Cyber - November 2022

Page 16

Cybersecurity associations

Bluebird Group: Riding the tech wave in transport

DevSecOps: Building better software faster

Technology: Protecting company data starts within

PHISHING THROUGH THE YEARS

A new study has found that

are at their highest

November 2022 cybermagazine.com
phishing attacks
levels as figures quadruple from 2020

The

Cyber Team EDITIOR-IN-CHIEF VIKKI DAVIES EDITORIAL DIRECTOR SCOTT BIRCH PRODUCTION DIRECTORS GEORGIA ALLEN DANIELA KIANICKOVÁ PRODUCTION MANAGERS JANE ARNETA MARIA GONZALEZ CHARLIE KING CREATIVE TEAM OSCAR HATHAWAY SOPHIE-ANN PINNELL HECTOR PENROSE SAM HUBBARD MIMI GUNN JUSTIN SMITH REBEKAH BIRLESON JORDAN WOOD DANILO CARDOSO VIDEO PRODUCTION MANAGER KIERAN WAITE DIGITAL VIDEO PRODUCERS MARTA EUGENIO ERNEST DE NEVE THOMAS EASTERFORD DREW HARDMAN MARKETING MANAGERS INDIA BERRY PROJECT DIRECTORS KRIS PALMER BEN WIGGER TOM VENTURO MANAGING DIRECTOR LEWIS VAUGHAN MEDIA SALES DIRECTORS JASON WESTGATE CHIEF OPERATIONS OFFICER STACY NORMAN CEO GLEN WHITE JOIN THE COMMUNITY Never miss an issue! + Discover the latest news and insights about Global Cyber...

Is your IT infrastructure weak?

An interesting new report by cyber crime company FoxTech has revealed the five industries with the weakest cyber security and most at risk of a breach.

Mechanical and industrial engineering topped the list followed by environmental services, furniture manufacturing and installation, logistics and supply chain and finally construction.

The research based on analysis of thousands of companies found that industries such as financial services, aviation and government administration had a lower risk of falling victim to a cyber crime to those listed above.

FoxTech's CTO Anthony Green made an important observation. "It's not that organisations don't care about having good security, but they are unaware that their IT infrastructure contains weaknesses that make them a potential easy target for hackers."

With cyberattacks increasing at an alarming rate, can businesses afford not to ensure their business is cyber secure? Now is the time to make those important checks.

FOREWORD
“ With cyberattacks increasing at an alarming rate, can businesses afford not to ensure their infrastructure is cyber secure?”
CYBER MAGAZINE IS PUBLISHED BY © 2022 | ALL RIGHTS RESERVED cybermagazine.com 3
0000 1 1
OUT NOW Read now 10000 1 LEADERS2022 • LE A D SRE 2202•SREDAEL2202 • EL A D ERS2022 • Creating Digital Communities Don’t miss this Issue! The most influential people in Technology
Our Regular Upfront Section: 10 Big Picture 12 The Brief 14 Timeline 16 Trailblazer: Guy Golan 20 Five Minutes With: Justin Vaughan-Brown 38 Bluebird group Riding the tech wave in transport 26 Networks and Applications Embracing automation to protect against threats CONTENTS
Cybersecurity Payment security: balancing the need for security and convenience Operations DevSecOps: building better software faster 44 Top 10 Cybersecurity associations Technology Protecting company data starts within 64 56 50

Accelerate

Initiatives with

Your Net-Zero Carbon
Low-Code Featured with:

Executives from Appian, AWS, and Xebia share their collaborative efforts and excitement about their partnership in low-code, cloud, and sustainability.

Technology is instrumental to achieving next-level capabilities across industries. But organizations that want to operate sustainably must choose technology that lets them adhere to strong environmental, social, and governance principles.

Appian Corporation, a process automation leader, is a critical piece of the digital transformation and sustainability puzzle. The enterprise-grade Appian Low-Code Platform is built to simplify today’s complex business processes, with process mining, workflow, and automation capabilities.

“By quickly building apps that streamline and automate workflows, organizations are using Appian to make their processes for monitoring and reporting on ESG initiatives faster, simpler, and more effective,” says Meryl Gibbs, Emerging Industries Leader at Appian.

“Both AWS and Appcino are amazing partners of ours,” says Michael Heffner, VP Solutions and Industry Go To Market at Appian. “We have an extremely long legacy engagement with AWS as our trusted, go-to-market partner and Appcino builds “meaningful, business-focused applications on the Appian platform and is amazing in all things ESG.”

Digital transformation in ESG.

As an AWS leader enabling sustainability solutions built on the cloud, Mary Wilson, Global Sustainability Lead at AWS, talks about the partnership with Appian.

“Our objective is to help our customers achieve sustainability goals across their business operations,” says Wilson. “[This means] looking at data availability, meaning access to more data, and enabling actionable insights. “Lowcode, cloud-enabled, technologies will allow organizations to build fast, learn fast, iterate, and continue to improve these insights to drive their sustainability outcomes.”

Tarun Khatri, Co-Founder & Executive Director of Appcino (product part of Xebia), explains just how critical ESG is in the face of digital transformation. “The investment community now considers ESG reporting as a major factor for measuring performance,” says Khatri The collaboration will continually uncover new insights and provides customers the opportunity to accelerate their ESG goals with speed and security.

BIG

PICTURE OF CHILDREN EXPERIENCE CYBER THREATS 72% 10 November 2022

A new report from The Global Cybersecurity Forum has found that 72% of children around the world have experienced at least one type of cyber threat online.

The ‘Why Children Are Unsafe in Cyberspace’ report, developed in collaboration with Boston Consulting Group, focuses on raising awareness on the critical issues facing the protection of children in Cyberspace, at a time when over 90% of children aged eight and above are active on the internet.

The report surveyed over 40,000 parents and children, across 24 countries in six regions.

cybermagazine.com 11

THE BRIEF

“Defenders are adapting slower than attackers, so it’s more important than ever that organisations look to understand how areas at risk could be infiltrated from an attacker’s perspective”

Guy Golan CEO, Performanta

“Organisations are still taking hours, or even days or months, to remediate threats”

Nikesh Arora CEO and chairman, Palo Alto

BY THE NUMBERS

Odavesa’s State of SaaS Ransomware Attack Preparedness report:

of enterprises don’t protect all of their data in public infrastructure clouds of organisations are “very” confident about their ability to recover after a cloud or SaaS ransomware attack

“The last year marked a significant turning point in the adoption of DevOps tools, platforms, and processes”

David DeSanto VP of Product, GitLab

EMBRACING AUTOMATION TO PROTECT AGAINST THREATS

Addressing the rise of automation in tackling cybersecurity and the US’ approach to embed it.

PAYMENT SECURITY: BALANCING THE NEED FOR SECURITY AND CONVENIENCE

We explore the changing face of payment security as the world becomes more digital than ever before.

PROTECTING COMPANY DATA STARTS WITHIN Technology industry professionals weigh in on how companies can best protect themselves from insider threats.

12 November 2022
READ MORE READ MORE READ MORE READ MORE READ MORE READ MORE
59% 28%

WHAT IS BEHAVIOURAL ANALYTICS?

ThreatFabric recently announced it has extended its Fraud Risk Suite with advanced behavioural analytics, to safeguard customers’ online experience against social engineering attacks such as voice scams.

Behavioral analytics is an approach that enables us to distinguish between cybercriminals and genuine customers, by understanding a customer's interaction with their digital devices (i.e swipe/touch gestures on a smartphone), that directly relate to their cognitive behavior such as doubt represented by for example their typing rhythm (speed).

In 2021, more than £1.3bn was stolen by scammers through authorised push payment fraud (APP), however this problem is solvable with the proper fraud detection/protection tools.

NAVAL INFORMATION WARFARE SYSTEMS COMMAND (NAVWAR)

NAVWAR is celebrating 25 years in San Diego, serving as one of the Navy’s major acquisition commands with an expertise in cyber and information technology, providing a substantial positive impact to the region’s economy year after year.NAVWAR brings US$3.2bn in revenue to the area and employs more than 5,200 federal employees while supporting more than 29,000 jobs.

