Risk management - Articles - Page 181

Risk Management

Don’t discount the risk of deepfakes to the enterprise

Many security researchers are now predicting that deepfakes could become a major security threat in the 2021-2022 period. Where is the threat and what can you do about it?

Darren Thomson

April 14, 2021

In recent years, there has been a recognition that social engineering plays a huge part in the execution of cybersecurity attacks. The intersection of “non-physical” and “technical” social engineering is where criminals are mostly focused today. Enter deepfake technology, which poses a looming risk over enterprises and their security leaders as they figure out how to prepare for and mitigate such a risk.

Research finds sharp increase in Initial Access Brokers listings

April 14, 2021

Since Digital Shadows published its first report last year, Initial Access Brokers: An Excess of Access, the company has continued to closely monitor the IAB criminal category. Where it tracked roughly 500 IAB listings in all of 2020, already in 2021 it has found some 200 new listings published by IABs in cybercriminal forums and other dark web sources in just Q1.

Cybercriminals targeting unpatched Exchange servers by installing cryptojacking malware

April 14, 2021

Cybercriminals continue to exploit unpatched Microsoft Exchange servers. Cybersecurity researchers at Sophos report an unknown attacked has been attempting to leverage the ProxyLogon exploit to unload malicious Monero cryptominer onto Exchange servers, with the payload being hosted on a compromised Exchange server.

Cybersecurity training lags, while hackers capitalize on the pandemic

April 14, 2021

Recently, TalentLMS partnered with Kenna Security to survey 1,200 employees on their cybersecurity habits, knowledge of best practices, and ability to recognize security threats. Here are some of the staggering results that offer some explanation as to why cybercrime has grown into such a lucrative business:

Zero trust visibility

Greg Copeland

April 14, 2021

Zero Trust Architecture (ZTA) is a trendy term touted by cybersecurity vendors. But there isn’t a single ZTA solution. The architecture is composed of numerous components, that when taken together, form a new paradigm for dealing with cybersecurity that is appropriate in a modern world where corporate enterprises are no longer confined to a well-defined and trustworthy perimeter such as remote working and cloud environments. For reference, the National Institute of Standards and Technology (NIST) has created a very detailed ZTA publication

New England College of Optometry implements contact-tracing wearables to boost COVID-response and enable in-person learning

The New England College of Optometry (NECO) formed a COVID-19 Task Force and began exploring ideas to enable in-person learning at the school in a safe, effective and well-planned manner. One of the solutions that NECO implemented is a contact-tracing tool that allows the school to respond immediately to report of an infection, accurately and effectively, without relying on a sign-in sheet or a person’s recollection of their previous contacts.

Maggie Shein

April 13, 2021

The New England College of Optometry (NECO) formed a COVID-19 Task Force and began exploring ideas to enable in-person learning at the school in a safe, effective and well-planned manner. One of the solutions that NECO implemented is a contact-tracing tool that allows the school to respond immediately to report of an infection, accurately and effectively, without relying on a sign-in sheet or a person’s recollection of their previous contacts.

The process of future-proofing a secured entrance post-pandemic

Kurt J. Measom

April 13, 2021

From the initial secured entrance to the overarching access control system, the emphasis is currently on contactless access control and door entry solutions. A myriad of technologies from NFC and smart mobile devices to facial biometrics will help play a vital role in what are now COVID-driven essentials. An integrated strategy for access control, along with tailgating mitigation options including turnstiles, revolving doors and mantrap portals enables building security to implement even more comprehensive control and prioritized security while making use of touchless credentials.

Mitigating risk with perimeter protection

John Feeney

April 13, 2021

Keeping unauthorized intruders from entering a business location is a critical part of protecting corporate assets. Perimeters are the first line of defense but do not conform to a ‘one-size-fits-all’ safeguarding solution. Selection criteria for the most suitable Perimeter Intrusion Detection System (PIDS) must take into consideration perimeter length, topography, environmental conditions, and future site expansion plans.

First-ever ‘Identity Management Day’ is April 13, 2021

April 13, 2021

The National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), present the first ‘Identity Management Day,’ an annual awareness event which will take place on the second Tuesday in April each year. The inaugural Identity Management Day will be held on April 13, 2021.

Clubhouse API allows everyone to scrape public user data

April 13, 2021

Recently, an SQL database containing data of 1.3 million Clubhouse users was posted on a hacker forum for anyone to access. The data included names, user IDs, social media profile names and other details about clubhouse users.