Category Archives: Uncategorized

Why Cybersecurity Will Never Be the Same After the Russian Invasion

After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than ever. The most prominent example is of course Russia’s invasion of Ukraine.” It is “nothing less than a fundamental challengeContinue reading “Why Cybersecurity Will Never Be the Same After the Russian Invasion”

June 22, 2022 by Kristin HardyYou might think your run-of-the-mill privacy and cybersecurity training is sufficient. You might think that by “checking the box” on generic training you have fulfilled your duty and obligation to mitigate data privacy and cybersecurity attacks. You might think that general malware protection adequately secures your company’s data and you can move on with your everyday business efforts without concern.Think again.Human error continues to be the number one driver of data breaches. Over 85% of all data breaches are caused by an employee mistake. (Source: Psychology of Human Error by Stanford University Professor Jeff Hancock and Tessian, a cybersecurity firm.)“Human error” can take many forms from the use of stolen credentials and misuse of company information to phishing or malware links. Cybercriminals and hackers have developed advanced and creative tactics in efforts to access and steal confidential information. Malware attacks, for example, are attacks where hackers attempt to infiltrate networks, individual computers, and mobile devices with malicious software. An unassuming click to open a link or download software is all it takes to enable a malware attack. Social engineering tactics are often used  to get employees to send bank account information, provide usernames and passwords, among other confidential information. Psychological manipulation is the bread and butter of social engineering. Such efforts intentionally target human interactions by tricking persons into thinking they are receiving an email from a trusted source, perhaps a friend or a business partner. Email content may consist of an urgent request, portray legitimate branding to make the email appear trustworthy, request your “verification” of information, or pose as a boss or coworker.Employees need to be trained and continuously reminded to be mindful when conducting business. Technology can only take us so far in protecting businesses and securing information from cybersecurity attacks, especially with respect to social engineering. In the hustle and bustle of everyday business, it is easy to flit from email to email, shooting off quick responses without even glancing at the subject line, or the name or email address of the sender. Some of the simplest requests from a seemingly innocuous email can lead to the leak of very valuable information. Do you recognize the sender’s email address? Are there spelling mistakes in the content of the email? Is the company or individual name familiar to you?Cybersecurity attacks can be incredibly costly, causing financial, mental, and emotional heartache from the click of a button. Aside from financial ramifications, data breaches and cybersecurity attacks may reflect negatively on your business’s reputation, cause you to lose clients or customers, and may even lead to significant litigation proceedings and hefty government fines from breach of regulatory violations.The best approach in managing privacy and cybersecurity training is a proactive one. A primary goal should be to create a smarter, more attentive security culture within your business.Create a culture of awareness and attention to privacy and cybersecurity matters.Establish clear guidelines, expectations, and training for your employees regarding data security and privacy. Keep privacy and cybersecurity risks and related knowledge top of mind by providing bi-monthly or quarterly training or cyberattack campaigns to create a smarter, attentive security culture.Train employees to recognize and report (internally) social engineering tactics, phishing emails, and other scams.Train employees on the importance of specific categories of data (like Social Security numbers and credit card information).2. Emphasize that cybersecurity is everyone’s responsibility.Companies must stress the importance of privacy and cybersecurity to every employee in the company. It cannot be the sole responsibility of the IT department to keep company data secure. Even the best IT department practices can be undermined when employees fail to follow best practices regarding data management and cybersecurity risks. Employees must be trained to understand the importance of data management and cybersecurity risks to the company. Disclosing confidential and valuable information could trigger data breach notifications procedures under state and federal law and cause severe financial loss, and incalculable reputation damage to a company. Every employee needs to regard data management and cybersecurity risks as a priority. And, yes, employees should be held accountable for failures to comply with applicable policies and training.Develop an Incident Response Team (IRT). It’s a matter of when, not if.Be prepared. Develop an IRT if you don’t already have one. In today’s day and age where technology rules, a cyberattack is a matter of when, not if. Cybercriminals are persistent in their efforts: your time may be coming. It is advantageous to run simulations and train employees on how to handle a breach or some other cyberattack when it happens, for example:Confirm the breach and determine what information was compromised.Assess the severity of the damage.Prepare and begin the notification process (to parties subject to the breach), if applicable to the type of data that was comprised.Take actions to prevent a reoccurrence of the same incident by implementing more robust employee training, as well as technological security measures.The longer it takes to respond to a cyberattack, the more costly it becomes.The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances

