alt =""
Showing posts with label Cyber Security. Show all posts
Showing posts with label Cyber Security. Show all posts

Thursday, 21 January 2016

Staying Afloat During a Cyber-Attack

Given the rising frequency of increasingly malicious and innovative cyber-attacks, one can safely conclude that cyber risk is here to stay. It is no longer a question of ‘if’ but ‘when’ your organization will have to deal with a cyber-attack. The cost of a cyber security breach is significant—in terms of money, business disruption and reputation. Depending on the magnitude of the attack, a cyber incident can potentially put you out of business.

The best course of action for a business that is attacked is a swift and effective response. A cyber security strategy with efficient incident response (IR) capabilities coupled with customer engagement initiatives helps limit the damage and ensures that the business is up and running as soon as possible. Reaching out and engaging with customers reassures them, and helps a business that’s dealing with a cyber-attack to regain customer confidence, and prevent defection.

An effective IR strategy navigates the following phases:

Identify
Information on events is collected from various sources such as intrusion detection systems and firewalls, and evaluated to identify deviations from the normal. Such deviations are then analyzed to check if they are sufficiently significant to be termed an event. The use of automation tools ensures swift detection and eliminates delays in moving to the containment phase. Once a deviation is identified as a security incident, the IR team is immediately notified to allow them to determine its scope, gather and document evidence, and estimate impact on operations. Businesses can bolster this process by incorporating an effective security information and event management (SIEM) system into their cyber security strategy.
Contain
Once a security event is detected and confirmed, it is essential to restrict damage by preventing its spread to other computer systems. Preventing the spread of malware involves isolating the affected systems, and rerouting the traffic to alternative servers. This helps limit the spread of the malware to other systems across the organization.

Eliminate
This step focuses on the removal of the malware from the affected systems. IR teams then conduct an analysis to find out the cause of the attack, perform detailed vulnerability assessment, and initiate action to address the vulnerabilities discovered to avert a repeat attack. A thorough scan of affected systems to eradicate latent malware is key to preventing a recurrence.

Restore
In the restoration stage, affected systems are brought back into action. While bringing the affected systems back into the production environment, adequate care should be taken to ensure that another incident does not occur. Once these systems are up and running, they are monitored to identify any deviations. The main objective is to ensure that the deficiency or the vulnerability that resulted in the incident that was just resolved does not cause a repeat incident.

Investigate
This is the last step and entails a thorough investigation of the attack to learn from the incident, and initiate remedial measures to prevent the recurrence of a similar attack. IR teams also undertake an analysis of the response to identify areas for improvement.

What enterprises need now are effective cyber security solutions to monitor and provide real-time visibility on a myriad of business applications, systems, networks and databases. There has been an increasing realization that basic protection tools for important corporate information are no longer sufficient to protect against new advanced threats. Furthermore, enterprises are under tremendous pressure to collect, review and store logs in a manner that complies with government and industry regulations.


Countering focused and targeted attacks requires a focused cyber security strategy. Organizations need to take a proactive approach to ensure that they stay secure in cyber space and adopt a robust cyber security strategy.

Monday, 7 December 2015

Disruptive Technology Weekly Roundup – Dec 1st to Dec 7th

The prevention, detection and response to cyber security in 2016 will view a sea of changes, says a new report from Forrester Research. According to Forrester, the five cybersecurity predictions and resulting actions to be taken in 2016 are as follows: In this disruptive technologies era, were wearables and IoT is expected to be more prevalent, the security and risk professionals should focus and reexamine the existing security functions in through a new angle. They should consider the human factor also while addressing the security threats. The second prediction is on Governments security capabilities. The research firm has given a bleak assessment of the security capabilities of US government, which is short staffed, under-budgeted and lacking internal discipline. The third prediction was about the expected increase of security and risk spending by 5 to 10 % in 2016. Fourth comes the defense contractors’ prospective entry to private industry with claims regarding ‘Military grade’ security. However, Forrester warns private players to thoroughly watch the commercial experience and their commitment before acquiring them. The fifth prediction covers the HR department that they will bring in identity and credit protection and resolution services as an employee benefit, in this era of increasing fraud, identity theft, medical identity theft and damage to personal online reputation. Read More:

