Code Red: Hospitals Are Facing a Major Ransomware Threat

As the U.S. healthcare system struggles to cope with the COVID-19 pandemic, it has been fighting another major battle – ransomware. Nearly half (48%) of hospitals, according to a new study, have had to disconnect their networks in the past six months because of ransomware.

Midsize hospitals are especially at risk, according to the study, Perspectives in Healthcare Security, conducted by Ipsos for CyberMDX and Philips. It found that while large hospitals reported an average shutdown of 6.2 hours at a cost of $21,500 per hour, midsize hospitals averaged nearly 10 hours at a cost of $45,700 per hour.

The study, which polled 130 IT and cybersecurity hospital executives, found that despite being in the crosshairs of ransomware attackers, hospitals are not prioritizing cybersecurity as much as they should. “More than 60% of hospital IT teams have ‘other’ spending priorities and less than 11% say cybersecurity is a high priority spend,” the study found.

Furthermore, inadequate protection against vulnerabilities such as WannaCry, NotPetya and BlueKeep is all too common. More than half of respondents (52%) said their hospitals have no protection against the Bluekeep vulnerability, and the number was higher for WannaCry (64%) and NotPetya (75%).

“With new threat vectors emerging every day, healthcare organizations are facing an unprecedented level of challenges to their security,” said CyberMDX CEO Azi Cohen. “Hospitals have a lot at stake — from revenue loss to reputational damage, and most importantly patient safety.”

A big problem for hospitals is lack of cybersecurity automation, the report says, noting “that 65% of IT teams in hospitals rely on manual methods for inventory calculations with 7% still in full manual mode. In addition, 15% of respondents from midsize hospitals and 13% from large hospitals admitted they have no way to determine the number of active or inactive devices within their networks.”

Attacks on the Rise

Ransomware has been a prominent story through 2021. Attacks increased by 93% in the first half of the year, compared to 2020, targeting various industries. An attack against the Colonial Pipeline in May caused fuel shortages and gas station lines harkening back to the 1970s.

According to ComputerWeekly, “the surge in attacks has been fuelled by the rise of the ‘triple extortion’ ransomware technique whereby attackers, in addition to stealing sensitive data from organizations and threatening to release it publicly unless a payment is made, are also targeting the organization’s customers, vendors or business partners.”

Preventative (Ransomware) Care

In addition to applying good cybersecurity practices, such as user training, risk assessments, frequent data backups and access restriction, healthcare organizations need to build strong teams with updated cybersecurity skills to build effective cyber defenses.

Although hospitals don't necessarily need a large cybersecurity team, it's essential to have qualified professionals on staff to improve the organization's cybersecurity posture, protecting life-saving medical equipment and patient and employee data from ransomware. One way to ensure you have a cyber-forward-thinking professional onboard is to hire an HCISPP certified professional or support the career development of an existing staff member who wants to pursue the HCISPP. 

(ISC)² offers the HCISPP certification for the specific needs of cybersecurity professionals in healthcare and is the only certification that combines cybersecurity skills with privacy best practices and techniques. More information about (ISC)² certifications is available here.

In June, the (ISC)² blog dedicated a full week to ransomware awareness (#RansomwareWeek), posting a number of blogs about the topic. In addition, (ISC)² offered a course, “Ransomware: Identify, Protect, Detect, Recover,” free of charge to the public through July 31, and more than 7,500 professionals took advantage of the opportunity. Keep checking our website for more information on ransomware developments and how to strengthen your defenses against this threat.

The post Code Red: Hospitals Are Facing a Major Ransomware Threat appeared first on Cybersecurity Insiders.

August 31, 2021 at 09:09PM

Read More

UK Information Commissioner pronounced £42 million worth penalties on companies

UK’s Information Commissioner Office(ICO) has disclosed that it has slapped multiple penalties on companies that failed to protect the information of its customers from data breaches last year. And estimates are in that the amount could total around £42 million that includes the £20m penalty slapped on British Airways and Marriott Hotel Chain.

According to a research carried out by law firm RPC, the British ICO pronounced similar penalties amounting to just £2.5m in 2019.

RPC report released on August 27th,2021 states that British Airways had to initially face a penalty of £183m for failing to protect the information such as named, phone numbers, email addresses, credit card details, their expiry dates, and CVV codes of its 500,000(appx) customers in 2018- as per the May 2018 GDPR rules. However, the data watchdog reduced the fine to a double digit figure in early 2020 as the British Airways was severely hit by Corona Virus pandemic started global shutdown of air travel.

Similarly, ICO also slapped a fine of £18.4m on Marriott hotels last year as it failed to protect data of its 339m customers as hackers accessed sensitive info of guests and that includes over 7m guests from UK.

So, where does the money go?

ICO pronounced penalties when paid go directly to the British Treasury and based on some evidential circumstances, the money from the penalty may also be divided as compensation among breach affected victims.

The post UK Information Commissioner pronounced £42 million worth penalties on companies appeared first on Cybersecurity Insiders.

August 31, 2021 at 09:07PM

Read More

How secure is Apple iPhone 13 Satellite Connectivity

Apple Inc has made it official that it is going to launch its flagship iPhone 13 in September second week this year and an official statement from the technology giant reveals that the device is going to get an additional feature as Satellite Connectivity support.

What that means is that iPhone device users who are in a region where there are no 4G or 5G signals can use the service of Low Earth Orbit (LEO) communication satellites to make calls or to send messages.

According to MacRumors, a blog that is being used by most of the Apple iPhone users plus enthusiasts, the iPhone 13 will come with a specially customized Qualcomm X60 Band Chips can allow users to connect to the nearest low orbit satellites for communication- all possible through the tie-up of Apple Inc with Globalstar.

Therefore, in order to work in sync, network operators like AT&T or Verizon should develop a tech that can work in tandem with Globalstar for offering a global communication framework for iPhone 13 users.

Currently, Globalstar has over 46 LEO Satellite Communication systems in operation and might also come up with the technology of developing a satellite communication mode that can also process iMessages and Facetime calls.

To support the mode of communication technology, Tesla Chief Elon Musk’s baby project SpaceX might also come up with a significant main stream tally of more that 500,000 Starlink Satellites that can be used by iPhone users by 2022-23

Now coming to the point how safe and secure will the satellite communication of iPhone 13 will be…?

Well, as of now, the technology giant has to clear many issues on this subject-line and our Cybersecurity Insiders will try its best to first report the details as soon as they are officially available to us.

Note- What if the device falls into the hands of anti-social elements as it will offer a secure mode of satellite communication that can bypass all regional privacy laws and will easily become a threat to national integrity…..isn’t it?

The post How secure is Apple iPhone 13 Satellite Connectivity appeared first on Cybersecurity Insiders.

August 31, 2021 at 10:26AM

Read More

Cyber Threat to Glasgow COP26

UN Climate Change Conference, shortly known as COP26, scheduled to be held in between November 1st, 2021 to November 12th, 2021 at Glasgow, Scotland and an alert issued by the Sunday Mail says that the conference that is to be attended by many supreme world leaders including United States Joe Biden and Russian President Vladimir Putin, is likely to be targeted by a sophisticated cyber attack.

According to a twitter report citing The Sunday Mail as the reporting source, Glasgow’s underground and train network might be targeted by some state funded actors who are working with an ambition to disrupt the conference and entire national infrastructure.

