Tag Archive for: Test

The 5-Question Test to Assess Your Readiness to Manage Insider Threats

/in


An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this access. Sometimes it is an outside attacker who gains credentialed access and waits for the right time to strike. In both cases, traditional security measures tend to focus on external threats and are not always capable of identifying an internal threat from inside the organization.

A paper written by Forrester Research in late 2021, Insider Threats Drive Data Protection Improvements, revealed that 58 percent of sensitive data security incidents are caused by insider threats. This report highlighted that nearly a third (31 percent) of firms surveyed do not believe insiders are a substantial threat, and suggests this is a principal reason why insider threats make up such a high proportion of security incidents.

While company leadership teams acknowledge that insider threats pose some risks, they don’t generate the level of urgency required to manage this risk effectively. This failure has a cascading effect; fewer than 30 percent of firms surveyed say they have an insider risk management strategy or policy. It is understandable that many organizations focus on perimeter and endpoint, first. Strong network and endpoint security, combined with vulnerability management lifecycle toolsets and a mature security operations center, are key to reducing overall risk. However, with insider events occurring more often than external, according to the report (58 percent vs. 41 percent), a more effective data security strategy vis-a-vis insider threats is needed.

There are steps organizations can take immediately that will mitigate some of the risk posed by insider threats. Some are straightforward, others will require some planning (not to mention board, team, and/or departmental buy-in). Take this five-question test to find out how well you currently manage insider threats.

1. Do you use multi-factor authentication (MFA)?

Multi-factor authentication cross-verifies privileged users with two different…

Source…

ESET Internet Security Review

/in



Up to £200,000 available to test security of smart devices used by nearly all UK businesses

/in


  • Successful bidder will research potential vulnerabilities in popular devices to better protect against cyber risks

  • Findings will help make sure current security measures and guidance are robust enough for evolving threats

Organisations can now apply for funding to support research into the cyber security of office devices which can connect to the internet, such as printers, cameras, and room booking systems, to ensure they are properly protected against hackers.

Thousands of UK businesses rely on these products, known as enterprise Internet of Things (IoT) devices, to increase productivity and enable hybrid working. The government is funding new research to uncover vulnerabilities in these commonly used enterprise IoT products and assess the cyber resilience of these devices.

Smart devices in the workplace can collect sensitive data which can be accessed by other users, making them an attractive target for cyber criminals to exploit. While devices may have some protections built-in, products with poor cyber security can leave companies using them at risk.

For example, in 2019 Microsoft’s researchers found Russian hackers were compromising conference phones and office printers in organisations across many sectors, though Microsoft was able to successfully block the attacks before they could cause any damage.

The successful bidder will be awarded up to £200,000 to test popular devices and help identify if current security measures and guidance, such as international standards and NCSC device security principles, are robust enough to protect businesses from evolving threats.

Cyber minister Julia Lopez said:

Technology played a pivotal role in keeping British businesses going during the pandemic, helping the pivot to hybrid working and boosting productivity ever since.

This research will ensure we have the right measures in place to protect our economy and keep our offices and workers safe from cyber security threats.

The grant is part of the government’s £2.6 billion National Cyber Strategy to protect the UK from cyber threats and grow the digital economy. It supports the UK’s objective to take the lead in the technologies vital to cyber…

Source…

Bitdefender Total Security 2019 Review | Tested vs Malware

/in