IT teams can improve Active Directory security through better management of Attack Paths.
"Active Directory (AD) is one of, if not THE, most critical services used by organizations of all sizes. In fact, for roughly 90 percent of Global Fortune 1000 companies, AD is the primary method utilized for seamless authentication and authorization when connecting and managing individual endpoints inside corporate networks. For these enterprises, AD is effectively the foundation upon which access is managed for endpoint management services, identity and authentication services, email authentication and critical business operations..."
Throughout Recorded Future's blog series on 'The Threat Intelligence Handbook: Moving Toward a Security Intelligence Program,' we've explored how security intelligence empowers every team across a security organization to make better, faster decisions and amplify their impact. There's one final, yet critical, topic to examine: How to organize your core security intelligence team itself.
"Let's take a deep dive as we look at the final chapter 13, 'Your Threat Intelligence Journey.'
Michael Jordan once said, 'Talent wins games, but teamwork and intelligence win championships' - and he's absolutely right.
There's no debate that machines process and categorize raw data exponentially faster than humans. On the flip side, humans are uniquely able to perform intuitive, big picture analysis that machines will never be able to achieve. That's why the most effective security intelligence programs combine the best of both worlds: a team of talented individuals with extensive experience and technical knowledge, bolstered by automated processes that eliminate manual, time-consuming tasks and empower people to focus on rewarding, high-impact work. When people and machines are paired, each works smarter - saving time and money, reducing human burnout, and improving security overall..."
It's Cybersecurity Awareness Month and the Cybersecurity & Infrastructure Security Agency (CISA) put out their 2021 #BeCyberSmart message kit... What do these mean for your business? Let's start off with the basics.
Cybersecurity Awareness Tips: Stop Throwing Good Money After Bad
More than ever, basic cyber hygiene is vital to protecting data. Here's why: the risk footprint has never been larger. Some reasons were not surprising: big data becoming harder to manage, more alerts bogging down and burning out incident responders, a blast of Internet of Things devices coming online and 5G deployments being a management issue of their own.
The National Cybersecurity Alliance and CybSafe announced the release of a report which polled 2,000 individuals across the U.S. and UK. The report examined key cybersecurity trends, attitudes, and behaviors ahead of Cybersecurity Awareness Month this month.
'The cybersecurity threat landscape is as complex and diverse as it has ever been,' said Lisa Plaggemier, Interim Executive Director, National Cybersecurity Alliance.
'The daily headlines of data breaches and ransomware attacks is a testament to the problem getting worse, yet most people aren't aware of the simple steps they can take to be a part of the solution. It's critical to have a deeper understanding of both the challenges we face and the prevailing attitudes and behaviors among the public.'
Learn how to protect your business against DDoS attacks with these simple guidelines and useful tips and resources
"Cast your mind back a few years and most businesses wouldn't have even heard of a DDoS attack. Unfortunately, that's no longer the case. If your business is using VoIP services your IT team will definitely be aware of DDoS attacks and the best DDoS attack prevention software.
In fact, in recent years, there has been an exponential increase in the number of these attacks - InfoSecurity Magazine reported earlier this year that there were 2.9 million DDoS attacks in Q1 of 2021 alone..."
Device/machine identity, especially in association with robotic process automation, can be a conduit for intentional and unintentional insider breaches
"Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. It's true, the human is both the strength and the weakness. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee. Where discussion has been sparse is how machine/device identity plays a part in insider risk management..."
Use this checklist to see where your K-12 district's cybersecurity plan could be vulnerable to bad actors
"The cybersecurity landscape is constantly evolving. With cyberattacks on the rise, particularly against K-12 schools, IT administrators need to be sure their district's network is protected. Taking every precaution won't stop bad actors from trying to access valuable student data, but these steps will make it harder for them to breach school networks.
To determine whether your district's cybersecurity strategy will protect you from an attack, use the checklist below. Then, find out how well you scored to assess your cybersecurity preparedness..."
Cybercriminals constantly adopt newer techniques to target internet users. Read the article to know the four crucial ways to be CyberSmart
"The cybersecurity landscape continues to evolve, with threat actors leveraging new hacking techniques to penetrate and exploit critical infrastructure. While organizations are worried about misconfigurations and poor security practices, human errors remain a major cause of cyberattacks and data breaches.
The Cost of Human Error
According to a study 'Psychology of Human Error' by Stanford University Professor Jeff Hancock and security firm Tessian, 88% of data breaches are caused by employees' mistakes. The study highlighted that nearly 43% said they're sure they have made a mistake at work that had security repercussions for themselves or their company. Several organizations claim that human error was the primary factor with a year-over-year increase in several security incidents. Almost 93% are concerned about human error causing accidental exposure of their cloud data..."
Most consumers still create weak passwords and rarely use MFA
"Worsening cyberattacks don't seem to be a particular cause for concern among the general public, with general cybersecurity practices remaining poor.
