EFraming a Sound Risk Management Approach
Withtheneweraofemergingtechnologiescomesthewaveofchangeanddisruption.Whilebusinessesarefocusing
onthesetechnologiesinordertotransformtheirbusiness,chancesofriskanduncertaintyarealsogrowingalong withthem.Adoptingnewtechnologiesinbusinessprocessescouldalsobringsomeinevitableriskswiththem. Newcompetitors,regulatorycomplexity,naturalhazards,supplychainfailure,mechanicalbreakdown,cyber-attacksare somerisksthatcanoccurwithoutanypriornotice.Unmanagedriskscancreateahugeimpactondecisionsrelatedto investment,productdevelopment,sustainability,safety,etc.Thus,assessingsuchrisksandrespondingthemaccordingly becomesmandatoryastheycandestroysourcesofvaluecreationforthebusiness.Thisiswheretheneedforanintegrated approach,EnterpriseRiskManagement(ERM),generates.
Asbusinessrisksarecontinuallyincreasing,corporationsarefindingitmandatorytoimplementsomesortofrisk managementframework.AneffectiveERMprogramcannotonlyhelporganizationstomanagetheirrisksandmaximize opportunities,butalsocanstreamlinetheirbusinessprocessessoastoachievetheirorganization’sgoals.
Aftertheemergenceofthefourthwaveofindustrialrevolution,businesseshavecomethroughmanyrepercussions.The changescomprisingcoststructures,outdatedbusinessplatformandpractices,marketevolution,clientperception,andpricing pressuresoccurredhaveimpliedacertaindegreeofunknownrisksformanybusinesses.Thoughriskscanhave detrimental effectsonbusinesses,theyalsoactasanopportunitytoinstigatethechange,asbytakingariskcentricapproachbusinesses canformulateastrategyforsuccess.Hence,byincorporatinganintegratedapproach,EnterpriseRiskManagement(ERM), businessesareachievingtheirgoalsandobjectives,evenwhentheyencounterobstacles.Yet,manybusinessesarestill findingitdifficulttodealwithchangesdrivenbyfourthIndustrialRevolution.
Thepresentriskmanagementpracticesarelackingsuitabilitytointerpretriskssooner.Hence,inordertoenhancetheability toseeandunderstandriskywaves,manycompanieshavedevelopednewtoolsandtechniques.Byundertakinganew managementdiscipline,thesenewtoolsandtechniquesareenablingbusinessestoeasilypredictandrespondtothewavesof disruption.Businessesareabletocontinuouslymonitorthechangesintheenvironmenttodeterminewhichcouldbetruly disruptive.
Inordertoportraythesignificanceofaninnovativeapproachandframeworkinidentifyingrisks,InsightsSuccesshas enlisted“The10MostTrustedERMSolutionProviders,2019”,whichhavebuiltandaredeliveringagileandflexiblerisk managementframeworksthatenablebusinessestoanticipateandpreparefortheshiftsthatbringlong-termsuccess.
OurcoverstoryfeaturesZebu,acompanybasedoutofWaterloo,Ontario,knowntobethesecondfastestgrowingstartup communityintheworld.Zebuiscreatingasecurecloud-basedplatformforallbusinessmanagementneeds.Thecompany strivesforbusinessesofallsizestohavethebestmanagementandproductivitytoolsavailabletothem,withsecuritybeing thetoppriority.
Also,makesuretoscrollthroughthearticleswrittenbyoureditorialteamandCXOstandpointsofsomeoftheleading industryexpertstohaveabrieftasteofthesector.
Let’s start reading!
Though risk is an uncertain phenomenon, it can be used to fuel innovation.
“ “
Hitesh Dhamani
Helping Small Businesses Survive Technology Destruction 08 COVER STORY
CyberSaint Security: Bringing Automation and Visibility to Compliance and Risk Management Programs CoalFire: Empowering Organizations to Manage Risks Effectively CONTENTS What GDPR Forgets: The Physical Security Expert’s Thoughts Top 5 Email Security Threats Maestro’s Insights 32 22 18 30 Editor’s Pick Data Center Security: Controlling Possible Threats 16 Tech Talk Chatbots: A Dynamic Digital Gesture for Creative Entrepreneurs 36 Editor’s Prespective Network Security: Threats & Solutions 26 ARTICLES
sales@insightssuccess.com March, 2019 Editor-in-Chief Co-designer Senior Sales Manager Business Development Manager Marketing Manager Technical Head Technical Specialist Digital Marketing Manager Research Analyst Database Management Technology Consultant Pooja M. Bansal Managing Editor Anish Miller Executive Editor Kaustav Roy Assistant Editors Jenny Fernandes Hitesh Dhamani Visualizer David King Art & Design Director Amol Kamble Associate Designer Tejas Kulkarni Passi D. Peter Collins John Matthew Sales Executives David, Kevin, Mark, Manish Business Development Executives Steve, Joe, Alan, Binay Jacob Smile Aditya Marry D’Souza SME-SMO Executive Prashant Chevale Patrick James Circulation Manager Robert Brown Stella Andrew David Stokes Asha Bange Co-designer Copyright © 2019 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights Success. Reprint rights remain solely with Insights Success. Follow us on : www.facebook.com/insightssuccess/ www.twitter.com/insightssuccess We are also available on : Insights Success Media Tech LLC 555 Metro Place North, Suite 100, Dublin, OH 43017, United States Phone - (614)-602-1754 Email: info@insightssuccess.com For Subscription: www.insightssuccess.com Insights Success Media and Technology Pvt. Ltd. Off. No. 513 & 510, 5th Flr., Rainbow Plaza, Shivar Chowk, Pimple Saudagar, Pune, Maharashtra 411017 Phone - India: +91 7410079881/ 82/ 83/ 84/ 85 Email: info@insightssuccess.in For Subscription: www.insightssuccess.in
The10Most Trusted Solution Providers 2019 ERM www.zebu.io
Runningabusinessisa complicatedtask.Thereare numerousfunctionsworking atthesametimeandeachandevery functionisinterdependent.Which means,delayinoneaspectofa businesswilldirectlyaffectthepace atwhichanotheraspectis functioning.Withtheweightofsuch activitiesalreadyputonits shoulders,itbecomesverydifficult foranenterprisetomanagedayto daytasks.Smallandmedium businessesareespeciallyaffectedby this,astheydon’thavetheresources toimplementheavysoftwareto manageeverything.
Tomeettherequirementsofsmall andmediumenterprises,Zebucame forwardwithitscomprehensive services,resolvingalltheissueswith itsall-in-oneapproach.
Withthevisiontohelpcreateaworld that’sfullofvibrant,diverseand prosperouslocalbusinesses,Zebu,a start-upinWaterloo,Canadawas created.Itisfocusedonhelpinglocal businessesthrivebyprovidingthem withtoolstoimproveteam collaborationandproductivity.Zebu existstohelpsmallbusinesses succeedintheirlocalcommunities.It buildstoolsthatallowsmallbusiness
ownerstospendlesstimemanaging theirbusinesses,allowingthemtoget backtotheirpassions.Itoffersa platformtohelpSmallandMedium Enterprises(SMEs)managetheir entirebusiness,includinganall-inonesolutionformessaging,storage andscheduling-allofwhichare encryptedtoprotecttheirdata.
TheservicesofferedbyZebumake runningthecompanyeasiersothat ownerscanfocusonwhattheydo bestwhilegrowingtheirbusiness. Thecompanybelievesthatmany smallbusinessesareundersiege fromlarge,globalbusinessesusing
advancedtechnologytogainefficiencies. Thesetechnologiesareoftentoo complicatedortooexpensiveforlocal businessestoembrace.Forthispurpose, Zebubuiltanall-in-oneproductivitysuite gearedspecificallytolocalbusinesses, aimedathelpingthemimprove collaborationandproductivityacrosstheir team,sothatbusinessownerscanfocuson whattheydobest.
