Tag Archive for: Posture

Fortifying our cybersecurity posture | Inquirer Opinion


When we say defense these days, we do not just refer to the physical space—the land, sea, and air in our territory.

Digital Defense Report 2023, released by Microsoft last month, found that a Chinese state-sponsored actor, Raspberry Typhoon, has been showing sustained interest in the South China Sea amid growing tensions in the area. The group has been targeting government agencies in charge of trade, intelligence, and finance, as well as military and corporate entities associated with critical infrastructure such as information and communication systems, power grids, and transportation networks. It has been conducting its attacks focused on countries surrounding the South China Sea.

But Raspberry Typhoon is just one of the numerous threats confronting us. Across the world, we often hear reports of hacks, data breaches, and cybercrime. In recent weeks, four government agencies—Philippine Health Insurance Corp., the Philippine Statistics Authority, the Senate, and the House of Representatives—have been attacked. These attacks undermine confidence in institutions and erode public trust by exposing sensitive and personal information managed by these institutions.

The truth is bad actors abound and are just waiting for the perfect opportunity to strike. They attack anyone who is conveniently vulnerable, and who has high stakes in their information systems.

Dutch cybersecurity firm SurfShark revealed in its Global Data Breach study that as of October 2023, the Philippines ranked 17th out of 250 countries in data breaches. Since 2004, at least 124 million accounts have been breached in the Philippines, accounting for 0.7 percent of the total global number.

Cybersecurity is a crucial parallel track of the administration’s digital transformation agenda. President Marcos has time and again said we should pursue a digitally-driven economic growth and conduct the affairs of government electronically. While efforts are being made toward this end, through the earnest collaboration of the public and private sectors, much is left to be desired when it comes to building and fortifying our cyber defense posture, not…

Source…

Report finds Census Bureau lacks ‘effective cybersecurity posture’ after red team hack



A new inspector general report details how government-contracted hackers managed to gain covert access to Census Bureau systems in a simulated attack against the federal agency.

Source…

SecurityGen ACE platform improves security posture for the mobile operators


SecurityGen launched a new ACE (Artificial Cybersecurity Expert) breach and attack simulation platform.

SecurityGen ACE

ACE provides an automated approach to assess and improve the security posture of mobile operators by continuously testing the strength of their network defences against simulated attacks and techniques.

ACE works by identifying and reporting potential gaps and vulnerabilities within the operator’s network. It then carries out simulations of real-world attacks on these vulnerabilities to assess their seriousness and the potential damage that an actual attack could cause.

Finally, ACE generates a detailed security posture report that includes remediation guidance to help the operator address the vulnerabilities and prevent future security breaches before they happen.

Commenting on the launch, SecurityGen co-founder and CEO Amit Nath said, “Operators today are asking for fast, efficient and cost-effective inspections and assessments of the security of their networks. But current manual assessment techniques are expensive, resource-intensive and need specialist expertise. Operators are unable to conduct them as regularly and frequently as they should do.

“As a result, mobile networks are left extremely vulnerable to security threats, which if not detected, can cause widespread damage and disruption – everything from network outages and denial of service attacks targeting groups of subscribers or particular areas: to the theft of sensitive personal data for fraudulent purposes. The new ACE platform addresses this pressing operational need for operators.”

The ACE platform is the centrepiece of SecurityGen’s range of products and services. It draws on the vast knowledge and experience of SecurityGen’s core team who have between them conducted a combined total of more than 300 telecom network security assessments during their careers.

Importantly, its in-built AI module enables it to constantly learn and enhance its performance by incorporating actual, real-life scenarios and attack vectors that have been identified in the field.

The ACE platform is cloud based, which means operators don’t need to install it directly, or even reconfigure their network. ACE…

Source…

Get Ahead of Cybercriminals With Extended Security Posture Management


The COVID-19 pandemic may have started in 2020 but we are still reeling from its effects in 2021. While businesses and various organizations have struggled to stay afloat as it gets pummeled by the negative effects of the pandemic, cybersecurity teams are also facing their own significant challenges.

For one, the shift to work-at-home or remote work arrangements for many businesses has put a lot of strain on the IT department as it tries to configure and maintain the office network for remote access by employees working from many different locations. But another significant challenge for the IT team—which in itself may also be brought about by the pandemic—is the significant increase in the activity of malicious actors and cybercriminals.

A recent report published online revealed that in 2021, ransomware attacks surged by an alarming 148 percent. This dramatic increase in attacks has been attributed directly to the pandemic as more people are now working from home. Attackers know that there are now more exposed vulnerabilities and potential points of entry into networks because of the large number of users who access office networks remotely.

Another reason for the dramatic increase in attacks is the fact that hacking tools are now so readily available and easily accessible. There is even a growing industry of tools that take advantage of zero-day exploits to access the It infrastructure of organizations. It’s a lucrative business—given that zero-day exploits can have a value that could reach 1 million USD or even more in the open market.

With the alarming increase of malicious actors now operating with the sole purpose of taking advantage of networks in order to steal data, one thing is for certain. Cybersecurity needs to be beefed up.

Fortunately, while hackers are hard at work with their malicious intent, the good guys are also hard at work to try and thwart them. This is why it’s wonderful news for security experts all over the world that Extended Security Posture Management (XSPM) services are now available. This is a huge benefit to IT professionals.

 

Extended Security Posture Management to the rescue

Hackers will always try to be a step ahead of security teams because…

Source…