Risk Management

With Cyber Threats Evolving Increasingly, Effective Risk Management is The Masterkey

Corporate information security risk management is undoubtedly a tough job, especially when we know that Businesses keep generating large volumes of data and allow cyber threats to evolve.

 

Now some people may blame control frameworks, but these are simply cataloging the possibilities. But I would say that broken risk models are to be blamed. They leverage a “need to catch them all approach” and pretend that there is a linear relationship between loss exposure and security controls. This ignores many crucial variables like attacker capability, frequency of attack, and the organization’s tolerance for loss.

Now, this approach finds its way into auditing frameworks very often, but it treats every missing or deficient thing as a risk, and this has allowed risk statements to express zero appetites to make their way to corporate boards and senior executives. For any Organization with a limited budget, the risk appetite statements “we don’t accept any cyber-related risk” are virtually impossible to put into action. This means that they will have to spend every dime to avoid a loss, but still, no one can guarantee a future with zero incidents.

However, statements about loss and risk should focus on the range of the amounts that could be lost and the timelines over which these losses may occur. This is where effective risk management plays a vital role.

Effective Risk Management

Effective risk management allows any Business to attain an acceptable amount of loss over time with the least amount of capital expenditure. It helps balance the money spent today to reduce risk against the probability of some amount of loss in the future. Good risk management is not about perfect risk avoidance, because this notion would choke off innovation and good Business management.

Risk reduction investments are all about curtailment. Business innovation can be curtailed without the right amount of freedom to operate without safeguards in place.

Navigating Risk


Do you know what is the most important thing if you intend to navigate risk and approach risk elimination through a security control process? Having a good model that represents the nature of risk accurately. But that’s not all. This model should support the modern needs of Organizations, like a budget for risk allocation or the purchase of cyber insurance.

 

The cybersecurity experts at Neumetric believe that effective risk management can help an Organization to get where it wants and avoid pitfalls and surprises along the way. This way Organizations can achieve their Business objectives and with effective risk management, there will be more informed risk-taking and decision making. 

 

Neumetric, a cybersecurity services, consulting & products Organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

Why Cybersecurity Matters the Most During the Coronavirus Pandemic?

The emergence of Information Technology as an ubiquitous aspect of our lives has been one of the defining aspects of technology revolution that has helped in economic and social progression of our country over the years. But the ongoing coronavirus pandemic is an opportunity for Organizations to assess their IT infrastructure and focus at deploying robust and advanced cybersecurity solutions. 

While the Covid-19 situation continues to disrupt global health, political, economic, and social systems, the risk of cyberattacks that prey on our increased reliance on digital tools and the uncertainty of the crisis, has become another unseen threat rising in the digital space. Do you know why cybersecurity matters more than ever during this Covid-19 pandemic? Here’s why.

Dependency on Digital Infrastructure

While coronavirus pandemic has compelled most of the IT people to work from home, dependency on digital communications has multiplied drastically. The Internet has become the channel for effective human interaction and the primary way to contact, work, and support each other.

While businesses and public sectors are enforcing “Work From Home” policies, social interactions have become confined to video calls, social media posts, and chat platforms only. Even the governments of many countries are disseminating information through digital means. For instance, in the UK digital is made the default mode of communication to instruct citizens for any updates in order to avoid flooding of phone-based information services with requests.

Therefore, in this unprecedented context, a cyberattack can be devastating for Organizations and even the families. In a worst-case scenario, a cyberattack can cause widespread infrastructure failure that can take an entire community or a city offline, obstructing public systems, networks, or even healthcare providers. In the past few days, the US Department of Health and Human Services had become the target of cyber attackers with the intention to disrupt operations and information flow.

Fear & Uncertainty open doors for Cybercrime

Cybercrime exploits human weaknesses like fear and uncertainty to penetrate systemic defenses. In an unprecedented situation caused by Covid-19, people might make mistakes they would not have made otherwise. Making a mistake in terms of which link you click on or whom you trust with your data can prove to be devastating.

According to some estimates, 98% of cyberattacks deploy social engineering methods. Attackers are extremely creative in devising new ways to exploit users and technology to access passwords, data, and networks. They often capitalize on popular trends and topics to tempt users into unsafe online behavior.

Stress can be a major reason to provoke users to take actions that may be considered irrational otherwise. For instance, a recent global cyberattack targeted people looking for visuals of the spread of COVID-19. The malware was cloaked in a map displaying coronavirus statistics loaded from a legitimate online source. Users were asked to download and run a malicious application that compromised the computer and allowed hackers to access stored passwords.

More time spent online will lead to more Cybersecurity Risks

With more time spent online, inadvertently risky internet behavior will also increase. For instance, a user may fall for “free” access to obscure websites or pirated shows that may open doors to malware and cyberattacks. Likewise, there can be hidden risks in requests for credit card information or the installation of specialized viewing applications. Therefore, clicking on the wrong links or expanding surfing activities can prove to be extremely dangerous and costly.

