Connect with us

Tech & Innovation

Boxes to tick when choosing a threat intelligence provider

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in.

Published

on

Photo by Igor Miske from Unsplash.com

By Yeo Siang Tiong
General Manager for Southeast Asia, Kaspersky

A long time ago in the cybersecurity space far far away, the choice of a threat intelligence service was often restricted to a handful of providers. Today, the cybersecurity industry in APAC is worth at least USD 30.45 billion and expected to grow at an annual rate of 18.3% from 2020 to 2025, with multiple cybersecurity vendors seeking a bigger slice of the proverbial pie. 

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in. 

Clearly, it is not an easy task to take, but little things like having the right threat intelligence service can make life easier. We have been hearing a lot about this for several years now. But what is it threat intelligence exactly and what you should be looking for in a threat intelligence service provider?

Turning intelligence into action

Let’s have a quick refresher. Threat intelligence is data collected and analyzed by an organization in order to understand a threat actor’s motives, targets, and attack behavior. It empowers organizations of all shapes and sizes to make faster, more informed security decisions and shifts their cybersecurity posture from reactive to proactive in the fight against breaches and targeted attacks. 

I am aware that there are a lot of free threat intelligence if one has a knack on researching. However, let me put it this way. A premium threat intelligence report or feed is like a special block screening of an amazing movie. You get the first dibs of the plot and perhaps get to know the characters even. Eventually, the film will be shown in major cinemas. Then after say, six months or more, it will land on several streaming services.

With us at Kaspersky, we provide comprehensive, real-time, organic, and actionable information on our premium threat reports and data feed which is why they are exclusive to the enterprises and organizations which have subscribed to our services. We see to it that we share such with the law enforcement agencies as well, because cooperation is key to fighting cybercriminals.

After a few months, we will then make such data available in public. Why is it not ideal to wait until the mass release of a threat report? Because it will allow you to act fast, to assess your risks, check your endpoints, fix the loopholes which they may exploit. Because knowing first-hand such critical information can save you money, reputation, and headache. Because proactive security is necessary at this time and age.

You may wonder why don’t we make our findings public to begin with? Let us remember here that public here means anyone – including them, cybercriminals. The last thing we want is to tip them off.

Aside from these, what else should you be looking for in a threat intelligence service provider?

  1. Check their sources

Threat intelligence should make your systems smarter through data feeds. To get the feeds you need sensors scattered all across the globe to ensure that your data is reflective of the real-time, global threat landscape. 

For example, our very own Threat Intelligence portfolio is powered by millions of Kaspersky’s global users who agreed to share their anonymized data. This huge network builds our Kaspersky Security Network (KSN) which collects more than 340,000 malicious files per day, allowing us to get rich information compared with firms with limited sensors and workforce.

  1. The data collection strategy needs to be GReAT

Speaking of human force, a threat intelligence service’s data collection strategy should be the most important factor to consider in your evaluation of their capabilities because they can only provide intelligence as far as the parameters of their data sources. Given that cybersecurity attacks are often transnational in nature, it is important that a vendor can source information globally and put pieces of the puzzle together in a way that makes sense for your IT staff. It should not be aggregated, it should be organic. It should also be critically monitored and studied by the brightest minds who can understand tactics, techniques, and procedures (TTPs).

To assess whether a threat intelligence service has such a capability, look at their research team and see what kind of campaigns that they have uncovered. For example, Kaspersky’s Global Research & Analysis Team (GReAT) found that the Lazarus APT group shifted their modus operandi to launch targeted ransomware attacks against businesses in Asia, extending as far as France in Q2 this year. 

  1. Check the visibility

I have already mentioned the borderless nature of cyberthreats. Hence the visibility of your provider should be another box you have to tick. Look into their Advanced Persistent Threat (APT) logbook and their database. Are they monitoring cyberthreats only from a particular country or region? Or do they have a global reach? Are there researchers only based in one country? Or do they have a network of experts scattered around the world? The answers for these questions are essential.

  1. The provider should understand the difference between intelligence and data 

At the heart of the debate between intelligence and data lies the concept of context. Assuming now you’ve got your data sources setup and information is feeding in from all corners of the globe, but you’re asking yourself the million dollar question: how do I know what is important and why is it important?

Things such as threat names, timestamps, resolved IPs addresses of infected web resources are useless on their own if they are not enriched with actionable context. When a relationship context is established, the data can be used more readily to answer the questions of “who”, “what”, “where”, “questions”. It is only at this point that data becomes the finished article – intelligence – and you now receive a boost to incident investigation, as well as uncover new Indicators of Compromise (IoC) in your IT network. 