 UBER

UK Police have arrested a 17-year-old on suspicion of hacking. The department said the arrest was made as part of an investigation in partnership with the U.K. National Crime Agency’s cybercrime unit.

 LOS ANGELES UNIFIED SCHOOL DISTRICT

The Vice Society Ransomware gang published data and documents that were stolen from the Los Angeles Unified School District during a cyberattack. District said that they would not be giving in to the ransom demands and that they could better use the money for students and their education.

 CHINA

New research has revealed that China is the top country most affected by online crime in the world - losing US$118.4bn to cybercrime each year. The research, undertaken by SEON, looked at the cost of online crime in the top victim countries.

D

I M E S

cybermagazine.com 13
G O O
T
B A D T I M E S
NOV22

TIMELINE

PHISHING THROUGH THE YEARS 1996

FIRST RECORDED PHISHING ATTACK

According to Internet records, the first time that the term ‘phishing’ was used and recorded was on 2 January, 1996. The mention occurred in a Usenet newsgroup called AOHell.

2000

PAYPAL AND E-GOLD

In the early 2000s,phishers started to turn their attention to online payment gateways, such as Paypal and E-gold. For example, scammers sent an email to Paypal users—and at the time there were already a lot of users—telling them to update their credit card details but stole their details instead.

2010

POLITICALLY MOTIVATED ATTACKS

There is a shift in how hackers are usung phishing attacks, with more of them using it for a larger purpose than the usual financial goals. In 2016, a potentially politically-motivated phishing attack was launched on John Podesta, Hillary Clinton’s campaign chairman.

14 November 2022

A new study has found that phishing attacks are at their highest levels as figures quadruple from 2020. The Anti-Phishing Group (APWG) observed 1,097,811 total phishing attacks in the second quarter of 2022, a new record and the worst quarter for phishing that APWG has ever observed. With attacks of this nature rife, Cyber Magazine takes a look at their history.

2013

RANSOMWARE AND PHISHING

Ransomware, which was mainly sent through phishing emails at this time, started to run rampant starting from the Cryptolocker ransomware in 2013, to various other worms, such as WannaCry and Petra.

2022

PRESENT DAY

Phsihing is increasing at an alarming rate. With the growth of social media cybercriminals have found a new treasure trove of information, where they can do research and make their phishing messages more specific and thus, convincing. Unrestricted access to sensitive information helps hackers build personalized spear phishing emails that rely on familiarity and make it harder for users to detect a phishing attempt.

cybermagazine.com 15

Performanta: From military to cybersecurity

How did your time in the military prepare you for a career in cybersecurity? My journey to cybersecurity exists as an accumulation of life experiences, particularly within the military. I was positioned within the Israeli Defence Force (IDF) between 1991 and 1994. Within this period, everything we did was relatively non-technological, yet I’ve realised that everything we were doing then directly reflects what is now happening in today’s digitally orientated society.

Similarly, I learnt a lot in the IDF about deception. This includes, how the concept of the ‘bad guys’ can be subjective; how the opposing side is likely thinking; and how to approach situations in a smarter way. Within judo, you learn that you don’t oppose the movement of the opponent, you embrace it, to ensure things keep moving in a desirable and frictionless direction. We can apply this to the deployment of our cybersecurity strategies.

16 November 2022
Name: Guy Golan, CEO of Performanta Job Title:CEO Company: Performanta TRAILBLAZER

cybersecurityHow did you get your first big break in the cyber industry?

When we started in 2010, we delivered solutions on what we call a ‘journey’, whilst most other providers did box dropping, and still do to a degree. In 2016, we realised we could do more for our clients. We turned our focuses to the offensive side of security, to best understand how effective defences should work. It was incredibly disheartening to see that a lot of what we tried would be unsuccessful against offensive methods –but this is the reality of the threat landscape today. We were lucky to have this hard lesson early in our company’s development.

For others, the easiest path would have been taking the lifestyle route, focusing on personal benefit, rather than coming up with a genuine solution. But this was not in our DNA. So, we sat down to rethink who we were and what we were doing. Installing services and making them work well clearly was not enough. We came up with the

concept of Cyber Safety – which we now hold at the centre of our business.

After debating the question of, ‘what do clients really want?’, and subsequently brainstorming human behaviours and desires, we realised it all came down to wanting to ‘know’ and be ‘aware’ of activities.

We therefore simulated an exercise with our clients to do the ‘triple A’ –awareness, acknowledgement, and action.

Acknowledgement came down to businesses attempting to secure themselves, investing in tech, acquiring services from partners or vendors, then ultimately making them work well. Fundamentally, the outcome of these simulations resulted in the question, if security isn’t enough, then what is?

The answer: The concept of being safe.

What skills do you think a great cybersecurity professional requires?

Individuals must have a deep, up to date understanding of the world of IT and cyber. You must also have a clear comprehension of the business for which you are providing security, including what makes it successful. For that, you must have deep levels of curiosity. Another key focus is satisfying the board and shareholders – they determine what the future is.

What are the current threats that you think public and private sector organisations should be aware of?

I would argue that the scope of attacks has changed, and continues to change, significantly over the years, particularly as a consequence of the increased use of the cloud. The big attack vectors making the media headlines are the usual suspects – ransomware, DDoS and phishing – but responding to these threats requires more than just deploying solutions for specific

cybermagazine.com 17

attacks. It needs a change in mindset, a much more holistic approach.

Defenders are adapting slower than attackers, so it’s more important than ever that organisations look to understand how areas at risk could be infiltrated from an attacker’s perspective. Having the ability to contextualise events to the specific business minimises the gap.

Why are you focused on Cyber Safety and why should potential clients care? Cyber Safety, at its very basic level, is a continuous process, using real-time, accurate and relevant data to analyse moving risks per client and presenting the findings in an accessible way for all levels of the business to understand and make accurate decisions.

The core difference between Cyber Safety and cybersecurity comes down to what each concept aims to achieve. Whilst cybersecurity is the method organisations use to lower the risk and limit the impact of a cyber breach, Cyber Safety works towards lowering the risk and limiting the impact on the business itself, taking defence to a deeper level. It doesn’t necessarily mean you won’t be hacked, but being ‘cyber safe’ means taking the appropriate steps to ensure your business can carry on operating regardless of what happens.

There is a core difference between companies that peddle cybersecurity rather than Cyber Safety. Traditional cybersecurity providers will sell you point solutions, like MDR services or firewall management. This approach works well as long as it delivers a comprehensive view of your security stack and attack surface.

Customers come to Performanta with a myriad of requests, knowing full well the company’s capability of managing the entire

stack, and reducing the short- and long-term impacts on the business itself. Our first step is to help companies determine their ideal end business-state – how they’re trying to run as a business. We then work back from that to calculate what we need to do to help achieve that state in the cyber space. After all, every product and service acquired has a business motivation to back it up.

One of the biggest challenges of cybersecurity is the overwhelming amount of data and alerts received daily. Performanta’s solution therefore only lets organisations know what they need to know, when they need to know it. If the company’s cybersecurity situation is quiet, then a report regarding their safety only needs to be given to them once a month or once a quarter.

When someone else takes charge of responsibly managing the safety and security of individuals, people are able and willing to continue with their lives without any concerns surrounding safety. So, if we take care of establishing Cyber Safety, this allows organisations to increase focus on business, and enables the client’s cyber team to work more effectively and gain the respect of the board.

However, if awareness is needed due to the probability of an imminent cyber attack, the business will be informed immediately. An organisation should be able to focus on business operations, making money and satisfying shareholders. Yet all too often, organisations are forced to focus heavily on security and defending themselves against an attack.

Organisations across any industry can apply Cyber Safety to their cybersecurity strategy. It starts with a mindset shift.