VisionaryChildProdigy
JesseDavidThéistheFounderandCEO ofZebu.Hecameupwiththeideabehind Zebuwhileinhighschool.Hespentsome timelookingintowaystohelplocal businessesgetequippedwithmodern technologysothattheycouldbetteroperate andthrive.Hefoundaglaringgapinthe solutionsoffered.TheERPsolutionstohelp managebusinesseswereincredibly complex,hardtouse,andcumbersometo setup.Thereweresinglesolutionappsthat couldhelpmanageasingleaspectofthe business,butthisapproachofcoveringall theirneedsquicklybecametoo overwhelmingtomanagewhensomany appswererequiredtomanagethebusiness. WhattheseSMEsneededwasanall-in-one solutionthatwasaseasytouseasthesingle solutionapps.That’swheretheideafor Zebucamealong.
Speakingaboutcomingupwithnewideas, Jessebelievesthatmostoftheownersof smallormediumsizedbusinessesspendthe vastmajorityoftheirtimejusttryingto makesurethingsarerunning.Thistakes awayfromthetimetheycanspendcoming upwithnewideastoexpandtheirbusiness. Hestates,“Ifwecanhelpreducethe amountoftimeownersneedtospend managingeverything,theycangetbackto focusingongrowingtheircompanies.”
ProductsthatComplimentEfficiency
AccordingtoZebu,manyofthetoolsthat localbusinessesusetodayareisolatedfrom eachother.Messagingisdoneatoneplace, whileschedulingisdoneatanother.This forcesbusinessownerstochangetheway theyworkinordertoadapttothe technology.Asanall-in-oneplatform,Zebu bringstogetherthetoolsthatlocalbusiness
ownersrelyontokeeptheirbusiness runningsmoothly.Onegreatexample isthatitssecurityandencryptionjust happenautomaticallyinthe background,withoutanyspecific actionsrequiredbytheuser. Encryptingafilelikeacustomer orderorfinancialspreadsheetisas simpleasdragginganddroppingit intoZebu.
OnthatnoteJesse asserts,“Whenit comestoyourcompany’s communication,financials, intellectualproperty,human resources,andrelatedactivities, confidentialityiscritical.Zebugives thematransparentlayerofsecurity. Also,whilemostsoftwarecompanies thatcreatebusinesstoolshavebuilt theirbusinessmodelsaround scanningandsellinguser information,Zebuusesencryption thatmeanswehavenowaytoreada customers’messagesoraccesstheir information.”
Zebuoffersvariousotherservices includingSecureTeamMessaging, allowingclientstohaveinstant communicationandlongform discussionsfromanywhereinthe world;CloudStoragefortheentire team,providingallmembersaccess toasecurecloudstoragesystem allowingthemtopullthefilesthey needfromanywhereintheworld. Everyteammemberhasaccesstoa personalcalendarthatcanbeshared withothers,makingiteasytoplan aroundpeople’sschedules.Theycan alsoseteventsasprivatetoensure thatsensitivemeetingsandevent informationiskeptwithonlycertain individuals.
ComprehendingGradually
Zebu’sinitialtoolwasadispatchand servicerequestsystemtohelplocal taxicompaniescompetewithUber, andalsohelpotherdelivery companiesmanagetheirfleet.Its transportapphadtheflexibilitytobe
ZEBUTeam
ataxihailingappandan“object”deliverysystem.While creatingthistool,andworkingwiththesecompanies, Zebuperceivedthatoneofthebiggestissuestheyhad wasalackofpropercommunicationandscheduling tools.Hencethecompanydecidedtoaddthosefeatures totheinitialplatforminordertohelpthecompanies communicateandscheduleordersandrides.
Onceitbecameclearthattheneedsfortheseservices wasfargreaterandexistingplatformscouldnotdelivera compellingsolution,Zebushifteditsfocusentirelyto thosetoolswiththeadditionofcloudstorageandfile management.Zebu’scompetitioniscomposedofdozens ofsingle,point-solutionappsthatonlyhelpwithone thing.Itintegratesallbusinessaspectsintoasingleeasyto-useapplication,makingsingle-functionbusinessapps irrelevant.
AdditionalFunctionality
ZebuiscontinuouslybuildingupitsCloudplatformthat intelligentlyconnectsallaspectsofbusinessina streamlinedmodularERPsystem.Zebuprovidessmall tomediumsizedenterprisesacrossnumerousgoodsand servicesindustriesaccesstothehighestqualitytools availabletothem. Thisenablesthemtothriveinthe21st century.
Zebuhasambitiousplansforthefutureofitsplatform. Itwillre-shapethewaylocalbusinessesaroundthe worldoperate.Itstartedwithcommunication,storage, andscheduling,butwillsoonaddadditional functionalitytosupportbusinessesacrossalltheirneeds.
ClientalAssessment
“We were looking for an application that would do a better job than just messaging. We had issues with the previous message app, where we had to manually take care of simple task requests in the message. For example, messages would request meeting dates, and we would have to exchange dozens of text messages to define common availability. Zebu just automatically creates polls. We would receive dozens of files, which were hard to find later when we really needed them. Zebu has a clever organization of files, where we always find them. We also love the fact that everything is encrypted to guarantee our intellectual properties are protected.” –EduardoPereira,President,Redesa.
Address : Country : City : State : Zip : Global Subscription Date : Name : Telephone : Email : READ IT FIRST Never Miss an Issue Yes I would like to subscribe to Insights uccess Magazine. , S SUBSCRIBE TODAY Cheshould be drawn in favor of: ck INSIGHTS SUCCESS MEDIA TECH LLC Insights Success Media Tech LLC 555 Metro Place North, Suite 100, Dublin, OH 43017, United States Phone (614)-602-1754,(302)-319-9947 : Email: info@insightssuccess.com For Subscription: www.insightssuccess.com CORPORATE OFFICE
Data Center Security:
Controlling Possible Threats
Theriseincyber-crimesisoneofthemaincausesof Datacenteroutages.Aspertherecentsurvey conductedbyindustryinsiders,cyber-crimecaused 22percentdatacenteroutagesin2015opposedto2percent outagesin2010.Addingtoallthese,nowmostofthedata centersarere-evaluatingtheirsecuritypoliciesafterthe recentWannaCryransomwareattack.
Datacenteroutagescausecompaniestolossrevenuein manyways.However,thecostliestlossisservice interruptionandlossofITproductivity.So,the organizationsarenowrealizingthattraditionalsecurityis nolongersecureenoughtosecureanydatacenter.Arecent studyhasfoundthat83percentoftraffictravelseast/west withinthedatacenter,whichstaysundetectedbythe perimetersecurity.Inthisenvironment,whenanattacker infiltratestheperimeterfirewall,thencanjumpacrossthe systemwithease,extractinformationandcompromise valuabledata.Additionally,datacenterscanfaildueto trespassersoraterroristattackorbynaturalcalamities.
So,howcanonesecureadatacenterinthebestway possiblefromanykindofcyberthreat?Don’tworrywe’ve gotyoucovered,withthepointsbelow.
Asthefirststep,oneshouldMaptheDataCenterandflag thehackerswithinthevirtualandphysicalinfrastructure. TheCSOsandCIOswithasystemmapoftheirsystems canreacttoanysuspiciousactivityandtakestepstostop databreaches.Beingabletovisualizedifferenttraffic patternswithinanetworkhelpstounderstandthreats,that eventuallyelevatesthelevelofsecurity.