  1. The ability to integrate is key

Integration can be a dirty word of the IT industry. With constant technological upgrades and the evolution of standards happening all the time, the ability to integrate new processes into existing IT operations is a never-ending challenge. 

Similarly, for threat intelligence, it is important that your service provider can provide delivery methods, integration mechanisms and formats that support smooth integration of threat intelligence into your existing security controls. 

The endgame 

The above-mentioned tips are just a few of the many other aspects you should consider when looking for a threat intelligence service, but they serve as a good stepping stone in bolstering your cybersecurity posture for now. With threats becoming increasingly complex and malicious, having the latest enterprise security programs are no longer sufficient. Adding threat intelligence to your arsenal of cybersecurity countermeasures will allow you to bring the fight to them. 

Strategies

6 Simple tips to refresh your online privacy

Here are six simple steps that you can take in order to get some of your privacy back from social media and apps.

Published

on

Photo by Jakob Owens from Unsplash.com

Avast, a global player in digital security and privacy products, is calling on all online users to take back their privacy across their digital lifestyle.

“It’s important to not be apathetic when it comes to online privacy and to regularly look at how you can stay in control over your privacy and the personal data you share online, including on social media and apps that many of us use every day,” said Shane McNamee, Chief Privacy Officer at Avast.

On February 4, it will be 16 years since Facebook launched and while it wasn’t the first social network, it has changed how willingly we are to share personal data about ourselves online. Platforms like Facebook and Google have developed complex advertising networks which rely on personal data for targeted advertising, which can seem ever-present at times. However, there are ways you can take back some control and limit the access that websites, social media platforms, and apps have to your personal data. You have more control than you think when it comes to deciding who can see your data and what they are allowed to do with it.

Here are six simple steps that you can take in order to get some of your privacy back from social media and apps.

1. Manage advertising

You can restrict what data advertisers use to target you on different social media platforms. Have a good look through your privacy and advertising settings and make sure you remove interests that the platform can use to target you, which you can do, for example, on Facebook and Twitter. Where possible, toggle off or remove any personal data that can also be used for ad targeting. You can also limit tracking and ad targeting by these platforms based on your browsing off social media, such as by turning off ‘Off-Twitter Activity’ on Twitter and removing ‘Ads Shown off of Facebook’ on Facebook.

2. Turn off location tracking

Location tracking and history, even location metadata in your photos, can allow social media platforms and apps to track and catalogue your precise locations and then serve you personalised ads. A good privacy-protecting move is to turn off your Location Services on your phone for all social media apps and your camera. If you have an iPhone, you can find this in Settings, Privacy, then Location Services. On Android, go to Settings, then Location to turn off Location Sharing, Location History and adjust location access for apps.

3. Don’t log in

On certain social media platforms, like Twitter and TikTok, you don’t need to log in to view content. By choosing not to log in, it takes away a really big amount of data that they could potentially collect, such as your user journey through the network, including content you search and engage with, and ads you click.

4. Revoke app and game permissions

If you’re like most people, you’ve probably signed into other apps and websites with your Facebook or Google login details. While this is super convenient, it also gives those sites access to your data and gives the platform you use to log in more information about you. Through your Facebook settings you can revoke permissions or you can choose what data the apps and games you still use have access to. Similarly, you can manage third-party access to your Google account through your security settings.

5. Don’t click on ads

Many social media platforms and apps track not only which ads you click on but also how long you spend looking at them or swiping through them. If you don’t want social media platforms or apps to have information about your interests, then get in the habit of really ignoring ads all together and don’t use the Shop feature you can find in Instagram and on Google, for example. If you see something that you like, you can search for it via your browser whilst using a VPN which makes it harder for third-parties to track your online activities.

6. Create a burner email address

If you’re going to truly take back some of your privacy, you can start from square one by creating a burner email address. A burner email — which is an email address that you only use for specific things and that isn’t linked to you elsewhere — makes it much more difficult for companies to track you. You can easily create one for free on Gmail, but just be sure not to link it to your main account. Even better, use a different email service than the one you usually use, so you don’t accidentally link them up.

Continue Reading

Strategies

Cybersecurity tips to help small businesses

Unfortunately, business disruption and reduced sales aren’t the only COVID-related issues small business owners dealt with in 2020.

Published

on

Photo by Nathan Dumlao from Unsplash.com

Unfortunately, business disruption and reduced sales aren’t the only COVID-related issues small business owners dealt with in 2020. This is why Breadcrumb Cybersecurity is sounding the alarm to small businesses that might be prey for accelerated fraud activity.

“We saw increased activity as threat groups leveraged the COVID-19 situation to defraud businesses from their funding,” says Brian Horton, CEO of Breadcrumb Cybersecurity, which helps companies navigate a wide range of advanced cybercrime, including ransomware, financial crime, intellectual property theft, destructive attacks and employee and insider fraud.