Think of an aeroplane. The staff are responsible for our safety as well as our comfort, but aside from a short safety

18 November 2022 TRAILBLAZER

briefing at the beginning, all we’re exposed to for the remainder of the flight is their hospitality. We’re only then informed of other security updates when absolutely necessary. The same applies to the cybersecurity industry.

How does Performanta help these organisations become more resilient?

Currently, a misalignment exists between what a business wants and what security organisations are providing. Many claim that the answer is to ‘educate the board’. We take a different stance.

Working closely alongside the CISO or CIO, we help bring relevant data to the board so they can be directly involved in the decisions being made to keep the business safe. This approach is backed by tools and methodologies that were built to achieve this purpose and put the client at the centre of everything we do. Our solution starts at one end of the chain of command and seamlessly works its way across all levels, giving everyone access to consistent, accurate and relevant data. It allows our clients to run an effective cyber department backed entirely by the decision makers.

Furthermore, with our solution, companies can prepare well in advance for operational disruptions caused by breaches, such as downtime. This transparency allows organisations to focus on their own strategy and business successes, whilst maintaining up-to-date security data in real-time, knowing that they will be made aware of any threats when necessary.

What would be your tips for cyber security professionals looking to shift strategy in the latter half of the year? My top tips would be:

• Adopt data-based decision making

• Look for relevant data for your own business

• Gain as much visibility of your security tools and network as possible

• Understand the customer-specific client context to provide effective cybersecurity

• Seek business outcomes and measure against those as opposed to cyber outcomes Once the above is achieved, you can provide the necessary tools and methods to key decision makers which allows them to identify the risks towards their business objectives moving forwards.

“In judo, you learn that you don’t oppose the movement of the opponent, you embrace it, to ensure things keep moving in a desirable and frictionless direction. We can apply this to the deployment of our cybersecurity strategies”
cybermagazine.com 19

Justin Vaughan-Brown

Justin Vaughan-Brown, VP Market Insights at Deep Instinct looks at calculating cyber risk and how CEOs can get by with a little from their friends

Over the last couple of years, cybersecurity has evolved from just an IT team problem to a C-suite one. More and more C-level executives are involved in the monitoring and decision-making processes of a company when it comes to preparing for and defending against cyberattacks, and this includes CEOs.

While CEOs often have the best intentions when they show a lot of confidence in their firm’s cyber stance, this confidence doesn’t always provide the desired outcome. Our research revealed that, in some cases, there was no evaluation of cyberattacks at all and nearly half (48%) of organisations provided inadequate or inaccurate assessments.

20 November 2022
FIVE MINUTES WITH...

Vaughan-Brown

Q. WHY IS THERE SUCH A HUGE DISCONNECT BETWEEN THE PERCEPTION HELD BY CEOS AND OTHER POSITIONS SUCH AS CFOS, WHEN IT COMES TO THEIR FIRM’S ABILITY TO WITHSTAND A CYBERATTACK?

» Our recent research showed that 63% of CEOs think their firm is well prepared to withstand a cyberattack, however, as few as 14% of CFOs were confident, and only 52% of other C-suite officials were confident about their cyber resilience. While CEOs hold great understanding of the capabilities and risk involved within their company, a key part of their role is to be positive and convey confidence to assure their employees, customers, and investors that the organisation is a safe and stable business. CEOs are unquestionably extremely busy people who often oversee a dozen different projects at the same time, and clearly could use a help-inhand when it comes to making cybersecurity decisions.

Unlike other positions, CEOs don’t have the luxury of spending all their time on one project or issue, therefore only a select amount of information is shared with them. As a result, CEOs do not always understand the full impacts of a cyber incident, the monetary value of resources, and the potential security risks that exist within their systems. When organisations don’t have the full picture, then they cannot make effective decisions.

This false sense of security is even clearer when you look at the difference in confidence when it comes to security planning and preparation. For example, 56% of CEOs also believed their company was constantly reviewing risk plans, compared to just 32% on average for executives in other fields.

Other executives such as the CFO, need to be brought into the conversation so that effective decisions can be made around cyber risk.

Q. WHY DO CFOS NEED TO BE IN THE DECISION-MAKING?

» Whenever we read about the latest ransomware breach or cybersecurity incident in the news, one of the first things mentioned is the financial cost to the organisation.

cybermagazine.com 21

Therefore, it seems perplexing that within organisations, the majority of CFOs are excluded from these discussions.

Only 12% of CFOs made the decision to pay criminal gangs, which is astonishing as ransomware at its core is a financially motivated attack. Financial officials need to be aware about the repercussions of a ransomware attack and the financial toll it will take on an organisation.

Furthermore, of all the organisations that were hit by a cyberattack, 56% of them agreed to pay the ransom to recover their data and the decision to act on the attack was taken by the CFOs in only 14% of the cases.

The primary role of a CFO is to manage the resources of an organisation. They are experienced individuals who know which decisions are financially sound, and this includes budgeting cyber risk. Hence, their lack of inclusion is extremely jarring considering the massive financial impact an ransomware attack can have on an enterprise. Being able to successfully budget a cyber threat in order to diminish and remediate from the attack can be the difference between surviving an attack or it being the businesses downfall.

The importance of budgeting is highlighted even more when you look at the disparity between those who paid a ransom and those who would be willing to pay a ransom. For example, the average of those willing to pay, £760,000, would need to be four times higher in order to reach the average cost of ransomware paid, a little over £3 million.

22 November 2022
FIVE MINUTES WITH...
“While CEOs often have the best intentions when they show a lot of confidence in their firm’s cyber stance, this confidence doesn’t always provide the desired outcome”

“Unlike other positions, CEOs don’t have the luxury of spending all their time on one project or issue”

Q. HOW CAN ORGANISATIONS SEAL THE DISCONNECTS BETWEEN DECISION-MAKERS?

» The first step to risk management would be to assess the impact of a cyberattack and how the organisation would be affected in case of a loss of data. Only 38% of respondents were confident that they would be able to calculate the possibility of how a ransomware attack would impact the organisation.

Healthy communication between leaders and decisionmakers of an organisation is a must when it comes to planning for and responding to cyberattack. It is vital to keep all stakeholders of an organisation in the loop when it comes to cyber risk. Senior management must be involved in ensuring that the business is prepared in the face of adversity. They should be aware of the financial risk and other business impact that a company might endure after a successful ransomware attack.

There needs to be transparency between the decision makers as well as the stakeholders, and in order to achieve this. All C-level executives have to be involved in the risk assessment. An organisation must invest in analysing how the loss of data will impact their company on different levels, hence the CEO will receive unbiased information about the potential impact of data breaches from various angles.

As ransomware attacks have become not only more frequent but also more successful, an organisation must carve out specialised strategies to ensure that they are ready to face a ansomware attack.

cybermagazine.com 23
Get tickets Sponsor opportunities SHAPING THE FUTURE OF BANKING, FINANCIAL SERVICES & PAYMENTS A BizClik Event: 3,000+ Participants 2 Days 2 Stages 70+ Speakers

Watch our 2021 Showreel

Join us at FinTech LIVE London

presentations, Q&A sessions to 1-2-1 networking, the 2-day hybrid show is an essential deep dive into issues impacting the future of each industry today.

Global giants and innovative startups will all find the perfect platform with direct access to an engaged and active audience. You can’t afford to miss this opportunity.

See you on:

Sponsor opportunities

1st-2nd November 2022

Riding the tech wave in transport

26 November 2022
BLUEBIRD GROUP

tech transport

cybermagazine.com 27

With well over a quarter of a billion residents and a capital city housing more people than London, Indonesia is a market primed for rideshare startups.

These new arrivals are, however, overshadowed by one company that’s been instrumental to the nation’s development, synonymous with both taxicabs and technology.

Jakarta-based Bluebird Group celebrates 50 years in business this year. Beginning life as a startup in 1972, founder Mutiara Djokosoetono had a specific vision from the outset: to generate a culture that would fully embrace technology.

The company can point to a number of historic firsts – in the 1970s, Bluebird Group was the first transport provider with a call centre in Jakarta. And, making use of one of the earliest mobile tech platforms, the Group worked with BlackBerry’s parent company, Research in Motion, in 1997 to allow people to call for transport using the handset as a data device, rather than simply phoning in the call.