Glasgow’s Police authorities expect around 196 leaders from the world along with 30,000 delegates to likely attend the 12 day climate change summit and so large IT companies and government bodies that are going to serve the Summit were put on high alert by the Scottish Business Resilience Centre from Friday last week.

Highly placed sources say that a special task force has been set up and its work will be to review the Cybersecurity measures to be taken to protect the digital infrastructure of the public and private entities operating in the entire region of Scotland.

Scotland Government is also intending to assign the task force digitally securing the 12 days COP26 conference on all aspects and that includes the entire computer network of Strathclyde Passenger Transport (SPT) as well.

Note- COP26 aka the 26th Conference of the Parties in the United Nations Framework is a gathering meant to discuss issues related to climate change and was scheduled to be held at the SEC Centre, Glasgow, for every 5 years- as per the Paris Agreement. However, because of the COVID-19 pandemic, Scotland held the conference in November this year, instead of the same time last year.

The post Cyber Threat to Glasgow COP26 appeared first on Cybersecurity Insiders.

August 31, 2021 at 10:24AM

Read More

Details about Microsoft Azure Cosmos DB vulnerability

Customers using Microsoft Azure cloud platform for their application needs are being warned against a new vulnerability that has been discovered recently by a security company named WIZ. The Cybersecurity firm has named the Cosmos DB vulnerability as ChaosDB vulnerability and warned that the flaw could have exposed content related to thousands of Azure clients to date.

Fortune 500 companies, such as T-Mobile and Coca-Cola, use CosmosDB platform to store vast amounts of data in real time. And Jupyter Notebook feature on the said platform allowed customers to visualize their data if/when configured.

Although the feature was optionally active from 2019, it was made mandatory for all Cosmos DB customers from Feb this year.

WIZ says that there is a susceptibility in the Jupyter (Jupiter) Notebook feature that could allow hackers to remotely download, delete, manipulate enormous amounts of data.

Microsoft received an alert from Wiz about the vulnerability last week, and its engineers worked on the issue and disabled the notebook feature to counter the susceptibility.

What’s concerning about this issue is that there is a high possibility that some hacker/s could have exploited the vulnerability long ago and could have accessed the stored data of clients from the database.

In the meantime, reports are in that Microsoft CEO Satya Nadella was the first tech executive to promise an increase in spending on cybersecurity over the next 5 years.

While speaking at the White House Cybersecurity Summit, Mr. Nadella assured that his company will do everything to save the national infrastructure from state funded cyber attack such as the one witnessed in Solarwinds hack, Colonial Pipeline Ransomware Attack, Kaseya Ransomware Attack 2021 and JBS Meat Attack.

The post Details about Microsoft Azure Cosmos DB vulnerability appeared first on Cybersecurity Insiders.

August 30, 2021 at 08:41PM

Read More

Drilling Rigs in deepwater are vulnerable to Cyber Attacks

A study conducted by a cybersecurity firm named Naval Dome has discovered that most of the drilling rigs operating in deep waters are vulnerable to cyber attacks. Naval Dome researchers found in their two-year-old study that various companies involved in oil business were mitigating cyber risks with great care. However, most of them were ill prepared and were in a mood to mitigate risks only when their IT infrastructure was targeted and not proactive.

Project findings show the companies cannot mitigate sophisticated risks, as they were lacking the right platforms to tackle the latest cyber attack methodologies.

This was found when Naval Dome installed its Endpoint Cybersecurity Solution in one of the oil rigs operated in the Gulf of Mexico and found that most companies including the one on testing were found to be lacking the basic guidelines, regulations and security tactics to mitigate the risks of the current day.

Naval Dome disclosed its findings in a research paper presented at the Offshore Technology Conference in Houston last week. And most of the attendees agreed that almost all companies operating in the oil and petroleum sector were having shortfalls for facing the real challenges.

So, what do the CTOs and CIOs of such deepwater rigs suggest then?

Well, most of the attendees of the Houston conference agreed that if the budget constraint factor is removed for them, then they can come up with remote monitoring and autonomous control techniques that can help the rig infrastructure from being hit by sophisticated cyber attacks.

Security researchers from Naval Dome suggested that during their testing phase, the rig operational infrastructure was simulated and penetrated with software only to access the defense capabilities of workstations, operational infrastructure, and production machines.

The malware thwarting capabilities were also tested by allowing a white hat hacker to inject a malicious software containing 3 zero day flaws into the network through an USB stick.

As all the attacks were carried out internally and in a controlled manner, no rig faced any kind of digital disruption in its operations while the testing phase was being carried out.

Finally, the researchers found out that the infrastructure needed a more advanced purpose built solution to better protect offshore platforms from getting exposed to external or internal cyber attacks.

Naval Dome researchers recommend that by installing up-to-date software and hardware security solutions, keeping skillful staff on board, and an overall note going with an IT centric approach while operating the drilling rig systems can pave way for a cyber resilient environment.

The post Drilling Rigs in deepwater are vulnerable to Cyber Attacks appeared first on Cybersecurity Insiders.

August 30, 2021 at 11:14AM

Read More

Boston Public Library hit by Cyber Attack

Boston Public Library (BPL) branches based in Massachusetts have been witnessing a digital disruption since Wednesday last week, all because of a cyber attack. And sources say that they are using pen and paper to keep the administrative tasks operational.

The IT staff of the BPL is unsure when the services will be brought back to normalcy, as the recovery work might prove time-consuming and is underway.

Natasha Fee, the spokeswoman for BPL Computer Network, has confirmed the news and stated that the library operations will remain operational on a physical note.

Prima facie has revealed that the incident could be of Ransomware genre as most of the affected systems are locked down from access and an official conformation is awaited!

Note- Founded in 1848, the Boston Public Library, also called the Library for the Commonwealth, is open to all local public and is being run by state funding. Populace living in the district can access over 24 million books and are also entitled to participate in over 10,000 programs. From the year 2007, BPL has been assigned with the service of free to use wireless internet across all of its 24 branches and from 2011 the premises were also holding pay-for-print services for local public. Students and those involved in research can borrow laptops for rent at any location for 2 hours, provided they hold a premium membership. Library card holders are also allowed to access e-book content on their mobiles, tablets and personal computers and can also access movies streaming services along with music files.

The post Boston Public Library hit by Cyber Attack appeared first on Cybersecurity Insiders.

August 30, 2021 at 11:11AM

Read More

Cybersecurity in Software Development: The Good Rules to Follow

IT security is the cornerstone in software development: it is essential to carry out an information security risk assessment and an impact assessment to ensure the privacy of sensitive data processed by the application in the project.

Cybersecurity must be the cornerstone of the software code development process. It is of fundamental importance to guarantee the safety requirements at every stage of its life cycle. From the embryonic stage of the project, it is necessary to undertake a path that has information security as its guiding thread.

According to this modus operandi, it is necessary to apply development rules and use professionals with specific skills. An information security risk assessment and an impact assessment are required to ensure the privacy of sensitive data processed by the application in the project.

Cybersecurity In Software Development: The Risks

In the development phase, attention to IT security is essential to minimize vulnerabilities related to possible programming errors, which can be exploited by the increasingly influential and constantly increasing cyber-attacks and affect the final product’s quality.

Protecting the code and data managed by the application under development and guaranteeing the IT security protection parameters ( integrity, confidentiality, and authentication ) must represent the main objectives of software security.

