Cyber Security

Cyber Security in phases -

• MFA
• Behavioral Bio metrics
• E-Mail Intelligence
• AST

Multi factor authentication (MFA)–

?

Why

• As organizations digitize operations and take on greater liability for storing customer data, the risks and need for security increase. Because attackers have long exploited user login data to gain entry to critical systems, verifying user identity has become essential.
• Authentication based on usernames and passwords alone is unreliable and unwieldy, since users may have trouble storing, remembering, and managing them across multiple accounts, and many reuse passwords across services and create passwords that lack complexity. Passwords also offer weak security because of the ease of acquiring them through hacking, phishing, and malware.

Example of MFA -

• Cloud-based authenticator apps such as Duo are engineered to provide a smooth login experience with MFA. They are designed to integrate seamlessly within your security stack. With Duo, you can:

• Verify user identities in seconds
• Protect any application on any device, from anywhere
• Add MFA to any network environment

How it work –

• MFA requires means of verification that unauthorized users won't have. Since passwords are insufficient for verifying identity, MFA requires multiple pieces of evidence to verify identity. The most common variant of MFA is two-factor authentication (2FA). The theory is that even if threat actors can impersonate a user with one piece of evidence, they won't be able to provide two or more.
• Proper multi-factor authentication uses factors from at least two different categories. Using two from the same category does not fulfill the objective of MFA. Despite wide use of the password/security question combination, both factors are from the knowledge category--and don't qualify as MFA. A password and a temporary passcode qualify because the passcode is a possession factor, verifying ownership of a specific email account or mobile device.

Benefits –

• Improved Trust – MFA helps secure systems against unauthorized users and their associated threats.
• Reduced costs – Preventing a costly and damaging attack on network resources.
• Easier logins – Easy to uge MFA processes help users log in more quickly.

Methods –

Inherent –

• This category includes biometrics like fingerprint, face, and retina scans. As technology advances, it may also include voice ID or other behavioral inputs like keystroke metrics. Because inherent factors are reliably unique, always present, and secure, this category shows promise.
• However, not all devices have the necessary software, processing power, and hardware features (such as microphones and cameras), so some users may not be able to take advantage of these advances in MFA usability and security.

Location-based and time-based

• Authentication systems can use GPS coordinates, network parameters, and metadata for the network in use, and device recognition for MFA. Adaptive authentication combines these data points with historical or contextual user data.
• These factors have the advantage of operating in the background, with very little input required of users, which means they don't impede productivity. However, since they require software and expertise to use, they are mostly suitable for large organizations with the resources to manage them.

Time-based one-time password (TOTP)

• This is generally used in 2FA but could apply to any MFA method where a second step is introduced dynamically at login upon completing a first step. The wait for a second step--in which temporary passcodes are sent by SMS or email--is usually brief, and the process is easy to use for a wide range of users and devices. This method is currently widely used.
• On the operational side, two-step authentication requires the use of software or an outside vendor to provide the service. As with the use of mobile devices as physical tokens, mobile networks can introduce their own security issues.
• The security key is generally a QR code that the user scans with a mobile device to generate a series of numbers. The user then enters those numbers into the website or application to gain access. The passcodes expire after a certain period of time, and a new one will be generated the next time a user logs in to an account.

Push-based 2FA

• Push-based 2FA improves on SMS and TOTP 2FA by adding additional layers of security while improving ease of use. It confirms a user's identity with multiple factors of authentication that other methods cannot. Because push-based 2FA sends notifications through data networks like cellular or Wi-Fi, users must have data access on their mobile devices to use the 2FA functionality.

?

?

?

?

…………………………….

?

Behavioral Biometrics –

?

• Behavioral biometrics are habits and proclivities humans develop over time, given their interactions with different devices. The related techniques used to capture and evaluate biometric behaviors can be extremely effective in evaluating whether the correct individual is logging into an account, or whether the individual’s behavior is consistent with that person’s normal patterns as opposed to those of a fraudster.
• Behavioral biometric verification methods include keystroke dynamics, swipe and touch analysis, mouse interactions and cognitive biometrics. They are distinct from physical biometrics, which involve measuring and identifying unique human attributes such as fingerprints, facial patterns, iris characteristics and voiceprints.

?

Understanding?

?