Today in 2022, the company is continuing this technological journey and heading off competition from more recent startup rideshare companies.

“We are a provider of taxi services, above all, so we make sure the clients receive a privileged service,” explains Andoko Wicaksono, CIO of Bluebird Group. “This starts with the ease of ordering a taxi, the promptness and cleanliness of the car, the courtesy of the drivers when they greet the customer, and more.

“In Indonesia, we are very famous on that front – for clean, honest and high-level service.”

Andoko Wicaksono, CIO of Indonesia’s leading transportation company Bluebird Group, explains how 50 years of technology built a world-class business
28 November 2022 BLUEBIRD GROUP
275,773,800 Population of Indonesia (2022) 10,609,681 Population of Jakarta (2021) cybermagazine.com 29

Bluebird Group puts people first with technology Wicaksono explains that Bluebird's modernisation plans place people firmly at the forefront. With more than 20,000 vehicles and drivers working for the company – in addition to millions of customers – people are an important part of its continued success.

“We are also committed to being secure by design; we’re always thinking about security, how it’s done, and how it works with policies and controls,” says Wicaksono. “Furthermore, we’re agile and committed to continuous improvement. We need to maintain the investment in our people, and the team has to embrace the job.”

Placing trust and reliability at the centre of Bluebird Group’s transformational plans, though, presents a challenge: finding the right balance between customer integrity and providing the best possible services.

“People should be able to trust us to handle their data in a secure manner,” says Wicaksono. “For example, when you submit data on our website or in our apps, we should handle the data correctly and not share it; if we move the data from different environments, we have to be secure.”

Bluebird Group already utilises cloud platforms for data storage, but it also has 40 physical sites across Indonesia that must be networked into the company in a secure manner.

“As you can imagine, there are a lot of challenges in managing communications between the sites – particularly the remote sites where communications' systems might not be as advanced as in Java,” explains Wicaksono. “So the priority is still security, even though we may sacrifice, for example, speed. But that isn’t that much of a sacrifice, as the infrastructure is improving.”

A passion for programming drives technology ambitions Wicaksono hails from a technology background – he co-founded London-based Switchlab, which focused on the R&D aspect of telecom technology, then went on to take a range of influential CIO

“All our taxis are equipped with IoT devices which, for example, monitor the fatigue of the driver”
ANDOKO WICAKSONO CIO, BLUEBIRD GROUP
30 November 2022 BLUEBIRD GROUP

Andoko Wicaksono

TITLE: CIO

LOCATION: INDONESIA

PT Bluebird Tbk. (IDX: “BIRD”) is a public company in the field of passenger transportation and land transportation services which has 17 subsidiaries spread across 18 locations in Indonesia (Jadetabek, Cilegon, Medan, Manado, Bandung, Palembang, Padang, Pangkalpinang, Batam, Bali, Lombok , Semarang, Surabaya, Pekanbaru, Makassar, Balikpapan, Solo and Yogyakarta).

Bluebird is committed to providing safe, reliable and comfortable land transportation services with easy access for customers. The company's extensive distribution network includes more than 600 exclusive points in hotels, malls, central hubs, as well as a bold range of reservation channels. The expansion of accessibility is increasing with the presence of the MyBluebird application, which now has 20 new features and various transaction methods to support the ease and convenience of mobility.

Bluebird's business spans across several main pillars including regular taxi services (under the “Bluebird” and “Pusaka” brands); executive taxi service (under the “Silver Bird” brand); limousine and car rental services (under the “Golden Bird” brand); bus rental services (under the “Big Bird” brand); logistics services (under the brand “Bluebird Kirim”); shuttle service (under the brand “CitiTrans”) PT Bluebird Tbk. has been listed on the Indonesia Stock Exchange since November 5, 2014.

BLUEBIRD GROUP
TWITTER FACEBOOK INSTAGRAM YOUTUBE BlackBerry prevents DarkSide, NOBELIUM and REvil attacks with security powered by Cylance ® AI Prevent Ransomware and Malware.

and CTO roles in telecom companies and startups, before joining Bluebird Group in June 2022.

And his love for technology extends beyond the office, as Wicaksono has built his very own home IT lab to test hardware and software, while having fun at the same time.

“I have a passion for robotics, so I have a number of small robots at home,” grins Wicaksono. “I also have a passion for programming on Python, so I have some Raspberry Pis to help with home automation.”

While the home lab initially grew out of Wicaksono’s curiosity about tech hardware and software, he found that it also helped to effortlessly maintain his excitement for programming and coding, despite the considerable demands on his time from other business areas.

“But family and friends don’t go in my lab,” says Wicaksono with another smile. “It’s my den.”

During a storied career, he’s faced his fair share of challenges – but one of the most significant came when he was compelled to understand a great deal more about the business processes required to keep a company on the road to growth.

“It’s always changing, always evolving,” says Wicaksono. “I’ve watched the process of seeing simple ideas grow into a sustainable business. Every day is different, and it’s a constant adventure.”

Wicaksono describes his leadership style as direct, leading by example; so, while he confidently delegates tasks for greater corporate efficiency, he still takes the time to lead projects in a hands-on way to inspire his team.

“For example, we had an emergency situation where our taxi dispatch system went down at three in the morning,” explains Wicaksono. “I quickly jumped on a conference call with the senior management team to discover the progress, then passed on the

“In Indonesia, we are very famous on that front – for clean, honest and high-level service”
BLUEBIRD GROUP

information to stakeholders and customers. When my team saw me working hard to fix this, it made them realise the importance of working hard on all of these issues.”

The challenges of taking tech into the boardroom

While Wicaksono may spend a lot more time in the boardroom than he did previously, he remains excited about technology and strongly believes it offers the solutions required by businesses looking to compete, survive and thrive.

“AI and automation are liberating employees to perform higher-value tasks than before, which means a company can become more strategic, more creative and identify more ways to meet business goals,” explains Wicaksono.

“If you have some tasks that are freed up by using AI, people can be more creative via increased strategic tasks, rather than the routine tasks that will have been replaced by AI.”

But it’s not just employees who need to learn to love technology, says Wicaksono, considering it a worthy goal to ensure C-suite executives also know the important details of complex technologies.

“The ability to demystify technology is, I think, crucial for a CIO,” he states. “I must demystify the subject for other leaders to make sure that the business becomes a catalyst for tech adoption.”

This is important because more IT decisions are being made by business executives, rather than the IT department that may have had that responsibility in

“We are also committed to being secure by design; we’re always thinking about security”
34 November 2022 BLUEBIRD GROUP

the past. It’s right that IT purchases are made with business goals in mind, but these executives need to understand the technologies to be able to apply this to the right tasks and business processes.

“For example, a decision to have a CRM is not made by the IT team but, more often, by the marketing team,” says Wicaksono. “And I think this is a very good thing – now, we understand more about our customers. The employee at the front of the business is a leader of the business in their department and is unlikely to be part of the IT team.”

points of vulnerability, cybersecurity is a fundamental part of the company’s daily operations. Such measures have become a critical part of the business, preventing infiltration and data stealing from bad actors. Other disruptive technologies – including artificial intelligence and edge computing – are being integrated into the company as and when required, according to Wicaksono.

“The exception is for the Internet of Things (IoT), which we implemented years ago,” he explains. “All our taxis are equipped with IoT devices that, for example, monitor the fatigue of the driver; if a driver shows fatigue, we can see that to then alert both the driver and the system itself, allowing action to be taken.”

Customer expectation has never been higher in the transport and taxi sector. People are looking for personalised services alongside the ability to make bookings without speaking to a human support worker.

“One of the clearest advantages of digitisation that we’ve been able to implement are robust digital tools and strategies – and this will lead directly to increased customer satisfaction,” explains Wicaksono.

Bluebird Group engages with a range of partners in marketing, distribution and technology to aid in its mission. Technology transformation presents a new challenge: combining these multiple elements and the unavoidable complexity that results.