Understandingandmeasurementoftrafficflowwithin thedatacenterboundaryareveryimportant.Inthecaseof
anyinterruptionintrafficacrosseast/westvsnorth/south, protectedvsunprotectedonecangettoknowaboutathreat. Additionally,vulnerablezonesandunprotectedtrafficneed tobemonitoredforabetterresult.
Firewallrulesneedtobedefinedandimplementedasper requirements.Additionally,oneshouldallowtrafficonly afterthoroughverificationandselectivelyallow communicationtoensuremaximumprotection.Thekeyis toidentify,whatislegalandsecuredandwhatcanbe blockedtoenhancesecurity.
OneneedstoBuildaTeamwithexecutiveswho understandhowtrafficflowswithinthepremisesandcan access&secureinformation,takenecessarymeasuresto secureimportantassetsalongwiththeimplementationof roadblocksfortheattackers.
Securitymustmoveasfastasadatacenter’stechnology adoptionandintegration.SecurityStrategyShould ChangeAlongsidetheTechnologyanditshouldnotbe treatedasanadd-onoption.Additionally,businessesalso shouldensurethattheirvirusprotection,signaturesother protectionfeaturesareuptodateforbetterprotection.
BusinessesshouldIdentifyandPlaceControlsoverhighvalueassets,whichwillhelptoreducerisk.However,older securitysolutionsarecompletelyblindtonewthreats,new securitycompanieshaveproducedlatestsolutionsthat protectdatainthevirtualworld.
AccessRestrictionalsoneedstobeimposed.Every businessshouldthoroughlycheckaperson’sbackground beforegivingtheaccesstoaprizedpossession.Accessto themainsiteandtheloadingbaymustbelimited,
March 2019| 16 Editor’s Pick
additionally,two-factorauthenticationsandfortifiedinteriorswithsecurityguardsandrovingpatrolswouldhelpto safeguardtheemployeesandthedatacenter.
InstallingSurveillanceCamerasaroundthedatacenter,alongsideremovingsignswhichmayprovidecluestoitsfunction helpstolocateanintruder.Abufferzonebetweenthedatacenterandalltheentrypointswilllimitunlawfultrespassingtoa greatextent.Additionally,thedatacenterneedstobefarawayfromthemainroadanditshouldnothaveanywindowsother thanadministrativepurposesforbettersecurity.
AdatacentershouldCheckTestBack-UpSystemsregularlyasprescribedbythemanufacturer.Itshouldalsoensureto makealistandofDo’sandDon’tsintheeventofanattack.Recoveryplansandsecurityplansalsoneedtobechecked thoroughly.
DatacentersarealwaysaSoftTargetforTheTerrorists,asanattackonthemcandisruptanddamagemajorbusinessand communicationinfrastructure.So,securityneedstobetakenseriouslyandtodothatproactivestepsshouldbetakentolimit theimpactofaterroristattack.
TrainedSecurityGuardsneedstobepostedinsideadatacenterandtheyshouldbewelltrained.Securityofficersmust undergostrictsite-specifictrainingtomonitorsurveillancefootage.Dependingonthesizeofdatacenterandthenumberof securitycamerasmultiplesecurityofficersmayberequiredonduty. Securityofficersdedicatedtoinspectingsurveillance footagehelpswhenitcomestosecuringadatacenter.
DisasterRecoveryisverymuchimportant,thatmustbeinplace.Ifthedatacenterstopsfunctioningafteranattackor naturalcalamity,itmusthaveawaytorestoreoperationsassoonaspossible.Tobereadyforadisasterandtoevaluatethe disasterrecoveryplan,it’snecessarytotrainstaffswellandexperiencesimulateddisasters.
Toavoidtheseobstacles,oneneedsafairbitofknowledgeofnewsecuritysystems,solidplans,andcomprehensive visibility.Themoreworkadatacentercandoupfrontintheabove-mentionedareasthebetterthechancesofsuccesswith lesseroutages.
17 |March 2019
Empowering Organizations to Manage Risks Effectively
WithincreasedusageoftheWorldWideWeb, securitybreachesarebecomingamore commonoccurrencenowadays.Thepast coupleofyearshavewitnesseddetrimentalsecurity breachestothecommonpublic,multinational organizationsandsmallcompaniesalike.
EntertheColorado-basedcybersecurityadvisoryfirm Coalfire,whichhelpsprivateandpublic-sector organizationsavertthreats,closegapsandeffectively managerisk.Theorganizationhelpsitsclientsdevelop scalableprogramsthatimprovetheirsecurityposture, achievetheirbusinessobjectivesandfueltheircontinued successbyprovidingindependentandtailoredadvice, assessments,technicaltestingandcyberengineering services.
It’sAllaboutQuality Coalfireemploysaprocess-drivenqualitymanagement systemthatensureseffectiveandrepeatableproject, staffingandcontractmanagementactivitiesbasedon CapabilityMaturityModelIntegration,Project ManagementBodyofKnowledge,andISOstandardsas wellasindustrybestpractices.
Throughanemphasisonefficiencyandquality,Coalfire strivestoimproveitsclients’experience,refineproject metricsanddeliverunparalleledresults.Thecompany preferstokeepitsfocusonaconsistentapproachto deliveryandcontinuallyimproveallCoalfireservices throughevaluation,internalauditandinternalcorrective andpreventivemeasures.
IdentifyingRisks
Coalfireadvocatesforcreatingariskregisterwhereeach riskisdescribed,itsseverityisdetermined,ownership forriskmitigationisdefinedandriskmitigationtactics areclearlyarticulated.Thisriskregistershouldbe
updatedatleastmonthly,includingprogressreportson allexistingrisksalongwithanynewrisksthatmustbe considered.Ariskcommitteeshouldthenreviewthe registermonthlytotrackstatusontheexistingandnewly identifiedrisks.
AccordingtoCoalfire,theprimarycategoriesofrisk organizationsshouldconsiderinclude: Ÿ
Strategic:Doesariskposeathreattothesuccessof keystrategicinitiatives? Ÿ
Financial:Theunplannedcostsorreductionof revenueariskcouldpresentifrealized Ÿ Operational:Doesariskposeathreattohowwork getsdone? Ÿ
People:Agingworkforce,talentgapforneededskills, healthandsafety,riskculturenotwellestablished
Reputation:Willtheorganizationsufferdamagetoits credibilitywiththepublicorotherstakeholders;will itimpactcustomerloyalty/retention? Ÿ
Technology:Exposeskeyinfrastructure/datato theft/loss,cyberthreats,impactofuseofnew technologysuchascloud,AI/machinelearning,big dataanalytics Ÿ
Legal:Risktriggerslitigation,contractualrisks Ÿ
Regulatory/Compliance/Privacy:Failuretocomply canresultinlargefines.ExamplesincludeHIPAA, PCI,GDPRandthenewCaliforniaConsumer PrivacyAct Ÿ
Regulatoryoverreach:Toomuch (overlapping/competing)regulationleadsto confusion,overspendingandlackofabilitytokeep upandcomply.
ALeaderwiththeMissionofReducingEnterprise SecurityRisk
TomMcAndrew,theCEOofCoalfire,hasover15 yearsofleadershipexperienceininformationsecurity
Ÿ
The10Most Trusted Solution Providers 2019 ERM March 2019| 18
strategies,assessmentandauditforbothcommercialand federalsectors.Hejoinedtheorganizationin2006,and sincethenhasheldkeyleadershiprolesspanningSales, ServiceDeliveryandTechnicalTesting.
