Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

This year, the awards are sponsored by Beazley, BT, KPMG and KnowBe4.

Paula Page, Director of Cyber, CCL Solutions Group Ltd

What does your job role entail?

All sorts! As my role started effectively within a start up, albeit within an already established business, I wore many hats every day, especially within the first few years but still often do as it’s very much a team effort.

Mostly though, my role in the Exec team and as Director of Cyber is mainly focused around the strategic piece, growth and relationship wise, client engagement and relationship building and then this is mirrored within my direct team as relationships are at the heart of everything we do.  

I work with my team to develop new service lines, I am responsible for recruitment, I get involved with scheduling still if needed (which is actually one of my favourite things, I love seeing a diary that has no space and working to make it happen, it’s a bit like Tetris for projects!) I am involved in supporting the billing process, I deal with any issues on projects or within the team that need to be escalated and genuinely get involved in anything and everything that pops its head up. I think that’s one of the things that led to me loving the work and industry so much, no two days are ever exactly the same and I love to be busy, fix problems and see progress. 

Many people in my role in other companies are technical but my background is very firmly rooted in the soft skills and relationship space, along with the commerciality. I have built an exceptionally strong technical team and together, we are able to ensure our clients and partners are provided with the best service made up of a team who are all experts in their field. 

How did you get into the cybersecurity industry?

Having always wanted to be a teacher, I decided on the day of sending my applications off that I really wasn’t sure anymore. I called my parents to tell them as I stood at the post box holding the envelope and they were really supportive, telling me to take my time and see what happened. 

Having no idea what was next, I worked a few admin roles as a temp and then saw a permanent role advertised in what turned out to be a Cyber Security company. It was never something I’d considered and absolutely didn’t think I’d end up making a career in the industry. 

I was offered the job as admin and the MD, Ian Glover, was really supporting and helped carve a role for me to support the Consultants. From there, another role developed and before long I was fully involved in the tender processes, scheduling work, carrying out QAs of proposals etc. I quickly realised I absolutely loved the work and the industry and the rest, as they say, is history!

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

It won’t only be me who has often been the only woman in the room on many occasions over the years and this in itself can be a challenge, especially when you are in the early part of your career. It can be intimidating and I’m sure lots of women have found themselves in positions where the behaviour of others have made them want to give up. I was even told it wasn’t the industry for a woman and that I’d never ‘make’ it. 

My standout moment was at InfoSec a number of years back where someone felt it appropriate to proposition and touch me whilst on the stand for the company I worked for at the time with absolute confidence that he was doing nothing wrong. 

You can feel like no one has even seen you or that everyone’s eyes are on you but for totally the wrong reason, neither of which are pleasant. It’s also frustrating when the only topics you are invited to speak about are diversity, usually the done-to-death ‘woman in cyber’ angle. No one ever asks me to speak about being in an exec position, building a business or the soft skills which are so important in this industry and which are key to successful relationships. 

It can often be a struggle to have your voice or ideas heard but with persistence, and a huge dose of stubbornness, I started to feel that the people in the room were listening, and I was being asked for my ideas. It didn’t happen quickly, or easily, and I’d be lying if I said that the feeling of being seen as the token female doesn’t still hit sometimes. Imposter syndrome is also very real but again, gaining more confidence in my own ability and knowing that I am good at what I do, it happens less now than it used to.

I also feel that I have had to work far harder than any of my male colleagues to get into the position I am in now. 

What are your top three greatest accomplishments you have achieved during your career so far?

• Building a business where people are the focus, both from a team and client perspective. I’ve worked with and for some great people through my career, but I have also worked for some whose behaviours were less than supportive and helped me be absolutely clear about the sort of leader I wanted to be should I ever get to that position. For me, the most important thing will always be the happiness of my team and clients and that has been the basis for everything I have done since I moved into my current role as Director of Cyber. 

• Staying true to me, my ideas and my vision for the business that I wanted to build. I needed it to be something I was proud of, something that provided value and where clients wanted to return time after time. Being able to do this successfully whilst also raising a young family and ensuring I didn’t lose my time with them is something that took a lot of thought, planning and support from my husband but that I feel really proud that I’ve been able to do.

• Working with and supporting young people through various competitions such as the NCSC Cyber First Girls Competition and Cyber Centurion. I also spend time with local schools, running Cyber Spotlight workshop days to highlight all the amazing opportunities within our industry in the hope of inspiring them to consider a cyber career in the future. I also support a charity that works to divert people who have been identified as being at risk of becoming involved in the criminal side of Cyber, and introduce them to the routes via various pathways into the ethical side of hacking. 

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

Supporting a team of girls in the NSCS Cyber First girls competition was a great experience last year. Talking to them about cyber as an industry and the various opportunities available to them, and seeing how interested they were, gave me so much hope for the future and I look forward to working with another team this year.

I am responsible for recruitment, so I constantly look to hire people from all backgrounds and experience levels. Having not gone to university myself, and having grown up on a council estate in Glasgow, I am all too aware of the barriers to industry that exist for working class people. I am very aware that I have my first MD to thank for opening so many doors for me and I will always want to pay that forward. 

Also, building a flexible and supportive team where people are able to drop children at school and pick them up, take family members to appointments or take time to care for them means that groups of people, often mothers, are able to work in roles that they otherwise lose out on due to these important commitments. The industry loses out on so much talent through lack of flexibility and in turn, sidelining mothers and parents. I firmly believe that flexible working is at the heart of a successful business as it opens the door to some incredible talent and if we’re not making it easy for parents and carers to come into or stay in our industry, we’re doing them, and it, a huge disservice. 

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

Do it! I feel genuinely lucky to have stumbled into a role that led me to a full career in a space that I’d never considered but that I absolutely love. If you’re considering a career in the industry, you already know about it which is a step further along than I was.

Remember all roles in the industry aren’t technical and in fact, the soft skills needed to succeed are just as important and lead you to many different options. I am not a technical resource, but I have built a successful business filled with amazing people where clients feel valued and cared for. 

Mostly, be prepared to work hard, question things when you think they need to be, go with your gut and be unapologetically yourself.

The post #MIWIC2022: Paula Page, CCL Solutions Group appeared first on IT Security Guru.

By Alan Radford, Global Identity and Access Management Strategist at One Identity, and Andreas Muller, IT Project Manager at B. Braun

According to Gartner, converged Identity & Access Management (IAM) platforms will be the preferred adoption method for Access Management (AM), Identity Governance & Administration (IGA) and Privileged Access Management (PAM) in over 70% of new deployments by 2025, driven by more comprehensive risk mitigation requirements. These predictions are well understood by One Identity, recently positioned as a Leader in the 2022 Gartner Magic Quadrant for PAM.

One Identity’s Alan Radford and Andreas Muller of B. Braun came together with other authentication professionals to discuss how to get ahead of this issue.

The Challenges:  Managing size, complexity and diversity

B. Braun is a German medical and pharmaceutical device company, working across 60+ countries, with the help of over 60,000 staff. According to Muller, “Our main challenge, from a technical perspective, is consolidation across teams. We are working across several disparate geographies and teams with different owners. All these teams need to pull together in the same direction.”

This structural complexity is further compounded by the strict restrictions in place on medical manufacturing, which needs to be supported by security and Identity & Access Management policies. Restricting access to the data hosted on the B. Braun servers is crucial to ensure it remains compliant.

B. Braun needed a more effective way to manage user accounts and protect data. Andreas Mueller, IT project manager at B. Braun, says, “We had too many manual processes, which increased the time to create or delete a user account. Overall, there was too much risk of unauthorized data access and, therefore, a failure to comply with data security regulations.” Beyond automation, B. Braun also wanted an identity management solution that could drive digital transformation. “We’re moving some of our IT to the cloud,” says Mueller, “so we needed a solution that could talk to our on-premise infrastructure and cloud services, such as Office 365.” B. Braun hired One Identity to launch a proof of concept (POC) for Identity Manager. “Identity Manager delivered all the features we wanted,” says Mueller, “including cloud connectivity. What’s more, the technical sales team at One Identity offered to support a POC that integrated with our internal infrastructure. No other provider would go this far.”