“It’s the end of the ‘one-stop shop’,” says Wicaksono. “One of the most important trends is to have specialties. Our preference is for partners that have a speciality in their own domain.”

cybermagazine.com 35 BLUEBIRD GROUP
ANDOKO WICAKSONO CIO, BLUEBIRD GROUP
“I’ve watched the process of seeing simple ideas grow into a sustainable business. Every day is different”
Andoko Wicaksono, CIO of Bluebird Group, on transport technology
36 November 2022

BlackBerry’s AI software keeps malware at bay

Bluebird Group knows the leading-edge security features in BlackBerry's mobile platform from the time they implemented Indonesia’s first taxi reservation BlackBerry app in 2011. Bluebird Group has continued this relationship, working with the Canadabased technology provider to combat cyber threats. “We are leveraging BlackBerry’s AI software to protect against and prevent malware, using enforcement of device policy,” says Wicaksono. “BlackBerry is a very valuable partner and gives us peace of mind while conducting business.

The next 12-18 months are going to present challenges – some of which will also be seen across various industries around the world, while others will be unique to the company or industry’s geographic focus.

“Here in Indonesia, we have new competition in terms of mobility and ridehailing,” he says. “There are newcomers here already; more will arrive in the next year and a half. But we already have a very strong foundation, and we’re looking to innovate with disruptive technologies in the future.

“Now, we are planning the next five-10 years. We’re very satisfied with the foundation we’ve laid down, but we’re not complacent; we need to be vigilant to meet future competition in the market as well as anticipate changes to regulations by the government.”

Electric vehicles and mobility-as a-service are the future

Within his role as CIO, Wicaksono is also charged with keeping a close eye on emerging trends in the industry, identifying two that are of particular interest to Bluebird Group.

“One is electric vehicles (EV) and growing demand from the public that public transport should make use of EV to reduce greenhouse gas emissions,” explains Wicaksono. “We already have some EV electric vehicles in our fleet and that number is growing.”

The second trend is servitisation, where customers pay for a service rather than buy the equipment, and this is affecting all industries – including the taxi sector.

“Increasingly, people are using what is called mobility-as-a-service (MaaS) to meet their transportation needs,” he says. “MaaS operators will be the future, and that will be the same for us.”

cybermagazine.com 37 BLUEBIRD GROUP

CYBER MAGAZINE ADDRESSES THE RISE OF

AGAINST

AUTOMATION
IN
TACKLING CYBERSECURITY
AND
THE US’ APPROACH TO EMBED IT EMBRACING AUTOMATION PROTECT
38 November 2022 NETWORKS AND APPLICATIONS

AUTOMATION TO AGAINST THREATS

The US government’s cyber defence agency, CISA, recently recommended for the first time that companies embrace automated continuous testing to protect against longstanding online threats. The guidance urged businesses to up their defences by continually validating their security programme against known threat behaviours, rather than taking a more gradual approach.

A CISA spokesman said: “Enabling automation is a critical component of every organisation that wishes to address the speed and scale of modern cyber attack. Without orchestrated automated response, it is often not possible to respond to cyber threat intelligence in a timeframe that enables network defence. However, organisations often find themselves struggling to orchestrate existing manual processes.”

The announcement is part of a raft of cybersecurity measures that the US Government has put in place to alert of the cybersecurity risks in the current climate. In 2022 the Department of Homeland Security requested a total of 2.6 billion dollars for its entire cybersecurity budget, making it the largest budget among the government agencies, excluding the Department of Defense. And this is only set to rise. Overall cyber security spending in the United States is projected to increase in 2023 with the total proposed agency cyber security funding for that year amounting to US$10.46bn dollars.

Representing one of the largest digital populations worldwide, the United States reports a considerable number of cyber attacks each year. According to a 2021 survey, nearly 60% of online users in the country had experienced a cyberattack, ranking it the third country worldwide by share of cybercrime. In the most recent reported year, around 294 million internet users in the United States were impacted by incidents of data violation. Network intrusion was the most common type of cyberattack across the country.

cybermagazine.com 39

Start Today

Use of automation set to rise dramatically

The use of cybersecurity automation is undoubtedly on the rise. A 2021 global Statista survey found that 35.9% of global survey respondents reported using a high level of automation in security operations and event/alert processing.

Cybersecurity automation relies on AI /ML technologies to give cybersecurity systems the ability to recognise threats and find ways to defuse them before they negatively impact a business and its operations.

High-tech cybersecurity automation systems neutralise threats and incorporate security orchestration.

A first step in using cybersecurity automation is gathering and correlating data. AI and ML systems can gather and correlate data, study this data, making systems and cybersecurity automation possible. Which of course has a whole raft of benefits.

Cybersecurity company Palo Alto Networks believes that automation is the only way to reduce the volume of threats and enable faster prevention. The company says with modern cyberattacks becoming heavily automated, organisations trying to defend against these attacks manually don’t stand a chance. Nikesh Arora, CEO and chairman of Palo Alto Networks says: "Organisations are still taking hours, or even days or months, to remediate threats — those are hours and days we no longer have given the speed and sophistication of attacks that are now commonplace. This is not an area where we need an evolutionary approach. This is an area where we need a revolutionary approach. We have to radically reimagine how we run cybersecurity using AI, so that an enterprise is able to respond to all attacks in real time, not days, not weeks, not months."

NETWORKS AND APPLICATIONS

NIKESH ARORA CEO AND CHAIRMAN, PALO ALTO
“ORGANISATIONS ARE STILL TAKING HOURS, OR EVEN DAYS OR MONTHS, TO REMEDIATE THREATS”

NETWORKS

Leveling the playing field

Palo Alto Networks believes automation levels the playing field, reduces the volume of threats, and allows for faster prevention of new and previously unknown threats. It says if implemented appropriately and with the right tools, automation can aide in the prevention of successful cyberattacks.

While the benefits of automation are clear, it is believed there is still a long way to go before the US is ready to fully deploy automation in cyber operations. In The Center for Security and Emerging Technology’s ‘Automating Cyber Attacks’ report researchers said: “Deploying machine learning in cyber operations means overcoming barriers to entry. If only some US states have the resources and expertise to overcome these barriers, those states will become simultaneously better defended and more capable of attacking their rivals. In other words, machine learning in cyber operations may be less biased toward either attackers or defenders than it will be biased toward already powerful states and organisations.

The report went on to say that: “The barriers that exist today may lower before long. Just as many tools of traditional automation were eventually distributed in easily accessible packages, it seems likely that some future machine learningenabled hacking tools will someday be widely available for even novices to use. The United States has much to gain from developing new machine learning tools for cyber operations early and much to lose if it waits. Maintaining a competitive edge will require constant work on both offense and defence. It is yet one more reason that, for as nuanced, complex, and overhyped as machine learning is, it remains too important to ignore.”

“THIS IS AN AREA WHERE WE NEED A REVOLUTIONARY APPROACH. WE HAVE TO RADICALLY REIMAGINE HOW WE RUN CYBERSECURITY USING AI”
NIKESH ARORA CEO AND CHAIRMAN, PALO ALTO
42 November 2022
AND APPLICATIONS

AI and automation come together

To understand how AI is being used to support security operations and to quantify its impact on cybersecurity performance, the IBM Institute for Business Value (IBV) partnered with APQC (American Productivity and Quality Center) to survey 1,000 executives with overall responsibility for their organisation’s IT and operational technology (OT) cybersecurity. It asked respondents to provide information about the performance of their organisation’s security function and the extent to which they are applying AI and automation to manage cyber risk and compliance.