Cybersecurity In Software Development: The Phases

We will describe, below, the various phases of the software life cycle, according to a common denominator: guaranteeing the security requirements of the data, functions, and programming language.

These phases’ precise definition and organization constitutes a development model: the so-called software life cycle model. The model to which we will refer is for simplicity, a cascade model which, as the name suggests, is nothing more than a sequential succession in which, only after completing a phase, you move on to the next.

This does not prevent each phase from being revised to be eventually revised and corrected: in fact, some alternative models are less rigid than the one proposed to make the entire software production and management process more reliable.

Each phase must be verified and approved in compliance with specific guidelines consistent with the primary safety standards.

System Integration And Verification

This phase aims to assemble the product code, verify its actual compatibility, solve any interaction and security errors, and could not be considered conceptually distinct from the previous phase.

It is advisable to prepare a test plan with test cases and related acceptability criteria, simulating intrusions with various attack scenarios, keeping the test environment separate from the development one.

The objectives of the tests must allow for highlighting the degree of exposure of the software to known vulnerabilities and reviewing the source code for anomalies in the correct functioning of the security controls and operational specifications. Here are the best system integration services.

Delivery

In this phase, the system is distributed to users who verify its operation, identifying any anomalies or dissimilarities concerning the project specifications. To release the software in production, it is necessary to have passed an acceptance test to verify compliance with the functional and safety requirements, create system documentation, and plan user training.

Delivery takes place in two stages:

• Beta test: the system is distributed to a selected group of users to carry out tests in actual cases. The errors found should be corrected before the actual distribution of the product.
• Distribution: the software is permanently released to users. Errors found after this release are usually fixed in later versions or through appropriate corrective software.

Maintenance

This phase encompasses all the evolution of the system from delivery onwards. It, therefore, includes modifications and changes of various kinds. Furthermore, the maintenance phase, containing every activity that follows the delivery of the product, can account for well over half of the total costs of the entire life cycle.

Conclusions

The cost of correcting a vulnerability or error is higher later in the life cycle. For this reason, the safety requirements should be acquired and verified before development and production.

A planned test, verifying the completeness and consistency of the functions, the quality, the safety, and the functionality of the software, can help identify any anomalies when the cost for the correction does not significantly affect.

Even in the post-delivery phase (maintenance), periodic tests can be helpful. They can prevent the outcomes of any new vulnerabilities and/or attack techniques and monitor the application functionality following significant changes in the delivered product.

Fundamental to obtain a good result is to structure a project team by clearly defining roles and responsibilities such as the project manager, the security manager, programmers, systems engineers, testers, customers, suppliers, and end-users.

The post Cybersecurity in Software Development: The Good Rules to Follow appeared first on Cybersecurity Insiders.

August 28, 2021 at 10:08PM

Read More

CCSP vs. Cloud+: How Do They Stack Up?

As more organizations move their operations to the cloud for the benefits of improved efficiency, better scalability and faster deployment, a majority (96%) of cybersecurity professionals say they are concerned about public cloud security, according to the 2021 Cloud Security Report by Cybersecurity Insiders. It comes as no surprise, then, that spikes in demand for cybersecurity professionals specializing in cloud security span the globe.

For cybersecurity professionals, the incentives to pursue cloud certification are many — but so are the number of cloud cert options out there. To help narrow the pool, let’s look closely at two globally recognized, vendor-neutral choices: (ISC)² Certified Cloud Security Professional (CCSP) vs. CompTIA Cloud+.

One of the biggest distinctions among the two certifications is the emphasis on security. CCSP specifically focuses on cloud security, testing candidates’ skills and knowledge across six cloud security domains. Cloud+ takes more of a general view of the cloud that includes security as one of five domains covered.

CCSP validates your ability to design, manage and secure data, applications, and infrastructure in the cloud, while also following the best practices established by (ISC)². Cloud+ certification validates that you have the skills necessary to maintain and optimize cloud infrastructure services.

Read more in the full article.

The post CCSP vs. Cloud+: How Do They Stack Up? appeared first on Cybersecurity Insiders.

August 27, 2021 at 09:10PM

Read More

Important information about Ragnarok Ransomware and Hive Ransomware

Ragnarok Ransomware that was active since 2019 has made it official that it is going to shut its operations by this month’s end. The file encrypting malware group has also released a decryption key for zero cost to help victims clean up their databases.

Ragnarok aka Asnarok, released the decryption key on one of the affiliate websites of Europol’s NoMoreRansom portal and assured that they will release a clean version on the main website by the first week of September 2021.

Highly placed sources say that Ragnarok that also involved in double extortion tactics shut its doors because of the constant surveillance of the law enforcement agencies of west. In a month or so, a special task force linked to UK’s NCSC was about to track down the criminals to their headquarters. But fortunately(for them) the cyber criminals released a free decryption key and announced their group closure to avoid any legal troubles.

So, after REvil, Darkside, and Conti Ransomware groups, it is the time for Ragnarok to get itself tagged to the list of ransomware groups that have officially shut their operations in 2021.

Coming to Hive Ransomware, FBI has released an alert about the said file encrypting malware spreading group that targeted healthcare firm Memorial Health System last week.

FBI suggests that corporate and government sectors especially those operating in healthcare sector should be extra cautious as Hive Ransomware gang not only steals and encrypts data but also ends process related to backups and anti-malware and then releases a note on how to contact its sales team through TOR network,

Also, the gang spreading hive malware earlier used to give a payment deadline of 10-15 days. But now they are only offering a time frame of just 4 days after which the victim would lose access to their database forever, provided some negotiations are made with the hive ransomware group through proper channel.

The post Important information about Ragnarok Ransomware and Hive Ransomware appeared first on Cybersecurity Insiders.

August 27, 2021 at 08:40PM

Read More

UK new information security commissioner is John Edwards

United Kingdom has issued a press update on the appointment of its next information commissioner and reports are because it is going to be John Edwards, who’s currently serving as Privacy Commissioner for New Zealand since 2014.

Factually speaking, an Information Commissioner plays a vital role in regurgitating data flow between companies and their customers, respectively. It helps in protecting the rights of citizens and offers a plan to companies on what to do and what not to do when it comes to data collection and its security.

UK’s Information Commissioner’s Office (ICO) plays a vital role in regulating the GDPR and other data protection rights as per the Data Protection act of 2018. It acts as an independent body that acts on the NIS Directive, Freedom of Information Act, Network and Information Systems Regulation 2018 Act, and the Privacy and Electronic Communications Regulations, that keep a track of complaints related to spam mails and disturbing phone calls.

Edwards was appointed as a privacy commissioner of New Zealand in 2014 and will complete his second term in the said post on August 31st,2021. After appearing before MPs on the Digital, Culture, Media and Sport Select Committee for pre-appointment scrutiny on September 9th this year, he will take on the charge as an ICO from mid-September 2021.

Elizabeth Denham, who is serving as the present ICO, will resign from the post in a couple of days and is likely to take on a new designation by October end. She has well supported innovation in her tenure and won the trust of the public for data privacy and security.

The post UK new information security commissioner is John Edwards appeared first on Cybersecurity Insiders.

August 27, 2021 at 10:50AM

Read More

Mobile Security companies are lining up for protection against Pegasus Malware

As the Pegasus malware nuisance is slowly found politically gripping the entire world, companies offering security solutions to mobile users are getting busy in finding out a solution that helps protect against the infection repercussions caused by the Pegasus Malware.