The Results: Automation and support

B. Braun was able to work on improving its security policies by automating account provisioning and deactivation to ensure that Identity & Access Management is not an element of their policy, which is overlooked across multiple geographies. This has also ensured that company data is protected in its hybrid environment, featuring cloud and on-premises systems, both of which were still necessary in its environment.

For more than five years now, B. Braun has been successfully using One Identity’s Identity Manager solution to achieve support for both the company’s internal systems and extranet used by customers. “All the right people have access to what they need now that account creation and termination are automated with Identity Manager,” explains Mueller. “There’s complete transparency and greater protection of company data. Everyone knows the position of their requests within the workflow at any given time. There is also less chance of errors.”

Conclusion: Flexibility and responsibility 

B. Braun’s issues and challenges are a telling insight into the role of IAM partners.

B. Braun looked to their IAM partner to ensure that they could retain the flexibility that a hybrid offering allows for, while bringing together disparate identities across different teams, regions and operational areas, while reducing friction and without compromising its security posture. One Identity was able to offer this, harnessing its years of IAM experience in automated authentication to work on the ‘principle of least privilege’ for both internal and external stakeholders.

Looking forward, B. Braun is hoping to continue to enhance its password management policies, automation programs for Identity & Access Management and to continue its focus on ensuring compliance and security standards are upheld.

About One Identity

One Identity delivers unified identity security solutions that help customers strengthen their overall cybersecurity posture and protect the people, applications and data essential to business. Our Unified Identity Security Platform brings together best-in-class Identity Governance & Administration (IGA), Access Management (AM), Privileged Access Management (PAM) and Active Directory Management (AD Mgmt) capabilities to enable organizations to shift from a fragmented to a holistic approach to identity security. One Identity is trusted and proven on a global scale – managing more than 500 million identities for more than 11,000 organizations worldwide.

The post Case Study: Getting ahead of Convergence with One Identity and B. Braun appeared first on IT Security Guru.

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

This year, the awards are sponsored by Beazley, BT, KPMG and KnowBe4.

Kristina Balaam, Staff Threat Intelligence Researcher, Lookout

What does your job role entail?

My role involves tracking and investigating campaigns tied to Advanced Persistent Threat groups. Usually, this includes reverse engineering mobile malware to understand how it works and what data it attempts to collect or exploit, investigating infrastructure tied to the campaigns we are tracking, and many times, it also involves understanding the geopolitical context of the (often state sponsored) threats our team investigates.  

How did you get into the cybersecurity industry?

I transitioned from a general software engineering role after I was exposed to the industry and the roles that existed through professional development courses. 

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

Imposter syndrome following sexist comments I’ve received has been a significant challenge at times. I’ve been very lucky to have wonderful mentors who have become close friends, and their support and encouragement has helped drown out the negative comments when I find myself a bit too affected by them. I’ve also tried to keep a little “diary” of work I’m proud of and when negative comments or imposter syndrome make me question my worth in this industry I turn to those experiences to encourage myself to persevere. 

What are your top three greatest accomplishments you have achieved during your career so far?

1. Speaking at CyberWarCon this year was an absolute dream come true, and I’m especially proud to have been able to speak about the negative impact of surveillance campaigns on minority groups, dissidents and activists. 
2. Much of my research on the Threat Intelligence team isn’t publicly available, so unfortunately all I can say for this is that I’m very proud of the research I’ve contributed to our team and the ways in which we’ve helped protect certain vulnerable populations.
3. I’ve had several young women tell me that they’ve become interested in threat intelligence and the work our team does after hearing me speak at conferences. I entered the tech industry (and my computer science programme) after seeing Jade Raymond, the former president of Ubisoft Toronto, speak about her work as a software engineer. Knowing that I’ve been able to motivate others toward work I’m so passionate about has been incredibly fulfilling!

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

Offering mentorship and advice to women about transitioning to this industry and during their interview processes and resume writing.

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

Believe in your worth and what you can contribute to this industry — don’t withhold an application to a new role because you may only exactly fit 6/10 of the listed criteria. Apply! Your unique perspective is needed and many organisations are happy to help develop any technical skills that may be lacking right now.

The post #MIWIC2022: Kristina Balaam, Lookout appeared first on IT Security Guru.

Ransomware attacks are hitting organisations every day and infrastructure & operations (I&O) leaders are aggressively bolstering protection, detection and response capabilities against attacks.

However, questions remain as to whether existing disaster recovery (DR) and business continuity plans are sufficient for ransomware recovery.

To address this, I&O Leaders must consider five areas between the two recovery approaches, to better establish whether existing plans can withstand a potential ransomware attack.

1. Similarities and Differences

Traditional DR and ransomware recovery have many similarities, including the need to coordinate with business continuity management, prioritise via recovery tiers and understand dependencies. Both also require procedures to assess the impact, declare and activate recovery plans, execute plans, and obtain clarity around access and maintenance.

However, ransomware recovery involves greater complexity and unpredictability and so it’s important to consider the business demand of the differing recovery steps in the process, which will naturally involve different stakeholders. These include varied recovery approaches, location, data loss, recovery time and the speed of a return to business as usual.

2. Disaster Recovery Protects Against ‘Predictable’ Disasters

Traditional DR planning assumes that an entire location or application has failed, requiring failover to a DR location. These events can vary in scope, from regional power outages to IT equipment failure, and even natural disasters such as earthquakes, tornadoes and flooding, which destroy all infrastructure.

Planning for these events requires active or hot standby application infrastructure across data centres, which enables the failover to happen within a reasonable time, and with minimal or no data loss.

3. Disaster Recovery Not Always Suitable for Ransomware Attacks

As of today, ransomware attacks are mostly well-planned where the attack can start weeks or months before the final ransomware assault. Typically, ransomware is only activated as the last step in a this well-prepared cyberattack, with attackers still having access during the attack.

Traditional DR usually relies on the replication and synchronisation of applications, data, and foundational network services between the primary site and the DR location. So, all the work the attackers do to compromise the production site will be replicated on the DR site. Consider that the contamination of the DR site will make it impossible to use standard recovery procedures after a cyberattack.

Contemplate that you may have to build from scratch in a worst-case situation and this will require planning to recover from alternative infrastructures, such as isolated recovery environments, cloud infrastructure, relocation sites and services.

4. Disaster Recovery and Ransomware Recovery Follow Different Processes

Traditional DR activation follows a straightforward process where — after the disaster event is detected — an assessment is conducted to decide whether failover is required or not. After that, failover is executed and validated, and business continues. A well-planned failback (when applicable) can be executed when the primary environment is recovered.

Recovery from ransomware, on the other hand, requires multiple and more complex stages. In the first phase, there is a focus on stopping the attack from execution and propagation. In the second phase, forensic analysis is required to find out what happened, what ransomware was executed, the security issues at hand and how it infiltrated the infrastructure. During the third phase, analysis is required to find which network artefacts, apps, data and backups are affected.

Through phase four, there is a focus on the recovery of foundational infrastructure, by either a restore or a rebuild of all artefacts in the network, as well as storage and compute infrastructure, followed by a rebuild or recovery of network services like DNS and AD. In phase five, a dedicated isolated recovery environment (IRE) is leveraged to scan, repair, and validate operating and application/data systems to prepare for recovery back to the primary environment. Finally, in phase six, systems are migrated out of IRE back to production.

This level of impact on the entire infrastructure is what makes ransomware recovery so complex and unpredictable, as you need to first recover and resecure every impacted element in your infrastructure environment before you can recover systems, applications and their data. Examine the complexities that come along with the different processes and the demands this may ask of your organisation.

5. Ransomware Recovery is a ‘Team Effort’

DR is often led by the DR team, which consists of the server team, network team, storage team, backup team, who all report to the DR manager, who then reports to the CIO. DR is part of the wider business continuity management process, where DR is responsible for the recovery of IT systems in a disaster situation.

Ransomware recovery, on the other hand, is initially led by the cybersecurity incident response team, which reports to the chief information security officer and is supported by other infrastructure and operations teams, including the DR team. Hence, recovery from a ransomware attack is far more of an all-enterprise effort and consider whether you have the resources to approach this appropriately.