The survey found the majority of companies, globally and across industries, are adopting or are considering adoption of AI plus automation in their security functions. 64% of respondents have implemented AI for security capabilities in at least one of the security lifecycle processes, and 29% are considering it. An IBM spokesman says: “AI for security may soon become a near universal capabiliy. The remaining 7% who are not considering use of AI plus automation for security place themselves in a precarious position, where they most likely will struggle to keep pace with the increasing speed and volume of security events.”

cybermagazine.com 43

DevSecOps: building better software faster

44 November 2022

Security is a top challenge for DevSecOps teams in the current climate. Cyber Magazine investigates

With ever-increasing security threats, which are becoming more complex and sophisticated every day, many enterprises are opting for DevSecOps approaches. In fact, according to data from trend company Glimpse, interest in DevSecOps grew 49% in 2022 compared to the same period the year before, with over 29,000 searches per month.

For those that aren’t familiar with DevSecOps, its goal is to help businesses build better software faster, while also improving security. By integrating security into the software development process, businesses can avoid the need to go back and fix security issues later on. This helps to speed up the development process and allows businesses to get new applications to market faster. In addition, by identifying and fixing security vulnerabilities early on, businesses can avoid the cost and disruption of a security breach.

A recent survey by software company, Gitlab found that security is the driving force for choosing a DevSecOps platform. Gitlab’s Sixth Annual Global DevSecOps Survey highlights the continued prioritisation of security and compliance, investment in toolchain consolidation, and the ongoing impacts of rapid DevSecOps adoption.

The survey consisted of 5,001 respondents, including developers, operations and security practitioners and organisational leaders. It found that, following two years of explosive technological adoption, nearly three-quarters of respondents have adopted, or plan to adopt within the year, a DevSecOps platform in order to meet rising industry expectations around security, compliance, toolchain consolidation and faster software delivery.

Johnathan Hunt, VP of Security at GitLab says: “Rapid deployment and speed-to-market are some of the biggest differentiators in today’s business landscape. This often comes at the cost of security, a major concern across technology, business and government leaders, but it doesn’t have to.

cybermagazine.com 45 OPERATIONS

students.

Enabling educators. Empowering
Explore how we accelerate student discovery, learning and innovation with our Digital Education 3D Experience. E XPLORE THE 3D EXPERIENCE

DAVID DESANTO VP OF PRODUCT AT GITLAB

“Streamlined toolchains and standardised, transparent processes help organisations keep security and compliance at the core of the software development lifecycle (SDLC), rather than an afterthought.”

The 2022 survey results highlight security as the highest-priority investment

area for organisations, with more than half of security team members stating their organisations have either shifted security left or plan to this year. Toolchain consolidation is also a high-priority focus, with 69% of survey takers wanting to consolidate their toolchains due to challenges with monitoring, development delays, and negative impact on developer experience.

“The last year marked a significant turning point in the adoption of DevOps tools, platforms, and processes”
cybermagazine.com 47 OPERATIONS

Security is a top challenge for DevSecOps teams

Security has surpassed even cloud computing as the number one investment area across DevSecOps teams at global organisations. However, despite an appetite to shift security left, many companies are still nascent in their approach and results and only 10% of respondents reported receiving additional budget for security.

Data continues to support the ongoing trend of misalignment between security and development teams. Over half of survey respondents stated that security is a performance metric for developers within their organisations, however, 50% of security professionals report that developers are failing to identify security issues, to the tune of 75% of vulnerabilities. In order to align performance metrics with reality, developers must be incentivised to practice security protocols and be provided with full visibility into the toolchain and potential risks.

When security collaboration is achieved, organisations produce great results. Development, security, and operations teams broadly noted better security as a key advantage to a DevOps platform. Additionally, investing in a single platform allows practitioners to take advantage of more features with fewer tools and fewer a la carte expenses.

Challenges associated with DevSecOps

While the motivation to move to a DevSecOps platform is clear, Harman Singh from Cyphere says DevSecOps does come with challenges. “One of the challenges of DevSecOps is that it requires a shift in thinking for many organisations. Security has traditionally been viewed as an afterthought in the software development process, and it can be difficult to change this mindset. In addition, DevSecOps

“One of the challenges of DevSecOps is that it requires a shift in thinking for many organisations”
48 November 2022 OPERATIONS

requires close collaboration between different teams, including developers, operations, and security. This can be a challenge for organisations that are used to working in silos. Finally, DevSecOps can require a significant investment in tools and automation. This can be a challenge for organisations with limited budgets,” he says.

“Despite these challenges, DevSecOps is becoming increasingly popular as businesses look for ways to improve their software development process. By integrating security into the software development life cycle, businesses can avoid the need to go back and fix security issues later on. This helps to speed up the development process and allows businesses to get new applications to market faster,” he adds.

Achieving true security integration with DevSecOps requires both culture and technology changes, according to Singh.

He says technology changes may include using security automation tools, which can help speed up the software development process while also improving security. Culture changes may require a shift in thinking for many organisations, as security is traditionally an afterthought in the software development process and Organisations need to have close collaboration between different teams, including developers, operations, and security.

Plans to consolidate tech stacks skyrocket

Although 60% of developers surveyed by Gitlab are releasing code faster than before, toolchain sprawl is impacting speed and productivity, taking valuable time away from developers. Nearly 40% of developers are spending between one-quarter and one-half of their time on maintaining or integrating complex toolchains – more than double the percentage from 2021.

Accordingly, 69% of those surveyed stated that they would like to consolidate their toolchains. Primary concerns surrounding toolchain management include challenges around consistently monitoring a myriad of tools, and difficulty context switching, as well as slowed development velocity, increased costs, and retention.

“The last year marked a significant turning point in the adoption of DevOps tools, platforms, and processes. In 2022, we’re seeing the fruits of those efforts,” said David DeSanto, VP of Product at GitLab. “Despite hurdles presented by the ongoing pandemic, including cultural shifts, all remote and hybrid team collaboration, and challenges surrounding hiring and retention, teams are releasing new applications faster than ever. We’ll see an ongoing focus on speed, security, and compliance as organisations continue to consolidate their DevOps toolchains and processes.”

cybermagazine.com 49 OPERATIONS

Payment security: balancing the need for security and convenience

50 November 2022

convenience

Cyber Magazine explores the changing face of payment security as the world becomes more digital than ever before

F or years the payments industry has struggled to balance the competing needs of security and convenience for customer satisfaction. Growing concerns among consumers around fraud have fueled the fire. New research from Paysafe found that 62% of global consumers increasingly see fraud as an inevitable risk of online shopping. According to the research, consumers across North America, Latin America and Europe are prioritising security over convenience when making online purchases.

In fact, 62% of people are so concerned about fraud they feel it is simply an inevitable risk of online shopping, a major jump from the 45% who said the same in 2021. These fears have caused 58% to not feel comfortable entering their financial data online to pay for goods and services, another jump over the 44% who felt this way in 2021.

To allay customer’s fears, Visa recently launched Strong Customer Authentication. A new security measure which will change how they pay online and in-store. The new requirements taking effect across Europe mean Visa card users will be asked to provide additional information when making some purchases. When shopping online they may have to enter a passcode, which would be sent to a mobile phone or landline and then authenticate their payment in another way, depending on how the issuing bank has implemented the new security measures. In-store for

for
cybermagazine.com 51 CYBERSECURITY

Get reliable network coverage and security protection, fast.

This

A modern network must be able to respond easily, quickly and flexibly to the growing needs of today’s digital business. Must provide visibility & control of applications, users and devices on and off the network and Intelligently direct traffic across the WAN. Be scalable and automate the process to provide new innovative services. Support IoT devices and utilize state-of-the-art technologies such as real-time analytics, ML and AI. And all these must be provided with maximum security and minimum cost.
is the power that brings the integration of two cloud managed platforms, Cisco Meraki and Cisco Umbrella. This integration is binding together the best of breed in cloud-managed networking and Security. cisco.com cisco CiscoSecure CiscoSecure

The expanding use of digital payments brings new risk and security concerns”

contactless purchases, users may be asked to enter their PIN more often. They may also be asked to take an additional security step to confirm their identity when making a payment. But is the payments industry doing enough?

Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards formed in 2004 by Visa, MasterCard, Discover Financial Services, JCB International and American Express to protect card data from hackers and thieves. Yet, despite (PCI DSS) compliance improving significantly in 2020 during the first wave of COVID, the cybersecurity threats organisations face today are even more evasive than they were even two years ago.

