CloudXone Blog

The Fight For Cybersecurity: How Can Companies Minimize Risk Against Emerging Threats?

Posted by Andreas Bubenzer-Paim on February 14, 2020 at 8:45 AM

cyber security

Cybersecurity is no longer an issue only for the IT department. Today, I believe this must be top of mind for the entire enterprise.

Risks are no longer limited to hackers seeking confidential data from large financial institutions or retailers. Politically motivated attacks have been aimed at disrupting economies or destabilizing markets. And with the increasing use of ransomware, governments and organizations of any size can be targeted from anywhere. These global risks have placed the importance of cybersecurity at a whole new level.

It's estimated that there is a ransomware attack every 14 seconds somewhere in the world. By far, the single greatest vulnerability that companies continue to face is the infiltration of malware from phishing campaigns. Other vulnerabilities stem from the proliferation of IoT components, cloud storage and computing, and new data and financial apps that external vendors provide and install on the organization's system.

To battle the threat, I believe a dedicated effort must go all the way up to the C-level to ensure that everyone is put to the task because when an intrusion attempt succeeds, it's already too late. It can take hackers as little as 19 minutes to get into a system and up to eight hours for many companies to respond due to their obligation to internal processes.

Many larger companies install a variety of specialized solutions to protect themselves in different areas, and it seems that endless products answer very specific threats. Too often, though, that buildup of solutions from a multitude of vendors exacerbates the risk that each patch is intended to guard against.
 

Current Trends

While each technological advance can help mitigate current risk, it can also provide hackers with new sophisticated tools. Only by constantly assessing future threats can companies and industries hope to anticipate what protective steps they will need to take.

At CloudXone, for example, we confer with expert partners in the cybersecurity field, and we meet frequently with other financial services colleagues to discuss current and future risks and potential vulnerabilities.

This combination of current risks, future threats, growing awareness and technological advances has resulted in a rapidly changing landscape. As a result, several trends are currently taking shape, and I believe all of the trends—whether in the category of risk awareness or risk mitigation—are critical elements as businesses prepare for the future.

Security In The Cloud: 

Migration to the cloud is becoming impossible to avoid. As such, securing multiple cloud applications by container computing is vital even as it moves through third parties. To further lock down these hosted applications, identity management systems are incorporating homomorphic encryption technology.

Blockchain And AI Security: 

Only in the past few years have blockchain and AI security features been developed to empower cyber and risk identifiers. While still in their early stages, they are showing great promise. And with the addition of machine learning and deep learning, this larger cyber ecosystem is expected to increasingly empower robust security controls.

Working Together:

Financial institutions and other industries are increasingly banding together in joint projects and working groups to unite against cyberthreats. Although bringing together competitors to work cooperatively is challenging, each risk is shared by all.

Behavioral Analytics: 

Matching activity with customer profiles has become increasingly prominent in securing information, especially in areas such as financial transactions. While the added layer of protection (by matching a user's pattern against attempts to access information) has been valuable, there is also an added dimension of risk. If the database is breached, the information is as sensitive as when a biometric database is hacked.

Educating R&D: 

While cybersecurity awareness is growing, developers of new programs or products too often still fail to sufficiently consider cyber risks when they build something new. They are addressing the needs, or perhaps using open codes, without assessing the risks that might be present. But the recognition of this risk is increasing, and I expect more attention to be paid to this segment.

Four Tips To Remember

1. Employee Education: It takes only one employee to fall for a phishing campaign and to hurt the organization's cyber posture.

2. Effective Crisis Response Process: There is always a bureaucracy and processes you have to go through. But if you have it all automated, you'll have a much stronger and faster defense.

3. Know Your Enemy: Each large enterprise has threat intelligence technologies, but not all are using them efficiently to analyze who is targeting them and how.

4. Know Your New Tech: Many new technologies are implemented to offer customers a modern experience, but even AI, machine learning, fintech and cryptography have weak points.

Reason For Optimism

No amount of preparation can guarantee that hackers will fail in their attack on any organization. But with the more aggressive and cooperative approach we are witnessing industrywide, there is good reason to be optimistic.

Original Article posted on Forbes.com

FOLLOW US ON SOCIAL MEDIA.

Windows 7 Users Warned To Stop Using Online Banking and Emails ASAP by GCHQ

Posted by Victoria Woollaston on January 20, 2020 at 3:11 PM

Young man holding opened book with glass glowing light bulbs flying out

More than a decade since its launch, Microsoft is pulling support for
Windows 7.

From 14 January 2020, Microsoft will no longer be issuing updates for the operating system, which includes security patches and all technical assistance, and it has been urging users to upgrade to Windows 10 for months.

Now, the National Cyber Security Centre (NCSC) the public-facing arm of the UK government's intelligence agency GCHQ has taken things a step further, warning people running Windows 7 to stop using online banking, emails and other sensitive accounts as soon as possible to avoid being left vulnerable to hackers.

Out-of-date Windows 7 devices were said to have played a major role in the WannaCry scandal that hit the NHS in 2018, just to give you the potential scale of the risk.

In a statement issued to The Telegraph, a spokesperson for NCSC said it is encouraging people to upgrade any Windows 7 devices, adding:

"We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device and not to use them for tasks like accessing bank and other sensitive accounts. They should also consider accessing email from a different device."

A Microsoft spokesman added:

"If you continue to use an unsupported version of Windows, your PC will still work, but it will become more vulnerable to security risks and viruses. Your PC will continue to start and run, but you will no longer receive software updates, including security updates, from Microsoft."

Estimates suggest that almost half a million people are using Windows 7 globally, including a number of public and private sector organisations.

Microsoft announced it was pulling technical support for Windows 7 last year explaining at the time:

"Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences."

"The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and software updates from Windows Update that help protect your PC will no longer be available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available."

Until 2016, upgrading to Windows 10 from Windows 7 was free, however it now costs about 150 CAD for Windows 10 Home, 285 CAD for Windows 10 Pro and 445 CAD for Windows 10 Pro for Workstations.

In August, it was announced Microsoft would be providing at least one extra year of support for enterprise customers who upgraded to Windows 10 Enterprise E5, Microsoft 365 E5, or Microsoft 365 E5 Security yet this offer ended on 31 December 2019.

expertreviews.co.uk

FOLLOW US ON SOCIAL MEDIA.

CloudXone is at the intersection of your office and the Internet.

The Future is Friendly, So Are We!

CloudXone is an established, Toronto-based business technology consulting and service provider. Our client-first philosophy ensures the technology we put in place for you will be tailored for your use and will fit perfectly into your day-to-day operations.

Our Blog is a way to:

  • Stay on top of exciting tech updates
  • Get free advice on how to optimize your IT solutions
  • Meet the experts on our team and get to know us! 

Subscribe Here For Updates!

Recent Posts

Posts by Tag