Recently, Zimperium, a US based technology company, was assigned with the duty by Department of Defense and the responsibility was to deliver a comprehensive Mobile Protection against the said spying tool.

The Cybersecurity firm states it has already started protecting its government and enterprise customers from the evil intentions of those spreading Pegasus espionage software tool and this has been going on since 2016 or when the said malware was first detected.

Zimperium Mobile Threat Defense engine is driven by machine learning tools that help detect anomalous network behavior and cyber attacks in real-time. It has been designed in such a way that it can work on iOS, Chrome, and Android mobile operating systems and acts as an on-device solution, alerting the user against various threats and thwarts them to the core.

Currently, Zimperium has been assigned with an 8 digit contract to protect the mobile devices of US Department of Defense.

Security researchers from Lookout Software, SonicWall and Symnantec are also busy finding solution to block Pegasus Malware spread on mobiles and some have already come up with real-time solutions that help in keeping the said malicious software at bay.

Note- Pegasus software was developed by NSO group to covertly install and spy on the victimized mobile phone content. Initially, it was available to only governments conducting surveillance on criminals and some suspected nationals. But now, it seems to have fallen in to the wrong hands or some state funded actors who have exploited even the recent iOS version loaded iPhones, including those running on iOS 14. And they are found using it to collect sensitive details such as call records, messages, password collection, location tracking, and data harvest from banking apps installed on the victim device.

The post Mobile Security companies are lining up for protection against Pegasus Malware appeared first on Cybersecurity Insiders.

August 27, 2021 at 10:49AM

Read More

(ISC)² Security Congress 2021 is Now Fully Virtual

(ISC)² is transitioning this year’s Security Congress event from a hybrid experience to an entirely virtual one. Join us October 18-20 from your local workspace for more than 125 educational sessions and take advantage of the powerful collaboration you can only find at a conference of your peers who are dedicated to helping one another solve the challenges we all face. (ISC)² Security Congress 2021’s virtual experience will allow attendees to earn up to 20 live CPE credits immediately with the option to download a certificate upon session completion. Additional highlights and events include a 3-D exhibit hall, interactive gaming, virtual networking and more. 

  

Last year, Security Congress was presented entirely virtually to nearly 6,000 cybersecurity professionals across the globe. Our team is committed to providing all attendees, once again, with a world-class event.  

   

We encourage you to join us for a live webinar on Tuesday, August 31 at 1:00 p.m. ET. This Inside (ISC)² webinar will feature CEO Clar Rosso and Director of Events Megan Gavin discussing highlights of this year’s conference, as well as future plans for (ISC)² events.  

 

We are excited to see you virtually this October. READY to join us? Register now! 

The post (ISC)² Security Congress 2021 is Now Fully Virtual appeared first on Cybersecurity Insiders.

August 26, 2021 at 09:09PM

Read More

Cybersecurity tips for School and College students in 2021

As most of the students in United States are preparing to attend physical classes from September first week for the academic year 2021-2022, Sophos has issued some Cybersecurity tips for school and college students and those are follows-

Website encryption is must- Whether the student is attending physical or online classes, sending data online with encryption makes complete sense as it protects the information from falling into the hands of hackers, third parties and state funded actors who are always found snooping through espionage tools.

Creating a strong password – School and college system admins should make sure that they are giving safe login credentials to kids, as hackers are always on a prowl of weak passwords and sensitive data.

Be careful with website links- As students spend time online, they come across certain links in emails or chats that need to be clicked when in a safe zone. And it is better if students are educated on not to click on suspicious links sent by strangers to their email accounts as they can be laced with malware or espionage tools.

Sharing needs to be done cautiously- When kids, specially those below 12, are online, they tend to share anything and everything online. For instance, their private pictures, driving license details, trip photos, credit card info and such. Remember that such information share could lead to identity theft, where hackers can use the sensitive details that are shared online.

Social Media Security- Nowadays, every student, whether he/she is a kid or a grown up… say 12 years are maintaining a social media account. Actually, it is helping them know all the happenings in the world around them and is good for them to a certain extent. However, parents and teachers need to educate them on what to do and what not to do on the social media and also help them keep a tab of their account privacy settings to ensure what data is shared and with whom. For instance, FB visible to friends option and Twitter’s ‘Protected’ feature.

Using a VPN- Using a virtual private network for student communication helps in keeping hackers at bay as they cannot sniff passwords or steal information in a VPN driven communication.

Phishing emails- Students are prone to email phishing scams and so they need to be educated on such incidents happening in the cyberspace. As it helps them learn how cyber crooks can exploit this attack vector to trap victims.

Shut down- Whenever students are not using a mobile, tablet or PC, it is always safe to shut it or lock it down. As it prevents others from using the device and impersonate or retrieve data from it.

Using open Wi-Fi networks- It is a common practice for students to use open networks for accessing online service and this can allow criminals to sniff the data flowing to & fro.

Never share credentials or passwords- School authorities should offer a strict guideline to students that they should never share their email or online credentials with others like friends, elders or relatives.

Cloud services and data recovery- In case a device gets lost, school or college management should be able to use software services to lock down the device from operations and recover data on a simple note. It can be done with the use of cloud services where assignments, data, files and work schedules can be shared easily with just a click of a button and the student doesn’t need to bother about the data storage hiccups on his/her devices.

The post Cybersecurity tips for School and College students in 2021 appeared first on Cybersecurity Insiders.

August 26, 2021 at 08:50PM

Read More

Cyber Attack on Crypto Exchange brings $97 million loss to customers

Japan-based Cryptocurrency Exchange Company named ‘Liquid’ was reportedly hit by a cyber attack after which the cyber crooks managed to pull $97 million directly from the e-wallets of several customers.

Highly placed sources suspect a well known cyber criminal gang behind the attack and have launched a separate investigation that also includes security veterans from the law enforcement.

Currently, the officials are busy in tracking down the individual/gang behind the attack and are looking for ways to compensate the currency that was lost by the customers.

Liquid that allows buying, selling and trading of various crypto currencies has discovered from its probe that it could have lost $45 million in Ethereum, $22 million in BTC, some coins in XRP and other stable coins such as Tether.

Although the firm has kept the exact amount of steal under wraps, blockchain analytics firm Elliptic stated that the attack could have brought a loss ranging in between $80 to $97 million in total.

All deposits and withdrawals worth $16 million were temporarily suspended and have moved all its customer funds to cold wallets that are more secure and will remain so until the investigation on who stole the funds gets ended.

NOTE 1- In the year 2020, Japan amended its Payment Services Act (PSA) and Financial Instruments and Exchange Act (FIEA) that demands all crypto currency exchanging firms operating in its region to separate the money of its customers from the finances that are meant for company operations. Therefore, these exchange websites could maintain ‘Cold Wallets’ or outsource their e-wallet storage capabilities to third companies.

NOTE 2- Most companies in the said business are still found using ‘Hot Wallets’ that are strictly against the prevailing norms of the PSA & FIEA act.

The post Cyber Attack on Crypto Exchange brings $97 million loss to customers appeared first on Cybersecurity Insiders.

August 26, 2021 at 10:23AM

Read More

Australia passes new data privacy bill for criminals

Australian government has passed a new bill that allows the law enforcement agencies to spy on criminals and if necessary suspend or take over their online accounts on a permanent note.

Titled the Surveillance Legislation Amendment (Identity and Disrupt) bill, it will allow the Australian Federal Police (AFP) and Australian Criminal Intelligence Commission to get data disruption warrants to change, copy, add or delete data related to cyber criminals and suspects.

