On December 1, 2016, the Commission on Enhancing National Cybersecurity presented the President of the United States with its Report on Securing and Growing the Digital Economy.[1] The commission had been tasked by the president to offer actionable recommendations for securing and growing the digital economy.

In its report, the commission highlights the need for the Internet, interconnections, and openness in this age of information technology. The commission also examines the challenge of security as a conflicting objective in this environment. There is no doubt of the link between IT advancements and IT security issues. The report suggests changing the current approach while maintaining balance between IT advancements and security; i.e. we should be further committed to cybersecurity but also remain committed to innovation, for the sake of a prosperous digital economy. If every enterprise takes care of its own security, the country as a whole becomes more safe and secure. This is only possible with increased coordination between the public and private sectors against today’s cyber risks.

Read More

Ransomware has been listed as one of the looming cybersecurity threats of 2017.[1]According to Osterman Research, 50% of 540 surveyed organizations had been through a ransomware nightmare in the past year, and just 4% of respondents from US organizations were very confident about preventing future ransomware attack.[2] As per Symantec, after dipping in the first quarter of 2015, overall ransomware infection numbers began to climb in the fourth quarter, spiking in October and November 2015 and again in March 2016.[3]

The danger of ransomware comes from its ability to infect a system, making the system’s data unusable by legitimate users, and then demand the victim to pay ransom in order to regain access. Simple ransomware may only lock the system or stop one or more applications before displaying instructions for paying ransom. Another variant makes the system unbootable by fiddling with the master boot record. However, the most common, advanced ransomware may encrypt all or critical data on the system and ask ransom for the decryption key.

Read More

Rapid advancements in the field of IT have brought new meaning and value to cybersecurity. Due to the modern-day cyber threat spectrum, enterprises are ready and willing to improve their cyber defenses. But what actually leads to a security breach in an otherwise well-prepared and security-cautious organization? More often than not, security breaches emanate from enterprise staff’s own follies. Institute of Information Security Professionals (IISP) polls show that 81% of security problems are generated by people.[1]

Certain activities are likely to compromise enterprise cyber defenses and lead to some sort of security disaster. Though not an exhaustive list, these are some of the most frequent activities commonly undertaken by staff due to complacency, casualness and ignorance.

Read More

The information technology threat environment is constantly reshaped as new threats and vulnerabilities bring new cyber-attack and security patterns. Defending against these new threats requires maintaining a constant watch on the threat spectrum, taking time to understand recent information security-related events. Insight into previous mistakes and successes enables us to move forward, reasonably enlightened.

One useful cyber resource for top management, executives and IT professionals is Symantec’s Internet Security Threat Report (ISTR) – 2017, published in April. ISTR provides a statistical overview of cyberattacks from the last few years, highlighting the most prevalent previous and upcoming threats and attacks.

Read More

The Internet of Things (IoT) is enhancing the scope of global connectivity. Beginning with ARPANET and evolving into the giant called the Internet, computers, networks, organizations and mobile devices are now effectively connected. However, the advent of IoT promises to extend that connectivity to everything, from household devices and wearables, to cars and health equipment. As more entities become part of the global network, the attack surface of this network is increasing exponentially. Attackers can find security loopholes more easily in one of the billions of connected things, compared with the millions of computing machines and mobile devices that have already been part of the Internet. This increased attack surface highlights why IoT security must be a top priority for anyone involved with information technology.

Read More