Feb.05

Cybersecurity – It’s Just One Piece of a Comprehensive Information Security Program

Written by John Remsey, IMEC Senior Technical Specialist

Cybersecurity has become a hot topic within manufacturing over the past months, especially for the Defense supply chain with the federal government increasing their emphasis on addressing threats to the security of information.  In December 2015, the U.S. Department of Defense (DOD) released a rule to the Defense Acquisition Federal Regulation Supplement (DAFRS) that requires government contractors to implement the requirements of National Institutes of Standards and Technology (NIST) Special Publication (SP) 800-171 by December 31, 2017.  With this deadline fast approaching, conversation, and urgency, to become compliant is increasing.

The requirements of NIST SP 800-171 are intended to protect the confidentiality of Controlled Unclassified Information (CUI) in non-federal organizations and their supply chains.  A failure to meet these requirements may result in the loss of supply contracts and liability for the organization should an escape of CUI occur internally or their suppliers and service providers.  While organization doing business with the federal government should expect these types of requirements to increase over time, it is good practice for all organizations (manufacturers included) to protect information they have been provided during business activities.

While Cybersecurity, and the external threats commonly associated with it such as Hacking, Spyware, Ransomware and Malware, is very important, it’s also important to realize that it is just ONE PIECE of an effective Information Security Program.  An organization’s exposure to information vulnerabilities extends well beyond the interconnected world.  A comprehensive Information Security program also includes:

•  Privacy: Adequately protecting the information and identity of your Employees, Customers, Suppliers and other Resource Providers.  Ensuring that controls, systems and procedures are in place to restrict access to this information to only those who absolutely need it and include procedures for the archiving and purging of excess, expired or unnecessary information.

•  Physical Security: Protecting, limiting and monitoring access to information stores and access points.  Securing data storage, access points and other means of physical access.

•  Contingency Planning & Disaster Recovery: Developing, testing and deploying the tools and processes needed to quickly and effectively recover information in event of a catastrophe.  Speed to recovery from an information event can be the difference between recovery and loss of operations.

•  Operational Security: Protecting private business intentions, processes and Media response channels.  Limiting the access to strategic and market differentiating information.  Developing an informational response plan to quickly and effectively address any potentially adverse information regarding the organization.

•  Personnel Security: Implementing background checks for staff and service providers with access to information as well as behavior monitoring to proactively detect exposure risks.  Implement the tools and procedure necessary to have confidence that those invited to access information are focused on using it for the good of the organization and its stakeholders.  Monitor activity at all levels and implement triggers and warnings should information flow or user behaviors vary beyond normal expectations.

Manufacturers have a variety of tools available to help pursue comprehensive organizational security, starting with cybersecurity.  The first step is to determine one’s existing cybersecurity protections and tools and identify easy gaps to fill.  Taking protective steps can decrease the time and resources spent on a security breach.  Contact IMEC at info@imec.org or 888.806.4632 to learn more about existing self-assessments to get your company started.

Source

http://blog.imec.org/blog/2017/09/cybersecurity-just-one-piece-comprehensive-information-security-program

Management

Feb.05

Feb.01

South Africa’s information security challenges

South Africa is one country that has been struggling to come to terms with the huge cyber security problem it faces. According to the Global Fraud Report, an annual publication that ranks regions according to the number of incidents of cybercrime, sub-Saharan Africa has the third highest exposure to incidents of cyber fraud of any region in the world. And, according to the research, incidences of cybercrime and cyber security breaches are rising.

South Africa is one of the leading targets for cybercriminals on the African continent due to its relatively high rate of internet connectivity in relation to other African countries. This opens it up to all kinds of threats, many of which businesses and private individuals are ill-equipped to deal with.

What type of risks does it face?

As with other countries around the world, South Africa faces and an ever-evolving range of threats. However, the Global Fraud Report ranks data deletion due to system issues as the most prevalent form of attack. After that, wire transfer accounted for 26 percent of cybercrime in the country, which was far above the global average of 14 percent.

Other prevalent forms of attack include viruses and email-based phishing scams, which cause such problems that short-term South African lender Wonga has recently produced a guide to help its customers identify genuine and fake emails.

The report also looked at the numerous threats to South African businesses, with unlawful acquisition or interference with sensitive data the most common. In fact, data breaches were found to have a total organisational cost of R20,6 million.