BeforejoiningCoalfire,Tomdesignedinformation securityandweaponssystemsforSpaceandNaval WarfareCommand,NavalSeaSystemsCommandand theU.S.Navy.Hebringsallthisexpertisetohis leadershipposition,overseeing,inahands-onmanner, howthecompanyhelpsenterprisesidentifyandmanage risks.
Coalfire’smissionisexclusivelyfocusedonenterprise riskreductionandmanagement;Tomandtheentire leadershipteamarefocusedondirectingtheorganization towardhelpingcustomersachievetheseaimsefficiently andeffectively.Heisahighlyvisiblethoughtleader, presentingfrequentlyinprivateandpublic-sector speakingforumsandcontributingarticlesand commentaryinthemedia,includingtheWallStreet Journal,WashingtonPost,InfosecurityMagazineand manyothers.
MonitoringCyberRisks
Duringitsinitialdays,Coalfire’sbusinesswasformedto helporganizationscomplywithemergingdatasecurity regulations,suchasthoseimposedintheheathcareand financialservicessectors.Althoughcompliancetothe ever-expandinglistofdataprivacyregulationsremains vitaltoCoalfireanditsesteemedclients,theindustry nowrecognizesthat“compliancedoesnotequal security,”andCoalfire’sserviceshavethusevolvedto meetthisrecognition.Asaresult,theorganizationhas expandedfromacompliancefirmtoonethatoffersafull
suiteofcybersecurityservicesdesignedtohelpitsclients identify,mitigate,andrespondtocyberrisks.
Coalfirebelievesthatrapidlychangingtechnologies, suchasthecloud,combinedwiththeever-evolving cyberthreatlandscaperequiresorganizationstoview cyberrisksasacriticalbusinessissueandnotjusta concernrelatedtoIT.Astechnologiesandthreats continuetochange,Coalfireseesacontinuousneedto monitorcyberrisks,leveragingtoolsandkeybusiness partnerswherepractical,inlieuofjustadding cybersecurityprofessionals,whoareincreasinglyin shortsupply.
DevelopingaCultureofSecurity Coalfirebelievesadequatelyidentifyingandprioritizing risksshouldbeginwiththedevelopmentofagovernance structure,whichshouldbeariskcommitteeandneedsto bechairedbyCISOorequivalent.
Accordingtothecompany,itisimportanttodevelopa cultureofsecuritywhereemployeesareallencouraged toreportissuestheyseethatposepotentialrisktothe organizationwithoutanyfearofreprisal,butratherwith theblessingandencouragementofseniorleadership. Thesupportoftheboardand/orexecutivemanagement iscritical;theyneedtoclearlyarticulatetheimportance ofsecurityandreportingrisksthroughoutthe organization.
“Coalfire not only helps you understand risk, but also empowers you to manage it effectively.”
19 |March 2019
Expert’sThoughts March 2019| 22
The Physical Security
About the Author
Gisle M. Eckhoff joined DigiPlex in August 2014 as Chief Executive Officer. He brings nearly thirty years’ experience in senior positions in the IT industry in the US, Sweden, UK and Denmark as well as at home in Norway. Gisle is the former Senior Vice President and Managing Director of CGI’s operation in Norway, and has also held a number of senior management roles at both country and regional levels in CSC Computer Sciences Corporation.
The experience and knowledge gained from heading up the Financial Services vertical in the Nordic region, before becoming Vice President and Managing Director of CSC in both Norway and Sweden, is of great value when implementing DigiPlex’ growth strategy in the Nordic markets.
TheEU’sGDPRlegislaturewillhaveconsequencesforeverycompanydoingbusinessin
Europe,includingAmericancompanies.Thenewdirectivepromisessizeablefinesto anyonethatdoesnottakepersonaldataseriously.Meanwhile,thedatacentrecompany DigiPlexurgescompaniestofocusonanotherimportantaspect:physicalsecurity.
TheGeneralDataProtectionRegulation’s(GDPR)purposeistoharmonizelegislationrelatedto personalinformationacrosstheEU’smemberstates.Itdoeshoweveralsocreateradicalchallenges forAmericanbusinessesholdinginformationonEUcustomers.ComeMay2018,whenthe legislationentersintoforce,companieswillhavepubliclydisclosedhowthedataisused,inaddition toofferingtransparencyforindividualsseekingaccesstotheirdata.TheGDPRincludesasanction mechanism,andthefinesfornon-compliancecanreach4percentofacompany’sannualrevenue.
• Business will obviously change for everyone not taking personal information seriously. This will clearly raise awareness regarding how the data is secured, but it’s also vital not to forget where the information is located, saysDigiPlexCEO,GisleM.Eckhoff.
23 |March 2019
Movingdatatosafety
Americancomputersecuritycompany,McAfee,publishedastudyofover800companyleadersfrom differentsectors.Thereportrevealsthat50percentoftherespondentsstatethattheywouldliketomove theirdatatoamoresecurelocation.AmotivatingfactoristhenewEUlegislation.Thereportalso revealsthat74percentofthebusinessleadersspecifiedthattheythoughtprotectingthedatacorrectly wouldattractnewcustomers.
• Data security is not just about protecting yourself against hacking and other digital threats. The overall security critically depends on where your data is stored. Companies who actively select a secure data centre to host their data will gain a competitive advantage in the market as the management of personal information is in the spotlight, saysEckhoff.
Physicalsecurityisforgotten
WhileEU-basedcompaniesareintheprocessofadaptingtotheGDPR,Gartnerpredictedonly50 percentofAmericanfirmswillbereadyforthestrictregulationbytheendof2018.It’sprimarilythe largestcompaniesandpublicenterprisesthatarefurthestalongintheprocessofadaptation.According toEckhoff,theyareusuallytheonesthatarethemostconcernedwithdatasecurityandwhereitis stored.Fireandoperationalsafetyaretwoobviouschallenges,butphysicalsecurityalsoincludes securingyourselfagainsttheft.
• Several smaller businesses and organizations keep their data servers at their o�ces, and the physical security in many of the smaller data centers is almost absent. If your data is stored in such a data center, where someone easily could break in and physically remove the hardware containing your information, then you are very vulnerable – both operationally and in relation to GDPR, saysEckho�.
AtDigiPlex’sdatacenters,severallayersofsecurityensurethesafetyofthedataandthepersonal informationthatisstoredthere.Physicalsecurityisoneofthemostcomplicatedandexpensivefeatures whenbuildingorupdatingadatacenter.Thatiswhynewlyestablisheddatacentershavetoreach criticalmass,allowingthemtostoreenoughdatatocompensateforthelargesecurityinvestment.
AdaptingtoGDPR
Oneconsiderationtotake,aswearegettingclosertotheimplementationdateofGDPR,iswhereyour datacentershouldbelocated.SeveralUSbasedcompaniesarealreadyrelocatingtheircenterstotheEU inordertocomply.Multipledatabaseprovidersarehelpingnon-EUcompaniesorganizeandsegregate EUdatafromotherpersonalinformation.ThedatacenterindustryiswellestablishedinEurope,and someofthemostcostandclimateefficientcentersarelocatedintheNordiccountries.
IntheNordics,thecoolclimatehelpschilldownvastamountsofhardwarethatotherwisewouldhave beencooleddownsolelybyelectricity.Additionally,theelectricitythatisrequiredbydatacenterstorun theiroperationsissuppliedthrougheasyaccesstoaffordablerenewableenergy.
• In recent years, we have seen political turbulence in larger parts of the world, Europe included. The stabile political environment in the Nordic countries is also a climate to consider, as the establishment of data centers is a long-term investment, saysEckhoff.