Tamkeen signs with Beyon Cyber to train and hire cybersecurity specialists under SANS programJune 18, 2022Following the strategic agreement with the world-renowned provider of cybersecurity training, SANS Institute, Tamkeen signed a strategic cooperation with Beyon Cyber to provide quality job and training opportunities for 20 Bahraini cybersecurity professionals where they will be able to utilize their acquired knowledge and skills into practice in a real work environment. The signing took place during ELEVATE, a major technology forum hosted by the Beyon Cyber entities, which took place recently at the Ritz Carlton.This announcement is the first of more planned partnerships with key leaders in Bahrain’s private sector, designed with the purpose of providing the SANS cybersecurity graduates with quality training opportunities that can support their growth and development and enable them to build sustainable careers in a high-demand field. Cybersecurity professionals are currently among the most sought after in local and global job markets, hence the wide range of opportunities that will be available to Bahrainis attending the SANS Institute training courses.On this occasion, His Excellency Husain Mohamed Rajab, Chief Executive of the Labour Fund (Tamkeen), emphasized Tamkeen’s commitment to empowering the national workforce to become competitive both locally and internationally in alignment with the leadership vision and the national economic recovery plan. He stated: “We are pleased to partner with Beyon Cyber to foster quality opportunities for Bahrainis and we will continue to develop active partnerships within the Kingdom’s ecosystem to cater to the growth requirements of both enterprises and individuals. Supporting training and employment for Bahrainis provides our national workforce with sustainable career paths and builds an accessible talent pool for enterprises to tap into and power their productivity and sustainability, fulfilling our mandate of achieving a more productive private sector that drives national economic growth”Beyon Cyber is one of the key private cyber security organizations in Bahrain, and shared Tamkeen’s vision when it comes to empowering young Bahraini talent with the needed cyber security training. For his part, Beyon  Cyber CEO Dr. Shaikh Khalid bin Duaij Al Khalifa, said: “Tamkeen plays a vital role in the upskilling and development of Bahrainis to cater to the rapidly changing market demands and address growing skill gaps that challenge productivity and dynamism in enterprises. We strongly believe in the abilities of Bahraini talent and look forward to seeing them realize their full potential within our ranks.”This agreement is aligned with Tamkeen’s recent strategic transformation that aims to drive greater economic impact. As part of the transformation, Tamkeen rolled out 16 programs designed to help enterprises and individuals reach their highest potential, as well as several strategic partnerships with local and world-leading organizations to maximize the impact of these programs. As the transformation journey continues, Tamkeen will build on this momentum and introduce more programs and initiatives in response to the market needs.-Ends-

