Weekly Cybersecurity Roundup#3

Hi everyone. I am a geek, and on a daily basis, I work with a great team and clients in the area of #cybersecurity (detect, respond, remediate), #eDiscovery and #analytics.?In a continued attempt to improve and add value to #infosec, #dataprivacy and #cybersecurity teams, here is weekly roundup #3 on trends and best practices.

?

1. ?A long journey for governments – but steps have been taken in the right direction. The US government is ramping up efforts against #cybercrime with a three phased approach. 1) Tracing of proceeds paid to hackers using #cryptocurrencies, 2) Offering a reward up to $10 million for information against state sponsored bad actors, and 3) Biden personally leading the charge and calling Putin, urging him to take countermeasures and provide co-operation. In what could be a related fall-out, REvil's site was down earlier this week, just days after the 2 hour long discussion between the two leaders. All nations across the globe are ramping up efforts against #cybercrime by amending antiquated laws, strengthening their cyber security strategy, developing awareness campaigns, recruiting talent and cracking down on cyber criminals.

?**India Update**: Earlier this month, Lt. Gen. (Dr) Rajesh Pant, National Cybersecurity Coordinator, said that the Indian government is expected to release a new cybersecurity strategy this year. That is crucial for India, which is one the countries most impacted by all kinds of cybercrime. More on this in a separate post!

2. 5G – does G stand for GREATER Risk? It will bring create a massive connected ecosystem of IoT and connected devices, cloud and internet services and virtualised networks, means a much larger attack surface. 5G architectures are essentially software-defined platforms, in which networking functionality is managed through software rather than hardware. This software-defined nature brings along with it several security concerns, and it is widely believed that as 5G grows, so will the risk of data breach/theft, outages and attacks. Recent attacks have highlighted supply chain vulnerabilities, and this (supply chain) is one of the areas that is most frequently exposed to cyber threats in the context of 5G.

?

3. Social media and internet monitoring – needed, or a double edged sword? Recently, Boris Johnson said tech firms would be fined for failing to stop "vile behaviour" on social media. His comments follow several England players being abused following the Euro 2020 final defeat to Italy. He also said that new laws would "force social media companies to take responsibility and action where this vile behaviour exists" or face fines. In recent times, tech giants have been pulled up for privacy and compliance related violations. There is constant pressure from most nations and their respective law-enforcement agencies to monitor, restrict, and propagate content. So, most social media platforms have started flagging and blocking content using AI filters. That said, the AI scene today still struggles to understand context or perception, causing quite a challenge. Surveillance and monitoring of social media and internet is surely a double edged sword. The quest to monitor and censor content, may in turn cause grave harm to privacy, free speech, information security and racial justice. A touchy topic, to say the least.

?

4. With WFH, is Insider threats back on security radar as the Primary Security Challenge? The role of insiders and human error in attacks and breaches cannot be overstated. This is a complex vulnerability with consequences ranging from ransomware to brand erosion. There have been many high profile employee theft incidents at many large companies and from a fraud triangle standpoint ((1) Opportunity, (2) Incentive, and (3) Rationalization), this really is the perfect storm. Actual loss of jobs, fears around job losses, weakened security controls because of WFH, and the ease of finding and moving sensitive data means a natural rise in insider incidents. We see early signs when we observe employees trying to download or access critical or IP related information, or when they request for access to such information. Using personal devices excessively and using personal email to share company data is another sign you should look out for.

?

While on the topic of Insider Threats, here are some best practices to prevent Insider Threats:

?1. Conduct regular cybersecurity awareness sessions for employees focused on password management, phishing email spotting and management, etc.

2. Identify those employees who don’t adhere to company policy and demonstrate how negligence could lead to serious problems for the company

3. Find/patch vulnerabilities, and safeguard IP and crown jewels via #ZeroTrust principles

4. Create incident response teams and incident response plans

?

That’s is for this time. More to come soon!

?#cybercrime, #ransomware, #privacy, #5G

?Disclaimer: All views expressed on this article are my own and do not necessarily represent the opinions of any entity I have been, am or will be affiliated.

?