The Solution for Cybersecurity

Neumetric, a cybersecurity services, consulting & products Organization recommends that just like addressing the COVID-19 pandemic requires us to change our social habits and routines to fight the virus, small changes in our online behavior can help maintain high levels of cybersecurity. Here are three simple solutions.

Solution 1: Level Up the Cyber Hygiene Standards: A review of your digital hygiene is necessary. You must ensure that you have a long, complex router password for the Wi-Fi. Along with this, your system firewalls must be active on your router and you should not reuse passwords across the web. You can invest your money in a password manager and make sure that you use a reliable VPN for internet access wherever possible.

Solution 2: Extra Vigilance on Verification: You should be extra careful when installing software and giving out your personal information. Clicking on any links from email should be avoided. While signing up for new services, the source of every URL should be verified. You must also ensure that the apps or programs that you install are the original versions from a trusted source. Any potential mistakes online can contaminate others in the Organization or the wider community. So, you must be extra vigilant in verifying sources.

Solution 3: Official Updates: You must update your system software and applications regularly to patch any weaknesses that are vulnerable to exploiting. If at any stage you feel that the advice you are being given sounds unusual, you should search the Internet to see whether others have similar concerns. You can search for a well-known site that can help verify the legitimacy of the information.

Your personal behavior can prove to be instrumental in preventing the spread of dangerous infections in the digital world.

Neumetric can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

6 Cyber Threat Areas under Target During Covid-19 Pandemic. Stay Vigilant

Covid-19 pandemic has left many organizations and individuals to embrace new practices like remote working, as a precautionary measure. While the world is focused on health and economic threats posed by the deadly virus, cybercriminals are capitalizing on this crisis, leaving the organizations vulnerable to security breaches. This is the time for security and risk teams to remain vigilant and focus on strategic areas to avoid cyber threat.

Cyber Attackers are not taking any time off

In the Czech Republic, a cyberattack froze all emergency surgeries and rerouted critical patients in a busy hospital that was fighting the COVID-19 pandemic. In the United States, multiple workers received phishing emails after the government relief bill was passed. In Germany, one of the food delivery companies fell victim to DDoS attack (Distributed Denial Of Service).

Despite the global pandemic, cyber attackers are not taking any time off from cyber threats. With employees shifted to working remotely and businesses trying to handle the virus, security and risk management teams should be more vigilant than ever.

Many security and risk teams are now operating in completely different environments and mindsets. Therefore, taking pre-emptive steps to ensure the resiliency and security of the business operations is very crucial right now, as cyber attackers are seeking to exploit human nature and nonstandard operating modes. Cybersecurity experts at Neumetric, the top cybersecurity company in Bangalore for consultation & products, believe that with many overwhelming priorities, it is essential for security and risk teams to focus on these 6 areas.

Area 1: Incident Response Protocols

With most of the security and risk teams operating in different environments and mindsets right now, incident response protocols may become obsolete and need to be adjusted. Incidents that can be well-managed risks otherwise can become bigger issues if the team is unable to respond effectively. Therefore, the response team should be reviewed thoroughly.

Organization’s incident response protocols must reflect the altered operating conditions and should be tested at an early stage. The primary, secondary and alternate roles must be filled, and everyone should have access to the equipment they need to be effective. This is a good time to connect with the suppliers and check what hardware they have and if you can get it to the right people when required. All documentation must be reviewed, and a walk-through must be conducted with a careful watch for any problem areas. If the company is not cybersecurity incident response capable, it should consider using the services of a Managed Security Service Provider.

Area 2: Remote Access capabilities should be secured

During the Covid-19 pandemic, most of the organizations moved to remote work immediately. Therefore, security teams wouldn’t have performed basic endpoint hygiene and connectivity performance checks on corporate machines. Along with this, employees would also be using their personal devices for work. In such a scenario, it is crucial that all remote access capabilities are properly tested and secured, and the endpoints used by employees should be patched. The corporate laptops should have minimum viable endpoint protection configurations for off-LAN activity. Risk and security teams should be cautious with access to corporate applications where mission-critical or personal information is stored from personally owned devices.

Area 3: Active member of Security Team should be a part of the Crisis Management Team

The organization must ensure that someone from the security team is part of the crisis management team in order to provide guidance on security concerns and business-risk-appropriate advice. They should be able to confirm whether personal devices have adequate anti-malware capabilities installed and enabled. If not, they should work with the employee and their corporate endpoint protection platform vendor so as to ensure the device is protected. Options like software-token based multifactor authentication are also useful in ensuring that only authorized personnel have access to corporate applications and information remotely.

Area 4: Employees working from home must remain Vigilant

While employees are working from home during the coronavirus pandemic, they will have distractions than usual and they might not be as vigilant about security during a time where cybercriminals will exploit the chaos. Therefore, it is necessary that organizations reinforce the need for employees to remain vigilant to socially engineered attacks. The senior leaders should be reached out with examples of target phishing attacks, and the employees should be warned of the escalating cyber threat environment and suspicious activities. Reminders should be sent every two weeks regarding remote and mobile working policies. They can also access security awareness training material in case of freshers and must be aware of whom to communicate if they suspect a cyberattack along with a clear course of action.