Gartner analysts will further explore and compare disaster recovery and ransomware recovery at next year’s Gartner Security & Risk Management Summit 2023, taking place 26-28 September, in London, UK.

Jerry Rozeman is a Seniorr Director Analyst at Gartner

The post Gartner: 5 Considerations for I&O Leaders Planning Against Ransomware Attacks appeared first on IT Security Guru.

 Salt Security, the leading API security company, today announced that Open Line NL, a supplier of managed cloud services and applications, has selected and deployed the Salt Security API Protection Platform. The Salt platform allows Open Line to offer services to its customers that quickly identify and block API attacks and remediate potential risks, ensuring the security of its customers’ critical data and services. Open Line provides both managed cloud infrastructure and vertical-specific solutions for companies in healthcare, local government, social housing, and logistics. Open Line chose the Salt platform over its competitors because of the compelling advantages of its cloud-scale big data and mature ML and AI, which enable industry-leading runtime protection, advanced API discovery, and shift-left capabilities to remediate API vulnerabilities in pre-production. 

Protecting the heart of digital business

“All of our customers use solutions that are API-driven, with enormous volumes of sensitive data being shared across their services. To reduce digital risks, protection of their APIs is critical, and we found WAFs and API gateways insufficient to address the full scope of this growing problem,” said Daniel van Slochteren, chief innovation officer at Open Line. “Salt enables us to continuously monitor and protect – known and unknown – APIs used by our customers in runtime. Open Line feels an enormous responsibility to ensure data integrity for our customers; Salt enables us to achieve that goal with its robust and proven cloud-scale API security platform.”

Operating the first risk-based SoC in Europe, based in Valencia, Spain, Open Line is the only managed cloud services company that offers risk-based SoC services in The Netherlands. Open Line serves more than 100 companies, with its platform running in a high-end private cloud combined with the Microsoft Azure cloud platform. Focusing on key vertical industries, Open Line delivers deep business, application, and infrastructure expertise to support its customers’ unique business requirements and objectives. 

Prior to adopting Salt, Open Line lacked the comprehensive visibility into API behaviors that would indicate an API attack. Because WAFs and API gateways are not always able to address the threats on the OWASP API Security Top 10 list, Open Line knew it required a dedicated API security solution with automated discovery and runtime protection. According to the Q3 State of API Security report, blocking API attacks in runtime represents the most important API security capability.

“The biggest reduction in risk that businesses can achieve is to identify and block API attacks as they occur,” said Nico Wagemans, Regional VP, EMEA, at Salt Security. “By spotting anomalies in API activity during runtime, customers like Open Line can quickly block attacks, either manually or automatically, avoiding costly breaches and reputational damage. With our cloud-scale big data platform and time-tested ML/AI, Salt gives Open Line the visibility, control, and – most importantly – the context that they need to defend their customers’ most valuable digital assets and advise clients on needed actions.”  

The Salt Security API Protection Platform enables companies to identify risks and vulnerabilities in APIs before they are exploited by attackers, including those listed in the OWASP API Top 10. The platform protects APIs across their full lifecycle – build, deploy and runtime phases, utilizing cloud-scale big data combined with AI and ML to baseline millions of users and APIs. By delivering context-based insights across the entire API lifecycle, Salt enables users to detect the reconnaissance activity of bad actors and block them before they can reach their objective. Salt captures the depth of context that organizations need to identify and protect today’s ever-expanding API ecosystem with continuous discovery of APIs and exposed sensitive data, attack detection and prevention, and advanced shift-left capabilities.  

About Salt Security

Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices. Deployed quickly and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives

 About Open Line NL

Headquartered in Maastricht, The Netherlands, Open Line is a supplier of managed cloud services. Open Line supports and advises clients in the design, construction and management of complex ICT (outsourcing) projects, supporting more than 100 companies across vertical industries, such as healthcare, government, social housing and logistics. Open Line’s managed services concept offers a complete set of trusted cloud services that help customers achieve their business and digital innovation goals.

The post Salt Security chosen to protect Open Line from API security threats appeared first on IT Security Guru.

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

This year, the awards are sponsored by Beazley, BT, KPMG and KnowBe4.

Dasha Diaz, CEO and Founder, itrainsec

What does your job role entail?

I help businesses to learn and study all aspects of cybersecurity from the best experts and practitioners in the industry. For more than a decade, I’ve been organising world-class IT security events and training for the global cyber security community. My close bonds and powerful network represent a rich portfolio of leading subject matter experts and trainers – itrainsec enables businesses to take advantage of this, and my personal aim is to exceed expectations every time.

How did you get into the cybersecurity industry?

Before founding itrainsec, I spent nearly 12 years at one of the world’s top cybersecurity companies, Kaspersky, where I began my career there as a PR manager, then joined the Global Research and Analysis Team (GReAT) as Senior Research Communications manager. My standing in the industry also led me to be appointed co-director of the Cyber Security Programme at Harbour.Space University in Barcelona, where I’m creating a master’s program to nurture cybersecurity talents.

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

It was always hard to exceed expectations of the community, but not only that, also my own expectations. With the conference I’ve built with my mates at Kaspersky it was always a challenge to surprise people every year and produce high-quality content year on year.

But every time, when you see everyone excited, happy, thankful, willing to come next time or submit their research for the next edition – I realized I could do more, I can push forward and even higher.

This attitude helped me to build my company, and make it successful.

What are your top three greatest accomplishments you have achieved during your career so far?

1. itrainsec – building my own business from scratch.
2. #TheSAScon – creating and organizing one of the best cybersecurity conferences for more than 10 years
3. Marrying one of the best cybersecurity experts:)

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

A growing number of women in cybersecurity has somehow attracted attention to the importance of building a diverse environment within companies, not only for women but for all backgrounds and ethnicities. It would be right to say that the infosec industry has a high level of complexity and competitiveness. The feminization of cybersecurity has given women of other less demanding specialisations additional motivation to move forward and see no barriers ahead of them. Women bring the importance of education, professional development, best practices exchange and networking to a new level. They initiate community development where rivalry gives way to mutual support.

Together with the itrainsec team, we help to organize different cybersecurity events at different levels. We invite a lot of women and always try to balance the women/men presence on the stage. I always encourage ladies in cyber to participate as much as possible in the conferences and events, and I myself am not an exception – the more visibility we get, the more obvious the change in the industry. Also, itrainsec is now involved in organizing a conference for one of the foundations related to women in cyber.

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

In every fast-growing, innovative industry, you should be ready for constant professional development. But in cybersecurity, this is even more important as the evolution of security risks is the main aim for adversaries. If you think about it, cyber security needs skills beyond the technical. Strategy and insight is important too, and women tend to offer perspectives and opinions that differ from men’s, and that could be crucial in addressing the risks businesses face today.

The post #MIWIC2022: Dasha Diaz, itrainsec appeared first on IT Security Guru.

The post #MIWIC2022: Lena Smart, MongoDB appeared first on IT Security Guru.

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

This year, the awards are sponsored by Beazley, BT, KPMG and KnowBe4.

Dr. Ana Ferreira, Information Security Specialist and Health Researcher at CINTESIS@RISE, Faculty of Medicine, University of Porto

What does your job role entail?

My job entails research, development and innovation in the area of information security applied to digital health research projects and solutions. It also comprises teaching in various subjects such as cybersecurity, health data science and health technology design.

How did you get into the cybersecurity industry?

My background is Computer Science and I did an MSc in Information Security in 2002 in the UK (RHUL). That was my first contact with the area, which I really liked! I then pursued my research path by doing a PhD and a Post-Doc in Access Control and Socio-technical Security, respectively, and these helped me to consolidate and evolve as a researcher, and as the creator of new projects and new solutions in this area.

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

My challenges in cybersecurity, as a woman, actually started much later in my career when I needed to manage a family and kids. This, still today, can commonly hold you back in taking chances and opportunities that would probably lead you to an increased payroll position and/or more responsibility and executive roles.   