Hunters Named Snowflake Cybersecurity Partner of the YearLAS VEGAS, June 14, 2022 (GLOBE NEWSWIRE) — Snowflake Summit — Hunters today announced that it has been named the 2022 Cybersecurity Partner of the Year award winner by Snowflake, the Data Cloud company. The award was presented this week at Snowflake Summit 2022 ‘The World of Data Collaboration.’Hunters was recognized for the company’s achievements as part of the Snowflake Data Cloud, helping joint customers detect and respond to threats that matter across the attack surface faster and more reliably than Security Information and Event Management (SIEM) solutions. Hunters SOC Platform, which is Powered by Snowflake, removes the complex challenge of data engineering when ingesting security data into a Snowflake data lake, allowing security teams to focus on threat detection and response. Through built-in detection engineering, data correlation and automatic investigation, Hunters SOC Platform helps teams overcome volume, complexity and false positives.According to Aaron Cooper, SOC manager at TripActions, a global travel management company, “We leverage Hunters SOC Platform and Snowflake to unify data spread across security tools and run analysis and investigations while minimizing data ownership costs. Working with both platforms has allowed us to detect and respond to threats faster and more effectively,” he said.“Hunters is extremely proud to receive this recognition of being named Cybersecurity Partner of the Year by Snowflake,” said Chris Sullivan, head of Alliances and Channels at Hunters. “Over the past year, we’ve shown unique value to our joint customers by enabling security teams to adopt Snowflake’s data lake offering and achieve better efficiencies at the SOC.”“We are excited to announce Hunters as Snowflake’s Cybersecurity Partner of the Year,” said Omer Singer, head of Cybersecurity Strategy, Snowflake. “Hunters have delivered effective automation for security operations, from data collection to detection and response. By operationalizing the potential of the Snowflake Data Cloud for SOC workflows, Hunters is bringing real value to the Snowflake cybersecurity ecosystem and we look forward to strengthening our partnership in the service of our joint customers.”Hunters’ CEO Uri May, together with Aaron Cooper, will present at the Snowflake Summit session “Aligning Your Data Lake with Security Operations” on Wednesday, June 15th at 12:00 PM PT.Learn more about Hunters and Snowflake here. Hunters Named Snowflake Cybersecurity Partner of the YearAbout HuntersHunters SOC Platform empowers security teams to automatically identify and respond to security incidents across their entire attack surface. We enable vendor-agnostic data ingestion and normalization at a predictable cost. Our built-in detection engineering, data correlation, and automatic investigation helps teams overcome volume, complexity, and false positives. Hunters mitigates real threats faster and more reliably than SIEMs, ultimately reducing customers’ overall security risk. Learn how enterprises like Booking.com, Snowflake, Netgear and Cimpress leverage Hunters SOC Platform to empower their security teams at https://hunters.ai. Hunters is backed by leading VCs and strategic investors including Stripes, YL Ventures, DTCP, Cisco Investments, Bessemer Venture Partners, U.S. Venture Partners (USVP), Microsoft’s venture fund M12, Blumberg Capital, Snowflake, Databricks and Okta.Hunters was recognized as the SC Media 2021 Trust Award Finalist for Best Threat Detection Technology and winner of the CISO Choice Awards: Security Analytics and Security Operations.Media Contact:Deb MontnerMontner Tech PRdmontner@montner.com A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/fa9067b5-3b6f-4c32-9b98-0f2be70611da

33% of cybersecurity leaders name zero trust their top priorityThe Zero Trust Impact Report from Illumio and The Enterprise Strategy Group (ESG) surveyed 1,000 information technology (IT) and security professionals in eight countries about their cybersecurity landscapes and the impact of zero trust on their organizations.Prevalence of cyberattacks, ransomwareThe report discovered that 47% of security leaders do not believe they will be breached, despite increasingly sophisticated and frequent attacks. In the past two years alone, more than three-quarters of organizations surveyed (76%) have been attacked by ransomware and 66% have experienced at least one software supply chain attack. Respondents say software supply chain attacks (48%), zero-day exploits (46%) and ransomware attacks (44%) are the three cyber threats posing the most risk to their organizations. Thirty-six percent of respondents have been the victims of a successful ransomware attack over the past two years. What’s more, 82% of respondents who were victims of a successful attack paid a ransom, with the average ransom netting $495,000.In the Executive Order on Improving the Nation’s Cybersecurity, the Biden administration made clear the importance of zero trust strategies for U.S. organizations facing cyberattacks. Ninety percent of security leaders report zero trust is one of their top three cybersecurity priorities, and 33% say zero trust is their top cybersecurity priority.Thirty-nine percent of all security spending over the next 12 months is earmarked to advance zero trust initiatives, according to the report.For more information, click here.

Design a site like this with WordPress.com
Get started