The introduction of the Cybercrimes and Cyber Security Bill

Until very recently, South Africa did not have any legislation in place to combat cybercrimes. On 21 February 2017, all that changed with the introduction of the Cybercrimes and Cyber Security Bill. That criminalised a number of activities that includes but is not limited to:

  • Unlawful acquisition of data

  • Unlawful acts in respect of software or hardware tools

  • Unlawful interference with a computer programme

  • Unlawful acquisition, possession, provision, receipt or use of password, access codes or similar data or devices

  • Unlawful interference with a computer data storage medium or computer system

The Bill also imposes a range of penalties for offenders which includes fines and custodial sentences of up to 15 years.

The first line of defence

Although the new legislation will make it easier to prosecute those involved in cybercrime, it will not help to protect businesses and private individuals in the first instance. When it comes to your personal finances, the onus is on you to protect yourself.

This can be done by:

  • Updating your operating system, software and internet browser

  • Regularly running up-to-date antivirus software

  • Keeping a backup of important files

  • Regularly changing your passwords

  • Learning to recognise the signs of phishing scams

Do you think the government is doing enough to combat cybercrime?

Perhaps you’ve been a victim?

Please share your experiences in the comments below.


Partner Content: This article is brought to you by Wonga.

Source

https://www.iafrikan.com/2018/04/19/the-ongoing-battle-against-cybercrime-in-south-africa/

Management

Feb.01

South Africa’s information security challenges

South Africa is one country that has been struggling to come to terms with the huge cyber security problem it faces. According to the Global Fraud Report, an annual publication that ranks regions according to the number of incidents of cybercrime, sub-Saharan Africa has the third highest exposure to incidents of cyber fraud of any region in the world. And, according to the research, incidences of cybercrime and cyber security breaches are rising.

South Africa is one of the leading targets for cybercriminals on the African continent due to its relatively high rate of internet connectivity in relation to other African countries. This opens it up to all kinds of threats, many of which businesses and private individuals are ill-equipped to deal with.

What type of risks does it face?

As with other countries around the world, South Africa faces and an ever-evolving range of threats. However, the Global Fraud Report ranks data deletion due to system issues as the most prevalent form of attack. After that, wire transfer accounted for 26 percent of cybercrime in the country, which was far above the global average of 14 percent.

Other prevalent forms of attack include viruses and email-based phishing scams, which cause such problems that short-term South African lender Wonga has recently produced a guide to help its customers identify genuine and fake emails.

The report also looked at the numerous threats to South African businesses, with unlawful acquisition or interference with sensitive data the most common. In fact, data breaches were found to have a total organisational cost of R20,6 million.

The introduction of the Cybercrimes and Cyber Security Bill

Until very recently, South Africa did not have any legislation in place to combat cybercrimes. On 21 February 2017, all that changed with the introduction of the Cybercrimes and Cyber Security Bill. That criminalised a number of activities that includes but is not limited to:

  • Unlawful acquisition of data

  • Unlawful acts in respect of software or hardware tools

  • Unlawful interference with a computer programme

  • Unlawful acquisition, possession, provision, receipt or use of password, access codes or similar data or devices

  • Unlawful interference with a computer data storage medium or computer system

The Bill also imposes a range of penalties for offenders which includes fines and custodial sentences of up to 15 years.

The first line of defence

Although the new legislation will make it easier to prosecute those involved in cybercrime, it will not help to protect businesses and private individuals in the first instance. When it comes to your personal finances, the onus is on you to protect yourself.

This can be done by:

  • Updating your operating system, software and internet browser

  • Regularly running up-to-date antivirus software

  • Keeping a backup of important files

  • Regularly changing your passwords

  • Learning to recognise the signs of phishing scams

Do you think the government is doing enough to combat cybercrime?

Perhaps you’ve been a victim?

Please share your experiences in the comments below.


Partner Content: This article is brought to you by Wonga.

Source

https://www.iafrikan.com/2018/04/19/the-ongoing-battle-against-cybercrime-in-south-africa/

Management

Jan.26

Jan.22

Jan.13

HHS Publishes Health Industry Cybersecurity Practices | Privacy & Information Security Law Blog

The U.S. Department of Health and Human Services (“HHS”) recently announced the publication of “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (the “Cybersecurity Practices”). The Cybersecurity Practices were developed by the Healthcare & Public Health Sector Coordinating Councils Public Private Partnership, a group comprised of over 150 cybersecurity and healthcare experts from government and private industry.

The Cybersecurity Practices are currently composed of four volumes: (1) the Main Document, (2) a Technical Volume of cybersecurity practices for small healthcare organizations, (3) a Technical Volume of cybersecurity practices for medium and large healthcare organizations, and (4) a Resources and Templates Volume. The Cybersecurity Practices also will include a Cybersecurity Practices Assessments Toolkit, but that is still under development.