Security analysts say that such type of warrants allow the law enforcement obtain official permission from the Administrative Appeals Tribunal (AAT) to disrupt data and network activity of those found involved in crime and this includes distribution of child abuse content, terrorism, blasphemy content and those involved in cyber attack and related digital campaigns.

Early this week, the act was endorsed by the opposition and so was passed as an act by the Labor MP Andrew Giles. However, the amended act is restricted for acts conducted online and is not related to those using dark web, an anonymizing technology that is found to be encouraging criminals in developing and spread of crime.

Early this month, the act was put forward before the elected members of opposition and bureaucrats by the Parliamentary Joint Committee on Intelligence and Security (PJCIS) asking them to recommend any improvements to the newly amended act that might get implemented in 2024 after the review by the Independent National Security Legislation body.

Note- Kieran Pender, a Privacy Advocate representing Human Rights Law Centre, condemned the bill as highly intrusive, hindering the basic rights of the criminals.

The post Australia passes new data privacy bill for criminals appeared first on Cybersecurity Insiders.

August 26, 2021 at 10:21AM

Read More

Names of new ransomware groups that are on rise

All these days the government agencies and corporate networks were busy in combating known ransomware groups such as REvil, Conti, DarkSide, CLOP and Egregor along with Babuk, DopplePaymer and Ragnar.

Now, a report released by the security firm Palo Alto Networks has confirmed that the list needs to have 4 new names added to list and those are AvosLocker, Hive, Hello Kitty and LockBit 2.0.

Unit 42 Security Team of Palo Alto Networks says that its research has found a rise in the spread of 4 new ransomware packages that have a history of harassing some multinational companies from the west till date.

Going deep into the details, LockBit ransomware that existed since Sept’19 and has transformed into a new version dubbed 2.0 and has compromised over 52 organizations till date and that includes well-known professional services provider Accenture.

Coming to the point of those spreading Avoslocker ransomware, their ransom demands stand between $50k to $70k. And they only accept Monero cryptocurrency for the decryption key. Names of companies that were targeted by this new ransomware group are being held for reasons.

Third in the list is Hive Ransomware group that has been active since June 2021 and is seen mostly targeting healthcare related companies and the victim counts stands at 28.

Forth in the list that has newly emerged is Hello Kitty Ransomware, that first appeared Dec’2020 was only seen targeting Windows systems. Now, the situation has changed and Hello Kitty is seen targeting Linux systems that are largely used by multinational companies that operate large databases for processing enormous data sets for various projects.

Note- Doel Santos led the analytical team at Unit 42 of Palo Alto Networks on the project of finding new ransomware groups that are on the rise.

The post Names of new ransomware groups that are on rise appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:30PM

Read More

This feed has moved and will be deleted soon. Please update your subscription now.

The publisher is using a new address for their RSS feed. Please update your feed reader to use this new URL:

http://www.alienvault.com/site/blog-labs-rss-short

The post This feed has moved and will be deleted soon. Please update your subscription now. appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:10PM

Read More

Thinking about CAP or CISSP? Here’s How They Compare.

The Certified Authorization Professional (CAP) and Certified Information Systems Security Professional (CISSP) credentials. Both globally renowned certifications are held by experts deeply skilled and experienced in cybersecurity. What are the key distinctions you should consider if you’re weighing which one to pursue?

CAP-certified security professionals have proven their skills in effectively advocating for risk management solutions to authorize systems that will support an organization’s mission within regulatory-mandated requirements.

CISSP-certified professionals have been evaluated on their knowledge, skills, and ability to design, engineer, and manage an organization’s security posture.

While a CISSP-credentialed professional has strong general knowledge of one regulatory requirement over another, the CAP professional has a more in-depth understanding of each and how to meet or exceed requirements for an organization’s compliance. In a real-world scenario, based on a cost-benefit analysis and risk appetite, a CISSP professional may understand different methods to achieve an organization’s acceptable level of security – however, some of those methods may not be considered adequate in environments from a CAP expert’s point of view. And where does the Systems Security Certified Practitioner (SSCP) certification fit in?

Read More in the Full Article.

 

The post Thinking about CAP or CISSP? Here’s How They Compare. appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:10PM

Read More

Ransomware news headlines trending on Google

FBI has issued a fresh alert against the activities being carried out by a newly detected ransomware group dubbed OnePercent. The law enforcement agency says that the threat actors have been targeting companies since Nov’2020 by using the emulation software of Cobalt Strike.

In the latest discovery made by FBI, security analysts found that the OnePercent Ransomware group was compromised victims via phishing emails that were laced with malicious attachments such as Banking Trojans.

Once clicked and downloaded, the Banking Trojan downloads extra software onto the victims’ PC, including the red software of Cobalt Strike. Thereafter, OnePercent locks down the data and encrypts the network, after transmitting a portion of info to remote servers.

And if the victim denies paying a ransom, OnePercent threatens them of publishing the data to a ransomware group called REvil aka Sodinokibi.

In a second incident related to ransomware, the University Medical Center (UMC) based in Southern Nevada suspects that REvil ransomware gang might have entered its network last summer and might have stolen the data related to over 1,300,000 people.

Prima facie has revealed that the cyber crooks might have stolen info such as demographic data, clinical info history and financial data related to insurance numbers.

UMC stated that the network infiltration might have taken place for a day or so, but the hackers compromised some critical files on the network to demand $12 million.

Third, a ransomware attack targeting the third party servers leased by Indiana State Department of Health are reported to have compromised personal info related to over 750,000 Indiana residents.

Leaked or fraudulently accessed info includes names, addresses, email, gender, ethnicity, race, birth dates of the residents and excludes data such as medical and social security info.

As per the sources reporting to our Cybersecurity Insiders, the servers were targeted on July 2nd of this year and Indiana State Health department took all measures to contain the impact.

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.

August 25, 2021 at 11:04AM

Read More

Microsoft offers tips to secure Windows 365 Cloud PCs

Microsoft has issued some tips to protect those who are using Windows 365 Cloud PCs and here are some details-

1.) First, Microsoft is asking its Windows 365 Enterprise Customers to follow standard Win 10 practices that include admin privileges only to those eligible.

2.) It is also urging its 365 customers to download and install Microsoft Endpoint Manager and leverage Microsoft Defender to secure endpoints, including those PCs using cloud services.

3.) Using multifactor authentication (MFA) and user sign-in risk mitigation service is also being recommended.

Coming to the benefits offered to MS 365 customers, the list is as follows-

a.) Customers using Windows Pro are directly eligible to qualify for a discount price on all Windows 365 business plans.

b.) Also, these customers will not need any kind of licensing when they access Windows 10 Enterprise or Microsoft Enterprise Manager with Windows 365 Enterprise Edition.

Now to those who are busy finding the difference between Microsoft 365 Business and 365 Enterprise plan, here’s a piece of info that might interest you.

Basically, the difference in two plans is the number of users offered. Office 365 Business users can be shared up to 300 users, and Office 365 Enterprise usage can be shared with unlimited users.

Under certain conditions, Office 365 business users can share and mix with the enterprise plans as well. And those interested in using Office 365 plans for free, you can do so, if in case, you are a student, staff or faculty member. Just use your office email account and avail the service for free. And others can also avail the service for free till 28 calendar days.

