What Every CISO Needs To Know

Uploaded on 2017-05-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Enterprises are under an endless stream of cyberattacks. The sophistication of these attacks is evolving, and the number is not expected to decrease. 

Any emerging technology, be it mobile devices and related BYOD policies, artificial intelligence and machine learning, or IoT, not only brings new opportunities but also widens the field of possible attack.

Nowadays, it’s not enough to just have a general view on the state of cybersecurity. People who are responsible for cybersecurity in an organization must grasp new cybersecurity threats and assess how they affect overall security posture and business in general. Based on these factors, they should prioritize specific areas and focus on protecting the most critical ones.

What Should Be On Your Radar?

In February, Crowd Research Partners released the 2017 Cybersecurity Trends Report. The results of the survey are far from encouraging. With 62% of respondents moderately to not at all confident in their security measures, it comes as no surprise that 54% of them anticipate more cyberattacks to be conducted against their organizations within the next 12 months.

The most concerning threats vary from widely known ones to those that came under the spotlight not so long ago. 

Examples include the Stagefright bug, a mobile-based threat that made its third appearance in 2016 and allowed cyber-criminals to hack Android smartphones, or a bug that affected the mobile management system of a German-based company and was used to wipe data from millions of devices. Sometimes, the danger of a threat tends to be underestimated when it seems more than familiar. Some of the most worrisome trends in cybersecurity are oulined below along with some steps you can take to prioritize dealing with each.

Insider Threats

Insider threats come in many forms. Usually, they are posed by malicious workers or former employees. Being one of the most well-covered topics, insider threats always top lists of corporate cybersecurity risks. According to the 2017 Cybersecurity Trends Report, 33% of respondents worry about this attack vector most, and about half of them consider detecting such an attack to be the most challenging task for their security operations center.

Their anxiety is actually not unfounded, as insider fraud may be costly to an organisation (we explain this in greater detail here). Exacerbating the problem is the fact that unlike the external malefactors, insiders have legitimate access to the network and services. 

What should be on your radar? Without a doubt, our crown jewels, such as ERP systems and various business applications, are the prime targets for insider threats. Being an insider means understanding the business processes of your financial or supply chain applications, which makes it extremely easy to conduct an attack on the applications. The attacker just needs to find a vulnerability or misconfiguration in the system to perform an attack, and there are thousands of them because these applications are insecure by design.

The protection measures that should be used against insider threats include analysis of user activity and different UEBA (user and entity behavior analytics) solutions.

Application Security

Since successful cyber-attacks on applications can lead to lost revenue and loss of reputation, enterprises’ application landscape is business critical. Companies are more and more concerned about the security of their applications.
According to the Crowd Research Partners report, the apps available on the internet are viewed as presenting the highest security risk by half of the respondents, followed by mobile apps (41%), desktop apps (34%) and business software such as ERP (Enterprise Resource Planning) (29%).

As for protection from attacks on applications, I recommend using training for your developers, specifically the OWASP Top 10 (the latest version was published just a few weeks ago). In addition, static and dynamic code analysis tools and WAF solutions are recommended. Gartner MQ's recent update of the top vendors in application security is a great source of information. Once a blind spot for a typical organisation, ERP security is growing into a separate area of cyber-security.
In the last five years, we have witnessed several cyber-attacks against business applications. For example, there was a well-known attack on USIS via a vulnerability in a SAP system managed by a subcontractor that my company reviewed. 

A year later the German Software Company SAP found security as a whole came under heavy scrutiny in the form of the US-CERT alert on a SAP vulnerability, which was released due to potential attacks on an SAP module widely exposed to the internet. And this is just the beginning. According to the Crowd Research Partners report, 89% of security professionals expect more attacks against ERP systems, and 30% anticipate a significant increase in these attacks.
ERP security is a complex topic. The best option I can recommend is to have a holistic view of it by analysing all areas: platform security, customization protection and SoD.

Data Protection

If something is valuable, hackers will try to steal it sooner or later. As for sensitive information, unless you live under a rock, you know that data theft or manipulation is a lucrative business. Sensitive information is literally the lifeblood of any enterprise, and its protection is a headache for any company.

Crowd Research Partners found that the types of data of which integrity security experts worry about most are the following: customer data (72%); employee data (66%); emails (54%); financial corporate data (46%); and contracts, invoices and orders (35%). By the way, as an expert in ERP systems and business applications security, I can say that such systems store and manage all the aforementioned types of data.

The most alarming finding is the fact that most enterprises feel they are unprepared for any kind of attack (including ones against their ERP systems) and anticipate their number to grow. So, it’s time to translate awareness into action. The list of threats an organisation faces are endless, so to reiterate: Prioritization is essential.

Forbes

You Might Also Read:

Directors Report January 2017. Cyber Security Checklist For Management (£):

CISOs Need Teamwork & A Strategic Framework:

 

 

« Microsoft, Kaspersky & Symnantec Weigh In On WannaCry Ransomware
Hackers Came, But the French Were Prepared »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

SecurityHQ

SecurityHQ

SecurityHQ (formerly known as Si Consult) is a Global Managed Security Service Provider (MSSP) that monitors networks 24/7, to ensure complete visibility and protection against your cyber threats.

Montimage

Montimage

Montimage develops tools for testing and monitoring networks, applications and services; in particular, for the verification of functional, performance (QoS/QoE) and security aspects.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

InfoSystems Inc

InfoSystems Inc

InfoSystems provides reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations.

Getronics

Getronics

Getronics guides customers through their own transformation journeys, leveraging an integrated and secure-by-design IT portfolio.

Positka FSI Pte Ltd

Positka FSI Pte Ltd

Positka, being a Splunk Singapore partner, provides Splunk & Phantom Services, Cybersecurity & Risk Management, Analytics & Big Data, Lean Process Optimization, and Managed Security Services.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.

Xeliumtech Solutions

Xeliumtech Solutions

Xeliumtech Solutions are a Digital Transformation partner with quality offerings in Mobile App Development, Ecommerce, Devops, RPA, AI, IoT development, Cybersecurity and more.

Exertis Cybersecurity

Exertis Cybersecurity

Exertis Cybersecurity is a sub-division of Exertis Enterprise. We provide market-leading cybersecurity solutions that help to address the cybersecurity challenges that organisations face today.