Security Articles

Data Classification and Retention Policy : Points to consider while framing Retention Policy (GDPR)

Data Classification, in general, is labeling of data and protect data based on the sensitivity and how much it has an impact on the organization when there is a breach. This will have 2 parts to it. One is under what type the data is classified and second is the risk that possesses.

Data Type Classification can be customized based on the customer we work for; however, Data risk Classification is universal and common among most organizations such a PUBLIC, INTERNAL, RESTRICTED, SENSITIVE and SECRET.

GDPR and Privacy Management : Are you GDPR compliant?

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1]

Blockchain- An elixir to Cyber Security

Blockchain- An elixir to Cyber Security

In consideration to the fact that how secured our today’s cyber world is and at the same time not forgetting how vulnerable it could get, let’s dig deep into the possibilities to explore ways to decrease the probability of damage. The huge growth in E-Business infrastructure has arisen the need for a comparatively more sophisticated and rock-solid model of securing transactions which are Blockchain (coined in 2008 by Santoshi Nakamoto).

GDPR – Personal data is more than PII

It's important to understand some definition of personal from GDPR perspective Personal data means "any information relating "to an identified or identifiable natural person "who can be identified directly or indirectly, "in particular by reference to an identifier "such as a name, an identification number, "location data, an online identifier "or to one or more factors specific "to the physical, physiological, genetic, "mental, economic, cultural or social identity "of that natural person." So it covers broader perspective. until GDPR, many of us observed the no PII or personally identifiable information rule. PII was easy to define. Anything that could be mapped back to an individual person, a phone number, a credit card, an email, or a physical address, all of those would be considered PII. But personal data as it's defined in the GDPR is much broader.

Its a GDPR day today… No extension, No exception!

General Data Protection Regulation (GDPR) is effective today. Being a security and privacy professional, I could relate the impact it has made to the organizations internal and external processes in handling personal data. In last two weeks, I have received tons of email for opt in/opt out, privacy notice, consent, etc. that demonstrates that everyone out here was working towards compliance to GDPR in one or the other manner. 

While the May 25th 2018 marks an important date in era of data privacy, the focus will now shift from being compliant to sustain compliance. There will also be a need to bring in integration and automation into/of different controls deployed for security and privacy on a continuous basis. Compliance is always a journey with objective to enable business and not to paralyze the business. Hence, a due consideration will have to be given to ensure a security/privacy enabled business operations instead of it being a namesake compliance effort.

Cyber Threat Hunting – Overview and Techniques

Cyber Threat Hunting – Overview and Techniques

The key focus for most of Cyber Threat Defense and Response program is to achieve effective and efficient threat hunting capability. Organizations are investing signification effort and money in building the required competency and infrastructure. 

Threat hunting approach thus uses the intuitive and analytical ability of the human supported by the insights provided by tools using statistical, data modeling methods, machine learning, and artificial intelligence. 

Rule-based threat detection approach has many limitations (like static nature i.e. detection based on a pre-defined threshold value, inability to process data in high throughput scenario, the requirement to exponentially increase computing resources as the number of rules increases etc.) and threat hunting effectively compliments the rule-based approach by addressing the above-mentioned limitations.  

baseStriker Attack: A clever way of Phishing through Office-365

baseStriker Attack: A clever way of Phishing through Office-365

The dark world is changing its attack techniques every day. As far as the Phishing attack is the concern, many users are already aware of the traditional attack method and they are also capable of handling them to some extent. The security tools on the other hand also help significantly by their prevention mechanism before the phishing emails land upon user’s mailbox.

Now, a new major security flaw has been uncovered on Microsoft Office 365 called ‘baseStriker’, which is capable of completely bypassing Microsoft’s security, including its advanced services - ATP, Safelinks etc.

The ‘base’ in baseStriker:

The HTML <base> tag specifies the base URL/target for all relative URLs in a HTML document and there can be at maximum one <base> element in a HTML document, and it must be inside the <head> element.

Trends to influence Cyber Security and Security Transformation

Trends to influence Cyber Security and Security Transformation

Cyber Security practices are continuously improving and adapting to emerging business models, changing technology landscape as well as threat and attack landscape. 

Security needs to move in tandem with changing business and technology trends. Thus it’s prudent to make an attempt to understand the trends, foresee possible change required in prevailing practices and adapt accordingly.

Hereafter in this note, I am trying to present my viewpoint on the few trends which might require attention and initiate the effort to identify the potential solution to possible risks.

Business and Social Trends

Typosquatting Detection using Advanced Analytics

Typosquatting - the good, bad, and ugly

 

Let me get this out of the way first, there isn't much good about typosquatting, it's predominantly bad, and sometimes really ugly. Typosquatting is the registration of Internet domain names that appear similar to popular and reputable domains (e.g., vacebook.com instead of facebook.com). It is a common trick used by hackers who slightly misspell the name of a valid domain to fool the users wishing to access that domain. A study [1] conducted  in 2015 concluded that just for the top 500 most popular websites over 10,000 malicious typosquatting domain is produced daily. 

Planning AWS Platform Security Assessment ?

Nowadays most of the customers are working in AWS platform or planning to migrate their existing physical Infrastructure to Cloud. AWS Cloud is the most popular among the Cloud vendors available in the market.

Once your Infrastructure migrated and settled as Business as Usual into Cloud then your next major concern is to complete security assessment for AWS ready Infrastructure.  Assessors need not only to understand how the cloud works but additionally how to leverage the power of cloud computing to their advantage while conducting assessments

Please refer to the attached full article to know more about how to plan AWS platform security assessment.

 

Authored By - Rajib Das
TCS Cyber Security Community

Pages

Subscribe to RSS - Security Articles