As the holiday season is coming up, the cyber security researchers in the US warns about a malware, ModPOS, which is largely undetectable by current antivirus scans. The firm also points that the malware has infected even some of the national retailers. According to the researchers, it is one of the most sophisticated point-of-sale malware with a complex framework which is capable of collecting a lot of detailed information about a company, including payment information and personal log-in credentials of executives. To address the threat, the companies need to use more advanced forms of encryption to protect consumer data. Point-to-point encryption where a consumer’s payment card data is unlocked only after it reaches the payment processor is one such effective method to combat the malware threat. Security experts warn that without such protections, even new credit cards with a chip technology known as EMV could still be compromised by infected point-of-sale systems. Read More:

The information security landscape is continuously evolving, with the proliferation of disruptive technologies like mobile, social, cloud and big data have been increasingly impacting protection strategies. In-depth strategies to monitor, analyse and report security incidents is paramount to deliver an effective enterprise security risk management profile. Happiest Minds with our deep expertise in security arena along with a large pool of experienced security professionals brings in security solutions that address the key challenges faced by enterprises today. Our services aim to improve the agility, flexibility and cost effectiveness of the next generation needs of information security and compliance programs.

How Do You Solve a Problem Like Cyber Security?

Happiest Minds UK discusses the new-age deception technologies UK businesses should adopt to bolster theircyber-security defences
The recent TalkTalk cyber-security breach has brought the issue of security firmly back into the public’s psyche and has put both government and organisations on high alert. It seems that regardless of your vertical market, be it finance, technology or banking, the threat of a cyber breach is pretty much imminent. Only today I read an article which outlined that Britain’s Trident nuclear weapons system may be vulnerable to cyber-attack by a hostile state, according to former defence secretary Des Brown.
So, despite the UK being one of the highest EU spenders on IT security, existing cyber security solutions are simply not good enough to stop malicious hackers and evolving threats. It’s little wonder why Chancellor George Osborne has pledged to spend an additional £1.9 billion on cyber security and has committed to the creation of a ‘National Cyber Centre’ to respond to major attacks on Britain.
So, how do you solve a problem like cyber security? Well, the answer could well be to implement emerging deception technologies such as next-generation honeypots and decoy systems which, according to a new Gartner report entitled ‘Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities’, could have a game changing impact on enterprise security strategies.
Deception technologies are effectively tools which deceive attackers and enable the identification and capture of malware at point of entry. They misdirect intruders and disrupt their activities at multiple points along the attack chain by luring them towards fake or non-existent data and away from the organisations critical data.
Let us look at a few of these technologies in greater detail:
Honeypots—or software emulations of an application or server—have been around for a few years now. A honeypot works by offering ‘honey’, something that appears attractive to an attacker, who will then expend his resources and time on gathering the honey. In the meanwhile, the honeypot does an admirable job of drawing his attention away from the actual data it seeks to protect.
Decoys are similar to honeypots and cause the attacker to pursue the wrong (fake) information. Many decoys act together to fill the attacker’s radar in a manner as to render it difficult for him to differentiate between real and fake targets.
However, organisations are now looking for more active defence strategies that not only lure in attackers, but also trap them, confound them and track their activity. One such deception technology offers an emulation engine masquerading as a run-of-the-mill operating system. The ‘operating system’ contains ‘sensitive’ data that could be attractive to attackers, for example data labelled ‘credit card info’. The platform will lure the attacker in by allowing him to ‘hack’ this fake data and in turn start gathering information about his movements and the codes that he seeks to modify. This intelligence can then be shared with other security tools, such as intrusion prevention systems, to defend against the attack.
A number of start-ups are designing various kinds of intrusion deception software that insert fake server files and URLs into applications. These traps are visible only to hackers and not normal users. An example of such a snare could be trapping hackers probing for random files by granting them access to bogus files that are a dead-end and merely keep leading them in circles towards more fake data. Or protecting the system against brute-force authentication by scrambling the attacker’s input so he can never get the password right, even if he does happen to type out the right code.
Other technologies set up fake IP addresses on webservers that, on multiple attempts to hack them, will always present a deception to that user. Other companies set up virtual systems or computers that actually have no data on them, and are indistinguishable from other machines on the network. Repeated intrusion into and unwarranted activity on these systems make it easy to identify hackers. The hackers’ movements and methods can then be analysed, and the data fed back into other threat detection solutions and tools.
Deception technologies therefore create baits or decoys that attract and deceive attackers, making it quicker for an organisation to detect a security breach. They increase the attacker’s workload and exhaust his resources. Certain solutions go beyond merely setting up decoys to also conduct forensic analysis on these attacks so the organisation can effectively defend its network and speedily mitigate security breaches. It may not be a ‘one size fits all’ answer to the cyber security conundrum, but it is certainly one more weapon in the organisation’s armory against hackers.