Threat groups are intentional and calculative regarding the timing of their strikes. They are keenly aware of when businesses are typically sending or receiving large amount of funds.

This is why Horton said that they encourage small businesses to reach out to security experts to establish a relationship now so they can jump in immediately if warranted. “Emergencies can happen to anyone, and every second matters.”

Wondering how to protect yourself? Breadcrumb Cybersecurity offers the following tips for small businesses to increase their security:

  1. Whenever possible, enable multi-factor authentication (MFA) for e-mail and banking services. By requiring multiple forms of verification, it increases your account security as passwords can be easily comprised.
  2. Fraudsters are improving their techniques, but malicious emails still typically contain broken English or improper use of grammar. If anything feels out of place, call and verify with the other party before clicking on a link.
  3. Always call to verify any requested banking/ACH updates. Even if the email looks legitimate, it’s wise to make a proactive call, using a number you find independently, rather than the one provided in the email.
  4. Be wary of an unsolicited email that implies a sense of urgency or threat; i.e. “we need funds now or we will turn off your account.” This is often a red flag for malicious activity.
  5. Have contact information at the ready so you can reach out to a cybersecurity company in response to a potential data breach.

Continue Reading

Tech & Innovation

5 Things to know about digital archiving

For businesses to embark on their digital transformation journey, they first have to make paper-based information ready to be accessed, analyzed, and quickly utilized, which means digitizing massive amounts of records. Here are some of the advantages that digital archiving provides to companies that embark on digital transformation.

Published

on

Photo by @domenicoloia from Unsplash.com

The only permanent thing in the world is change, and the companies see that the traditional practices of business operations are coming to an end. To continue their businesses and create a faster and more efficient way to conduct document workflow, transactions, and other processes, they have taken the significant step of digital transformation. 

However, for businesses to embark on their digital transformation journey, they first have to make paper-based information ready to be accessed, analyzed, and quickly utilized, which means digitizing massive amounts of records. Here are some of the advantages that digital archiving provides to companies that embark on digital transformation:  

Safely Stored Data 

Paper documents are always prone to damage that even a simple crumple can tear it apart, and it can also be lost or misplaced. Recovering damaged data can cost businesses large amounts of time and money, or they may need to make a whole new document since paper documents can be gone for good. Still, digitizing records solves this problem since it is safely stored in online archives where multiple copies can be made for backup and easy access of employees.  

Improved Productivity and Efficiency 

Looking for documents through numerous filing cabinets and other papers kills employees’ crucial time when they could have spent it on other priorities. Some business processes require original files rather than copies because of legal reasons. However, if the file is stored digitally, employees no longer need to waste time searching for it or settling on copies. 

Employees will only take seconds to find files if stored digitally, making them more efficient in finishing tasks and being free from the stress and discomfort of rummaging through piles of documents. In addition, they can now share important information between departments with ease. 

Eco-Friendly and Saves Space 

Another reason why storing vital data digitally, other than safety, is because the old way of storing data requires many resources such as papers, folders, filing cabinets, rooms, and other stationery materials. An archive room alone costs a huge amount of operational expenses, and the large amount of papers used in the process is not environmentally friendly. 

Switching to digital archives no longer requires large rooms and unlimited amounts of paper to keep records and vital documents stored. Employees will only need their office computers or laptops and immediately have the information they need to fall in front of them. 

Secured Records and Safe from Unauthorized Use 

Confidential data needs constant monitoring to ensure that it is where it needs to be. Personnel tend to misplace or lose paper documents permanently, endangering the personal information of the patient or the integrity of the medical facility. Digitizing documents and archiving it online can help personnel closely monitor the location of these files and ensure backup files for emergencies. 

Immense Flexibility 

Since files are stored online, it lets employees access the documents almost anywhere as long they have the gadgets and the authorization to retrieve it. For instance, hospital staffers can immediately have the patient profile they need without prolonging their waiting time. Business executives can access financial reports in their homes and instantly know the status of their companies. 

Digital archiving leads businesses to begin their digital transformation by converting crucial records into digitized documents, which is the cornerstone of every enterprise. For companies to start creating their digital archives, it must first find the perfect tool to digitize physical documents. 

Fujitsu’s document scanning solutions create a paperless organization to accelerate digital transformation efforts. From mobile-scanning and one-touch document imaging to production-level leading-edge imaging technologies, Fujitsu’s scanners are built to fit organizations’ unique needs. 

Fujitsu Philippines has made Japanese IT design and technology available through its server, storage, and scanning hardware and solutions. The company also offers cloud technology that provides relevant and cost-effective IT solutions to all organizations of various sizes and needs. 

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending