Cyber Defense eMagazine December Edition for 2021

More documents

Recommendations

Info

These cross-industry roles have collided to teach me valuable lessons about running transatlantic organisations -- as well as how to protect them from digital adversaries and nation-state threats. Through my diverse experience, I’ve learned that organisations can make improvements to their overall cybersecurity effectiveness by focusing on improving training, taking initiative, and increasing internal communication and collaboration efforts. Cybersecurity Culture Starts at the Top Leaders across each and every industry I’ve worked in are the ones who set the tone for how their teams engage with challenges, solutions and risks. A culture of security awareness and protection starts at the top. Their willingness to learn about cybersecurity can make a huge difference in the way the team approaches education and awareness. Cybersecurity training is often treated as a one-time, brief session to go over the basics such as password best practices and how to recognize phishing attacks. While this approach can be educational, there is a lack of engagement happening. organisations typically treat cybersecurity training as a ‘box ticking’ strategy, where employees are asked to do a training session and assume the job is done. In reality, employers should be creating a culture that helps people identify security challenges while also investing in the right technologies. Moreover, having a supportive and collaborative leadership team is crucial to creating a strong sense of involvement around cybersecurity. This involves taking a zero-trust approach to cybersecurity by assuming that there could always be risks. According to a 2020 Insider Threat Report, 68% of organisations reported that insider attacks were becoming more frequent. This involves having clear onboarding and off-boarding procedures for employees, hosting clear cybersecurity training sessions, regularly changing passwords, and having two-factor authentication on at all times. In addition, businesses should be aware of the best possible technological solutions. Taking Initiative with Cybersecurity Protection and Risk Factor Awareness In addition, many organisations struggle with corporate procrastination around cybersecurity issues. This can lead to major repercussions down the line. Issues should be addressed head on. There are many relevant examples of this such as an employee putting off changing passwords or implementing twofactor authentication. The number of stolen passwords and usernames in circulation has increased by 300% since 2018 (Digital Shadows Research Team). Passwords are shared between personal and work devices and are often written in plain sight rather than secured with a password manager. This further improves the importance of taking a proactive approach to cybersecurity measures. Passwords should be regularly changed and updated. Leadership teams should be taking these extra steps. Cyber Defense eMagazine – December 2021 Edition 50 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Another way leaders can take initiative in cybersecurity protection is by implementing proactive tools that work to prevent the problem before it arises. For example, Content Disarm and Reconstruction (CDR) technology removes potential threats from every file by inspecting, cleaning, and rebuilding files to a “known good” standard. Although some organisations may take some precautions, a leader or leadership team may not always understand the risks and how they should be addressed. For example, leaders may comprehend that ransomware attacks are on the rise but cannot translate that into the risks it presents to their own networks. Cybersecurity concerns should be addressed directly by preparing to implement change. This is not just about investing in technology but is about identifying the risk factors associated with major problems such as ransomware and phishing. While effective cybersecurity is built around strong technological solutions, organisations that are aware and ready to address these issues will always be better prepared. Clear Communication and Collaboration One of the biggest challenges and crucial values in the workplace is direct, honest communication and collaboration. In many organisations across sectors, there is a serious disconnect between leadership and other vital stakeholders. For example, some leaders view cybersecurity as an IT problem, and as a result, keep important issues at arm's length. They may not prioritize cybersecurity investment in the same way because it does not show a tangible ROI in most cases. There is still a large number of organisations that could benefit from prioritizing cybersecurity at a leadership level. Improving communication efforts between all parties is crucial to protect from growing cybersecurity risks. The estimated cost of cybercrime exceeded $1 trillion globally in 2020, more than a 50% increase in two years (The Hidden Costs of Cybercrime, McAfee). It is better for organisations to be prepared by investing in cybersecurity best practices before it’s too late. Ultimately, organisations can improve their approaches to cybersecurity as a whole by staying up to date on the latest threats, modernising cybersecurity training and technology and ensuring everyone from the board and executives to the security analysts themselves have a clear cut, coordinated plan in place. It’s no simple task, but after decades working in international relations, finance and technology and observing security practices across them all, I can assure you these steps will put your team on the right path. Cyber Defense eMagazine – December 2021 Edition 51 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: 9 Ways Social Media Sabotages Your
Page 3 and 4: How Do You Secure the Modern Supply
Page 5 and 6: @CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8: Cyber Defense eMagazine - December
Page 39 and 40: With over 4 billion users, social m
Page 41 and 42: Unsecure Mobile Networks When using
Page 43 and 44: However, as concerning as these pra
Page 45 and 46: Danny Lopez, CEO, Glasswall “Duri
Page 47 and 48: estoring data. Modern organizations
Page 49: When Diplomacy, Finance and Tech Co
Page 53 and 54: How Covid-19 Changed Advertising Fo
Page 55 and 56: However, this shift might not be su
Page 57 and 58: Why MFA Alone Isn’t Enough for Tr
Page 59 and 60: just highlights how vulnerable most
Page 61 and 62: on channels like email. This starts
Page 63 and 64: 3 Best Practices to Avoid Inevitabl
Page 65 and 66: For example, an employee may become
Page 67 and 68: and outcomes is essential for proje
Page 69 and 70: Electric Vehicle Charging: The Next
Page 71 and 72: Going forward, EV dealers, charging
Page 73 and 74: How does this relate to MFA? Well,
Page 75 and 76: constant exposure of countries to a
Page 77 and 78: Why do you need a malware sandbox?
Page 79 and 80: Multi-Cloud Security and Compliance
Page 81 and 82: If security controls are not consol
Page 83 and 84: How Do You Secure the Modern Supply
Page 85 and 86: The case for isolation Supply chain
Page 87 and 88: Don’t Take Yourself Out of The Ga
Page 89 and 90: The U.S. Government Accountability
Page 91 and 92: assessment criteria for the tasks f
Page 93 and 94: the file. This was a great techniqu
Page 95 and 96: the wake of the pandemic where the
Page 97 and 98: Certain communications are protecte
Page 99 and 100: At Salt Communications we work with
Page 101 and 102:
And it’s only getting worse. If y
Page 103 and 104:
The benefits are great When HDOs ha
Page 105 and 106:
4 Pillars of Privacy-Preserving AI
Page 107 and 108:
concern and a desire to be cautious
Page 109 and 110:
and stay safe online. That’s why
Page 111 and 112:
2. Enabling over-the-horizon threat
Page 113 and 114:
Techniques Used by Hackers to Bypas
Page 115 and 116:
Phishing scams avoid email security
Page 117 and 118:
ATO Detection Account takeover bene
Page 119 and 120:
How To Protect Your Digital Legacy
Page 121 and 122:
I worked with cybersecurity experts
Page 123 and 124:
Sextortion Email Scams What to Do a
Page 125 and 126:
Sextortion attacks are a type of cy
Page 127 and 128:
How to respond to a sextortion emai
Page 129 and 130:
Example 2:'You've been hacked' emai
Page 131 and 132:
How can this strategy be implemente
Page 133 and 134:
Surviving The New Era of Terabit-Cl
Page 135 and 136:
accompanying shift toward more digi
Page 137 and 138:
Survey results show businesses are
Page 139 and 140:
Enterprises Cannot Achieve Zero Tru
Page 141 and 142:
Capital One breach back in 2019. Ad
Page 143 and 144:
Cyber Defense eMagazine - December
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
CyberDefense.TV now has 200 hotseat
Page 163 and 164:
Books by our Publisher: https://www
Page 165 and 166:
Page 167 and 168:
show all

Cyber Defense eMagazine December Edition for 2021

Create successful ePaper yourself

Delete template?

Save as template?