Web of Spies

Ever since Edward Snowden revealed the extent of state-sponsored espionage over the Internet in 2013 businesses have been acutely aware of just how vulnerable data communications are to being intercepted. It is no coincidence that in the same period cybercriminals have also stepped up their attempts to spy on organisations. For example, the use of Advanced Persistent Threat (APT) malware and ransomware to try to capture valuable financial or customer data for financial gain has risen dramatically. While no defense method is ever 100% impregnable the risk of snooping and theft of sensitive data can be significantly reduced by encrypting it using VPNs.

Cloud Security Pitfalls to Avoid

Cloud computing technology is fast becoming an attractive alternative to maintaining IT systems and applications on premise. In-house management and maintenance of IT is costly and resource-hungry. Small and medium-sized businesses in particular benefit from the way cloud services give them access to greater processing power and IT expertise than they could ever aspire to with the modest budgets and resources of their own. Cloud computing also provides an opportunity for large organizations to enjoy economies of scale for the high data volumes produced by the many and various devices, operating systems and applications they use.

A Look at BYOD in 2016

Happy 2016! It’s a new year, and a time for fresh resolutions to improve your life over the next 12 months, whether that involves running a marathon, getting a new job or taking that trip abroad you’ve been putting off.

But for businesses, those New Year’s resolutions should be expressly focused on stronger security. With data breaches, email hacks and password thefts becoming more and more commonplace – and each cyberattack casting wider nets of victims – this is one resolution that can’t be allowed to fall through.

As the Dust Settles: The Value of Secure Remote Access in the Hours After a Cyberattack

The first 24 hours after a cyberattack are chaotic. The investigations and conclusions will come far down the road, but in the immediate aftermath of an attack, the entire organization is in reaction mode. The public relations team will update media members hungry for additional details. If an attack affects an organization’s own employees, the human resources department will issue alerts internally. The legal team will remain on standby to ensure regulatory requirements are met, offer counsel and guide the organization through the first few days of what is likely to be a process lasting many years. For the IT department, meanwhile, those first few hours are all about containment – discovering the origin of an attack, isolating or stopping its harmful effects, and securing IT systems to assure continuity. Yet, in many cases, victims of cyberattacks aren’t taking these critical first steps. According to a new survey by the SANS Institute, only 59 percent of organizations are able to contain attacks within 24 hours and more than half claim to be dissatisfied with the length of time it takes for them to contain and recover from an attack. Even the federal government doesn’t really have a perfectly coordinated strategy for responding to these events. As last summer’s hack of the Office of Personnel Management (OPM) showed, the government isn’t well equipped to react quickly to emerging threats and successful attacks, and individual agencies don’t always take ownership of a coordinated response. Fortunately, most businesses don’t have such a burden. Most are more agile than the government, and therefore better positioned to respond quickly, even if the findings of...

How Far Does Your Cybersecurity Umbrella Extend?

Network administrators: No matter how impenetrable you think your network defenses are, there are always going to be remote access vulnerabilities that threaten the integrity of your walls. Often, it’s a threat that originates from outside the immediate range of your defenses, and it’s one you may not have any visibility into. Recently, these threats have started to originate from third-party partners – a company’s vendors, suppliers, agencies, firms and other outside service providers. These are often smaller companies with less sophisticated remote access defenses that, when they become a target of cyber crooks, provide a path for an attacker right into the heart of another company’s network. Target found this out the hard way, after its network was breached when attackers gained entry by acquiring network credentials though a third-party HVAC vendor. So did Lowe’s, after one of its vendors backed up customer data on an unsecure server and unknowingly exposed the information to the broader Internet. Goodwill, too, suffered a breach because of a vendor, this time a retail POS operator that acknowledged its managed service environment “may have experienced unauthorized access.” While it may seem odd for big-name companies to provide such privileged access to third parties and, in the process, put themselves in harm’s way – either deliberately or inadvertently – it’s actually quite a common situation. As Brian Krebs reported in the aftermath of the Target breach, large retailers often provide HVAC and energy vendors with privileged network access so they can alert retailers around-the-clock in the event something goes wrong in one of their buildings. As a source told Krebs, “Vendors need to...