The post Microsoft offers tips to secure Windows 365 Cloud PCs appeared first on Cybersecurity Insiders.

August 25, 2021 at 11:02AM

Read More

Five Steps to Get a Cybersecurity Job

Finding your first job in any field is often a challenge. But your first job in cybersecurity? With no previous experience? That may seem impossible, but it’s not.

According to the (ISC)² Cybersecurity Workforce Study 2020, the cybersecurity workforce needs to grow by 89% to effectively defend organizations’ critical assets; however, that doesn’t mean jobs are easy to find for all eager applicants. Organizations can often set their expectations unrealistically high, making it hard to fill these roles.

A cybersecurity hire doesn’t necessarily need to have previous experience to be the right fit for the position. There are many skills and personality traits that, when combined, create an excellent candidate for entry- or early career-level cybersecurity positions. Passion for learning, determination, critical thinking and non-technical skills are increasingly viewed as essential in this industry.

We spoke to cybersecurity experts who have been in your shoes and compiled feedback from them to create a five-step guide to help you find the right cybersecurity job for you.

1. Identify a Position That Interests You – The field of cybersecurity is broad and includes many different types of roles. Find the jobs that interest you the most and focus your job search.
2. Stay Current on the Cybersecurity Profession and Industry – Once you’ve selected your desired role as your objective, research the responsibilities associated with them and learn as much as you can through mentoring and courses, including free (ISC)² webinars.
3. Find the Right People to Help You — Use LinkedIn to connect with members of cybersecurity teams at organizations where you want to work or join virtual and local cybersecurity groups to build your network. These new connections may turn out to be great mentors and future advocates for you.
4. Demonstrate Your Relevant Transferrable Skills – You may have many relatable traits and non-technical skills such as analytical thinking, creativity, communications and project management that transfer well to a cybersecurity position. Be prepared to show how your past skills and experiences have prepared you for a cybersecurity career.
5. Show Them Your Passion – Professionals with perseverance, problem-solving skills and commitment to life-long learning are assets to cybersecurity teams. Prove you have the passion it takes to learn the job and that you are committed to the mission.

Check out the full plan, along with supporting information and resources, in “How to Get a Cybersecurity Job” and start down the cybersecurity career path.

Plus, connect with your peers on the free (ISC)² Community where you can find open cybersecurity jobs or ask mentoring questions on the career discussion board.

The post Five Steps to Get a Cybersecurity Job appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:10AM

Read More

deepwatch Achieves AWS Level 1 MSSP Competency Status and Lists in AWS Marketplace

DENVER–(BUSINESS WIRE)–AWS RE:INFORCE — deepwatch, a leader in advanced managed detection and response (MDR) security, today announced that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that deepwatch has successfully met AWS requirements for a baseline of managed security services to protect and monitor essential AWS resources, known as Level 1 Managed Security Services (MSS). This new baseline standard of quality for managed security services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security.

AWS launched the AWS Level 1 MSSP Competency and the AWS Marketplace MSSP Category to enable customers to easily acquire ongoing security monitoring and management, validated by AWS. AWS security experts annually validate the tools used and operational processes of each MSSP to address specific cloud security challenges such as continuous event monitoring, triaging, AWS service configuration best practices, and 24/7 incident response. The AWS Level 1 MSSP Competency provides a faster and easier experience for customers to select the right MSSP to help them achieve their goals for business risk and cloud strategy confidence.

Achieving the AWS Level 1 MSSP Competency differentiates deepwatch as an MSSP and AWS Partner Network member (APN) that has demonstrated relevant technical proficiency and proven customer success, delivering solutions seamlessly on AWS. To receive the designation, APN Partners must possess deep AWS expertise and undergo an assessment of the security, performance, and reliability of their solutions.

“deepwatch provides early threat detection and response together with tailored guidance from experts to help our customers mitigate risk and improve their security posture,” said Charlie Thomas, CEO of deepwatch. “We’re proud to achieve the AWS Level 1 MSSP Competency which underscores our cloud security expertise and the performance and efficacy of deepwatch’s MDR solutions on AWS.”

“AWS Level 1 MSSP Competency represents a new baseline standard of quality for managed security services to help organizations select the right partner to mitigate business risk and also advance their cloud strategies,” said Ryan Orsi, Global Security/MSSP Practice Team Lead, AWS. “We congratulate our partner deepwatch on their managed cloud security competence and distinction of Level 1 MSSP.”

AWS is enabling scalable, flexible, and cost-effective solutions for startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise.

deepwatch is qualified by AWS to provide the MSS solutions, security architecture, and guidance to meet the AWS Level 1 MSSP Competency requirements. The deepwatch platform leverages native AWS security services to deliver a fully provisioned, dedicated Amazon Virtual Private Cloud (Amazon VPC) for every customer. As an AWS Security Competency partner, deepwatch experts can engineer a customized AWS security solution for customers that is built to perform in existing environments and scale to meet evolving business requirements.

For more information, visit https://aws.amazon.com/marketplace/seller-profile?id=e21539cd-c547-4222-b156-651c746e5cb8.

About deepwatch

deepwatch helps secure the digital economy by protecting and defending enterprise networks, everywhere, every day. deepwatch leverages its highly automated cloud-based SOC platform backed by a world class team of experts who monitor, detect, and respond to threats on customers’ digital assets 24/7/365. deepwatch extends security teams and proactively improves cybersecurity posture via its Squad delivery and proprietary Security Maturity Model. Many of the world’s leading brands rely on deepwatch’s managed detection and response. Visit www.deepwatch.com.

The post deepwatch Achieves AWS Level 1 MSSP Competency Status and Lists in AWS Marketplace appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:09AM

Read More

InterGen Data, Inc. Chooses Phalanx Advanced Endpoint Security Platform to Secure Transmission of Data Files

PLANO, Texas–(BUSINESS WIRE)–InterGen Data, Inc. (InterGen) has selected Phalanx’s data security platform as a secure way for our clients to upload, transmit, receive, and test our proprietary predictive Life Stage Life Event Data “LSLE.” Each client environment is required to adhere to strict security policies ensuring that all the data will be safe, secure, and fully encrypted from end to end.

“We are very excited to implement Phalanx’s solution. Our prospective customers have been clamoring for an effective way to test our data in a timely manner. By utilizing their platform, we will be able to quickly set up access for any customer in as little as 30 minutes,” said Robert J. Kirk, Founder and CEO. “Once completed, we will be able to take an anonymized client data file, process it, and provide personalized insights almost immediately,” Kirk further stated.

“Phalanx’s data-centric endpoint security platform is delivering significant benefits for InterGen Data and their customers by enabling their data with Zero Trust,” stated Ian Garrett, CEO and Co-founder of Phalanx. “We have significantly reduced their implementation time, development hours, and expenses by allowing InterGen Data’s customers to simply create a folder in their choice of cloud storage where all files are automatically encrypted and delivered seamlessly,” Garrett further said.

In the Bank, Financial Services, and Insurance industries, accessing, storing, and transferring customer data requires strict adherence to US Data Protection and Privacy Laws. “As an artificial intelligence-based/machine learning “AI/ML” Data as a Service provider, security is paramount to our success and a top-of-mind regulatory risk for our clients. The Phalanx platform ensures that our customer files remain secure, isolated, and controlled by the customer,” Robert Kirk added.

About InterGen Data, Inc.