A 2022 Verizon Payment Security Report (2022 PSR) has revealed that, overall, PCI DSS compliance improved significantly in 2020, with 43.4% of organisations maintaining full compliance, compared to 27.9% in 2019. Additionally, while over half (56.7%) of organisations failed their interim validation assessment due to one or more security controls omissions, the

security control gap still improved substantially, from a high 7.7% in 2019 to a low 4.0% in 2020. Yet despite compliance improvements, Sampath Sowmyanarayan, CEO, Verizon Business says: “We know that bad actors are still out there and stronger than ever.

“Our own 2022 Data Breach Investigations Report (2022 DBIR) found the financial sector continues to be victimised by motivated organised crime, with servers being involved in 90% of financial breaches. As a result, working harder on your current strategy is unlikely to move the needle,” he adds.

cybermagazine.com 53 CYBERSECURITY

How to remain safe in today’s heightened cybersecurity climate

The COVID-19 pandemic escalated online business activities and payment card transactions, but it also enabled the skillful exploitation of both existing and emerging threats and weaknesses within payment systems and processes. Further complicating the payment security landscape for Chief Information Security Officers (CISOs) and other security practitioners, the PCI SSC recently instituted the most significant rewrite of the DSS since its release in 2004. While a significant step forward, security leaders need to focus their attention and resources on getting up to speed with these new requirements. Released earlier this year, PCI DSS v4.0 will go into effect in 2024.

“Substantial industry feedback drove changes to PCI DSS v4.0,” says Lance Johnson, Executive Director of the PCI Security Standards Council. “Key changes to the standard focus on meeting the evolving security needs of the payments industry, continuously promoting security processes, increasing flexibility for organisations using different methods to achieve security objectives, and enhancing validation procedures.”

Verizon’s Sowmyanarayan adds: “To remain safe in today’s heightened cybersecurity climate, organisations will need to approach their objectives and goals at a project, program and strategic level.”

Companies worldwide are continually working to improve payment security in a growing market as digital payments increase. Using India as an example, according to the Press Information Bureau (PIB) of India, in March 2022,

digital payment transactions increased exponentially in the last four years, from 31.34 billion to 74.22billion.

And according to The Business Research Company’s research report on the payment security market, this increasing adoption of digital payment modes is expected to propel the growth

54 November 2022 CYBERSECURITY

of the payment security market. The global payment security market size is expected to grow from $21.47bn in 2021 to $24.66bn in 2022.

Making customers aware of the dangers

While organisations need to take control of their security measures, part of the challenge is making customers more aware of the dangers. Nigerian fintech innovator PalmPay recently held its Wallet Safe Workshop, a monthly campaign for payment security awareness training to help customers improve their overall security knowledge, and learn about how to spot and avoid e-scammers.

The penetration of the internet and digital payments in Africa has significantly increased in recent years. A number of potential issues, including fake news, leakage of personal information and financial scams, have emerged as a result of this rapid expansion in connectivity.

According to a recen Nigeria InterBank Settlement System report, the total number of fraud attempts in Nigeria grew by 186% from 2019 to 2020. Mobile fraud attempts jumped 330% year over year, while web and POS fraud attempts rose 173% and 215% respectively. PalmPay says that it has now become a top priority for financial institutions to guarantee the security of user transactions.

“The expanding use of digital payments brings new risk and security concerns,” said Chika Nwosu, MD of PalmPay.

With more payment transactions being made in online marketplaces, there is a growing need for seamless payments eliminating the risks associated with international payments. This leaves an ongoing challenge for financial institutions in the current climate.

“ Substantial industry feedback drove changes to PCI DSS v4.0”
LANCE JOHNSON EXECUTIVE DIRECTOR OF THE PCI SECURITY STANDARDS COUNCIL
cybermagazine.com 55 CYBERSECURITY

PROTECTING COMPANY DATA STARTS WITHIN

56 November 2022

TECHNOLOGY INDUSTRY PROFESSIONALS WEIGH IN ON

HOW COMPANIES CAN BEST PROTECT THEMSELVES FROM INSIDER THREATS

WRITTEN BY: VIKKI DAVIES

Raising awareness about critical security measures used to ensure company data is not breached is integral in the current climate. These threats often occur due to malicious software or negligent employees and when confidential material gets out, it is often expensive to rectify and damaging to the company's reputation. Tech industry professionals weigh in on how companies can best protect themselves from insider threats.

Company Security Businesses should all ensure that they are taking all the necessary precautions to defend their companies against ransomware and phishing attacks - as well as ensuring employees are all trained in good cyber hygiene.

Neil Jones, Director of Cybersecurity Evangelism, Egynte, says: “While cyberattacks are hardly a new phenomenon, they have grown in sophistication in recent years, leaving many organisations vulnerable. However, while vigilant organisations have stepped up their protection measures, many risk overlooking an important contributor to cyber attacks: insider threats.”

“Insider threats come from those within an organisation, such as employees or business associates,” Jones adds. These threats account for 22% of security incidents. “While not always malicious, insider threats can be even more devastating than external attacks, because authenticated insiders are able to gain access to a much wider playing field than the average cyber-attacker.”

Matt Rider, VP of Security Engineering EMEA, Exabeam, says insider threats “come in an array of shapes and sizes” and come in three distinct categories, “malicious,

cybermagazine.com 57 TECHNOLOGY

“THE REQUIREMENTS FOR PROTECTING DATA CONTINUE TO GET MORE COMPLEX”

compromised, and negligent”. Rider explains: “The ‘malicious insider’ is an employee who intentionally steals data, either for personal gain or to negatively impact the organisation involved. A ‘compromised insider’, however, generally acts without malice and usually has no idea they’ve been compromised. All it takes is clicking on a link in a phishing email or opening an infected file and their credentials can become compromised. Finally, a ‘careless’ or ‘negligent insider’ is someone who leaves their laptop on the train, walks away from their unlocked workstation, or simply fails to follow cybersecurity best practices. These individuals can be particularly challenging, because their actions are very hard to predict and defend against.”

Raffael Marty, EVP and GM Cybersecurity, ConnectWise, says: "Organisations need to have a comprehensive security programme in place that focuses on both preparedness and visibility. This should cover the playbooks for how to react in case of relevant organisational events and security relevant incidents - from what to do when an employee leaves the organisation, to the specific procedures enacted in the event of an electronic threat such as ransomware or denial of service attack. Visibility means being able to identify and effectively react to potential adverse actions.”

Training Staff

Liad Bokovsky, VP Solution Consulting, Axway, says: “Insider-led threat incidents alone have increased by 44% this year, most of which were caused by careless employees (63%) not malicious ones.” He advises that companies “know their vulnerabilities, protect at the pace of attacks, keep their eyes open and put security first”.

Bokovsky states: “The ability to detect and respond to security threats as they occur is paramount. Security tactics must evolve as new relationships and workforce needs change – and as the enterprise perimeter shifts. And they have to do it at a speed that matches the fast evolutionary pace of security threats.”

cybermagazine.com 59 TECHNOLOGY

“THE NEED TO BACKUP DATA HAS BECOME UBIQUITOUS”

“Many insider threats are not intentional and are caused entirely by accident,” adds Bob Erdman, Director of Development, Threat Intelligence, Help Systems. “Users fall victim to malicious phishing or BEC scams and expose their credentials or other damaging information about the organisation. This is subsequently used by threat actors to gather intelligence and potentially cause damage to the user's company. This is not only a problem for the employees of the organisation but also can be caused by any third-party partner, contractor or member of the supply chain that can be used as an initial entry point into the final target's enterprise.”

Christopher Rogers, Technology Evangelist at Zerto, says “Employees are arguably an organisation's best and first line of defence” against insider threats. “To mitigate against the careless employee, businesses should invest in regular training on cyber hygiene and security best practices including how to spot a phishing email and where to report them. A tactic organisations take is to periodically send their employees sample dummy emails as a phishing email ‘drill’ as part of this training process.”