However, our work is just one part of our lives, we can still make a difference even if we are not in those high positions, by instilling trust in what we do, and doing it well! At the end of the day, you can be a good role model and give back what you have learned to the community, and still enjoy having time for other pleasures in life, including family and friends. I also believe this is all possible while embodying those high-level roles; however, a cultural shift is needed for this to really work as a society.

What are your top three greatest accomplishments you have achieved during your career so far?

• Staying in this area, evolving and reinventing myself for more than 20 years now;

• Being able to give back to the community by participating in EU research projects evaluation, as well as mentoring and supporting and creating visibility as a role model for other women;

• Contributing more than 110 scientific publications in the area and bringing the much needed diversity and multidisciplinarity to it.

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

I am a co-founder of Women4cyber Portugal, an Association in connection with the European Women4cyber Foundation, aiming to foment and support the participation of more women in cybersecurity. 

I am also the co-founder and vice-president of the (ISC)2 Portugal chapter, to promote and disseminate knowledge about international certifications in the area, as we have, internationally, a big gap in qualified personnel.

I have participated in the three editions of the Mentoring programme of the European Women4cyber Foundation, as a mentor, helping and supporting women in the area with my experience and know-how.

I have participated in several initiatives of recognition as someone that has been successfully working in cybersecurity, giving this way visibility and inspiring other women to pursue this path, e.g., participating in national and international conferences and debates, featuring in the “Hacking Gender Barriers: Europe’s Top Cyber Women” book, winning the Cybersecurity Woman “Barrier Breaker” of the year award 2022 and, obviously, winning this award as well!

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

Ask other women (and men!) for support and help regarding doubts, fears or other questions. The main advice is: TRY! Try first and decide later! Even if it may feel unlikely, and if everybody else says it is not for you, you may still identify with some of the challenges in this area, and you may be surprised with what it has to offer. Cybersecurity is very diverse and tangential to many other domains, so there can be many options, challenges and different opportunities, and one (or more) can be just right for you!

The post #MIWIC2022: Dr Ana Ferreira, Center for Health Technology Services and Research appeared first on IT Security Guru.

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

This year, the awards were sponsored by Beazley, BT, KPMG and KnowBe4.

Dr Hadis Karimipour, Canada Research Chair and Associate Professor, University of Calgary

What does your job role entail?

My job role consists of conducting research, and teaching.

Her nominator adds:

“Dr. Hadis Karimipour is an internationally acclaimed researcher with a strong track record of success. She has shown a prodigious ability to produce high-impact research in the early stages of her career. Working at the forefront of her field in the last 5 years, she has developed a reputable and translational research program that is focused on security of large-scale cyber physical systems. 

Dr. Karimipour is an expert in the field of cyber physical systems and has developed tools that are applicable to critical infrastructure. She is among the pioneers in developing and applying artificial intelligence and machine learning to cyber-attack detection techniques. She has also built novel frameworks that have made it easier to model cybersecurity threats. Since 2016, Dr. Karimipour has published 80 peer-reviewed journal and conference articles, 2 books, and 23 book chapters. Most of her publications have appeared in the top venues in her field such as IEEE Internet of Things Journal (Impact factor —IF: 9.5), IEEE Transactions on Smart Grids (IF:8.3), Computer and Security Journal (IF: 4.5) and the Journal of Network and Computer Applications (IF: 6.2).”

How did you get into the cybersecurity industry?

I got into cybersecurity through my research during my PhD.

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

Cybersecurity is one of the most male-dominated fields, and the majority of the time you feel isolated and alone. It is very common to be in a room with many men who ignore or underestimate you. Besides that, as a Muslim international woman, I have experienced lots of barriers in my career. Being a minority always makes you more hidden and people will count on you less, so instead I had to work a lot harder to prove myself. The only key to success is to never stop, work hard and believe in yourself and your power.

What are your top three greatest accomplishments you have achieved during your career so far?

In 2022, I received the Canada Research Chair in Secure and Resilient Cyber-physical systems, which is awarded by the government of Canada to exceptional emerging researchers, acknowledged as leaders by their peers. The Canada Research Chairs Program invests up to US$311 million per year to attract and retain some of the world’s most accomplished and promising minds. 

In 2022, I received the APEGA Early Accomplishment Award, which is presented to the members of the Association of Professional Engineers and Geoscientists of Alberta (APEGA), who are recognized by their peers for their integrity, expertise, and outstanding accomplishments in fields related to engineering or geoscience at an early stage in their professional career.

In 2021, I was selected as one of Canada’s Top 20 Women in Cyber Security by IT World Canada for my contributions in the security of critical infrastructure. This prestigious award was established to recognize and honour top 20 women who have driven the Canadian cybersecurity industry forward. It is an annual initiative produced by IT World Canada (ITWC) in association with the Canadian Women in Security Forum and the Women in Security and Resilience Alliance (WISECRA). 

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

I always ensure research opportunities and conversations are accessible to all: as a Middle Eastern Muslim woman in STEM, I have experienced barriers and challenges, and have long been committed to equality, diversity, and inclusion in mentoring and education. As a Ph.D. student and post-doctoral fellow, I joined Women in Science and Engineering (WISE) to bring attention to gender-related challenges in science, engineering and cybersecurity and to interest girls in science and cybersecurity.

Since I started my career, I have taken different roles, including chair of IEEE Women in Engineering, Active member of the Society for Canadian Women in Science and Technology, Community Outreach Representative of Women in Cybersecurity (WiCys) Western Canada, and career mentor in The Society of Women Engineers (SWE), where I organized different events, mentorship programs, guest lectures and conferences to amplify and encourage the influence of women in cybersecurity and provide mentorship and career advice to a diverse group of trainees.

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

No matter what you choose for your career, there will always be challenges and difficulties on your way, so that should not affect your decision. Listen to your heart and if you love an exciting career where you learn something everyday, cybersecurity is one of the best choices for you. 

It is not all about coding or programming. There are different aspects of cybersecurity and I believe there is enough room for everyone who wants to join. It is a multidisciplinary field which needs people with different perspectives and backgrounds.

Believe in yourself and your power. 

The post #MIWIC2022: Dr Hadis Karimipour, University of Calgary appeared first on IT Security Guru.

Everyone in the cyber insurance industry or trying to get cyber insurance today knows that using multifactor authentication (MFA) is an absolute make-or-break requirement for getting a cyber insurance policy; or if you can get a policy without MFA, you will pay a hefty increased premium for the same amount of coverage.

Most cybersecurity experts and the cyber insurance industry are telling everyone to get MFA. Many cybersecurity experts say that using MFA is the single best thing an individual or organisation can do to best reduce cybersecurity risk. Some nationally recognised experts and the largest trusted cyber organisations go so far as to say that MFA prevents 99% of all hacking! Sounds like a no-brainer.

My painful prediction is that the cybersecurity industry will continue to tout using MFA as the best way to reduce cybersecurity attacks and then learn, this year, that people and organisations using MFA were still hacked an awful lot. Within a year, people will learn that using any MFA is not the panacea solution that it has been touted to be. Hacking will continue nearly unabated and losses will continue to pile up as the truth becomes self-evident.

MFA is good and everyone should use it where they can to protect valuable data and systems.

Unfortunately, the insurance industry and their customers are going to learn that using ANY MFA is not going to be as helpful in reducing risk as they thought. Unfortunately, about 90% to 95% of MFA is as easily hackable as the passwords they are intended to replace. Yep, you read that right. And hackers have been bypassing most MFA for decades and the U.S. government has been telling people not to use easily phishable MFA at least since 2017. Consumers and the insurance industry are about to find out why.

MFA that is tied to telephone numbers (like SMS-based and voice-based MFA), uses “one-time” codes, or utilises “push-based” technologies that are easily phishable. This means an attacker can use a simple social engineering attack that works just as well against those types of MFA as it does against passwords. If you’re interested in learning about the various techniques hackers use to phish MFA users, see this article for more details: https://www.linkedin.com/pulse/dont-use-easily-phishable-mfa-thats-most-roger-grimes.

