Tag Archive for: resilience

Cyber Resilience and Its Importance for Your Business

/in


What Is Cyber Resilience?

Computer Security Resource Center defines cyber resiliency as the ability to anticipate, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises on systems that use or are enabled by cyber resources.

Given today’s increasingly evolving threat landscape, cyber resilience has become an important factor in determining the success of an organization. Cyber resilience helps businesses defend against cybercrimes, mitigates risks and severity of attacks, and enables business continuity. A cyber-resilient business is well prepared to tackle cybersecurity incidents and can effectively respond to and quickly recover when such events do occur.

What Is the Difference Between Cybersecurity and Cyber Resilience?

Cybersecurity deals with strengthening an organization’s defenses to prevent cybercriminals and malicious programs from compromising its network, data and IT infrastructure. It encompasses strategies and actions to keep threat actors at bay and protect company assets from loss, theft or damage.

While cybersecurity is an essential part of an organization’s security strategy, protection from sophisticated cyberattacks is never guaranteed. This is where cyber resilience comes in. Cyber resilience encompasses a wider umbrella, including deploying policies, solutions and clearly defining the steps that need to be taken when measures such as cybersecurity fail.

Cyber resilience is a broader concept covering business continuity, securing critical business processes, identifying potential threat vectors, managing risks, minimizing the severity of attacks and implementing procedures to withstand cybersecurity incidents. Cyber resilience enables an organization to continue normal business operations without any interruption during and after disruptive events such as cyberattacks or technical failures. When done right, cyber resilience enables an organization to remain operational despite significant cyber disruptions.

Key Components of a Cyber Resilience Framework

Given the unprecedented surge in cybercrimes, most businesses would agree that cyberattacks are no longer a matter of “if” but “when.” As such, your business…

Source…

Enhancing cyber resilience: What your team needs to know

/in


In the wake of malicious attacks, we often witness everyone focusing on searching for those responsible, as opposed to how or why the attack took place and the most critical lessons that we can learn as a result. This line of thinking is wrong and here’s why.

enhancing cyber resilience

To start, attributing attacks to the responsible party or parties is difficult as bad actors use a variety of techniques to mask their malware’s origins. Secondly, we may wish to know who performed the attack so that retribution or justice can be served, but this knowledge does absolutely nothing to prevent such an event from occurring again, perhaps even in the same way.

By focusing on the “where” or “who,” you are neglecting to analyze the nature of past attacks and discover the lessons that can be learned from them.

Enhancing your cyber resilience while applying key learnings

1. Previously effective analysis techniques are nearly useless because of modern compilers

In the past a Bayesian analysis would help identify clues in the code that might lead to a possible point of origin, followed by analysis of the source code, binaries, the subroutines, the sequence of instructions, and the language embedded in the code to paint a picture of where the malware might have originated.

However, today’s modern optimizing compilers make it nearly impossible for those previously effective analysis techniques to produce useful information.

2. Previously reliable indicators are no longer reliable

While certain indicators, such as tags, language and variable names in the code can provide a glimpse at who might have written it, the truth is that these are easily masked by savvy attackers to distract and mislead. A bad actor can simply put comments in Farsi or Mandarin to make it appear as though the code originated in the Middle East or China.

It is also quite possible that the code used to attack your organization has been purchased from a threat actor in another country. So, threat actor A, in let’s say Italy, purchases malware from threat actor B, in Russia, who then weaponizes it and uses it in their attacks against an organization anywhere in the world. And, unfortunately, attackers are getting more…

Source…

How to achieve ransomware resilience in three steps

/in


Article by Bitglass CTO Anurag Kahol.

 

Amid a global pandemic that has challenged organisations to shift to remote operations, cyber-criminals are ramping up their attacks, particularly with ransomware. Malicious parties are taking advantage of the ‘new normal’ work environment to launch ransomware attacks that target gaps in companies’ security postures.

Organisations need to have adequate cybersecurity controls in place as attackers are in a prime position to exfiltrate personally identifiable information (PII) or get their victims to pay ransoms.

All organisations need advanced threat protection to stop ransomware attacks and ease the impact if they do occur. By deploying the right technology, firms can build a resilient IT ecosystem that ensures business continuity.

 

Implement on-device SWG

The internet serves as a valuable vehicle of attack for cyber-criminals, which is why defence against malicious web destinations (malware, phishing, and command-and-control sites) is critical. This protection is best achieved through the use of a secure web gateway (SWG).

This technology helps organisations to defend against online threats by stopping access to malicious destinations in real-time. However, as otherwise innocuous web destinations can be used to download infected files (for example, through file attachments on Gmail), being able to scan files for threats at download and block them in real-time is critical functionality.

Businesses should use an on-device SWG that decrypts and inspects traffic locally on each endpoint, avoiding backhaul latency, privacy violations, and the cost and scalability challenges associated with SWG appliances.

Additionally, leading SWGs should serve as one part of a secure access service edge (SASE) platform along with technology such as cloud access security brokers (CASBs) and zero trust network access (ZTNA) for reliable, wide-ranging protection.

 

Deploy multi-mode CASB

CASBs are designed to secure the cloud for organisations, providing defences for corporate software-as-a-service (SaaS) apps and infrastructure-as-a-service (IaaS) platforms.

CASBs can be deployed in different modes that can shield against ransomware in…

Source…

ARIN’s 2019 Caribbean outreach program will focus on internet security and resilience – Caribbean News Now

/in

ARIN’s 2019 Caribbean outreach program will focus on internet security and resilience  Caribbean News Now

PROVIDENCIALES, Turks and Caicos Islands — The American Registry for Internet Numbers (ARIN) has announced an expanded Caribbean outreach …

“internet security news” – read more