Point of Entry Cybersecurity Plan: Enemy at the Gates!
There’s a hype-cycle to the current state of information security, and simultaneously there are real-world threats domestically and internationally. National security level exploits via social media, and voting hacks determining the president of the United States and Brexit. Have you been brushing up on your Russian? The great hack of Facebook and Cambridge Analytica stealing elections around the world. I think the Panama Papers was the sign of things to come, but we were not paying attention. Cambridge Analytica happened, and we barely looked up from our heads in the sand.
Over the last 5 years, we have watched breach after breach of major retailers in the USA. In addition, several states and healthcare establishments have been hit with ransomware attacks costing millions. Under the radar, Spear Phishing attacks have been quietly raiding corporate accounts worldwide. I want to showcase some tools on the market that may help. They are not a panacea by any means but may help you bolster your arsenal in the never-ending fight against cyberattacks.
Last week was very humbling for me. I received two random requests from cybersecurity companies that are growing fast, have all the right industry experts supporting them, and have all the right partnerships. In addition, I reached out to a couple companies for some insights and predictions and they obliged me with some of their thoughts.
Password Compliance & Password Replacement
Passwords are probably the most boring security issues to tackle, but probably the most widely exploited point of entry. There is not a major corporation that has not had to deal with a password getting out on the dark web. Human nature dictates that it is a major habit and flaw that we tend to use the same password for everything. From online streaming companies like Netflix, Hulu, and Disney to major banks, and major retailers they all deal with this problem from employees and customers alike. If you must use passwords, probably a good idea to follow NIST Guidelines and to use different passwords for each account.
The Authlogics Password Breach Database is a key component when looking to meet the new password policy guidelines set by NIST SP 800-63B. It provides a comprehensive and well-maintained dictionary of unacceptable and compromised passwords in the cloud for real-time lookups. The Authlogics Password Breach Database is a large compilation of over 2 billion credentials which have been breached, this includes over 520 million unique clear text passwords.
When I first heard about Authlogics I was very hopeful about the concept, but soon learned it is very hard to get corporations to do away with passwords. Removing passwords from the login process leads to cost reductions and a better experience for both users and customers. With fewer calls to the help desk due to lockouts and password resets, costs are cut, and productivity is increased. Alternatives to passwords also improve the security of processes where passwords have never been a viable authentication approach.
I asked Steven Hope, CEO of Authlogics what he thought were the biggest issues with password compliance and password security? He said, “(1) The biggest issue I see is how little people are doing about password security. Everybody gets that they hate passwords, that they are too complex to deal with and there are too many of them, but people seem to have just given up and accepted that it’s just the way it must be. The reality is that passwords aren’t going away just yet, but there are ways to get there and get some quick wins for companies to relieve some of the pain.
(2) A top suggestion is to write down a passwordless strategy. Passwordless is the end goal but you need to assess each directory and application, then look at what technologies that are available to start the journey. The biggest impact and quickest win are often getting Active Directory NIST 800=63B compliant and in doing so reduce the headache of regular password changes and helpdesk unlocks. It also reduces the risk of common cyber-attacks like phishing and credential stuffing. Authlogics can help with all of this obviously and can manage customers through their journey from password compliance, through MFA to passwordless.” Authlogics
The second vulnerable point of entry is emails. Once they leave your server, they may get exposed to the world. I learned about a company last week that makes your email invisible. StealthMail makes company’s emails secure, legally compliant, and invisible to third parties, including cybercriminals and gives an exclusive control and ownership of the encryption keys and data to company clients. Each user’s Email or attached file. StealthMail encrypts individually on the user’s side and stores it in the protected cloud or storage.
StealthMail extends a company’s security perimeter and protects Email even after it has been sent – making your company’s Emails secure, invisible to the Public Internet, and legally compliant to protect reputation, avoid severe penalties, and to minimize litigation, and gross negligence risks. Last week, I got a connection request on LinkedIn by Evgen Verzun, CEO of StealthMail and he offered me his book called “The Art of Email Security”. It is aimed at helping organizations educate their users in best email security practices. Who can’t resist a company called StealthMail, that hides and encrypts emails from hackers? I think removing emails from the equation is brilliant. You can’t hack what you can’t see.
StealthMail’s Secure Email Channel ensures that you and your business partners are protected from Email interception, phishing (whaling, spear, clone, etc.), and Business Email Compromise attacks. With StealthMail your Emails are no longer postcards, they become invisible. I noticed that they are a Microsoft ISV Partner in the Microsoft Azure Marketplace, too. StealthMail
Artificial Intelligence in Web Application Firewalls
Web and Cloud Applications are another vulnerable entry point. Last week I got another connection request on LinkedIn from Ivan Novikov, CEO of Wallarm. He told me the following, “We reinvented WAF by replacing signatures and combining it with an active scanner.” He didn’t tell me the whole story. You know I had to check it out. This company has more awards in the last year, than a little bit. I probably need more information about it, but from what I gather they are an artificial intelligence (AI)-powered application and API security company. They do more than what he originally said. I have been working with DevOps organizations over the summer and this would have come in handy. But now I’m ready.
Imagine using AI to stop hackers. Replace your legacy WAF that disrupts operations and produces irrelevant alerts. With Wallarm Advanced Cloud-Native WAF, you get compliance, real-time visibility, and an ultra-low false positive rate because of dynamic, application-specific rules.