Hacking easily phishable MFA is well-known in cybersecurity. It is not a theoretical risk. Weaker MFA has been hacked millions of times over the decade. So much so, the U.S. government, in 2017, in NIST SP 800-63 said not to use it. In 2021, Presidential executive order (EO 14028) had a clarifying follow-up memo that stated, “…systems must discontinue support for authentication methods that fail to resist phishing, such as protocols that register phone numbers for SMS or voice calls, supply one-time codes, or receive push notifications.” That pretty much describes 90% to 95% of the MFA used today. In 2022, the OMB stated that “…phishing-resistant MFA is required.” Although these directives only apply to organisations under the purview of the U.S. government, it should apply to every organisation and person worldwide. The risks are the same.

To be clear, consumers should use phishing-resistant MFA whenever they can. But either way, regardless of whether the MFA solution someone is using is considered easily phishable or phishing-resistant, all MFA users should be educated about the common types of attacks against their type of MFA and how to recognise, prevent, and report those attacks. We do not tell people to use passwords without some basic education. We need to do the same for MFA.

And if you are telling someone they need to use MFA, make sure to say PHISHING-RESISTANT MFA and not just any MFA. There is a world of difference. A difference that will become overly clear this year. If you’re interested in what types of MFA are considered phishing-resistant, one list that is constantly updated is: https://www.linkedin.com/pulse/my-list-good-strong-mfa-roger-grimes.

The post MFA Will Not Save the Insurance Industry appeared first on IT Security Guru.

Threat researchers at Lookout have discovered more than 300 loan apps that exhibit predatory behavior, such as exfiltrating excessive user data and harassing borrowers for payment in both Google Play and the Apple App Store.

The apps, which were found across countries in Africa, Southeast Asia and South America, including India, Colombia, Nigeria and Mexico, purportedly offer quick, fully-digital loan approvals with reasonable loan terms. The research revealed 251 were Android and 35 iOS lending apps were downloaded a combined total of 15 million times.

In reality, they exploit victims’ desire for quick cash in an attempt to ensnare borrowers into predatory loan contracts and require them to grant access to sensitive information on their device such as contacts, phone history, and SMS messages — information that would not be required in a valid loan application process.

In addition to predatory requests for excessive permissions, many of the loan operators display scam-like actions. Victims have reported that their loans came with hidden fees, high interest rates, and repayment terms that were much less favorable than what was posted on the app stores. Lookout Threat Lab also found evidence that the data exfiltrated from devices was sometimes used to pressure the customer for repayment – a common threat tactic to disclose a borrower’s debt or other personal information to their network of contacts.

“Mobile apps have made managing our lives a lot easier and are a convenient way to interact with businesses such as financial institutions. However, when entrusting any app with sensitive personal information, it is extremely important to stop and ask yourself if the information being requested makes sense and if the business behind the app is a trusted entity,” said Ruohan Xiong, senior security intelligence researcher, Lookout.

“As these predatory loan apps have demonstrated, app permissions could easily be abused if users are not careful. While there are likely dozens of independent operators involved, all of these loan apps have a very similar business model – to trick victims into unfair loan terms and then extort payment.”

Lookout informed Google and Apple about the discovery of these apps which were quickly removed from the respective stores.

The post Predatory loan apps on Apple App Store and Google Play extorting victims appeared first on IT Security Guru.

That CTOs should be concerned about cybersecurity and data breaches is perhaps not the biggest surprise. 2022 has seen more data breaches than ever before, and it feels like the impact of a breach is increasing too.

Damage to the brand, paying ransomware costs, time and resources to address the breach, data privacy law penalties – these are all implications that contribute to cybersecurity fears being cited as the main thing keeping CTOs awake at night, according to our recent research, the State of European Dev Ecosystem 2022.

How can CTOs ease cybersecurity concerns while also addressing longer-term issues such as aligning technology with the business objectives in their organisation, a lack of IT resources to manage current projects, and a scarcity of technical talent?

CTO challenges

Our research highlighted the severity of the challenges that CTOs are facing. 60% of CTOs believe that technology is not aligned with their organisation’s business objectives. When you factor in that more than one-third of CTOs feel that the rest of the board undervalues the role of the CTO, it’s easy to see being CTO as a thankless task, deprioritised by others.  

Then there are more specific challenges. A lack of IT resources to manage current projects, and a scarcity of technical talent were both cited by CTOs as an issue. Although 61% said their IT budget had slightly increased over the previous 12 months, insufficient budget and resources were two of the biggest reasons given for a technology project not getting off the ground.

These issues are all impacting the ability of CTOs to do their jobs effectively and meet internal objectives for technology. 28% said they had seen development projects fail in the past 12 months due to a lack of resources, while more than one in five said they lacked the internal skills and expertise to manage all their development projects.

Plugging this skills gap and ensuring it doesn’t impact an organisation’s ability to deliver is a theme familiar to most CTOs. Getting the broader organisation’s support and aligning technology with business goals is much harder when projects fail, are completed late or over budget.

A lack of tech talent

This year’s Stack Overflow report shows that the median development salary has increased by 23% during the past year, making it harder for CTOs to fill the gaps in their teams. Furthermore, enterprises must support an increasingly wide range of technologies and frameworks, and trying to do so in-house requires a large team, a model that doesn’t work anymore. This is a particular challenge when most of your development has traditionally been done in-house and requires a strong and ongoing investment in training.

Using an augmented team, with in-house developers working in conjunction with external teams, is an approach that can help. It means enterprises can benefit from the most up-to-date skills without the need to maintain such capabilities in their own developers. Such teams are also enterprise-ready in how they work, comfortable with scrum methodology and project management requirements, so they can be deployed according to when a CTO requires them.

Looking outside the organisation for support and resources makes it easier for CTOs to look after their in-house teams. Our research showed the most important element of this was to ensure their team is motivated to work. Motivation is invariably higher when teams aren’t over-stretched, underpaid and asked to work on projects for which they haven’t been fully trained. 

CTOs in 2023

2023 is likely to be a challenging year for CTOs, with digital rollouts continuing against a backdrop of business and economic turbulence. 

The role of a CTO is demanding, with many different pressures to face up to. Cybersecurity and data breach concerns are important but addressable. Establishing robust processes, educating employees and using the proper preventative measures and monitoring solutions will all help mitigate the risk of a data breach.

Finding the right talent to power digital transformation programmes and aligning tech with business objectives pose sterner challenges. However, adopting a more flexible approach to plugging any skills gaps can address capacity and capability issues, which in turn will help ensure projects remain on track and subsequently bring more alignment between the technology and the business, which is such an essential part of the role.

About the author

Andy Peddar is CEO and co-founder of Deazy, the curated marketplace of development talent that connects enterprises, scale-ups and agencies with high-quality development teams. 

The post Cybersecurity fears are just the tip of the iceberg for CTOS appeared first on IT Security Guru.

KnowBe4 has announced that its new SecurityCoach product now integrates with Netskope. The two security organisations have collaborated together to help reduce risky behaviour with product integration to support real-time security coaching of users.

SecurityCoach helps IT/security professionals to develop a strong security culture by enabling real-time security coaching of their users in response to risky security behaviour. Leveraging an organisation’s existing security stack, security teams and administrators can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event via Slack, Microsoft Teams or email. 

“Netskope joins our ecosystem of technology partners, which is growing rapidly, to enrich the support we provide to our customers and to fortify their organisation’s human firewall,” said Stu Sjouwerman, CEO, KnowBe4. “KnowBe4 is proud to partner with Netskope to provide a seamless integration with our new SecurityCoach product, which aims to deliver real-time security coaching and advice to help end users enhance their cybersecurity knowledge and strengthen their role in contributing to a strong security culture. KnowBe4 is actively working with Netskope to coach users in real time around their activities online or in the cloud. For example, when a user goes to a risky website, KnowBe4 can in real time integrate with Netskope and send the user a targeted coaching module.”

“Netskope provides targeted insights to KnowBe4 that can be used to give actionable coaching to end users,” Andrew Horwitz, VP of Technology Alliances at Netskope. “KnowBe4’s large library of curated coaching modules together with Netskope’s actionable user specific insight on their activity in the cloud can build a real time zero trust system for our shared clients.”

KnowBe4 will provide step-by-step instructions and recommendations to help IT/security professionals achieve quick and pain-free integration and data syncing during the implementation process.

