Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2021

Phishing Attacks Often Target Small Businesses - Here's What to Watch for

Scammers target businesses with phishing emails all the time, pretending to be legitimate customers or vendors asking for payment. While any company can be vulnerable to this type of attack, small- to medium-size companies are particularly vulnerable because it is easier for a scammer to do a bit of research online and identify the right people to impersonate or send a phishing email to.

The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions

Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial control systems (ICS). The impact of such an attack is amplified by the growing reliance on automation and antiquated protocols throughout many OT networks.

Cloud Compliance Best Practices: A Quick Overview

Cloud compliance is more important than ever, especially as businesses and organizations continue to engage in remote and digital work practices due to COVID-19. Even before the pandemic, more and more companies were migrating to the cloud. But what exactly is cloud compliance, and what are some best practices you should keep in mind if you’re shopping for a provider or looking to enhance your current computing system?

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate informational technology (IT) and OT environments effectively. That doesn’t always happen, however.

Everything You Should Know About the HIPAA Enforcement Rule

With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new developments. One of the latest such updates is the Health Information Portability and Accountability (HIPAA) Enforcement rule, which has caused quite a stir in the industry due to confusion about its applicability.

A Cure for a Disheartened Cybersecurity Professional

Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another security company calculated the total number of ransomware attacks for the year to be around 65,000, wrote NPR. That’s about seven ransomware incidents every hour.

New Bill Could Force U.S. Businesses to Report Data Breaches Quicker

A bipartisan Senate bill would require some businesses to report data breaches to law enforcement within 24 hours or face financial penalties and the loss of government contracts. The legislation from Senate Intelligence Chair and Democratic Senator Mark Warner with Republican Senators Marco Rubio and Susan Collins is just one of several new cybersecurity bills that will likely be debated this year. If passed, the bill could require certain U.S.

IT/OT Convergence or IT/OT Integration?

IT/OT convergence is an oft-repeated term, and maybe it’s the wrong term. From a technology standpoint, IT/OT convergence has been occurring since at least the 1990s when HMI/Operator Stations began running on Windows and when Ethernet began displacing deterministic custom LAN protocols in the OT realm. This technology convergence has continued with networking, cybersecurity, virtualization, edge, zero trust, etc.

Last (Executive) Orders Please: Supply Chains, Policy and Modernising Cybersecurity

An EO is a written, signed, and published directive from the President that manages operations of the federal government, and although some EO’s require legislative approval, they effectively become law. It comes on the back of several high profile incidents involving Microsoft (Exchange), SolarWinds and the recent Colonial Pipeline incident. It is seen as a much-needed step to modernise and protect federal networks and improve information sharing between the private and US government.

What is a SIEM, And Why Should You Have One?

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified, holistic view of your infrastructure.

Top 5 NCSC Cloud Security Principles for Compliance

There are many important factors to consider when choosing a cloud provider for your cloud use cases. For organizations in heavily regulated industries, compliance with relevant regulations is one of the most important things to think about. Whether you’re planning for a single cloud workload or a hybrid multi-cloud setup, maintaining compliance for sensitive data in the cloud is imperative.

CISO Interview Series: How Aiming for the Sky Can Help Keep Your Organization Secure

Organizations need the right internal personnel like a CISO to keep their systems and data secure. But what kind of skills do these leaders need? And how should they guide their employers in a way that doesn’t overlook the evolving threat landscape? To find out, I spoke decided to speak with Goher Mohammad. Goher is the Group Head of Information Security (CSO) for L&Q. He has held that position there for just under three years.

US offers $10 million reward in hunt for state-sponsored ransomware attackers

The United States Department of State is offering a reward of up to $10 million for information leading to the identification of anyone, working for a foreign government, who participates in a cybercriminal attack against American critical infrastructure. The news of the reward comes at the same time as the White House announced it was setting up a ransomware task force following a series of high-profile attacks in the United States.

What are Product Security Incident Response Team (PSIRT) Best Practices?

In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but deferred the small fix until the next release, more than 6 months later.

98% of Infosec Pros Say Multi-Cloud Environments Create Additional Security Challenges, Reveals Survey

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another.

Lazarus gang targets engineers with job offers using poisoned emails

Security researchers at AT&T Alien Labs report that a notorious hacking group has been targeting engineers working in the defence industry. In recent months there have been a series of reports of malicious emails that use the disguise of a job offer to target defence contractors in the United States and Europe.

What is Asset Discovery? A Look Beneath the Surface

The corporate network can be a busy place with devices connecting, reconnecting and disconnecting every day. With the ever-growing landscape of today’s corporate networks, the difficulty of knowing and understanding what is on an enterprise network has highlighted the importance of effective asset discovery. So what does asset discovery involve? Asset discovery involves keeping a check on the active and inactive assets on a network.

Protecting Your Online Privacy: Three Levels of Security

Data leaks happen once every few months at least. Millions of users can have their phone number, address, and Social Security Number smeared across the internet in a matter of seconds. Your online browsing behavior is also sold legally by tech companies to the highest bidder. Ever seen an ad that is a little too specific? Most major tech companies rely on some form of data harvesting for revenue. As consumers, should we do anything? Can we do anything?

Bringing Governance, Risk, and Compliance to Life

I was recently asked to host a round table discussion on ‘Governance, Risk and Compliance‘ (GRC), and I have to admit I was more than a little excited. Why? Because the other people around the table were leading lights in the world of Cybersecurity, Risk and Resilience, and I was looking forward to exploring how a GRC framework can work across industries and learning some valuable lessons from those around our virtual table.

The Rundown on Google's Cloud Security Foundations Guide

Google recently released the new Cloud Security Foundations Guide. We’re going to take apart Google’s guide and show you what’s worth looking into. First, an introduction. “This comprehensive guide helps you build security into your Google Cloud deployments.” – Google What’s going on: Google Cloud Services are out there, being deployed in the wild, untamed. This guide is Google’s self-proclaimed “opinionated” view on keeping them safe.

The Aviation Industry Needs to Move Towards Cyber Resilience

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry.

Top 5 Scam Techniques: What You Need to Know

Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that the scam relies on proven scam techniques once the narrative is stripped away. These scam techniques often exploit our characteristics and heuristics, or things that make us human and fallible.

How Dockershim's Forthcoming Deprecation Affects Your Kubernetes

Container orchestration platform Kubernetes announced in December 2020 that its third and final release, Kubernetes v1.20, would deprecate dockershim and subsequently Docker as a container runtime. This deprecation has brought multiple changes that admins must be aware of and accordingly respond to.