The Main Document provides an overview of prominent cyber attacks against healthcare organizations and statistics on the costs of such attacks—such as that in 2017, cyber attacks cost small and medium-sized businesses an average of $2.2 million—and lists the five most common cybersecurity threats that impact the healthcare industry: (1) email phishing attacks, (2) ransomware attacks, (3) loss or theft of equipment or data, (4) insider, accidental or intentional data loss and (5) attacks against connected medical devices that may affect patient safety. The Main Document describes real world scenarios exemplifying each threat, lists “Threat Quick Tips,” analyzes the vulnerabilities that lead to such threats, discusses the impact of such threats and provides practices for healthcare organizations (and their employees) to consider to counter such threats. The Main Document concludes by noting that it is essential for healthcare organizations and government to distribute “relevant, actionable information that mitigates the risk of cyber-attacks” and argues for a “culture change and an acceptance of the importance and necessity of cybersecurity as an integrated part of patient care.”

The two Technical Volumes list the following 10 cybersecurity practices for small and medium and large healthcare organizations:

The Technical Volumes also list cybersecurity sub-practices and advice for healthcare organizations to follow, with the noted distinction that small healthcare organizations are focused on cost-effective solutions while medium and large organizations may have more “complicated ecosystems of IT assets.”

Finally, the Resources and Template Volume maps the 10 cybersecurity practices and sub-practices to the NIST Cybersecurity Framework. It also provides templates such as a Laptop, Portable Device, and Remote Use Policy and Procedure, Security Incident Response Plan, an Access Control Procedure, and a Privacy and Security Incident Report.

In announcing the Cybersecurity Practices, HHS Acting Chief Information Security Officer stated that cybersecurity is “the responsibility of every organization working in healthcare and public health. In all of our efforts, we must recognize and leverage the value of partnerships among government and industry stakeholders to tackle the shared problems collaboratively.”

The Cybersecurity Practices follow other key important cybersecurity documents published by HHS, including the checklist on cyberattacks and the ransomware fact sheet.

Management

Jan.12

Information Security and Cybersecurity Efforts for 2019 | KirkpatrickPrice

As organizations plan their information security and cybersecurity efforts for 2019, we often hear a lot of confusion and frustration about things like frameworks modifying their requirements, the cost of audits and assessments rising, scopes getting bigger, and testing seeming to get more difficult.

The threats will do nothing but persist in 2019. You need to do more to protect your organization. When prices or scope or frequency increases, here’s what we’re going to ask you: don’t you want more in 2019 than you got in 2018?

Root Causes of Data Breaches and Security Incidents

Some things stay the same. The root causes of data breaches and security incidents center around three areas: malicious attackers, human error, and flaws in technology. Let’s dive into how these areas impact your organization’s information security and cybersecurity efforts.

These root causes, all connected to malicious attackers, human error, and flaws in technology, impact your organization’s information security and cybersecurity efforts in a significant way. Did you experience a negative impact from these areas in 2018? How are you going to mitigate the risks in these areas for 2019?

Cost of a Data Breach

There’s no denying that information security and cybersecurity efforts require a financial investment, but so do data breaches and security incidents. According to Ponemon, the average total cost of a data breach was $3.86 million in 2018 – a 6.4% increase from 2017. You can bet that in 2019, that number will grow again.

Organizations are usually surprised that the following elements drive up the cost of a data breach:

Take the City of Atlanta, for instance. When the SamSam ransomware attack hit in March of 2018, it was initially estimated to cost $2.6 million in emergency response efforts. Incident response consulting, digital forensics, crisis communication, Microsoft expertise, remediation planning, new equipment, and the actual ransom cost added up quickly. It’s now speculated that this ransomware attack cost $17 million.

As the cost a of data breach rises, so does the cost of information security auditing and testing. The threats are pervasive – how can you make a smart investment to avoid the cost of a data breach?

Your Plan for 2019

Now that you’ve learned about the persistent root causes of data breaches and security incidents, plus the cost of a data breach, what are you going to do about it in 2019? How are you going to modify your information security and cybersecurity efforts? Here are a few areas to consider as we head into a new year:

No defense is 100% effective. There are no guarantees that a data breach or security incident won’t occur. Organizations must be vigilant in doing what they can to prepare, detect, contain, and recover from persistent and sophisticated threats. Auditing firms must also commit to providing quality, thorough services that will empower organizations to meet their challenging compliance objectives. At KirkpatrickPrice, that’s our mission and our responsibility. Contact us today to discuss how we can prepare your organization for the threats of 2019.

More Data Breach and Incident Response Resources

Management

Jan.04

Dec.29