KnowBe4 now integrates or partners with over 20 of the world’s top cybersecurity platforms across Endpoint, Network, Identity, Cloud and Data Security https://www.knowbe4.com/integrations.

For more information on SecurityCoach, visit www.knowbe4.com/securitycoach. 

The post KnowBe4 and Netskope Collaborate for New SecurityCoach Integration appeared first on IT Security Guru.

As our digital world evolves, cybersecurity has never been more important and critical. During the last few years, we have all become witnesses to intense cybercrime and sophisticated cyberattacks. This upward trend is further fuelled by a shift in working conditions like working remotely. The impact of cyberattacks is profound, resulting in security breaches, enterprises’ revenue and reputation losses, and in some cases, organizations, and entire states being destabilized.

As cybercrime continues to increase, the human element can play the most important role in cybersecurity posture and hygiene. It is the main driver and the most significant vector within cybersecurity, humans tend to behave unpredictably under certain circumstances. If trained properly, training humans effectively can be a game changer. After all, cybersecurity is a matter of proper human risk management.

Train humans’ awareness

Several reports, such as the World Economic Forum Global Risk Report 2022 and Verizon’s 2022 Data Breach Investigations Report highlight that human error is by far the biggest and dominant cause of illicit actions and cybersecurity issues. Many businesses have a misperception that security can be enhanced and risk minimized if they train their employees via using tech-related jargon, without realizing that this will, in turn, confuse their employees. This only further exacerbates the issue. Instead, what they need to do is to manage human risk.

Despite the fact that human perception, cognition, and general behaviour can’t be controlled, and altered according to our needs, studies prove that cyberattacks can be regulated and actually decreased if employees undertake cybersecurity-focused training.

In every organization, training is a fundamental procedure. It is one of the most important pillars on which the edifice of any organization rests. Armed Forces are an exemplary example. With continuous improved training, it manages to keep the awareness level of the military personnel high, and combat-ready. Furthermore, the Armed Forces run awareness campaigns to instruct their personnel about cyber threats and what measures authorized users may take to mitigate threats to military information systems and their vulnerabilities.

The importance of cybersecurity awareness training

Speaking of training and taking into account humans’ perceptions, cybersecurity awareness training is by far the best place to start. By providing staff personnel and individuals with the necessary knowledge to recognize and react to cyber threats, know what to look for, which mistakes to avoid, and how to counter the most prevalent threats.

Cybersecurity awareness training is a defensive approach used by security professionals. It teaches people about cyber threats and dangers, safety precautions, HIPAA and PCI DSS requirements, and several privacy regulations. This includes GDPR and CCPA, which are anticipated to govern 75% of the world’s population by the end of 2023.

These training programs imitate cyberattacks and educate people about existing malware. It helps with teaching employees how to secure personal and business-sensitive information from illegal access, modification, and/or exploitation. Furthermore, as digital applications and security tools like MFA and VPN’s are developed, and used at an unprecedented rate, there is a greater need to train people on threats around them. If properly applied and instructed, training raises the cybersecurity level, minimizes human risk, and keeps employees on a high alert for cybersecurity awareness.

Reduce human risk

Most of these training programs are computer-based, and focus on various topics, including cloud, social media safety, safeguarding privacy, best practices for mobile and remote computing, and other important topics that are essential to reduce cyber threats.

Phishing attacks can be minimized by knowing the key indicators of a phishing attempt and how to address them. The same applies to spoofing messages, smishing, and suspicious voice calls, aka vishing. Additionally, through appropriate training, individuals can be educated on ransomware trends, enabling them to identify warning signs, in addition to allowing security teams to react and respond effectively. Furthermore, as AI and ML technology evolves and used by bad actors, these awareness campaigns can help people spot deepfake signs and address them adequately.

Last but not least, training campaigns educate people on regulations, requirements, and standards, covering data protection and handling sensitive payment information. To that end and taking into account that businesses and organizations need to be compliant with numerous security regulations, cybersecurity awareness training provides HIPAA & HITECH, PCI DSS, and data protection training.

We can shape the cybersecurity future

The cybersecurity threat environment is continually evolving due to the ongoing migration to the cloud. The fast rise in endpoint devices, the expansion of IoT, businesses’ desire to go digital, and the altering workforce models. As we move into the Fourth Industrial Revolution, it would be a disaster to try to slow down the rate of change; instead, we must be fully aware of cyber risks and be able to better protect our assets. In other words, what we have to do is to manage human risk in the most competent manner.

Eventually, knowledge sharing through cybersecurity awareness training will lead employees to a high alert state, and professionals to become more innovative and effective in security. Doing so, businesses will be put ahead of the threats, and future risks – no matter if they are called ransomware, deepfake, or social engineering attacks – will hit on a robust human firewall of cybersecurity awareness.

Inspired eLearning highlights: “As employers, employees, and the general public learn to speak the cybersecurity language, staggering figures like 95% user-error will diminish and companies will have a safer road to walk going forward”. Ultimately, our cyber secure future is a matter of personal accountability and proper human risk management.

About the Author: Christos Flessas is a Communications and Information Systems Engineer with more than 30 years of experience as an Officer of the Hellenic Air Force (HAF). He is an accredited NATO tactical evaluator in the Communication and Information Systems (CIS) area and the National Representative (NatRep) at Signal Intelligence CIS and at Navigation Warfare (NavWar) Wrking Groups. Christos holds an MSc in Guided Weapon Systems from Cranfield University, UK. He has also attended numerous online courses such as the Palo Alto Networks Academy Cybersecurity Foundation course. His experience covers a wide range of assignments including radar maintenance engineer, software developer for airborne radars, IT systems manager and Project Manager implementing major armament contracts.

Christos is intrigued by new challenges, open minded, and excited for exploring the impact of cybersecurity on industrial, critical infrastructure, telecommunications, financial, aviation, and maritime sectors. He is also a writer for Bora.

The post Cybersecurity awareness: Train your employees and reduce cyber threats appeared first on IT Security Guru.

Since 2014, the US government has suffered 822 breaches affecting nearly 175 million records. Based on the average cost per breached record (as reported by IBM each year), Comparitech estimate these breaches have cost government entities over $26 billion from 2014 to October 2022.

In 2018 and 2019, the number of government breaches hit an all-time high with 116 and 118 breaches respectively. In 2020, breaches decreased to 107 before increasing again to 116 in 2021. So far this year, there have been 61 data breaches affecting 2.9 million people.

The amount of records affected during these data breaches has reduced significantly in the last few years. 2018 saw a colossal 83 million breached records. They mainly stemmed from one breach on the US Postal Service, affecting 60 million records. In 2019, this figure dropped to 1.4 million before hovering around the 3 million mark for the next three years.

Over the last four years, the average number of records involved per government data breach has increased. From 17,400 in 2019 to 42,097 in 2020 and 40,440 in 2021, the average number of records affected per breach in 2022 currently stands at 71,534. While the frequency of attacks may have declined, the impact of individual attacks has increased. The true extent of breaches often isn’t felt for months, if not years, so the average number of records affected per breach for this year could increase even further yet

Key findings include: 

From 2014 to October 2022:

• 822 government entities suffered data breaches
• 174,963,934 records were affected because of these breaches
• The cost of these affected records was $26 billion
• 2019 was the biggest year for breaches with 118 in total, followed closely by 2018 and 2021–both with 116
• 2018 had the highest number of records affected– 83,293,815 in total
• California had the most breaches overall (108) and the District of Columbia had the highest number of records affected overall (91.2 million). DC’s vast number of affected records stems from many government offices being based here
• The most common type of breach was hacking with 256 breaches. Those involving inadvertent disclosure were the second-largest breach type with 192 breaches
• Cities/towns were the most-affected government entity type from 2019 to Oct 2022 with 124 breached, while counties were breached 56 times during the same time period

From the start of 2014 to October 2022, data breaches have approximately cost US government organisations over $26 billion.

While this figure sounds relatively high for these 822 data breaches, the true costs are likely much higher. This is not just because of all of the other costs involved in a data breach (e.g. recovery costs and ransom payments) but because some figures are unavailable for the number of records involved in these breaches.