March 2019| 24
Threats NETWORK SECURITY Threats & Solutions Solutions
November3,1988,isconsideredasaturningpoint
intheworldofInternet.25YearsagoaCornell Universitygraduatestudentcreatedfirstcomputer wormontheInternet,“MorrisWorm.”TheMorrisworm wasnotadestructiveworm,butitpermanentlychangedthe cultureoftheInternet.BeforeMorrisunleashedhisworm, theInternetwaslikeasmalltownwherepeoplethought littleofleavingtheirdoorsunlocked.Internetsecuritywas seenasamostlytheoreticalproblem,andsoftwarevendors treatedsecurityflawsasalowpriority.
Today,thereisaparadigmshift,Morriswormwas motivatedmorebyintellectualcuriositythanmalice,butit isnotthecasetoday.Accordingtoa2015Report,71%of representedorganizationsexperienced,atleast,one successfulcyberattackinthepreceding12months(up from62%theyearprior).
Accordingtosurveyreport,disclosesthat,among5500 companiesin26countriesaroundtheworld,90%of businessesadmittedasecurityincident.Additionally,46% ofthefirmslostsensitivedataduetoaninternalorexternal securitythreat.OnaverageenterprisespayUS$551,000to recoverfromasecuritybreach.SmallandMediumbusiness spend38K.
Incidentsinvolvingthesecurityfailureofathird-party contractor,fraudbyemployees,cyberespionage,and networkintrusionappeartobethemostdamagingforlarge enterprises,withaveragetotallossessignificantlyabove othertypesofthesecurityincident.
Let’sTakeaLookatRecurrentSecurityThreatsTypes-
DenialofServiceAttacks
Adenialofservice(DoS)attackisanincidentinwhicha userororganizationisdeprivedoftheservicesofaresource theywouldnormallyexpecttohave.Theseattacksarevery common,accountingformorethanone-thirdofallnetwork attacksreviewedinthereport.Astandardapproachisto overloadtheresourcewithillegitimaterequestsforservice.
BruteForceAttacks
Bruteforceattacktriestokickdownthefrontdoor.It’sa trial-and-errorattempttoguessasystem’spassword.The BruteForceAttackpasswordcrackersoftwaresimplyuses allpossiblecombinationstofigureoutpasswordsfora computeroranetworkserver.Itissimpleanddoesnot employanyinventivetechniques.
IdentitySpoofing
IPspoofing,alsoknownasIPaddressforgery.Thehijacker obtainstheIPaddressofalegitimatehostandalterspacket headerssothattheregularhostappearstobethesource.An attackermightalsousespecialprogramstoconstructIP packetsthatseemtooriginatefromvalidaddressesinside thecorporateintranet.
BrowserAttacks
Browser-basedattackstargetenduserswhoarebrowsing
Editor’s Prespectives March 2019| 26
theinternetwhichinturncanspreadinthewholeenterprise network.Theattacksmayencouragethemtounwittingly downloadmalwaredisguisedasafakesoftwareupdateor application.Maliciousandcompromisedwebsitescanalso forcemalwareontovisitors’systems.
SSL/TLSAttacks
Transportlayersecurity(TLS)ensurestheintegrityofdata transmittedbetweentwoparties(serverandclient)andalso providesstrongauthenticationforbothsides.SSL/TLS attacksaimtointerceptdatathatissentoveranencrypted connection.Asuccessfulattackenablesaccesstothe unencryptedinformation.SecureSocketsLayer(SSL) attacksweremorewidespreadinlate2014,buttheyremain prominenttoday,accountingfor6%ofallnetworkattacks analyzed.
NetworkSecurityisanessentialelementinany organization’snetworkinfrastructure.Companiesare boostingtheirinvestmentsinproactivecontrolandthreat intelligenceservices,alongwithbetterwirelesssecurity, next-generationfirewallsandincreasinglyadvanced malwaredetection. The U.S. Federal Government has spent $100 billion on cyber security over the past decade, $14 billion budgeted for 2016.
Increaseduseoftechnologyhelpsenterprisestomaintain thecompetitiveedge,mostbusinessesarerequiredto employITsecuritypersonnelfull-timetoensurenetworks areshieldedfromtherapidlygrowingindustryofcyber
crime.Followingarethemethodsusedbysecurity specialiststofullproofenterprisenetworksystemPenetrationTesting
Penetrationtestingisaformofhackingwhichnetwork securityprofessionalsuseasatooltotestanetworkforany vulnerabilities.DuringpenetrationtestingITprofessionals usethesamemethodsthathackersusetoexploitanetwork toidentifynetworksecuritybreaches.
IntrusionDetection
Intrusiondetectionsystemsarecapableofidentifying suspiciousactivitiesoractsofunauthorizedaccessoveran enterprisenetwork.Theexaminationincludesamalware scan,reviewofgeneralnetworkactivity,system vulnerabilitycheck,illegalprogramcheck,filesettings monitoring,andanyotheractivitiesthatareoutofthe ordinary.
NetworkAccessControl
NetworkAccessControlsaredeliveredusingdifferent methodstocontrolnetworkaccessbytheenduser. NACs offeradefinedsecuritypolicywhichissupportedbya networkaccessserverthatprovidesthenecessaryaccess authenticationandauthorization.
NetworkSecurityisaraceagainstthreats,andmany organizationsareapartofthisracetohelpenterprisesto
27 |March 2019
securetheirnetworksystems.OrganizationslikeIBM,Symantec,Microsofthavecreatedsolutionstocountertheglobal problemofnetworksecuritythreat.Thesecutting-edgeproductsshowgenuinepromiseandarealreadybeingusedby enlightenedcompanies.
GoodNetworkSecuritySolutionsTraits
Arealsecuritysolutionshouldhavefourmajorcharacteristics;
Detect Threats
Targetedattacksaremulti-facetedandspeciallydesignedtoevademanypointtechnologiesattemptingtoidentifyand blockthem.Oncetheyareinside,theonlywaytofindthesecyberthreatsistounderstandthebehavioroftheindividual attackcomponentsanduseanalyticstounderstandtheirrelationships.
Respond Continuously
Todayitisnotimportantthatanorganizationwillbeattacked,butimportantandmorecrucialistoidentifywhenand howmuchtheycanlimittheimpactandcontaintheirexposure.Thismeanshavingthecapabilitytorespondquickly oncetheinitialincidenthasbeendiscovered.
Prevent Attacks
Malwareisgettingsquick-witteddaybyday.Theyutilizeheuristicstochangetheircodedynamically.Acapable solutionshouldhaveanadaptivearchitecturethatevolveswiththechangingenvironment,andthreatstoday’sbusiness faces.
Integration
Today’sthreatshavemultiplefacets,andasinglesoftwareorsolutionisnotsufficient.Protectionsystemshouldhave thecapabilitytointegratewithothersecuritytoolsfromdifferentvendorstoworktogetherasasingleprotectionsystem, actingasconnectivetissuefortoday’sdisjointedcybersecurityinfrastructure.
Solutions In Market
Likeinfectiousdiseases,cyberthreatswillneverbeeradicatedentirely,buttheycanbebettercontainedandunderstood, andtheireffectsminimized.Howcanthisbeachieved?IBMhasbuiltanenterprise-level“immunesystem,”anadaptive securityarchitecturetobattletoday’scyberpathogens.IBMhasdevelopedavastfleetofproducts,QRadar,X-Force ThreatIntelligence,TrusteerPinpointMalwareDetection,IBMThreatProtectionSystemadynamic,integratedsystem tomeddlethelifecycleofadvancedattacksandpreventloss.