• Behavioral biometrics invisibly helps verify users by analyzing the way they physically interact with a website or mobile application. Every user has individual patterns that indicate their unique ways of browsing a website and using an app—and these patterns provide a strong foundation for establishing trust.
• Behavioral biometrics improves the ability to recognize trusted digital users and detect suspected fraud. This intuitive and non-intrusive technology supports more accurate customer recognition to allow organizations across multiple industries to:

• Prioritize personalized experiences for trusted users
• Apply appropriate levels of friction for specific touchpoints or higher-risk events
• Prevent complex types of fraud, including new account opening fraud, account takeover and scams

• Stopping fraud before it enters your digital ecosystem starts with confidently differentiating genuine transactions from suspicious activities. Behavioral biometrics is a passive and proactive way to identify and understand individual usage patterns at the start of a transaction so your business can:

• Detect signals of automation
• Isolate anomalies in typical behaviors
• Target typical fraudulent behavior

Types -

?

• Phone movement
• Touchscreen Behavior
• Keyboard Behavior
• Mouse Behavior

?

How to choose a good Behavioral Biometrics solution –

?

• Identify high-and low risk users and transations
• Find previously unidentified suspicious behaviors
• Empower risk based authentication
• Deploy a seamless user – behavior verification users
• Get powerful security controls to passively assess interaction without imposing roadblocs or friction.

.........................

?E-Mail Intelligence for Security

?How can email messages be compromised –

While many cybersecurity professionals are aware of common email security threats like?phishing ,?ransomware , business email compromise, and other inbound threats, it's important to also consider data protection and securing outbound traffic. In short, implement measures to prevent users from sending sensitive data through email to external parties. There are four main components of an email message that can be compromised or manipulated –

?

• The body of the email
• The attachments of the email
• URLs contained within the email
• The sender's email address

?

What are email security best practices -

Email security best practices include the use of a robust email security posture that contains layers of security measures, including effective security intelligence across your entire architecture, retrospective remediation, and encryption to prevent data leakage among other features.

?

Types of email security best practices –

• Run regular phishing exercises – Your employees are your greatest defense against phishing, especially the most tailored phishing attempts. Employees who can learn to recognize a phishing attempt outright can stop the number one source of endpoint compromise.

• Use multifactor authentication - In the event that a corporate email account's credentials are successfully stolen, multifactor authentication can prevent an attacker from gaining access to the account and wreaking havoc.
• Implement safeguards to quarntine and remediate threats - Message quarantine functionality is useful to hold a message while a file attachment is analyzed prior to either releasing the message to the recipient, removing the malicious attachment, or removing the message completely. Email remediation helps if a file is detected as malicious after delivery to the recipient. It allows you to go back and quarantine the message with a malicious attachment from within a mailbox.
• Harness threat Intelligence - External email threat feeds in Structured Threat Information Expression (STIX) are now commonly used by email security products, which is helpful should an organization want to use a vertical-focused threat feed beyond the native threat intelligence in the product.
• Consider an integrated cybersecurity solution - Integration of email security with broader security portfolios is also becoming common to determine if advanced malware or messages in an environment may have been delivered to particular users or inboxes.

E Mail Intelligence for business

?

Using email intelligence, you can instantly discover who your customers are and what they care about. You’ll also be able to identify their preferred point of contact, giving you the power to craft messages and offers that are tailored directly to them.?

A typical email intelligence field includes:

• Demographics : Age, Gender, Name, Postal Address
• Household: Income, Marital Status, Presence of Children, Home Market Value
• Purchase Intent : Kids and Babies, Clothing, Electronics, Furniture
• Life Stage: Millennial, Expecting, Engaged, Mom
• Lifestyle: Gamer, Cord Cutter, Beauty Seeker, DIY-er
• Buyer Type: Deal-Seeker, Online Buyer, Big Spender, Holiday Shopper

?

Benefits of E Mail – Intelligence

·?????? Improved Email Campaign Performance

·?????? Automated Email Tracking & Reporting

·?????? Improved Customer Insights

·?????? Real-Time Email Automation

·?????? Identify Your Target Audience

·?????? Craft Personalized Messages

·?????? Analyse Email Performance

·?????? Implement Email Automation

·?????? Optimize Email Campaigns

?

Ultimately, email intelligence is an essential tool for any business looking to succeed in the world of marketing and sales. Email Intelligence allows businesses to better understand their customers, target the right people at the right time, and craft messages that will drive higher engagement and conversions.?With Email Intelligence, businesses can improve customer relationships and increase revenue in an efficient manner.?

.............

AST (Application security tool)

Decision factors -

With Regards

Ajay Kumar

?