The post Can you trust the US Government with your data? appeared first on IT Security Guru.

Usually, any profit-making business is constantly exposed to several risks that can cause massive losses or total collapse of the organization. To protect themselves, it is paramount that businesses can identify the risk that can wipe out the organization’s income.

Some of the risks that pose a serious threat to the continuity of a business are a risk to the business premises caused by fires, technological risks, strategic risks, and prohibited substance use.

Typical Security And Safety Risks For A Business

There is a wide selection of prospective risks that may hinder business operations. Some of these risks have the potential to ruin the enterprise completely, and others may cause massive losses to the business. Examples of the most frequent safety and security risks in an organization are:

Physical Business Risks: The most obvious physical threats to a business include the perils that may befall the building, such as fires or explosions. You can lower the risk of loss of lives and assets by ensuring that the building has effective smoke detectors, fire alarms, and functional sprinkler systems. It is also important that all staffs and management know that their safety is a top priority as the location of the exit points of the building.

Risks Caused By Human Actions: A frequent business risk is employees’ use of drugs and alcohol during working hours. Members of staff or the management staff struggling with alcohol and/or drug abuse need to be encouraged to go for treatment. In addition, if possible, the business insurance policies can meet the total or partial treatment for the employee.

Theft, fraud, and embezzlement are other frequent risks caused by human actions: To prevent such risks, the company must conduct background research before hiring a new employee.

Technological Risks: Most technological risk is caused by power outages. For example, a power surge in a lightning storm may cause a total loss of important business information. To safeguard a business from data loss, the business proprietor should invest in an online data backup system to preserve crucial information.

Many business analysts insist on maintaining business performance, getting better leads, and improving customer service, which benefits the business. However, it is also quite important to invest enough in business security systems – this, too, is a fundamental part of the discussion. We must analyze how well we safeguard our businesses from theft, hackers, and other malicious activity. Unfortunately, this is an area that is still unaddressed.

For example, a recent survey showed that 78% of people said they knew of the potential risks of opening unknown links in their emails but still went ahead and clicked them nonetheless. This is where XDR can help to protect your business. Certainly, a need must be met to protect and improve our businesses’ security systems.

Everyone Must Play Their Role In Securing The Business

Creating the right working culture around your business’ security processes can protect your business from malicious and fraudulent activities. Precisely, it is best if the security clearance happens in all hierarchical levels of the business. In addition, ensure your staff members are knowledgeable about the frequent security threats affecting the business and how they can be nullified.

Most security breaches happen because the employees have become complacent, hence vulnerable to an attack. For this reason, encourage employees to participate in regular meetings and workshops that seek to help the employees remain cautious of potential security threats. Other than laying out the perfect strategy and technology, all employees must play an active role in keeping the business secure.

Invest In Quality Security Systems And Work With Experts Only

Businesses and company proprietors often make the mistake of handling all the security procedures by themselves. However, purchasing security systems or collaborating with experts is better to help you develop solid security solutions. Allowing a security expert to handle the security needs of your business gives you extra time to focus on running everyday business operations.

In addition, only buy robust and the latest security software and install them on all computers, whether at home or the workplace. After installing the software, you can relax and allow it to protect your business comprehensively. Avoid skimping through security solutions to ensure your business is always safe.

For example, finding a number of free, decent antivirus and other security programs is easy. Still, they may need to be stronger to safeguard your organization from security risks. Ensure you conduct sufficient research before you buy any security solution for your business – sometimes, a lowly-priced product may not necessarily be the best alternative.

Plan Broadly

We might live during the internet age, but it is no indication that all solutions should be limited to internet security. Many security levels are needed for a business organization to thrive.

For instance, a successful business will require a combination of strong security software programs and dependable physical security systems for the entire business. This is because many risks found online are also present in traditional business processes and networks. For this reason, ensure the business premises are always safe.

It is best to cultivate a culture of securing the business at the hiring stage of the employees. This means that, when looking for the right employees, ensure you recruit trustworthy employees only.

Develop The Supporting Workplace Policies

Policy formulation on security systems and procedures lies at the heart of maintaining a safe and secure workplace environment. It is a bad idea to leave security concerns to be handled by an individual. Instead, the most secure systems are implemented extensively using specific policies, profiles and guidelines.

Having all employees tied to the same policies ensure the entire business can forge a unified response to security threats. Many times, security at the workplace is a rather worrying subject. Everybody is worried that something might not go according to plan or that the business might need not be fully prepared to deal with the threat. However, we such tips, the organization can safeguard itself to thrive.

The post The Best Strategies To Keep Your Business Safe Online appeared first on IT Security Guru.

Barrier Networks, a Cybersecurity Managed Service Provider, has announced it has entered into a new partnership with Zurich Resilience Solutions, part of Zurich UK, to help businesses improve their cyber resilience.

Zurich Resilience Solutions (ZRS) provides underwriting assurance to underwriters to help them better understand cyber risk and exposures of client environments, as well as cyber risk and resilience advisory services to clients to improve cyber resilience. Barrier compliments ZRS internal cyber risk advisory services, offering technical expertise and services including penetration testing, managed cybersecurity services, assessment and consulting.

The partnership will not only focus on enterprise security, but it will also cater to organisations running Operational Technology in critical industrial environments. These organisations have come under increased threat from cybercrime recently, and Barrier Networks and Zurich will help meet these needs by helping them reduce the risk of data breaches that could be caused by unidentified cybersecurity issues.

“We are delighted to be working with such an established cyber insurance player as Zurich. Cybersecurity is an enormous task for most businesses and very few have the resources to manage it alone. Our partnership will help organisations overcome this challenge as we help them improve their security and tackle key issues to meet critical cyber insurance requirements. No organisation can gamble with their cyber defences today, and through our partnership we will be arming more businesses with the skills and expertise they need to stay secure,” said Ian McGowan, Managing Director of Barrier Networks.

Arunava Banerjee, Cyber Risk Consulting Lead, Zurich Resilience Solutions, said: “This partnership will further strengthen the suite of cyber risk advisory services we offer to customers.  Cyber risk is a critical threat facing companies of all sizes. By strengthening their cyber defences, we can help businesses to both reduce their exposure to attacks and better navigate the present hard market for insurance cover.”

The post Zurich and Barrier Networks partner to Offer Enterprise Cyber Risk Assessments appeared first on IT Security Guru.

Last night, the winners of this year’s Most Inspiring Women in Cyber Awards were revealed during a glittering ceremony at the BT Tower in London. Organised by Eskenzi PR and sponsored by Beazley, BT, KPMG and KnowBe4, the awards celebrated the accomplishments of twenty of the most inspirational women across the globe working in IT and encouraging more women into the industry. Five other “Ones to Watch” were chosen to represent women new to the industry who are making big strides towards gender equality in a typically male-dominated sector. 

The full list of winners includes: 

• Dr Hadis Karimipour, University of Calgary 
• Dr Ana Ferreira, Center for Health Technology Services and Research 
• Camellia Chan, FLEXXON 
• Hope Chauland, Microsoft, UK 
• Dr Kiri Addison, Mimecast 

• Caroline Rivett, KPMG 
• Wendy Nather, Duo Security (Cisco) 
• Carole Embling, Metro Bank 
• Camilla Currin, Trend Micro 
• Lena Smart, MongoDB 

• Dasha Diaz, itrainsec 
• Nadia Kadhim, NAQ Cyber 
• Kristina Balaam, Lookout 
• Patricia de Villa, Union Digital Bank 
• Lynn Studd, BT 

• Paula Page, CCL Solutions Group 
• Sydonie Williams, Beazley 
• Samantha Humphries, Exabeam 
• Zoë Rose, Canon Europe 
• Suparna Roy, TATA Advanced Systems 

Ones to watch:  

• Tamzin Greenfield, University of Gloucestershire & Cyber Security Associates 
• Alice Conibere, Secure Impact 
• Seònaid Lafferty, University of Manchester  
• Charlotte Hooper, The Cyber Helpline 
• Illyana Mullins, hub8 

Following the awards ceremony, attendees were treated to a panel discussion chaired by lead organiser of the event and co-founder of Eskenzi PR, Yvonne Eskenzi, who was joined by Lydia Kostopoulos, SVP emerging tech insights at KnowBe4, Lynn Studd, director of BT’s Global Secure Solutions, Caroline Rivett, Cyber Partner leading the security and privacy team in Life Sciences at KPMG and Sydonie Williams, Focus Group Leader of Cyber Risks for Rest of the World at Beazley. They delved into topics covering how the panellists entered the cybersecurity industry, who has helped them in their career journey and who they have helped, to tackling the issues of mental health and neurodiversity. 