Tuesday, 27 October 2015

Disruptive Technology Roundup - Product Engineering Services


Cloud computing is the foremost among the disruptive technologies that rule the IT industry.  Organizations are leveraging public cloud for reducing the infrastructure costs and also for a faster delivery of technology projects. Since the data moved into the cloud is often dependent on the application that creates and maintains it, it is vital to integrate the SaaS apps in the cloud with the existing on- premise software. Configuring these multiple SaaS applications to share data in the cloud is crucial in determining the success or failure of cloud projects. Instead of choosing the richest SaaS application, organizations should consider the performance of the app and its ability to integrate into an overall portfolio. It is crucial that the app purchasing decisions need to consider operational performance metrics beyond features and functionality, and how new SaaS apps will contribute to the way the business runs in the future. In this age of Big Data, where large chunks of data are analyzed for churning out Business intelligence and insights, organizations should consider the SaaS vendors that provide access to their own data with better performing and efficiently integrated SaaS applications. 

Businesses are moving into an age of innovation and disruption with the influence of new age disruptive technologies including IoT and Big Data. When everything and everyone gets connected into an integrated global network, the safety of data from unauthorized access, dissemination, and usage is a matter of greater concern. Organizations are now searching for new ways and means to protect their assets from cyber security breaches. At a time when traditional security measures become inefficient, a major rethink of the existing cyber security systems and strategies is the need of the hour. The global cyber security industry is going through a fundamental change and is growing to address the cyber security challenges in the age of IoT. With IoT creating innovations and disruptions in the business world, parallel innovations are happening in the cyber security space also to address the IoT security threats.

Technology space is witnessing a major upheaval with the new disruptive technologies changing the way businesses are carried out. Cloud, Social, and Mobile are converging and accelerating one another to give rise to a constant access paradigm consisting of:

Continuous Services – solutions will increasingly need to be cloud-based to ensure they are always available on-demand and can be consumed on demand.

Connected Devices – proliferation of the number and types of devices that allow users to be continuously or intermittently connected to the internet and with one another.  
Product Engineering Services

With a combination of agile methodology, experienced architects and pre-built components, Happiest Minds deliver Product Engineering Services on 4 specific domains: Enterprise Domain catering to Enterprise ISV customer, Customer Platforms focussing on E-Commerce and Media & Entertainment, IoT focussing on Industrial and Automotive & Building Automation and Data Center Technologies (DCT) focussing on Software Defined Networking and Data Centres. A strong team of technical experts to offer Architecture and Engineering services, well-defined methodologies, frameworks and product engineering processes and standards make Happiest Minds a preferred partner for Product Engineering Services.