Welcome to the 'Cyber Security Loop' news #4!
John Reeman
Cybersecurity for Law Firms. I help protect your people, client & sensitive data & assets from cybercriminals, freeing you to focus on what matters — closing deals, winning cases & serving your clients with confidence.
Perspectives and opinions on the world of cybersecurity and the current threat landscape here in Australia and from around the world.
It’s already September! The data privacy law rumours are circulating that the Australian government will introduce a 'slimmed down' version of a bill to amend the Privacy Act this week or sometime this month maybe who knows?!
Over the last few months, I've assisted with several incident response cases involving impersonation fraud and business email compromise.? The businesses involved were different in size and industry, but they all had one thing in common: handling and processing reasonable amounts of money.? This makes them attractive targets for cybercriminals who engage in social engineering to steal credentials (usernames and passwords) to gain access.? They typically watch and wait and then pivot into the email chain to divert funds.? In all of the cases I was involved with, fortunately, the clients' account team stopped the payments due to having a thorough manual check to verify bank details.? But often, this is not the case, and when the victim does find out, it is too late to recover funds.? I've included some tips on the lessons learned from these incidents below.
Tips
Here are some general tips of what you should be doing to protect your organisation from business email compromise fraud and other attacks.
? If you are still using a single factor (just a username and password) to access any of your online systems you will be compromised!? So enable MFA!
? Use a good password manager for all of your passwords.? 1Password or Bitwarden are good ones to choose.? These are good for both home use and business.
? Do not store passwords in plain text.? If you need to share passwords with external parties then use a secure system to do so and make sure the data is encrypted.
? Trust your instinct, AI and the grammar of attackers is getting better so if it is to good to be true, then it probably is!? So don’t click.
? Turn on cloud audit data. These logs are so powerful in acting as an early warning system for your organisation about suspicious activity. They are also essential for incident response to determine what happened. In all of the cases I was working recently M365 Audit logs were not configured correctly and not collecting data beyond 30 days.
? As a minimum you should have 90 days of log data and ideally 12 months.
领英推荐
Tool
I’m going to assume here that most people have had a brush with AI or GenAI over the last 12 months; I certainly have had a dabble with ChatGPT and Google Gemini.?
Some of you may even have heard of Retrieval Augmented Generation, or RAG for short! It’s a way of enhancing the accuracy and reliability of GenAI models (LLMs) while keeping the data source protected and private. Anyway, Vectara is a really cool tool that looks promising for ending hallucinations, copyright concerns, minimising bias, enhancing explainability, and broadening cross-lingual reach. Plus, it has some solid security protections, too!
It’s not a complete solution, think of it as more of an essential building block to enhance your AI solution.?
You can check out the tool below and an easy way to explore the power of RAG for your documents is to use the Vectara Portal which is a no-code environment. https://vectara.com/blog/introducing-vectara-portal/
?????? ??????????:
Expert Witness solution - https://expertsdirect.com/
Legal Search - Oqood.ai (https://oqood.ai/search/classic)
Resource
I’ve recently been reading a great book on negotiation tactics by Chris Voss, “Never Split the Difference - Negotiating as if your life depended on it”.? It’s about his experience as a former FBI hostage negotiator, and offers a new, field-tested approach to negotiating effectively in any situation.?
You can check it out here on Amazon:?https://tinyurl.com/mu9kxezz
Quote
“You are who you are meant to be. Dance as if no one’s watching. Love as if it’s all you know. Dream as if you’ll live forever. Live as if you’ll die today.” - James Dean
Director at PharmOut | FANZCAP (Medsafety, PublicHlth) | Medicine and Medical Device | Clinical Trials | Risk Management | Auditor 9001 & 42001
6 个月Hi John Reeman. Great insights on the cybersecurity landscape! Your practical tips for preventing business email compromise are important for all organizations. Sharing lessons from real incidents is invaluable. Thanks for the article.
Generative AI Advisor / Negotiation & Dispute Resolution Expert
6 个月Hi John Reeman, insightful security news letter with some helpful tips as usual. Thank you for mentioning Vectara's enterprise RAG offering in your newsletter. I think the legal / LegalTech industry will be one of the most impacted with LLMs and GenAI. The two use cases you referenced show the power of RAG in a data architecture for legal datasets. Subtle RAG touch that makes a big business impact! ??
Co-Founder of Altrosyn and DIrector at CDTECH | Inventor | Manufacturer
6 个月Hashtags are a blunt instrument for reaching an audience in the complex world of cybersecurity. I think true engagement comes from nuanced discussion, not broad categorization. How do you reconcile the need for accessibility with the inherent complexity of explaining advanced threats to a general audience?