InterGen Data, Inc. (InterGen Data) was founded by the financial services industry veteran Robert J. Kirk in December 2017. InterGen Data is an award-winning Life Event Data as a Service provider that uses the latest in predictive modeling techniques and patent pending proprietary algorithms that identify when someone is likely to have an important life event occur, what that event could be, and how much of an economic impact that it would have on their financial journey. They supply this data to banks, financial services, and insurance companies.

More information can be found at https://www.intergendata.com/.

About Phalanx

Phalanx was founded by a group of cybersecurity experts and military veterans with the mission to provide simple, proven cybersecurity without increasing the burden on the end-user or security staff. Phalanx provides data-centric endpoint security designed with the users’ psychology in mind to increase ease-of-use while decreasing the effects of a breach, insider threats, and chances of accidental spillage. The simple, automatic file encryption platform is built for organizational security so businesses can easily share data regardless of environment.

More information can be found at https://www.phalanx.io

Forward-Looking Statements

This news release may contain or refer to forward-looking statements. Forward-looking statements give expectations or forecasts of the future using terms such as “anticipate,” “estimate,” “expect,” “project,” “intend,” “plan,” “believe,” “will,” “potential,” “look to,” and other terms tied to future periods. Results could differ materially from those expressed or implied in the forward-looking statements. Forward-looking statements are based on assumptions and expectations. They involve risks and uncertainties, including the “Risk Factors” MetLife, Inc. describes in its U.S. Securities and Exchange Commission filings. The company has no obligation to correct or update any forward-looking statement. Parts of this news release may include additional information on forward-looking statements. This news release may also contain measures that are not calculated based on accounting principles generally accepted in the United States of America, or GAAP.

The post InterGen Data, Inc. Chooses Phalanx Advanced Endpoint Security Platform to Secure Transmission of Data Files appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:09AM

Read More

The Annual Insider Risk Summit Adds Experts from Accenture, Aberdeen, Deloitte, IDC and PwC to Speaker Roster

MINNEAPOLIS–(BUSINESS WIRE)–Today, the Insider Risk Summit team announced the next wave of cybersecurity experts and industry advisors to the speaker lineup for the annual Insider Risk Summit 2021. New speakers to the roster include leaders from Accenture, Aberdeen, Deloitte, IDC and PwC. Joining the sponsorship list includes Carahsoft, CrowdStrike, CyberArk, Microsoft, Palo Alto Networks and Splunk.

Register here for the fully virtual, free-to-attend event.

The Insider Risk Summit is the industry’s leading conference on Insider Risk Management (IRM). IRM is a new data security movement for mitigating any data exposure event that jeopardizes the financial, reputational or operational well-being of a company, its employees, customers and partners.

Insider Risk Summit Featured Speakers

Some of the event’s additional featured sessions and speakers announced today include:

Advisory Panel: “The Intersection of Insider Risk Management & Enterprise Risk Management –

How real-world challenges are influencing insider programs”

In an almost unprecedented joining of industry advisory and insider risk experts, John Boles with PwC, Henry Chan of Accenture Security and Michael Gelles with Deloitte, join Christina Richmond, the Program VP, Security Services from IDC to dive deep into the trenches in their session.

CISO Panel on Addressing Insider Risk

In this insightful CISO roundtable conversation from three distinct industries – security, technology and consulting, cybersecurity leader Rick Howard from The CyberWire moderates a candid and in-depth conversation with leading CISOs, Jeff Peal from SullivanCotter, Mike Johnson from Fastly and Jadee Hanson of Code42. They will discuss the latest headlines, the security implications of hybrid work, the great resignation, real insider experiences and solutions to the insider risk problem.

The Summit also features sessions by insider risk experts:

–Derek Brink, Vice President and Research Fellow, Aberdeen

‘Understanding Your Insider Risk, and the Value of Your Intellectual Property’

–Tim Briggs, Director Incident Response, CrowdStrike

‘Getting Started: Your Insider Risk Management Program’

–Samantha Humphries, Head of Security Strategy, EMEA, Exabeam

‘Building an Insider Threat Program from Scratch’

–Ananth Appathurai, SVP, Strategic Partnerships & Ecosystem

‘Customer-centric Insider Risk Management – It Takes an Ecosystem’

–Talhah Mir, Principal Program Manager, Microsoft

‘Don’t Delay in Detecting and Mitigating Hidden Insider Risks’

–Wendy Overton, Director of Cyber Strategy, Optiv

‘Moving from Insider Threat to Insider Risk: Shifting Focus in a Changing World’

–Matt Tarr, Solutions Architect, CyberArk

‘Automating Threat Response to Privileged Identities’

Additional speaker announcements will be made in the leadup to the conference on the Insider Risk Summit event page.

Register Now and Earn CPE Credits

Insider Risk Summit attendees will have opportunities to network, take in product demos, host 1:1 meetings or attend educational sessions and discussions. Security practitioners attending the Summit are eligible to earn 20+ CPE credits.

This year again, the event expects to draw security professionals from across the globe world, including:

• C-suite executives focused on information security, security, risk and compliance (CISO, CSO, CRO, CCO).
• Security architects rethinking the security stack in the context of Zero Trust and SASE.
• Insider Risk, insider threat or insider trust functional leaders.
• Incident responders and security analysts.
• HR and legal professionals involved in internal investigations and IP litigations.

To register and learn more about the Insider Risk Summit, visit insiderrisksummit.com.

About The Insider Risk Summit

The Insider Risk Summit, the industry’s leading conference on Insider Risk Management (IRM), brings together security leaders and practitioners and industry experts to learn, interact and share best practices in the IRM space. More than just one moment in time – the Insider Risk Summit is a community of organizations and security professionals that understand collaboration, productivity and enablement of users while meeting data security challenges. In its inaugural year in 2020, more than 2,000 security professionals registered for the event, which is held annually in September during Insider Threat Awareness month. For the most up-to-date news about the Insider Risk Summit and the IRM community, go to www.insiderrisksummit.com or follow along on Twitter.

© 2021 Code42 Software, Inc. All rights reserved. The Insider Risk Summit is a trademark of Code42 Software, Inc. in the United States and/or other countries. All rights reserved. All other marks are properties of their respective owners.

The post The Annual Insider Risk Summit Adds Experts from Accenture, Aberdeen, Deloitte, IDC and PwC to Speaker Roster appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:09AM

Read More

CVP Acquires Atlas Research, Broadens Healthcare Strategy, Consulting and Research Offerings

FAIRFAX, Va.–(BUSINESS WIRE)–Customer Value Partners, Inc. (CVP), a business and technology consulting firm that helps organizations prepare for a culture of Continuous Change, announces today its acquisition of Atlas Research (Atlas), an award-winning firm that partners with federal health organizations to drive mission-critical innovation and transformation. Through this acquisition, CVP further realizes its goal of becoming a premier mid-tier comprehensive healthcare solutions and citizen services consulting and systems integration firm. CVP acquired Atlas because of its similar culture, values, and vision for the future as well as its exceptionally talented team.

With Atlas, CVP adds new capabilities spanning research and evaluation, organizational transformation and innovation, strategic communications, and human capital solutions; deep domain expertise in veterans and military health, pandemic planning and response, health equity, mental health, and rural health; and a marquee federal health customer base. This merger, done solely through the strength of CVP’s own resources, adds over 170 professionals with deep healthcare and consulting experience to the CVP family.