Wallarm DAST uses attack data captured with Wallarm NG-WAF module. For every malicious request, Wallarm extracts its payload, attack type, and application endpoint and then generates scanner checks. If the attack was targeting an existing application flaw, Wallarm DAST identifies this vulnerability and creates a ready-to-use ticket.
Wallarm earned several industry awards and recognition in the last 18 months, including:
- Listed as number #7 in the security category in Inc. Magazine’s 37th annual 5000, the most prestigious ranking of the nation’s fastest-growing private companies
- Named a “Hot Startup to Watch” in Startup50’s Big50 2018–19 Startup Report
- Received a Cybersecurity Excellence Award for being one of the most innovative cybersecurity companies
“Wallarm FAST has many cool features to help DevOps teams strike the delicate balance between the security of the application and the very short release cycles.” Says Chris Rodriguez, Senior Analyst, Front & Sullivan. After tremendous growth and awards in the first half of 2019 Ivan had this to say “It’s great to see that our focus on DevSecOps and a 360 approach to security is paying off, as evidenced by new customer acquisitions, the expansion of existing partnerships, and the industry awards we’ve received this year,” said Ivan Novikov, CEO, Wallarm. “We look forward to continue developing industry leading application and API security products as we focus our efforts on expanding globally.” You may want to consider replacing your legacy WAF products. Maybe. Just a thought. Hackers are using AI, maybe you should too. Wallarm
EndPoint Devices from MDM to Encryption
Mobile phones are the most vulnerable entry point, whether through mobile apps equipped with malware, or your unencrypted voice conversations. It’s bad enough apps on your phone are listening to your conversations on and off the phone, but unsecure phone conversations are a problem. Hackers only need your phone number to eavesdrop on your calls, read your texts, or track you down.
Mobile device management (MDM) is a type of security software used by an IT department to monitor, manage, and secure employees’ mobile devices (laptops, smartphones, tablets, etc.) that are deployed across multiple mobile service providers and across multiple mobile operating systems being used in the organization.
I don’t know why some corporations treat mobile devices management like the red headed stepchild, but they do. Your BYOD strategy may be rendering your enterprise vulnerable. Phones not regulated by mobile device management tools, may be susceptible to malware proliferation. I personally like, Apptec360 because I have been promoting it for the last few years. I find them easier to partner with, great on price performance, and they usually beat out MobileIron and Airwatch over in Europe. Don’t know why it hasn’t taken off in the USA, but I keep talking about them.
- Leading Workplace & Mobility Management Vendor in the Quadrant of Crisp Research 2019
- Global Business Insight “Winner of Enterprise Software Developers 2019“
- Leading Workplace & Mobility Management Vendor in the Quadrant of Crisp Research 2018
- Leading EMM Vendor in the Quadrant of Experton Group – „Rising Star 2015“
- IT-Innovation Award Winner “Best of Mobile Solution 2013, 2014, 2015, 2016 & 2017“
- Industry Award “Best of IT and Software Solution 2013, 2015, 2016 & 2017“
- 2018 Greater London Enterprise Awards “Best Enterprise MDM Software Provider 2018”
- 2017 Greater London Enterprise Awards “Best Enterprise MDM Software Provider 2017”
ADVANTAGES AT A GLANCE
- Quality Made in Switzerland
- Large customer base (more than 6,400)
- Very high customer satisfaction.
- Renewal rate of 98.8% (contract renewal rate of our customers)
- High data security through high-grade encryption
- Excellent technical support
- Available as On-premise or in the Cloud
- Hosting in Switzerland and Germany
- Hosting is ISO 27001 and PCI-DSS certified
- Security-tested and approved container technology
- Designed to support GDPR/EU-DSGVO compliance
- Intuitive administration interface
- Easily deployed
- Same-Day-Support for OS-updates
- Innovative manufacturer
- Best price performance ratio
Sahin Tugcular, Managing Director of Apptec GmbH, was once asked what are the stumbling blocks in implementing a mobile device management solution? His response, “Actually, there are no stumbling blocks. It’s up to the customer to decide which hiring options the company wants to use. In any case, it is important to think in advance about how much the devices should be restricted, and which security settings should apply.” So, if you want to implement MDM with no stumbling blocks look at Apptec360.
Now that we got control of your enterprise mobile device situation, let’s plug the hole in phone conversations with SaltDNA. Remember those spy thriller movies we watch and the famous line? “Is this a secure line?” This is real life folks. Lock it up. Stop talking out in the open. Never compromise on your enterprise communications. SaltDNA uses the highest-grade encryption techniques to allow the user to voice call, text message, conference call or send files with the highest confidence.
Available on iOS, Android and Desktop.
Back when Whatsapp’s latest hack SaltDNA CEO, Joe Boyle had this to say, “This attack could not have happened on the SaltDNA system. This latest WhatsApp hack emphasizes the threat posed by consumer apps with open contact lists and directories. Claiming that an app is ‘secure’ simply because it uses encryption for the messages is a mistake. Security requires control and management around the encryption and Salt provides this protection better than anyone else on the market today.” So, are you on a secure line? Inquiring minds want to know. SaltDNA
Need more information on the products mentioned, contact me. CISO Advisor.