This is according to a new report from the nonprofit security advocacy group, National Cybersecurity Alliance, and cybersecurity experts from CybSafe. Polling 2,000 people from the UK and the US, the report found most people fail to take even the simplest of steps to protect themselves, their data, and their digital identities from ransomware operators, fraudsters and other cybercriminals..."
Kaspersky's new Ask the Analyst service will allow businesses to reach out to the company's researchers for their opinions and guidance on cyberthreats and security issues.
"Kaspersky's new Ask the Analyst service will allow businesses to reach out to the company's researchers for their opinions and guidance on cyberthreats and security issues on an as needed basis. The program will include malware sample analysis, malware family information or certain threat descriptions, requests for dark web intelligence or further information on published Kaspersky APT Intelligence Reports. Furthermore, the service's deliverables will provide customers' existing IT security teams with Kaspersky expertise..."
Tabletop exercises help organizations practice response and recovery, but one size doesn't fit all. For ransomware attacks, use this template to create a targeted exercise
"Disaster recovery and IT security personnel must take ransomware and other cybersecurity attacks seriously. Even if there is a ransomware recovery plan in place, ransomware technology and methods are constantly evolving. Periodic exercises of cybersecurity response and recovery plans ensure that organizations can minimize the effects of cyber attacks and protect the business and its continued success..."
We've all seen this scene in some movie or TV show: a hacker sits in a shadowy room busily typing on his keyboard.
"Suspenseful music plays in the background, the camera slowly pans around
him in a slow movement, and within the span of a few clicks - voila! -
our protagonist has deployed a cyberattack into the highly secured target
he was trying to penetrate, 'I'm in' he says. This may make for great
TV, but the reality of data breaches is not as exciting. The fact is
that the biggest and most damaging attacks don't happen in minutes,
they unfold over months. They aren't executed in a few clicks, but
through a long process of exploration and exploitation.
According to The Cost of Data Breach Report by IBM, the average time to
detect and contain a cyberattack is 280 days. That's over 9 months! And
the cost of detecting and containing a breach caused by a malicious
attack is even longer, 315 days..."
The COVID-19 pandemic forced many organizations around the globe to accelerate their digital transformation plans.
"Transition journeys that would normally take months or even years to complete were finalized in only a matter of days to support work-from-anywhere remote workforces for the first time.
According to a recent research report, security and IT professionals disclosed that 84% of organizations have recently accelerated their digital transformation adoption initiatives and moves to the cloud. During this transformation, the main challenges experienced revolved around network performance and security. With countless numbers of new devices connected to organizations' networks, this overloaded the systems and caused a dramatic increase in security risks..."
Cyberattacks have been on the rise for years, and the trend shows no signs of slowing down. To add salt (no pun intended) to the wound, the COVID-19 pandemic has just made matters worse when it comes to cybersecurity.
"Those hoping for reprieve from the growing menace of cybercrime in 2021 will be disappointed, as the number of attacks continues to rise day by day.
Having completed the first half of 2021, already there have been many major cyberattacks that have made headlines throughout the world. We have detailed six of the most significant cyberattacks that occurred in the first half of 2021:..."
2021 is not yet over, yet it's already a record-breaking year for the cybercrime industry. We discuss the top 5 cyberattacks of 2021 so far.
"Cybercrime is expected to cost the world $6 trillion by the end of the year. Ransomware attacks are growing in frequency and severity, culminating in several headline-making attacks that have brought national attention to cybercrime.
Security managers and enterprise-level CISOs are desperately looking for new techniques and technologies for navigating this challenging landscape. Security leaders everywhere are paying close attention to the year's record-breaking attacks and trying to predict the next one..."
Survey data from the past year paints a picture for what your threat landscape will potentially look like in the coming months
"2021 has been a banner year for cybercriminals, they have taken advantage of the COVID-19 pandemic and the increase in remote work, attacking both technical and social vulnerabilities. This historic increase in cybercrime resulted in everything from financial fraud involving CARES Act stimulus funds and Paycheck Protection Program (PPP) loans to a spike in phishing schemes and bot traffic. Piled on top of that is a growing wave of ransomware and software supply chain attacks..."
Challenges of hybrid identity management
"It's easy to see why enterprises are gravitating toward a hybrid identity management model that promises the best of both worlds-a little bit in the cloud, and a little bit on-premises. In an Active Directory-centric environment, leveraging the cloud means integrating with Azure Active Directory. Azure Active Directory (AAD), after all, is designed with an eye toward SaaS applications, providing single sign-on and access control. As cloud adoption increases, the ability to manage both on-premises and cloud access is becoming a business necessity. Leveraging AAD alongside Active Directory (AD) helps make hybrid identity management a reality. As with anything in IT, however, the adage of look-before-you leap still applies..."
See all Archived IT - Security articles
See all articles from this issue