Pros and Cons of “SOC” (SOC as a Service) or “MSS” (Managed Security Services)

CybeRiskBlog, Cybersecurity

SOC as a Service

For some years now, enterprises looking to reduce the strain on their financial, human, and other resources have been looking to external suppliers to flesh out their organizational portfolios – in the form of cloud-based infrastructure, applications, and services, or the outsourcing of essential functions to qualified third parties. Enterprise security has not been exempt from this trend, and with the evolution of the outsourcing market has come the packaging of almost every aspect of IT as a subscription-based or on-demand commodity. Service offerings from third parties give enterprises the opportunity to gain from state-of-the-art technologies and the expertise of seasoned security professionals, while avoiding the significant capital outlays, recurring and maintenance costs, and management complexity of having to do … Read More

Healthcare Cyber Attacks – Hospital’s Critical Unit and The Cyber Threat

CybeRiskBlog, Cybersecurity

Healthcare Cyber Attacks

In its “2017 Fourth Annual Data Breach Industry Forecast”, Experian predicts that organizations in the healthcare industry will be the prime targets for cyber attacks this year – continuing a trend established over the past two years with several low and high-profile ransomware assaults on hospitals and other healthcare institutions which netted the perpetrators significant gains in both finances and notoriety through reputational damage. Healthcare Cyber Attacks are an issue of growing concern to the patients, staff, administrators, and stakeholders of healthcare institutions across the globe. Update: In early May 2017, over 200,000 victims in over 150 nations were affected during widespread attacks involving a strain of ransomware variously dubbed WannaCry, WCry, or WannaCrypt. Prominent among them were numerous healthcare … Read More

Cyber Security Incident Response – Some Valuable Lessons Learned

CybeRiskBlog, Cybersecurity

Incident Response

The past couple of years has seen a rash of data breaches, malware infections, and other security issues in the business, governmental, and institutional spheres – incidents both high-profile and more privately contained. Forensic investigators and response teams have encountered evidence of new and established attack vectors and techniques, adding to a growing global store of security and threat intelligence. But too often, the emphasis has been on stockpiling and analyzing information on malware variants, attack methodologies, and the consequences for affected systems and networks, ignoring the valuable lessons that can also be learned from incident response and how security incidents are actually being handled. To help redress this balance, this article summarizes much of the accumulated wisdom of security … Read More

Macro-based Malware – How Hackers Exploit MS Office and Open Office (Macro) Files for Phishing

CybeRiskBlog, Cybersecurity

macro-based malware

The market-leading Microsoft (MS) Office and OpenOffice suites of productivity applications have achieved worldwide distribution and popularity – so much so that in the minds of many users across the globe, these software packages are synonymous with basic business practices like word processing, scheduling, spreadsheets and database management. In some regions, the acquisition and selling of certified skills in these productivity suites are an industry, in their own right. But in the minds of cyber-criminals, high-profile software equates to high-profile targets – and almost since their inception, these platforms have been fair game for hackers using their inherent functionality and unaddressed vulnerability issues to achieve their own ends. Historically, the subversion of macros – documents and tools containing scripts that … Read More

Radio Frequency IDentification – Why RFID Cloning is a Major Security Concern

CybeRiskBlog, Cybersecurity

RFID

In an information security environment where “multi-factor authentication” is becoming the watchword, and both users and enterprises are shying away from traditional keypad-based and numeric methods of personal identification and access control, a technology that makes it possible to instantaneously authenticate individuals via hardware they can keep in the change pocket of their jeans makes good marketing sense. Such a technology exists in radio frequency identification (a.k.a. Radio Frequency IDentification or RFID) – but its many applications and ease of deployment are among the very factors now rendering it such a major security concern. RFID – A Nice Idea in Principle Radio Frequency IDentification or RFID uses radio waves for the reading and writing of digital/computer data. It allows objects … Read More

Detection and/or Prevention in Cyber Defense (SOC)

CybeRiskBlog, Cybersecurity

Cyber Defense

Within information security circles, the debate still rages as to which approach is best for ensuring effective cyber defense: Prevention of threats before they have the opportunity to affect protected resources, the early detection of (and rapid response to) threats that have already breached corporate defenses, or some combination of the two. The decision as to which approach is best will have a direct effect on the working practices, policy-setting, and ultimately the technologies acquisition and deployment of enterprise security operations centers (SOCs). In this article, we’ll be looking at the prevailing arguments in the detection/prevention debate, and which trends are likely to affect corporate strategies for cyber defense. Escalating Attacks Creating a Need for an Inclusive Approach to Cyber … Read More

Is it Safe to Use Public Wi-Fi? Some Recommendations and Safety Tips

CybeRiskBlog, Cybersecurity

Public Wi-Fi

It’s a sad truth that, in the quest to remain online and “tuned in” at all times (to current events, work, or social media) users given the opportunity for free internet access will jump at the chance, without considering the wider questions and potential consequences. How is access being granted? Who’s governing the network? How secure is it? And how well protected am I? All of these issues apply in the case of public Wi-Fi hotspots – and getting satisfactory answers to these questions, or taking steps to deal with the problems they raise could mean the difference between an incident-free internet experience, and a laptop or smartphone-laden with malicious software, or a device that leaks personal data and company … Read More

The Usage of Drones in Cyber Attacks – Both as Targets for Attack and as Potential Attack Vectors

CybeRiskBlog, Cybersecurity

Usage of Drones in Cyber Attacks

As digital circuitry and wireless technology become an integral part of increasing numbers of consumer and industrial goods, the opportunities available for cyber-criminals to compromise or exploit these items grows, in tandem. Unmanned Aerial Vehicles (UAVs) or drones are now being looked upon as an emerging security issue in this respect – both as targets for cyber-attack, and as potential attack vectors for malicious actors, themselves. An Expanding Range of Influence Following their successful deployment in military and intelligence applications, drones have seen rapid adoption in the commercial sector, with unmanned aerial vehicles acting as a supplement or substitute for traditional modes of delivery. Retail outlets, food chains, and restaurants are now routinely using drones to fulfill customer demands for … Read More

Big Data Platforms vs SQL Server – Business Analytics Driving Debate

CybeRiskBlog, data security

big data

Dismissed by some in the development community as “Scarcely Qualifies as a Language”, SQL in its various proprietary forms (MySQL, SQL Server, Oracle etc.) has long been the standard for relational database management systems (RDBMS). But with the growing importance of online commerce and enhanced methods of information gathering, the need to factor unstructured data sources into the mix of business analytics has fueled a drive towards big data technologies. In this article, we’ll be considering how big data analytics platforms and SQL-based architectures square off against each other. Big Data vs SQL Server – Different Structural Approaches Relational database management systems (RDBMS) have been using tools based on Structured Query Language or SQL since it was first developed some … Read More

Real World Cyber Threats Creating Need for Penetration Testing for Cars

CybeRiskBlog, Cybersecurity

Penetration Testing for Cars

Gone are the days when motor vehicles consisted entirely of metal parts, cog wheels, gears, and tubes. Modern automotive engineering is as much a matter of interconnected and software-based IT components as one of valves and gaskets. It’s become standard practice to test the various elements comprising a vehicle for physical performance criteria and safety – fuel consumption, braking, steering, handling in adverse weather conditions, and so on. But a comprehensive and standardized procedure for testing vehicular IT components for robustness and resilience to security vulnerabilities has yet to become part of the mix. Yet there’s ample evidence that automotive cyber security risks are as much of a threat in the automotive sphere as they are in the public or … Read More