expert-profile | Information Security Buzz

Vice President, EMEAfeature_status*/ ?>

ThreatConnect

Comments Dotted : 5

January 28, 2021

Data Privacy Protection Day (Thursday 28th) – Experts Comments

Despite CISOs having more data on emerging cyber threats and vulnerabilities than ever before.

Think of how easy it is to delete a social post accidentally. That is how easy it is for hackers to infiltrate your organisation’s whole security system. Businesses need to find a way to identify gaps in their programme and the risks those gaps represent to the organisation.

Despite CISOs having more data on emerging cyber threats and vulnerabilities than ever before, CISOs are struggling to explain to their boards of directors how at risk their organisations actually are from cyber attacks. The role of cybersecurity professionals is not solely about defending IT systems; it’s about risk mitigation and protecting the business from harm. Doing this effectively requires security professionals to come to grips with how to quantify and communicate risk. Once translated into this view, security and business are on the same page, and better decisions can be made.

Using a risk-led approach to cybersecurity makes prioritisation easy for teams, enabling them to focus on what matters most. By adopting cyber risk quantification coupled with threat intelligence and security orchestration, automation and response, a CISO's actions around the most critical vulnerabilities will be unified and streamlined, which can ultimately strengthen the entire security ecosystem for the foreseeable future.

Data Protection Day has been around for over ten years, but we’re still in a position now where we’re looking over our shoulders, waiting for the next breach to happen. One thing is certain; there is still more work needed to make sure simple errors are avoided and ensure organisations remain secure.

Read Less

November 17, 2020

Ticketmaster Fined £1.25m Over Payment Data Breach

Organisations must learn from this and act quickly to ensure their customer data remains secure in the long term.

The true impact of the 2018 Ticketmaster data breach has finally been revealed, with over nine million customers having their personal details stolen. Organisations must learn from this and act quickly to ensure their customer data remains secure in the long term. Not doing the basics leaves the door open for cybercriminals. Organisations must understand the importance of fostering a culture of security to make better decisions and mitigate increasingly sophisticated and complex cyber threats. It’s vital that organisations begin to quantify the risks available to them, asking themselves how likely am I going to get attacked and how damaging will it be to their overall infrastructure. Organisations will then be able to prioritise how best to protect their customers, helping security teams focus on the most important tasks at hand. Coupling risk quantification with intelligence sharing will guarantee a united and streamlined approach to protecting customers. The more information organisations are able to discover, the better their data driven decision making process becomes – in turn minimising organisational risks. With continuous insight, there is no doubt that threats can be mitigated as organisations collect the data, connect the dots, and understand the true nature of the threats they face. Read Less

July 13, 2020

UK ‘On Alert For China Cyber Attack’ – Comment

It is paramount states worldwide are prepared to protect their most valuable assets.

As seen in last month’s attacks on Australia’s national infrastructure, no country or organisation is exempt from large-scale attacks. With diplomatic rows surging, unease growing over Huawei’s role in developing 5G networks and the origins of COVID-19 being disputed, the risk of cyber warfare between countries is high. All countries need to be braced for a rise in politically motivated attacks and take the necessary measures to mitigate threats. It is paramount states worldwide are prepared to protect their most valuable assets. With highly sophisticated phishing, infiltration, and data leaking campaigns a possibility, nation states need to work together to ensure critical infrastructure remains secure. An ‘all for one, one for all’ approach is the best way forward. Suspicion surrounding the concept of collaborating needs to be surmounted and nation states need to move towards a unified approach to cybersecurity based on information sharing communities rather than a fragmented organisation-by-organisation approach. One thing is certain as tensions rise between nation states, Britain needs to take a tough stance to ensure critical national infrastructure is protected against incoming cyber-attacks. A more organised, combined approach will bring about collective security – one that pools together the resources and knowledge we have at our fingertips to assess the current threat environment. Read Less

June 19, 2020

Experts Reaction On Australia Targeted By ‘Sophisticated’ Cyber Attack – By ‘State-based’ Actor

Australia, and other states worldwide need to use this as a stark reminder of the importance of protecting their critical infrastructure.

The notion of nation state hacking is not a new phenomenon and in recent months we have seen a drastic increase across the board. Many organisations and, indeed, governments have been under incredible pressure during the outbreak of COVID-19, and many nation-state actors have seen this as a perfect crisis to exploit. Despite not knowing full details of the culprits behind the cyber-attacks on Australia, one thing is certain. No organisation is exempt. The attacks have spanned across various sectors including government, industry, political organisations, education, health, essential service providers and operators of other critical infrastructure. Australia, and other states worldwide need to use this as a stark reminder of the importance of protecting their critical infrastructure. It is paramount that organisations with any strategically useful information, whether in the public or private sector, prepare themselves to deal with highly sophisticated phishing, infiltration, and data leaking campaigns. Nation states need to begin to move towards a more unified national approach to cybersecurity based on information sharing communities rather than a fragmented, secretive, organisation-by-organisation approach. This will be the only way that we can begin to think about defeating the rapidly-evolving weapons deployed by those who would do us harm. Read Less

April 08, 2020

Businesses Need To Stay On The Front Foot: Expert Advise

Businesses also need to stay on the front foot as the situation continues to evolve.

With Coronavirus cases passing one million worldwide, most governments have now enforced remote working to ensure cases don’t continue to rise. Though this provides safety for workers, many malicious actors are using this to their advantage. Threats including phishing scams, malware and fake URL’s are now spiking due to people using their own devices and IT teams being less able to respond to threats in real time. Individuals and businesses need to ensure that they are protecting personal data and are dedicated to all aspects of security. We would urge people to exercise caution when accessing information about coronavirus and cast over a critical eye. Whether it’s reading about Coronavirus on social media or opening an email in their inbox. People must ask themselves – where has the information come from? Is this a trusted source? And, if you have received an email – do you know the sender and trust it? Businesses also need to stay on the front foot as the situation continues to evolve. They need a centralised platform that brings together relevant data from cases, response engagements, threat investigations, shared communities, and external vendors so they can quickly identify any new threats and act accordingly. Read Less