Security Articles

Security Assurance practices to protect an Enterprise’s assets

Security Assurance practices to protect an Enterprise’s assets

Many Technology Industries says they are well protected from the Security threats due to their strong technical controls, management controls and validation processes and others says we wanted to implement the processes that give 100% protection. In general, every industry has Security policies and so many processes in place and the question is does these existing policies and processes alone provide security assurance to an enterprise.  This article highlights key best practices that would provide a security assurance to an enterprise.

The Security Assurance is level of confidentiality an enterprise can provide on their deployed IT Technology and Business Processes. The Cyber Security Framework and Standards would only provide a minimum level of security to an enterprise. However, the security assurance practices on each of the critical process may provide true confidentiality level to safeguard their assets.

To Gain Protection from Cyber Threats, Focus on Managed Threat Hunting

To Gain Protection from Cyber Threats, Focus on Managed Threat Hunting

Organizations are building its threat hunting as a service model to address specific cybersecurity threats. But a key to achieving threat hunting maturity is to take a risk-based approach to enterprise's IT assets and the cybersecurity investments made to support it. Moreover, organization CISOs should work with the board to focus on the impacts of potential cyber attacks on business operations and protect against risks. When adversaries make strides through an organization’s defenses, most security products fail to alert and detect the intrusion. 

To numb an attacker to freely roam around an organization's enterprise IT ecosystem for days, CISOs should increase their involvement in threat hunting spending decisions and build a robust cybersecurity strategy that involves in comprehensive threat hunting service complemented with incident response and SOC capabilities that detects and responds to malicious activities before a breach.

Business 4.0 Risks - The New World Order for the CISO

2017 saw an unprecedented rise in the list of cyber breaches and attacks. The data breach at Equifax resulted in hackers accessing Social Security numbers, driver’s licenses details of million Americans. The recent in the list of incidents is social media giant, Facebook, whose shares plunged by over $60 b$ in first two days, on account of misuse of personal data of 50 million Facebookers by British data analytics firm 'Cambridge Analytica’. In 2017, we saw an alarming level rise in Ransomware attacks and ransom payments hitting over $2 b$. WannaCry, NotPetya, Bad Rabbit Ransomware hit more than 500,000 machines globally necessitating some businesses to even suspend operations, or paying ransomware cases with cryptocurrencies being unavoidable in situations. The WannaCry infections were so bad that Microsoft had to release a patch overnight for Windows systems that it had long stopped supporting.

Secure Your Browser Now!!

Web browsers are vastly used a software application to access web resources and pages using the Internet.

The most popular web browsers so far are Firefox, Google Chrome, Internet Explorer, Safari, and Opera.

As we performed various tasks (eg bank transactions etc) on the internet using browsers, so browsers are primarily targeted by Cyber Criminals to perform malicious activities such as identity theft, malware spreading etc.

This article will enumerate a few best practices and techniques so that computer users stay safe and securely browse the Internet.

Session Hijacking: Introduction and measures to safeguard

In this age of digital era, everything happens over the net from business to shopping, from banking to education; as the internet grows wider, we are witnessing a growth in Cyber threats and attacks.

Every web user demands a basic need to be assured that their data, money, or communications are safe and trustworthy. So security plays a prominent role in each facet of digital communication or transaction that happens over the web.

There are numerous security threats that occur on the internet starting from man-in-middle attack, Denial-of-Service attack, IP spoofing etc., thus it becomes a tedious task for each system administrator and information security professionals to be competent enough to implement various defensive mechanisms to handle uncertain attacks and protect users data.

Machine Learning for DGA Detection

Machine Learning for DGA Detection

Botnets are arguably one of the biggest threats online at present. In order to control networks infected by malware, the command-and-control (C&C) servers communicate with bots via an IP address or domain only known to them. However, if a dedicated domain, or a set of domains, is used for this communication, they can be easily detected and blacklisted.

Domain Generation Algorithms (DGA) is a technique used by modern botnets to avoid blacklisting and sinkhole. DGA algorithms periodically generate a large number of domain names to connect to. A new list can be generated every day, and a few of those domains are registered and activated to be used for botnet - C&C communication. Since there is infinite number of different algorithms it is impossible to generate a finite list of domains to blacklist, which makes detection of communication between bots and C&C extremely difficult.

The Myth of Production–Level Security for Non-Production Private Data

I have been among those who take the position that production security controls should be applied to un-encrypted and private data in the clear in non-production environments.  In a recent client experience, I learned just how wrong this premise is.  That is unless your production security is very poor.

Shoulder Surfing Tales: Learn from Stories

Shoulder-Surfing is an acknowledged form of Social Engineering.  The problem is when the surfers are not-so-good guys like me, and what they might be able to do with the information I was able to gain in a couple of recent incidents.  It would be a trivial exercise for a gifted social engineer to use the information to build a targeted social engineering or spear-phishing attack. The very disturbing fact of these incidents is that they involved senior people in their respective companies.  This reinforces the fact that success in cybersecurity must start with strong support and good security practices at the top of the organization.

What is IoT Forensics and How is it Different from Digital Forensics?

What is IoT Forensics and How is it Different from Digital Forensics?

Internet of Things (IoT) refers to a network of connected physical devices, smart home appliances, wearable electronic devices and embedded electronic items etc. with different types of sensors for seamless connectivity and transfer of data amongst them. 

The Internet of Things has become very popular and transformed various facets of life. Some common examples for the IoT devices include Smart home accessories such as smart locks, sensors for temperature, ambient light, water, gas etc., and wearables such as smart watches, glasses, pacemakers and fitness gear and includes components such as M2M (Machine to Machine communications), RFID sensors, wearable and context-aware computing.


Subscribe to RSS - Security Articles