Area 5: Complete visibility of expanded Operating Environment

The relocation of the workforce including the security and risk management team to remote locations creates the potential for cybersecurity teams to miss events. Therefore, it is crucial for organizations to ensure that security monitoring capabilities are tuned to have visibility of the expanded operating environment.

The monitoring tools and capabilities should have maximum visibility. Internal security monitoring capabilities and log management rule sets must enable full visibility. In case the organization is using managed security services providers, the monitoring and logs should be adapted in a manner that makes sense for the new operating landscape.

Area 6: Cyber-Physical Systems Security Challenges

With coronavirus pandemic stressing many pieces of the economy, the cybersecurity concerns have extended to cyber-physical challenges, especially given the increase in automated services and systems. For instance, a robot may help in a hospital to reduce the human workload, but at the same time, it should be deployed safely. Many law firms are asking employees to disable voice assistants and smart speakers. Security and risk teams must focus on ensuring foundational CPS/OT security hygiene practices like network segmentation, asset discovery, and evaluating the risk of fixing a vulnerability against the risk, probability, and impact of an attack so as to prioritize scarce resource deployments.



6 Malicious Phishing Campaigns in Action – How COVID-19 is Being Exploited by Cyber Criminals?

Big Tech giants, intelligence agencies, and security firms, everyone is ringing alarm bells over the growing threat from Cybercriminals in the wake of the COVID-19 pandemic panic. Opportunistic Malicious phishing threats, ransomware attacks, and other malicious activities, these criminals are threatening Organizations all around the globe.

Exponentially increasing numbers

According to a recent report by Barracuda Networks, a cloud-enabled security and data protection solution provider, a variety of Malicious phishing campaigns are using Covid-19 situation as a lure to trick distracted users, capitalize on the fear and uncertainty of the intended victims, spread malware, steal credentials, and scam users out of money.

As per the reports, the amount of COVID-19-related email attacks has increased by 667 percent since the end of February, this year. A total of 1,188 coronavirus related email attacks were detected in February, while just 137 were detected in the month of January. The researchers at Barracuda detected 467,825 spear-phishing email attacks, between 1st March and 23rd March, and 9,116 of those detections were related to COVID-19, making it nearly 2% of attacks.

6 Malicious Phishing campaigns & scams in action

There’s no rest for security teams and cyber defenders from protecting their colleagues, friends, and families from threats amid the pandemic. Cybercriminals continue to screw the victims, adding onto their busy slate of attacks a host of new coronavirus driven attacks. Since phishing campaigns and scams are skyrocketing amidst the crisis, here are some examples in action that researchers have dug up over the past several months as the situation persists.

  1. Government relief fund scams: With government representatives enacting legislation to provide relief funds for those left unemployed or monetarily impacted by COVID-19, cybercriminals are ramping up phishing ploys that imitate government correspondence for funds to trick people into giving up their credentials. These scams have targeted people from all around the world.
  1. Imitation of Health Organizations: Savvy criminals have been aiming to piggyback off of the legitimacy of several health Organizations like the World Health Organization (WHO) and Centers for Disease Control (CDC), to design a range of phishing lures. In the month of February, Sophos researchers reported fake advisory emails that used the urgency of the pandemic situation to trick users into exposing credential information.
  1. Coronavirus tracking app ransomware: Researchers at DomainTools found that in mid-March, attackers created bogus COVID-19 tracking apps trapped with ransomware. For instance, Dubbed CovidLock was ransomware that was found working by using a screen-lock attack against Android phones. It forced a change in password governing the device’s screen-lock capabilities.
  1. COVID-19 Testing Kit scams: COVID-19 testing kits are also being targeted to run a variety of scams. These are spanning across emails, robocalls and there were also text message phishing attempts, according to the Federal Communications Commission (FCC) and Better Business Bureau (BBB). This has run across a range of other robocall scam lures tied to Covid-19, including work-from-home opportunities, debt consolidation, and student repayment plans. Many of these aren’t just targeted toward consumers, but also small Businesses.
  1. Face masks and medical supplies: Similar to Covid-19 testing kits, face masks, and other hard-to-find medical supplies are also being used for phishing attempts. According to Bitdefender researchers, in March they ran through a range of new websites that were cropping up with promises of great discounts on masks and other supplies. While some promised limited time offers, others asked for Bitcoin payment to set the hook for desperate victims. 
  1. DNS Hijacking nudging to phishing sites: Researchers at Bitdefender also discovered targeted DNS hijacking attacks against the home routers that new work-from-home employees depend on for connectivity. The attacks redirected users to coronavirus themed pages that were loaded with malicious info-stealer payloads concealed as COVID-19 informational apps.

Experts at Neumetric, a cybersecurity services, consulting & products Organization, believe that phishing campaigns and scams are a widespread problem that poses a huge risk to individuals and Organizations, especially during the Covid-19 crisis. Needless to say, this is something that everyone needs to be aware of, because these attacks are not going to go away anytime soon. But a little awareness can help keep these cybercriminals at bay.

Scroll to top