TheIBMThreatProtectionSystemintegrateswith450securitytoolsfromover100vendorsactingasconnectivetissue fortoday’sdisjointedcybersecurityinfrastructure.
SymantecisanothermajorplayerincateringenterprisenetworksecuritysystemswithSymantecAdvancedThreat Protection.SymantecATPoperatesviaasingleconsoleandworksacrossendpoints,networks,andemails,integrating withSymantecEndpointProtection(SEP),andSymantecEmailSecuritycloud,whichmeansorganizationsdonotneed todeployanynewendpointagents.Symantecsays,ATPistheonlythreatprotectionappliancethatcanworkwithall threesensorswithoutrequiringadditionalendpointagents.WithATP,Symantec’sgoalistodeliverend-to-endthreat protection,prevention,detection,andresponseinasinglepaneofglass,offeringmorevaluetobusinessesthan individualpointproductscanprovide.SymantecAdvancedThreatProtectioncombinesmultiplelayersofprevention, detection,andresponse.
March 2019| 28
Bringing Automation and Visibility to Compliance and Risk Management Programs
Thecomplexitiesthatcomewithtoday’sincreased digitizationareever-apparent,andtheriskofcyberattacksisgrowingexponentially.Recognizingthis, BostonbasedCyberSaintSecurity,aleadingcybersecurity softwarefirm,helpsorganizationsmanagecybersecurity risksthroughitsflagshipCyberStrongintegratedrisk management(IRM)platform.Theplatformwasbuiltbya teamwhoseintellectualDNAwindsdeeplythroughthe academic,techandinvestmentcommunitiesinBoston,the WhiteHouse,RSA,IBM,EMC,KPMG,MIT,Harvardand others.CyberSaint’smissionistoempower organizationstomanagecybersecurityasabusiness functionthroughtheadoptionofpowerfultechnology thatenablesmeasurement,enhancescommunication andimprovescybersecurityresiliency.
TheCyberStrongPlatformisanintegratedrisk managementsolutionpoweringautomated,intelligent cybersecuritycomplianceandriskmanagement.Builton thegold-standardfoundationoftheNISTCybersecurity Framework,CyberStrong’scapabilitiesstreamlineGRC activitiesandprovideasinglepaneofglassthroughwhich CISOsandtheirsecurityteamscanmeasure,report,and mitigaterisk.CyberStrong’sunparalleledtime-to-value, breakthroughArtificialIntelligenceandMachineLearning automationeliminatemanualeffortandhelporganizations makeinformeddecisionsthatreduceriskwhiledriving overallbusinessvalue.
Fortune500CSOturnedCEO
GeorgeWrennistheFounderandCEOofCyberSaint Security,exhibitingover20+yearsofcomprehensive experience.Priortohiscurrentrole,hewastheCSOand VPofCybersecurityforSchneiderElectric,aFortune500 globalpowercompany.Prior,Georgewasasenior managingconsultantwithIBM,helpingcross-industry Fortune1000customersreachcompliancetoNIST, FISMA,ISO/IEC,HIPAA,PCI,NERC/CIP,andotherkey
regulatoryframeworks,developingcybersecuritystrategy, roadmaps,andglobalcybersecurityprograms.Tilldate,he hascollaborated,reviewed,andaddedvalueinthe developmentofframeworksandstandardssuchastheNIST CybersecurityFrameworkandothers.
GeorgeisagraduatefromHarvardUniversityandhas attendedexecutiveprogramsatHarvardBusinessSchool andtheHarvardKennedySchool.AsaGraduateFellowat MITforoveradecade,heconductsresearchandadvanced courseworkattheMITMediaLab,theSloanSchoolof Management,theSchoolofEngineering,theSchoolof ArchitectureandmostrecentlytheMITSecurityStudies programworkingonCyberWarfareframeworks.Heisalso anAffiliateandResearcheratMIT’sExecutive DevelopmentprogramspecializingintheNIST CybersecurityFramework.
Georgeisaseasonedkeynotespeaker,andhasspokenat theinauguralNISTCybersecurityRiskManagement ConferenceonIoTSecurityandDigitalRiskManagement. HehasalsohadanNSAsponsoredISSEPcredential,a CertifiedEthicalHackerandCISSPformorethan12years. GeorgehasexperienceworkingwiththecomplexCloud, Government,IT,ICS,auditandnationalregulatory frameworks.HewasalsoamissionorientedOperations OfficerandSAR/DRPilot(Officer1stLt.USAF/Aux) whereheservedas1stlieutenant,andhasreceiveda NationalCommander’sCommendationAwardfor outstandingdutyperformancewiththeHanscomComposite Squadron(HCS-MA-043)basedatHanscomAirForce Base.
AutomatingGRCtoFuelanIntegratedApproach
TheCyberStrongplatformautomatesthemanual assessmentprocessesthatdeterorganizationsfromrapid adoptionofgoldstandardssuchastheNISTCSF.The platformsupportsISO27001/2,GDPR,COBIT,IEC62443,
The10Most Trusted Solution Providers 2019 ERM March 2019| 30
andanyotherframework-includingcustomcontrolsand hybridframeworks.CyberStrong’sproprietarycontrol optimizationusespatentedmachinelearningandartificial intelligenceforfasterriskmanagementdecisionmaking andautomatedriskmitigationactionplanning.CyberStrong ingestsitsclient’sassessmentdatatoproviderisk quantificationandanalyticsthatidentifytheircurrentgaps, andmapsthisdataacrosspeople,process,technology,risk, andcosttoprovideanoptimizationthatidentifieslowhanging-fruitopportunitiestomitigateriskforthelowest costandhighestimpactontheirposture.
Thispatentedoptimizationencourages‘always-on’ continuousimprovement,andiscompletelyautomatedin real-time,requiringzeromanualefforttoproducefully customizedmitigationplans.Inaddition,CyberStrong’s integratedthreatfeedautomatestheprioritizationof controlsforremediationbasedonreal-timedetectionof threatsthatappearactiveatanytime,foranyassessment. CyberSaintbelievesthatby2020,100%oflargeenterprises willbeaskedtoreporttotheirBoardofDirectorson cybersecurityandtechnologyriskatleastannually,whichis anincreasefromtoday’s40%.AccordingtoGartner,as enterprisestakeholderstakeanincreasinginterestand concernaboutthesecurityposture,theCISOneedstobe abletoconveytheiractivitiesandsuccessaseffectivelyasa CFOcanwithabalancesheetandstatementofcashflows.
Thisapproachwillensurethatallleaders,inevery departmentregardlessofsecurityexpertise,canunderstand theenterprise’sriskposture,whataffectsit,andwhattobe awareof.Therearefourrecommendedreportsnecessaryto helpyoualignyouractivitiesasaCISOwiththegoalsand objectivesoftheenterprise:ExecutiveRiskReport,Trend
Report,GDPRReport,andGlobalReport-allwhichare automatedfromwithintheCyberStronginterfacewithno humaneffortrequired.CyberStrongallowsCISOsto effectivelycommunicatetheirstrategiesinawaythatis universallyunderstood.
ClientFeedback
“CyberStrong provides me with a means to effectively measure and communicate our overall compliance posture, AI to model my security investments for the best ROI, and information on risk exposure using an industry standard model paired with innovative technology. Bright Horizons management can now evaluate clear gaps and work with my team to manage risk across the enterprise.” JavedIkbal, CISOandVPofInformationSecurity,RiskManagement& ComplianceatBrightHorizonsFamilySolutions(NYSE: BFAM)
“CyberStrong provides an easy-to-use platform for us to maintain our compliance with the new DoD DFARS regulation. The team from CyberSaint got us up and running very quickly and now we manage our DoD compliance on our own.” AnthonySantagati,CFOat Senior(SeniorPlc-LSE:SNR)AerospaceMetalBellows.