Martin Rehak, CEO, Resistant AI, raises awareness on the increase of deepfakes and shallowfakes. “The difference between deepfakes and shallowfakes is that while deepfakes require AI to create them, shallowfakes can be created using only basic

photo editing software, such as Photoshop,” Rehak explains. Employees should be on the lookout for fraudulent emails and attempts to garner company secrets.

Hybrid and Remote Working

“The way we work and protect our networks has changed drastically over the last few years,” said Terry Storrar, Planning Director, Leaseweb. “Remote working and BYOD have increased the number of attack vectors available to cyber criminals and blurred the lines of the network perimeter. As such, it’s no surprise that the 2021 Insider Threat Report by Cybersecurity Insiders found that 53% of cybersecurity professionals believe detecting insider attacks has become harder since shifting towards the cloud.”

60 November 2022 TECHNOLOGY

Scott Boyle, Head of Information Security, Totalmobile, adds that, “almost all remote workers will rely on either a desktop, laptop, or mobile device to work outside the office, and the vast number of these in existence is becoming a security headache for IT teams. Organisations with mobile workers have an even harder job than most as their employees are frequently on the move and utilising their devices from a diverse range of locations. These employees extend the perimeter that the organisation needs to monitor and manage. All of these mobile workers need to be able to access secure files and documents even when out on the road, possibly relying on a variety of unknown WiFi networks as well. Because of these working patterns, mobile workers can

become insider threats, even completely inadvertently.”

Leaving Processes

Andy Swift, Technical Director, Offensive Security, Six Degrees, explains how “data loss is one of the key insider threats faced by organisations today. When employees leave organisations, the most common forms of data loss are typically IP and client data. When it comes to protecting organisations, leaving processes are important: redacting system access, expiring certificates, removing VPN access… There is a long list, and one of the pitfalls is often not keeping said list up-to-date. All too often we see policies for leavers, yet the reality of following the leaving process is often far from ideal.”

cybermagazine.com 61

Disaster Recovery

Surya Varanasi, CTO, StorCentric, explains the consequences of insider threats to be monetary and reputational damage. “The cost of operations downtime, lost revenue, legal fees, regulations compliance penalties, a rise in insurance premiums, and/or a loss of customer trust,” can all be devastating to a company. “The need to backup data has become ubiquitous. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it

immutable and by eliminating any way that data can be deleted or corrupted.”

“If the worst does happen, it is essential to have a disaster recovery and backup plan so that any lost data can be recovered as quickly as possible,” furthers Andy Bates, Practice Director, Security at Node4. “This will ensure that downtime is kept to a minimum, whilst also protecting your organisation's reputation - reputational damage of insider action often costs more than the financial consequences they bring, and must be at the forefront of any security strategy."

62 November 2022 TECHNOLOGY

“DATA LOSS IS ONE OF THE KEY INSIDER THREATS FACED BY ORGANISATIONS TODAY”

Moving forward

Eric Bassier, Senior Director Products at Quantum, summarises: “The requirements for protecting data continue to get more complex - organisations are managing massive data growth across databases, virtual environments, and unstructured data sets. To strengthen cybersecurity and reduce business risk, organisations must employ a multilayered data protection approach to ensure resiliency and recoverability at any point of its data’s lifecycle.” This includes keeping three copies of data, such as a primary copy and two back-ups across disk and tape.

ANDY SWIFT TECHNICAL DIRECTOR, OFFENSIVE SECURITY, SIX DEGREES
cybermagazine.com 63 TECHNOLOGY

Cybersecurity associations

TOP 10
64 November 2022

There are a plethora of cybersecurity associations dedicated to supporting this burgeoning industry.

If you work in the cybersecurity industry there are a myriad of associations available to support you. We take a look at the top 10 cybersecurity associations in 2022.

TOP 10 cybermagazine.com 65

CISO Executive Network

The CISO Executive Network is a peer-to-peer professional organisation serving information security, IT risk management, privacy, and compliance executives from large enterprises, including corporations, healthcare systems, universities, and utilities. Formed in 2005 as CSO Breakfast Club, the organisation now reaches members across the United States and in a number of foreign countries.

09

Cloud Security Alliance CSA

The CSA is a not-for-profit organisation with the mission to “promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing. Founded in 2008 it’s headquartered in Seattle

TOP 10
10

The National Cyber Security Society

The National Cybersecurity Society (NCSS) says it’s committed to improving the online safety and security of the small business community through education, awareness and advocacy. Its goal is to enable and empower small and medium sized businesses to obtain cybersecurity services, assist them in understanding their cyber risk, and advise them on the type of protection they need.

National Association of ISACS

The mission of the National Council of ISACs (NCI) is to advance the physical and cybersecurity of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with government.

Members of the Council are the individual Information Sharing and Analysis Centers (ISAC) that represent their respective sectors.

cybermagazine.com 67
08
07

The connected supply chain turns volatility into opportunity.

The e2open connected supply chain platform provides the end-to-end visibility and collaboration you need to tackle unpredictability. Build trust and confidence with your channel, supply, logistics, and global trade partners. Take control of supply constraints through direct procurement and meet customer commitments in the face of disruptions and scarcity.

The connected supply chain. Moving as one™. www.e2open.com

E2open and the e2open logo are registered trademarks of e2open, LLC, or its affiliates.

ISF – Information Security Foru

The ISF is a leading authority on information and risk management. Its members range from Fortune 500 and Forbes 2000 listed corporations to public sector bodies and government departments. Dedicated to meeting the increasing demand for practical business-driven solutions to cybersecurity and risk management problems, the ISF undertakes a research programme, providing members with the opportunity to develop best practices and share a wealth of expertise. The key event enabling Members to do this is the ISF World Congress.

Center for Internet Security

CIS is a non-profit organisation focused on enhancing the cybersecurity readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS provides resources that help partners achieve security goals through expert guidance and cost-effective solutions.

TOP 10 cybermagazine.com 69
06
05

The SANS Institute 03

The SANS Institute is a private US for-profit company founded in 1989 that specialises in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing.

04

The Open Web Application Security Project -OWASP

OWASP is a non-profit foundation that works to improve the security of software. Through communityled open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

TOP 10
70 November 2022

Information Systems Security Association ISSA

ISSA is a non-profit organisation for the information security profession committed to promoting effective cybersecurity on a global basis. It is a well respected forum for networking and collaboration. It provides education and knowledge sharing at all career lifecycle stages and is a highly regarded voice of information security that influences public opinion, government legislation, education and technology with objective expertise that supports sound decision-making.

TOP 10 cybermagazine.com 71
02
Get tickets Sponsor opportunities SHAPING THE FUTURE OF BANKING, FINANCIAL SERVICES & PAYMENTS A BizClik Event: 3,000+ Participants 2 Days 2 Stages 70+ Speakers

Watch our 2021 Showreel

Join us at FinTech LIVE London

presentations, Q&A sessions to 1-2-1 networking, the 2-day hybrid show is an essential deep dive into issues impacting the future of each industry today.

Global giants and innovative startups will all find the perfect platform with direct access to an engaged and active audience. You can’t afford to miss this opportunity.

See you on:

Sponsor opportunities

1st-2nd November 2022

International Information Systems Security Certification Consortium (ISC)²

(ISC)² is an international, nonprofit membership association for information security leaders. The association says it’s committed to helping members learn, grow and thrive. It boasts 168,000 certified members and says it empowers professionals who touch every aspect of information security. The association offers globally recognised certifications, networking and collaboration opportunities and has a professional development institute.

The

Consortium

TOP 10
01
International Information System Security Certification
74 November 2022
TOP 10 cybermagazine.com 75 01
PRESENTS THE FUTURE OF EV GET YOUR TICKETS 2ND FEB 2023 | 6:35-8PM GMT STREAMED LIVE FROM LONDON TRANSPORT MUSEUM THE MUST SEE FREE VIRTUAL EVENT

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.