Atlas brings a franchise position at the US Department of Veterans Affairs, a client they have served since 2008. Atlas accelerates CVP’s growth through the addition of major new health clients, domain expertise, capabilities, and contract vehicles. The acquisition strengthens CVP’s strategic focus on federal health agencies by adding a strong portfolio in the VA and expanding our portfolio across HHS. It includes the Veterans Health Administration (VHA) Integrated Healthcare Transformation (IHT) contract—a 10-year, $1 billion indefinite delivery/ indefinite quantity (IDIQ). It opens up access to the FDA with the $322M ceiling Business Transformation Team (BTT) BPA and the $100M ceiling Integrated Solutions (IS) BPA. It also provides a new government-wide vehicle for CVP’s transformation and human capital offerings via GSA’s Human Capital and Training Solutions (HCaTS) BPA (UNR).

“CVP’s acquisition of Atlas is the realization of a shared vision for an industry-leading, comprehensive mid-tier healthcare technology and consulting firm primed for growth,” said Atlas Co-Founder and CEO Ryung Suh. “The marriage of our respective capabilities, experience, and mission-driven cultures will translate to added value for our clients and their efforts to improve the health and wellbeing of our fellow citizens.”

“CVP’s vision as a fully integrated healthcare solutions and citizen services firm relies on expanding from a technology-centric services innovator to an end-to-end advisory, research, technology, and managed services firm,” said Anirudh Kulkarni, CVP Founder and CEO. “Atlas’ experience as the trusted transformation partner of clients across the VA and HHS provide the advisory and consulting capabilities to accelerate CVP’s growth strategy.”

About CVP

Customer Value Partners (CVP) is an award-winning business and next-gen technology consulting company that helps organizations navigate disruption and prepare for a culture of Continuous Change. We solve critical problems for healthcare, national security, and public sector clients through innovative strategies and solutions that leverage technologies and industry expertise in areas including Technology Modernization, Data Science & Engineering, Business Transformation, and Cybersecurity. CVP delivers unparalleled excellence to clients and employees through a strong culture of integrity, engagement, respect, and a passion for our clients’ missions.

The post CVP Acquires Atlas Research, Broadens Healthcare Strategy, Consulting and Research Offerings appeared first on Cybersecurity Insiders.

August 25, 2021 at 09:09AM

Read More

CISSPs From Around the Globe: An Interview with Adesoji Ogunjobi

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

In this installment, we talk to Adesoji Ogunjobi, who is passionate about cybersecurity in Africa. He is Chief Information Technology (security) Architect and Trainer with Kavod Doyen Consulting in Lagos and talks about how this industry has changed over his 14-year professional background and his ambitions for the future.

 

What job do you do today?

I work as an Information Technology Security Consultant and Trainer.

What problems does your company solve?

My company delivers assessment, training, and cybersecurity consulting services, including third-party risk assessments, IT infrastructure audits, cloud security consulting, as well as cybersecurity training.  These are all the components of a mature security program that all bring value to a company.

Why did you first decide to get into cybersecurity?

I had achieved Microsoft, CompTIA, and Cisco certifications. Consequently, it dawned on me that you really cannot derive value from your IT infrastructure without thinking about security.  To hone and attest to that skill, I went for (ISC)²’s CISSP credential.

What was life like when you started in your career in cybersecurity?

When I started out, I felt unappreciated and out-of-place because no one was talking or thinking about information security. The business and senior management seemed only interested in the performance of IT infrastructure.  Fortunately, this is no longer the case.

What was your first cybersecurity job?

My first cybersecurity job was as an IT Security Manager. I was employed by a person who formerly consulted for a global IT company. He left that job and became the Head of Information Technology in the company where I was employed.

Why did you decide to undertake CISSP?

I wanted to prove my skill as well as stand out. I got to know that the (ISC)² CISSP is considered the Gold standard in cybersecurity. The desire to refine my existing skills, and add security skills was what led me to study the CISSP Common Body of Knowledge. I was blown away by the coverage of the course content.  The breadth of material was mind-blowing. There and there I decided it is what I wanted – I fell in love with it.

How long did it take to achieve CISSP?

It took me 4 months to study for and then sit for the exam. I spent three months attending weekend lectures, and one month of personal study before I was ready.

Did you enroll in any training?

I enrolled with an (ISC)² partner in Nigeria for the training.

What most surprised you about CISSP?

I was amazed to learn that it was a 6-hour exam, containing 250 questions! Prior to that time, I had never prepared or intended to written any exam that long with that many questions. Now that (ISC)² has gone to an adaptive testing model, I am sure that is much more attractive to many potential candidates.

How did it change how you approached your work?

I started approaching the delivery of IT services with a risk-identification-mitigation mind-set. I did not want my employer to suffer preventable loss.

What were the first changes you noticed after becoming a CISSP?

During my study, and after attaining the certification, my depth of security knowledge changed, especially as it had to do with cryptography.  Along with that, my self-esteem and confidence soared!

The CISSP was the reason I got my first job in a multinational financial service company, where I spent approximately 9 years.

What steps brought you to the job you do today?

Continual skill improvement is responsible for my continued progress in cybersecurity. I attend (ISC)² webinars, and I participate as an exam contributor for the Certified Cloud Security Professional (CCSP) and CISSP-ISSAP certifications.

What ambitions do you have for your career ahead?

One of my aspirations is to become the (ISC)² International President, as well as to consult for Multinational corporations.  I have aspirations to go as far as my imagination will allow.

What achievement or contribution are you most proud of?

I am most proud of achieving my CISSP-ISSAP credential. I have also helped a couple of people achieve the CISSP designation through training, mentoring, and endorsement.

What is it about your job that you love?

The most amazing part of working in cybersecurity is its dynamism and ever-evolving influence in all aspects of technology.

What is the biggest challenge you have faced in your career?

I worked for an organization with a poor cybersecurity culture. What’s worse, is that I did not see a desire that they wanted to improve it and I felt I was working there just to fulfill a requirement. It was quite unfulfilling for me personally.

How do you think you have personally benefited from becoming a CISSP?

One of the benefits is the increased exposure afforded me through this interview! In addition to this honor, the international recognition of the credential wherever I present it is a huge benefit.

How do you ensure your skills continue to grow?

Continuing education is very important to me.  I continue to learn and contribute to the community by participating in training, volunteer opportunities, personal study, webinars, and wherever I can gain more knowledge.

What do you think the biggest challenge is for cybersecurity right now?

Unfortunately, one of the biggest challenges is undoing the damage caused by some people who don’t understand cybersecurity, presenting cybersecurity as complex and requiring “complex”, high-sounding technology to make it work. 

What solutions do you think could address this?

A basic understanding of the fundamentals taught in (ISC)²’s CISSP domains can go a long way towards demystifying cybersecurity.

Who inspires you in the world of cybersecurity?

Adesoji Adegunwa is the main inspiration for me. He is the person who taught me about the CISSP concepts when I started out years ago!

What do you think people considering a career in cybersecurity should know?

A cybersecurity career is a journey!

 

To discover more about CISSP download our Ultimate Guide or learn more with our white papers, 9 Traits You Need to Succeed as a Cybersecurity Leader or The Definitive Guide to Cybersecurity and Business Prosperity.

Or, check out more interviews with CISSPs as a part of this CISSP interview series.

 

The post CISSPs From Around the Globe: An Interview with Adesoji Ogunjobi appeared first on Cybersecurity Insiders.

August 24, 2021 at 09:09PM

Read More