31 |March 2019
“The CyberStrong Platform's breakthrough technology augments and enhances every element of your cybersecurity program strategy, posture and potential.”
Top 5Email SecurityThreats
Nearly95percentofallsuccessfulattackson enterprisenetworkstargetedorganization’susers throughemail.Withtheindustryofcybersecurity evolvingsorapidly,hackersareconsistentlychangingtheir tactics,keepingitalmostimpossibletokeepupwith.
Withtoday’sgrowingsecuritylandscape,emailthreatsare oneofthemostcommonstrategiesutilizedbycyber criminals.Whatstartedoffwithspamemailssenttoyour junkfolder,hasevolvedtoamorerobusttactictodeliver destructivecontentstraighttoyourinbox.Herearethetop fiveemailsecuritythreatsthatwe’veseensofarthisyear:
EmotetBankingTrojan
Emotetisanadvanced,modularbankingTrojanthat primarilyfocusesasadownloaderordropperofother bankingTrojansandcontinuestobeamongthemostcostly anddestructivemalwareaffectinggovernments,privateand publicsectors.Emotetcanevademostsignature-based detections,andbecauseitisVirtualMachineaware,it generatesfalseindicatorswhenraninasandbox. Additionally,Emotethasseveralmethodsformaintaining persistence,includingauto-startregistrykeysandservices aswellasDynamicLinkLibrariestocontinuouslyupdate andevolveitscapabilities.
Initialinfectionofthismalwareoccurswhenauseropens orclicksamaliciousdownloadlink,PDF,ormacro-enabled MicrosoftWorddocumentincludedinthemalspam.Once downloaded,Emotetestablishespersistenceandattemptsto propagatelocalnetworksthroughoneofitsincorporated
spreadermodules.Thenegativeconsequencesfroman Emotetinfectioncanbetemporaryorpermanentlossof sensitiveproprietaryinformation,disruptionofregular operations,financiallossesincurredtorestoresystemsand files,andpotentialharmtoanorganizationsreputation.
UrsnifBankingMalware
AnewversionoftheinfamousbankingTrojanUrsnifmade itsappearanceagainearlierthisyearinJune.Thismalware iswellknowninthecybersecuritycommunityandwasthe mostactivemalwarecodeinthefinancialsectorfromthe endof2016intoearly2017.Thismalwareiscapableof stealingusers’credentials,credentialsforlocalwebmail, cloudstorage,cryptocurrencyexchangeplatformsand e-commercesites.
OnceUrsnifinfectsanewmachineitwillattempttospread tootherusersintheaddressbookofthecompromisedemail accounts.Ittricksthevictimintoopeningthemalicious emailbecausethemessageispresentedasthereplytoan existingconversationconductedbythevictiminthepast. Forexample,ifyoureceiveanemailthatwasareplaytoa previousconversationfromawhileback,youcanlookat the“To:”fieldintheemailandseeifit’srepliedtoalarge numberofunsuspectingusers.
Anotherfeatureaboutthismalwareisitsabilitytokeep trackofcompanynamesandtitlethemaliciousdocument “VICTIM_COMPANY_.doc”inordertolooklegitimate. Oncethevictimclicksenablemacros,thesecondstepof theinfectionprocessbegins,whichlaunchesamalicious
March 2019| 32 Maestro’s Insights
scriptthatdownloadsandexecutesapayloadfromaserver controlledbytheattackers.Onceinstalled,Ursnifcan operatewithoutbeingnoticedbyboththeuserandthe operatingsystem.
ExtortionCampaign
Extortioncampaignshavebeenaroundforquitesometime buttherewasonethatwasinfullswingacrosstheglobe thatusedaclevertwisttotrickunsuspectingusersinto payingaransom.Theattackerforthisextortioncampaign claimstohaveinstalledmalwareonyoursystemandhas alsousedyourwebcamtorecordyouwatchingporn.The attackerthengoesontothreatenthereleaseofthisvideoto everyoneinyourcontactsunlessyoupaytheBitcoin ransom.
Thebasicpremiseofthistypeofextortionattempthasbeen aroundforquitesometime,buttheadditionofthe Username/Passwordcombinationinthesubjectlinehas unsuspectingusersworried.Whileresearchingthis campaign,Nuspire’sSecurityAnalyticsTeam(SAT)came acrossmultipledifferentcountsofaffectedusersclaiming theUsername/Passwordcombinationwassomethingthey hadusedeightyearsago.Inthiscase,theattackerhas somewhatautomatedtheattacktocreateascriptthatpulls directlyfromusernamesandpasswordsofagivendata breachthathappenedeightyearsago.Therefore,every victimwhohadtheirpasswordcompromisedaspartofthat breach,isnowgettingthissameemailattheaddressthey usedtosignupforthehackedwebsite.
Hopefully,ifyouwereaffectedbythatdatabreachyou updatedyourusername/passwordcombination.Granted,the peoplewhodidn’tbotherchangingthisinformation,this attackdirectlyaffectsthem,butrestassuredthisattacker doesn’thavearecordingofyouthattheyplantosendoutto yourcontacts.Itismerelyscaretacticstomakesomeeasy money,anduponinvestigationofmultipleBitcoin addressesassociatedwiththiscampaign,theattackerwas indeedmakingeasymoney.
Thisattackcouldevolveinthefutureandusemoreupto datedatabreacheswhichinturncouldscaremoreusersinto payingtheransom,sobeonthelookout.
GandCrabRansomware
GandCrabholdsthetopspotinransomware,partlybecause it’susedbytheMagnitudebotnet.AlthoughGandCrabis usuallyspreadviaspamemail,ithasrecentlybeen distributedviacompromisedwebsitesandisnow
Pope Cyber Security EngineerABOUT THE AUTHOR
Shawn Pope is the Cyber Security Engineer of Nuspire Networks, a state-of-the-science managed network security provider for some of the largest and most distinctive companies around the world.
33 |March 2019
Shawn
appendingthe.KRABextensiontotheencryptedfiles. TowardstheendofApril2018acampaignwiththesubject line“YourOrder#{RandomDigits}”wascirculating.There islimitedcontentinthebodyoftheemailandhasan attachedZIPfilewhichincludesaWorddocumentthat containsmaliciousmacrosthatdownloadandexecute GandCrabransomware.
GandCrabisunderconstantdevelopmentwherenew versionsareconsistentlybeingreleasedatanaggressive pace.Itsbasicfunctionalityiswelldocumentanddoesthe sametypicalthingsransomwaredoes,includingencrypting fileswiththe.KRABextension,changingtheuser’s background,andleveragingTorforcommunications.One oftheinterestingelementsofGandcrabisitsuseof namecoindomainsforCommandandControl(C2) communication.Theseareeasilyidentifiedbythe.bittop leveldomain(TLD).SinceattackersrelyheavilyonTor andnamecoindomainstohelpevadeidentification,itisa nobrainerforthemtouseadecentralizedDNSservicethat doesnotrelyoncentralauthority.Thisalsoincreasesthe difficultyofhavingdomainsshutdownandidentifying thosethatarepotentiallybehindthem.
Phishing
BytheendofQ22018Microsofthadtakenoverthetop spotfromFacebookforthenumberonetargetofcorporate phishingattacks.Reasonbeing,it’shighlyprofitablefor hackerstocompromiseanOffice365account.Hackerssee email-basedattacksasaneasyentrypointintodata,files, andcontactsfromotherOffice365apps,including SharePoint,OneDrive,Skype,Excel,andCRM.
