CYBER SECURITY CONSULTING SERVICE AWARDS AND RECOGNITIONS
CyberSecOp's comprehensive managed security services, cyber security consulting, professional services, and data protection technology are recognized as industry-leading threat detection and response solutions by major analyst firms, key media outlets, and others.
Cybersecurity Awareness Month 2022
What is Cybersecurity Awareness Month?
Cybersecurity Awareness Month was founded in 2004 as a collaborative effort between the government and private industries to raise awareness about digital security and empower everyone to protect their personal information from digital forms of crime. It also aims to increase the resiliency of the country during a cyber threat.
Cybersecurity Awareness makes the community more aware to recognize, reject and report threats. Organizations can protect their users from being scammed and safeguard the organization.
When is Cybersecurity Awareness Month?
October is known as National Cybersecurity awareness month. It's an international campaign.
What is the history behind Cybersecurity Awareness Month?
In 2004 the President of the United States and Congress declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.
Facts and figures
42% of schools have students or employees that circumvent cybersecurity protections (Impact My Biz)
Nearly three-quarters (74%) of ransomware attacks on higher education institutions succeeded due to a lack of awareness (Inside Higher Ed)
Ransomware attacks on U.S. schools and colleges cost $6.62b in 2020 (darkreading)
95% of cybersecurity breaches are caused by human error. (World Economic Forum)
69% of Companies’ Are Increasing Their Investments in Their Cybersecurity Budgets (Global digital Trust insights report
APWG (Anti Phishing Working Group) Reports That Website Phishing Attacks Have Tripled Since Early 2020
88% of Businesses Experienced a Ransomware Attack
What are some examples of past Cyber-attacks?
The most recent well-known attack was the Colonial Pipeline (May 2021). The pipeline from Houston to the southeastern United States suffered a ransomware attack that took over key components of the computer software used to control the pipeline. This attack was singlehandedly the largest attack on oil and gas infrastructure in U.S. history. The attack led to panic buying of gasoline in the southeast, which caused shortages in some areas. Anthem (2015) a U.S. healthcare company, sustained what at the time was the biggest data breach in U.S. history. Hackers gained access to patient names, Social Security numbers, birthdays, addresses, emails, employment information and salary data.
The National Basketball Association (NBA) was hit with a cyberattack in 2021. In mid-April of 2021, the hacker group Babuk claimed to have stolen 500 GB of confidential data concerning the Houston Rockets. Babuk warned that these confidential documents, including financial info and contracts, would be made public if their demands were not met. As of this posting, no ransom payments have been made.
REvil, the same hacker group made headlines in July with an attack on Kaseya. Kaseya manages IT infrastructure for major companies worldwide. Similar to the attacks on Colonial Pipeline, this hack could potentially disrupt key areas of the economy on a large scale.
REvil carried out this attack by sending out a fake software update through Kaseya’s Virtual System Administrator, which infiltrated both Kaseya’s direct clients as well as their customers. According to REvil, one million systems were encrypted and held for ransom. Kayesa, stated that around 50 of their clients and around 1000 businesses were impacted. REvil demanded $70 million in bitcoin. To illustrate the impact of the cyber-attack, Coop, a Swedish supermarket chain, was forced to close 800 stores for a full week.
Soon after the attack, the FBI gained access to REvil’s servers and obtained the encryption keys to resolve the hack. Fortunately, no ransom was paid, and Kaseya could restore its clients' IT infrastructure. Although it started as one of the biggest ransomware attacks of the year, the situation was salvaged in the end.
How should you and others stay safe?
· Always use Antivirus
· For younger kids use Parental Controls
· Never download random files or software
· When you can Use Two factor authentication
· Keep your software up to date
· Complex Passwords
· Don’t click on any links or attachments in texts, emails, or social media posts
· Don’t connect to unfamiliar Wi-Fi networks
· Only visit secure websites (HTTPS)
· Try not to overshare information (social media)
· Use a VPN
Three Reasons Why You Need an Incident Response Solution
Imagine the following scenario: you arrive early to work in the morning, plop down at your desk with coffee in hand, and log in to your computer. You’re excited to start working on a big project, but first you are greeted with this message:
Quickly, you dash over to a colleagues’ desk. They too, have the same message on their desk. You try dialing your IT department, but they don’t start until normal business hours.
What do you do? Where do you even start?
It’s easy to think that the above scenario would never happen to you. In reality, a 2020 survey of 600 businesses in the United States revealed that a staggering 78% had been infected with ransomware that year. The average cost of recovering from a ransomware attack has spiked to $1.85 million in 2021!
Ransomware isn’t the only threat to your business continuity. In February 2021, the state of Texas suffered massive power outages due to a severe winter storm. At least 151 people died as a result. Property damage has been estimated at more than $195 billion.
What do these scenarios have in common? They demonstrate the need to prepare for the worst; this is the essence of Incident Response.
What is Incident Response anyway?
Every organization needs to have an Incident Response Plan (IRP). The team that executes the IRP is the Computer Incident Response Team (CIRT). The most important feature of both the IRP and CIRT is that they are clearly defined before the incident takes place! Disaster recovery is hardest when preparation is lacking.
