2023-03-30T17:09:53+00:00October 14th, 2020|Blog|Comments Off on Ransomware: Develop and Test Your Response Strategy Using Simulation

How to Protect Your Customers and Your Brand from Stolen Credential Misuse

How to Protect Your Customers and Your Brand from Stolen Credential Misuse During 2020 a number of Online Retailers have made headline news due to the media erroneously reporting that their customer Portals had been breached. These include Tesco Clubcard Members (https://www.techradar.com/uk/news/tesco-clubcard-holders-warned-of-major-security-issue) and most recently, Wiggle (https://cyclingindustry.news/security-breach-reported-on-wiggles-customer-accounts). In both these instances there was no exploitation of a cyber vulnerability. Threat Actors in all likelihood gained access to these Portals Accounts using a database of credentials stolen from other platforms or possibly via a Spear Phishing campaign.    The obvious questions here are: How was this possible? and How can this be prevented in the future? I prefer a shared responsibility model so let’s answer the above questions with this in mind:   How was this possible? Many subscribers have the same username (email address) and password for all online portals and web applications. Therefore, if one Portal account is compromised,

By |2023-03-30T17:09:53+00:00June 17th, 2020|Blog|Comments Off on How to Protect Your Customers and Your Brand from Stolen Credential Misuse

You Should Adopt a Cyber Security Framework – Here’s Why

You Should Adopt a Cyber Security Framework – Here’s Why Today, cyber attacks and cyber security breaches are constantly happening around the world. These attacks are also continuously evolving, becoming more sophisticated and unforeseen. This makes it difficult for organisations to proactively prevent phising, malware and ransomware attacks. So what can your organisation do to become resilient to cyber threats? A suitable cyber security framework and cyber security policies and procedures can reinforce your organisation’s IT security.       Cyber Security Framework A growing number of organisations are coming to the realisation that their extensive investment in cyber security technologies has not provided the resilience to cyber attacks that they were expecting and are looking for answers as to why they are still susceptible to phishing, ransomware and malware. The answer to this susceptibility conundrum lies in the understanding and adoption of a Cyber Security Framework (CSF). This doesn't mean that blindly adopting

By |2023-03-30T17:09:54+00:00April 29th, 2020|Blog|Comments Off on You Should Adopt a Cyber Security Framework – Here’s Why