WeseealldifferenttypesofPhishingattemptsfromquite possiblytheworstattemptstoexactreplicasofalegitimate Office365loginpage.Unfortunately,Phishingwillalways existandcanslipthroughthegapsinemailfilteringdueto thefactthatnewdomains/URLsarepoppingupeveryday
tohostfakeloginpages.Thisiswhereuserawareness trainingisextremelyimportant.Educateyourusers,rollout trainingexerciseswhereemployeeswithfakePhishing emailsandseewhoclicksonthemandwhodoesn’t. BecausePhishinghasbecomesopopular,educationwill payoffinthelongrun.
Solutions
Asidefromtrainingandeducatingemployeesonmalware, andransomwarethatmightcomeinthroughauser’semail, thereareafewothersolutionstotakeintoconsideration thatcanpreventtheseattacksfromenteringyournetwork.
1. Useantivirusprogramswithbehaviorandheuristic detectioncapabilities,withautomaticupdatesof signaturesandsoftwareonclientsandservers.
2. Implementaspamfiltertofilteroutknownmalspam indicatorssuchasmalicioussubjectlines,andblock suspiciousandblacklistedIps.
3. Markexternalemailswithabannerdenotingitisfrom anexternalsource,thiswillassistusersindetecting spoofedemails.
4. Implementablockpolicyforfileattachmentsthatare commonlyassociatedwithmalwaresuchas.dll,and .exe,andattachmentsthatcannotbescannedby antivirussucha.zipfiles.
5. ImplementDomain-BasedMessageAuthentication, Reporting&Conformance(DMARC),avalidation systemthatminimizesspamemailbydetectingemail spoofingusingDomainNameSystem(DNS)records anddigitalsignatures.
6. Implementasolutionthatcansendthe unknown/suspiciousfilestothesandboxforfurther investigationandanalysis.
7. Andmostimportantlyemployeetrainingonsocial engineeringandphishing.Urgeemployeesnottoopen suspiciousemails,clicklinkscontainedinsuchemails, orpostsensitiveinformationonline.
March 2019| 34
ThearrivalofChatbotsisconsideredtobeanincrediblebreakthroughintherealmofbusinessoranykindof
entrepreneurships.ItisoneofthesmartestinnovationsbyArtificialIntelligence(AI)andNaturalLanguage Processing(NLP)thatbusinessescancounton.TheChatbotisasoftwarethatcanbeprogrammedtocarryouta certainsetofactionsallbyitself,likeawind-uptoy,intextorspokenformats.Thecapabilityofthebotstolearnfrom thepastinteractionsandgrowinitself,makesitmoreattractiveandinteresting.Chatbotsworkintwodifferentways. Firstly,predefinedresponsesaregivenfromanexistingdatabase,basedonthekeywordssearchedbycustomers.The smartmachinebasedbotsattracttheirknowledgefromArtificialIntelligenceandCognitiveComputingandadapttheir behaviorbasedonthecustomerinteractions.
ApplicabilityofChatbotsinBusiness:
Theapplicabilityofthesechattingbotsisquiterelevantinthiseraofdigitalglory.Asthenewtech-savvygenerationof customersisalwaysconnectedtothesocialplatforms,theydefinitelyexpectaseamlessandlesstimeconsuming customerexperiencewiththebrandstheylove.Econsultancyfoundinaresearchthat57%ofcustomerspreferlivechat toemailoraphonecall.There’snosurprisethatconsumerstodayareappreciatingchattingortextingmorethanany otherformsofcommunication.Toaddressthispriorityofthecustomersandoutgrowinthiscompetitivebusinessworld, manybusinessgiantsareadoptingthesevirtualagents.
March 2019| 36 TechTalk
CHATBOTS CHATBOTS
A Dynamic Digital Gesture for Creative Entrepreneurs
It’saSmartTrendforEntrepreneurialVenture:
Withthewidespreadadoptionoftheartificialintelligence,thehumaninteractionandconnectivityhastakenafascinating turn.Thisextremelysophisticatedandversatiletoolcanbehelpfulincraftinganysmallorbigbusinessplan.Apartfrom beingawesomeinresolvingcustomercarequeries,Chatbotscanbeapartofanentrepreneurialstrategyinmanyways. That’swheretheappealofChatbotslies.Therearemanydifferentapproachestonavigatethisconnectivitytool throughoutthebusinessventure.Let’shavealookatsomeoftheseapproaches:
Aseveryorganizationhasauniquesetofcustomers,theChatbotsmustbeprogrammedinaccordancewith customer journey.Knowingthefinerdetailsofthe customer journey fromA-Z,mightbeprovedasthefoundationforsuccess.As AIisenactingalargerroleinbusinessreforms,havingaccurateforesightandexperienceisthemostneededprerequisite toprogramthebot.
Afterprogrammingthebot,itshouldbedesignedinawaythatwouldenhancecustomersuccessbyadvancingthem downthesalesfunnel.Amicroscopicviewofthecustomerserviceandsalesdataalwayshelpsinthisregard.Oneshould haveagoodgraspon:
37 |March 2019
Ÿ
Ÿ
Whichpatternsandquestionsareaskedthemost?
Howtheresponsescanbeprogrammedtoanswerallof them?
Ÿ
Andmostimportantly,inwhatwayallthenecessary informationcanbeprovidedtobringpeoplefrom awarenessstagetoadecision?
Inordertoguidethecustomerseamlesslythroughthesales funnelwiththehelpoftheintelligentbot,anentrepreneur needstoputhimself/herselfintheshoesoftheaverage customeranddevelopthebotaroundtheirpathtosuccess. Tobuildstrongrelationshipswithcustomers,another smarterwayisto“humanize”theChatbot.Peoplegenerally wanttobuysomethingfromotherpeople,notfromarobot. Therefore,programmingresponsesneedstobedoneina waythatreflectsthecharacterandpersonalityofthebrand. TheChatbotneedtobedesignedwithatingeofhuman empathywiththeauthenticbrandvoice.
Lastly,withthechangingdigitallandscape,customer mindsetsarealsoalwaysinthevergeofchange.Tostayon thetopofthegame,onemusthavetoconsistentlyanalyze thedataandevolvethebotaccordingly.
FutureofChatbots:
Chatbotsarecurrentlybeingutilizedaseasyandfunways onwebsites,socialplatformsandsmartphonestoassist customersintheirinteractionswithabrand.Evenifthe Chatbotsarestillinrudimentarystage,wecanexpectalot
moreprogressionsinthistrend.Withthegradualevolution ofArtificialIntelligenceandDeepLearning,theChatbots willbecomemoreempoweredtoedifytheconversational interfaceofbusinesses.Chatbotsaregoingtogetalot smarter,moreintelligentandindistinguishablefroma humanbeingwiththeadvancementofAI.However,itwill definitelytakesometrialsanderrorsbeforethechatting robotsmasterandadoptthedelicaciesofpolite conversation.
Also,it’squitepredictablethatthecostofChatbotswill eventuallygetcheaperastheadoptionofitincreasesacross multipledomains.AnexampleisFacebook’sdecisiontolet third-partyapplicationsbuildChatbotsintheirplatformhas drasticallyloweredtheprice.
Conclusion:
Itreallyamazesushowfartechnologyhascomeupinthe lastseveralyearsinthedigitalmarketingarena.However, somethingswillalwaysremainthesame.Evenif everythinggetsautomatedinthefuture,nothingwill minimizetheappealofoptimaluserexperience.Thebots canbeusedtoautomateahugechunkofthemarketing process,butwithoutmakingtheprocessdulland impersonal.Onlythenthesemarvelsoftechnologywillbe abletomakewonders.
March 2019| 38