The Incident Response Plan details who does what if an incident does happen. This can include using alternate systems, notifying stakeholders, or restoring from backups.
Perhaps the most important part of the Incident Response Plan is the postmortem. Now that you’ve recovered, what will you do in order to ensure that attackers won’t attack again using the exact same methods? The Incident Response Team will identify what door the attackers used to get in and make sure it stays shut.
Why do I need Incident Response?
I’m so glad you asked. Here’s three reasons why you need Incident Response for your organization:
1. The probability of an incident has never been higher.
Ransomware is pervasive. At this point, we need to ask ourselves not “will I get breached?” but “when will I get breached?”
A proper defense has multiple layers. Having a fence around your house is nice, but you’ll still have homeowners’ insurance. Incident Response is a way to mitigate the risks of ransomware that we can’t avoid.
2. The cost of an incident has never been higher.
How much would it cost to replace your entire infrastructure? The nasty aspect of ransomware is that, in some cases, the only way to ensure that the attackers have been completely removed from your environment is to start from scratch. This means replacing every workstation and server in your organization.
Sometimes, there simply isn’t a price to pay; there may not even be new hardware available to purchase with a global silicon chip shortage.
3. You can’t afford not to.
Every business owes itself to do a risk analysis of a ransomware attack. What would be the cost of not doing business for an hour? A day? A week? You will find that incident response is a necessary piece of the plan for protecting your assets and business continuity.
CyberSecOp is a leader in the Incident Response field. CyberSecOp consultants are cyber incident response subject matter experts who have collaborated on numerous security projects and operational improvement initiatives. We will support your security operational activities by helping to develop an incident response plan and work with your IT team to mitigate any potential risk. Our teams will create investigative processes and playbooks. In addition, we will be responsible for continuously identifying gaps and managing the improvements in the security response process, technologies, and monitoring. Working closely with internal architecture, engineering, and project management teams will ensure cyber-defense requirements are identified and communicated early in the project life cycle.
Security incident response services with CyberSecOp
Support cyber incident response actions to ensure proper assessment, containment, mitigation, and documentation
Support cyber investigations for large- and small-scale security incident breaches
Review and analyze cyber threats and provide SME support
Interact and assist other investigative teams within on time sensitive, critical investigations
Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents
Manage the security monitoring enrollment process to ensure adequate coverage and effectiveness of all new and existing cloud- and on-premise-based applications, services and platforms
Maintain detailed tracking plan of all internal/external enrollment outcomes/recommendations and provide support through to implementation
Act as a liaison between cyber-defense, engineering, security architecture, network & system operations, and functional project teams to ensure effective project implementation that meets incident response requirements
Define baseline security monitoring requirements for all new projects, services, and applications joining your organization's network
Facilitate the development and tuning of SIEM rules to support enrollments and ensure high fidelity alerting
Don’t delay in ensuring that your business can survive any threat. Join CyberSecOp on your journey towards a safe and protected future.
Author: Josh Cabrera
Achieve an Effective Security Awareness Program
For any company, especially technology-oriented ones, being aware about the cyberthreat landscape is critical. There is often the mindset that most cyberattacks can be warded off by procuring and implementing the latest security technologies, and relying on consultants and internal resources to police implementation.
While this passive strategy may yield a certain level of effectiveness, it also takes a high level of active, participatory security awareness on part of both employees and management in order to 100% fortify the lines of defense around the business or corporation.
STEPS TO ACHIEVE AN EFFECTIVE SECURITY AWARENESS PROGRAM
1. The Major Orienting Components – A comprehensive, participatory information security awareness program should have as its three foundational pillars the principles of confidentiality, integrity, and availability. While the first two terms speak for themselves, the third is often misapprehended. Here, it refers to the organization maintaining a comprehensive system of controls over information security such that employees can be assured of having access to all information necessary to perform their roles without risk of breach.
2. The Protection of Corporate Resources - “Corporate resources” does not just refer to digital assets — it also refers to physical assets, such as paper documents. A security awareness checklist should include the proper usage of document-shredding machines and how the shredded documents should be disposed of.
3. Protection of Corporate Facilities - Employees should be trained not only in how to look for suspicious behavior from the outside, but from the inside as well. This will ensure against unauthorized personnel gaining access to the premises for purposes of mounting internal attacks against the information infrastructure.
4. The Formal Security Awareness Training Program – The corporation should maintain a comprehensive security awareness training program and all employees, irrespective of position with the organization and/or function, should regularly participate.
5. Determining Levels of Responsibility and Segregation of Duties – All employees involved in the day to day management of security over the corporation’s digital and physical information assets should have their roles clearly defined and responsibilities enumerated and documented in a comprehensive ‘R & R’ policy.
CyberSecOp Security Awareness Courses specializes in helping employees understand the mechanisms of spam, phishing, spear-phishing, malware, and social engineering and are able to apply this knowledge in their day-to-day job. Our Security Awareness training solutions effect meaningful, sustainable changes in any workforce. With CyberSecOp Security Awareness Training, employees are not just aware of the dangers presented by an ever-changing threat landscape: they’re empowered to protect your organization from them.
AUTHOR: RICH FIORE