“It was fantastic to be in the company of many remarkable women, while marvelling at the 360 ° views of London at the BT Tower this year. I am always taken aback by how talented the women in our industry are, but also how generous they are, taking the time to empower other minority groups taking the leap to cybersecurity,” said Yvonne Eskenzi, Director and Co-Founder of Eskenzi PR & Marketing. “There’s no question that every nominee and winner deserved to be recognised. Congratulations all!” 

Thank you to everyone who attended physically and online – this event would be nothing without your involvement and amazing work in this industry. If your company would like to get involved as a sponsor next year, please feel free to email awards@eskenzipr.com 

For more information on the event, visit: https://www.itsecurityguru.org/most-inspiring-women-cyber-2022/

The post Most Inspiring Women in Cyber: This Year’s Top 20 appeared first on IT Security Guru.

As the cyber skills gap widens to record new levels, disruptive cybersecurity training and upskilling platform, Hack The Box (HTB), has announced its annual global University ‘Capture the Flag’ (CTF) competition that will take place from 2^{nd –} 4^th December 2022.   

This year’s event, which is open to students and academics at higher education institutions worldwide, is designed to inspire and prepare a new generation of security professionals to join the fight against cybercrime, at a time when they are most needed with the global talent shortage standing at 3.4 million.¹ 

With attacks spiking 28% in the last quarter of 2022 alone², and cybercrime predicted to cost the global economy $10.5 trillion³ by 2025, students taking part will learn only the latest practical hacking skills needed to combat the ever-growing and evolving volume of sophisticated threats. Higher education professionals will also be introduced to innovative and effective new methods of gamified and hands-on teaching.  

HTB’s University CTF will see students across the globe face over 20 sophisticated cyber challenges, testing their skills in Cloud, Crypto, Pwn, Web, Forensics and more. This year’s challenges replicate the latest attack scenarios and cybercriminal techniques, helping to ensure students of all levels are prepared for a career in modern day cybersecurity.  

This year’s CTF aims to shine a light on cyberbullying and create an inclusive space where students all over the world can gain access to the latest skills and networks but also learn in an interactive, enjoyable and safe environment. Titled ‘Supernatural Hacks’ this year’s CTF focuses on helping students to interact safely online and build their digital citizenship, all whilst teams work together in a fictional wizarding world to defeat cybers darkest villains. Proceeds from the competition are being donated to Cybersmile, a multi-award- winning nonprofit organisation committed to digital wellbeing and tackling all forms of abuse and bullying online.  

Haris Pylarinos, CEO and co-founder of Hack The Box, says: “Universities are the breeding ground for the next generation of cyber professionals, and its critical students have experience tackling real world threats. The massive rise in the volume and sophistication of cyberattacks, means demand for new skills is booming and the old ways are no longer working.” 

“CTFs are a highly effective way to learn hands-on cyber skills through fun, gamified content. We’re seeing students join to not only sharpen their skills but also network with like-minded peers looking to enter a career in cyber. The competition is also an opportunity for academics and universities to learn new teaching methods that promote a ‘hacking mindset’ approach, needed to match the current threat landscape.” 

Haris continues “The game has changed in cyber. Arbitrary degree and qualification hiring criteria needs to be phased out and businesses must prioritise practical-based skills and training experience. This will help cut the red tape holding back an untapped pool of highly skilled cyber talent waiting in the wings. 

Meanwhile, for younger generations increasingly looking for professions with purpose, hacking presents not only lucrative career prospects but an opportunity to do meaningful work stopping cybercriminal online – protecting businesses, governments, hospitals, schools and individuals from dangerous real-life threats. We’re excited to continue preparing the hackers of the future.” 

Last year’s University CTF winners included players from some of the biggest universities and schools in the world, University of Warwick, Hasso-Plattner Institute and 42 Paris. With more students looking to upskill themselves than ever,  HTB University CTF has also seen a 191% increase in participation from 2021 to 2021, with 2022 set to see record levels of participants.  

Teams, consisting of 1- 20 players, can enter the CTF from anywhere. All skill levels are welcome with challenge categories ranging from ‘Beginner to Hard’. The CTF style will be Jeopardy and FullPwn. As well as cash, swag prizes, and certificates of attendance can be earned for taking part

Hack The Box’s University CTF is sponsored by EY.  

Registration closes on 30^th November, sign up here. 

1. (ISC)2 Cyber Security Workforce Study
2. Check Point Research: Third quarter of 2022 reveals increase in cyberattacks
3. Cyber Security Ventures: Cybercrime To Cost The World $10.5 Trillion Annually By 2025

The post Hack The Box launches its annual University CTF to inspire the next generation of security professionals to take the fight against cybercriminals appeared first on IT Security Guru.

Leading IT solutions provider, CGI, brought its Cyber Escape experience to Lincoln as a part of a UK-wide tour. The escape room-style experience allowed staff, students, and local organisations to learn about online security risks in a fun and interactive way.

CGI’s Cyber Escape was hosted at the University of Lincoln, where staff and students were invited to visit the experience and put their knowledge to the test in a simulated “real-life” setting.  Teams from the Lincolnshire Community Health Services NHS Trust, Lincoln City Foundation and Ministry of Defence also joined throughout the week to explore. Attendees teamed up to beat the hacker and learn about cyber security risks and how to avoid them.

The experience is built within a shipping container and enables small groups to participate in a short “escape”. Teams must work together to uncover clues, solve puzzles, and accomplish cyber-related tasks to escape successfully in the time allowed. The experience allows users to test their cyber skills to see if they have what it takes to stay safe in our digital world. Participants learn critical skills in a simulated real-world setting through interactive activities, much like other escape rooms. Alongside this hands-on learning experience, CGI offered University of Lincoln students the opportunity to also join a talk, focused on Agile and hybrid ways of working in Space, Defence and Intelligence. It offered them a chance to learn from professionals and openly discuss the opportunities open to them for future graduate employment routes.

Donna Kelly for CGI in the UK said: “Cyber security is vitally important for individuals, companies, educational establishments, and our communities alike. We all spend much of our personal and professional lives online, and it is imperative everyone knows how to practice safe cyber techniques and can continue honing their existing skills. We were pleased to share the experience with the University of Lincoln, Lincolnshire Community Health Services NHS Trust, Lincoln City Foundation, and other organisations who attended. We look forward to continuing our engagement in the region after our involvement in the recent half-marathon and work with the Lincoln City Foundation.”

Yvonne James, Senior Lecturer in Computer Science (Cyber) & Programme Leader Cyber Security and Computer Networking from the University of Lincoln, said: “We were excited to bring this experience and the opportunity to discuss career routes to our students. They were able to learn the real-world implications of cybersecurity, the vulnerabilities people experience in a day-to-day situation, and receive exposure to career opportunities after university.”

The Cyber Escape experience was developed by CGI’s UK Cyber Security practice to train, educate and engage with businesses to help them better understand cyber security risks, complement any existing security awareness training, and increase knowledge of how to reduce the impact of a cyber-attack in a unique way. In conjunction with the organisation’s STEM@CGI team, it has tailored the experience for young people too, as they face evolving cyber threats and challenges online.

CGI’s Cyber Escape will be transported around the country to different locations for students and staff to participate in their cyber adventure, or arrangements may be made to visit the experience at a CGI location.

To find out more about CGI’s Cyber Escape experience and how you can get involved, visit: https://www.cgi.com/uk/cyberescape

The post CGI’s Cyber Escape Experience visits Lincoln appeared first on IT Security Guru.