Network Security – Why Security Awareness is Essential for Internal Threat Management?

Security awareness is often linked to anti-terrorism programs around the world but in the IT world we are referring to cybersecurity awareness. Many of you are already switching off, yawning and considering leaving this page but hang on a moment…

The subject may well have been harped on by management, consultants and IT teams and this instinctive reaction to tune out is down to poor implementation in the past. Advocates of security awareness are often condescending, are too technical or fail to link practical threat examples to real-world situations. Other failures include a lack of management buy-in. This “do as I say, not as I do” attitude has the opposite of the desired effect, no significant increase in security awareness and a growing employee resentment when management errors in this area are not penalized.

Be Aware of the Potential Threats

It’s not as simple as telling employees to stop clicking on links in emails and in social media, although this is part of it. Requests to reset passwords or requests to update online banking details are designed to gain logon info i.e. fishing for information. That’s why they call it phishing and there are many forms. Security awareness is not limited to computer usage but can extend to any form of social engineering – a term used to describe methods of hacking the user or company while avoiding technological countermeasures. Methods can include shoulder surfing (the ‘hacker’ simply gets required information by looking over an unsuspecting employee’s shoulder), dumpster diving (extracting printed documents from the rubbish bins outside) or indeed by gaining onsite network access (perhaps by joining employees who smoke outside and then entering the premises unobserved when they return). Employees who leave their phones or laptops unattended could unwittingly allow a hacker time to install a program that remains inactive until connected to the company network. There are many other examples of social engineering.

“Any security awareness training must include social engineering, as many of these threats do not require any IT or computer knowledge. The aim is the same, to gather information that can in turn be used to either hack the employees or the company network. For example, a discarded printout may contain names of senior employees that are then used to send convincing emails to all employees, perhaps requesting them to change their network logon credentials,” said Radosław Janowski, Product Manager.

Dispel the Myths

Hackers rarely have positive motives and are generally classed as cybercriminals, with their primary motives being either financial or disruptive. Ones that act on behalf of governments are after classified or proprietary data. Ethical hackers and security companies know their methods and produce countermeasures as new threats are identified.

Let’s start with some obvious facts that most industry experts agree on.

  1. Hackers will go after the easier targets and hacking the end user is a much easier prospect than hacking the technological barriers that are included in the modern network, whether it involves endpoint protection, AI-related analysis or any other security assets such as firewalls. In the same way, hackers will hack smaller companies as a means of eventually hacking their larger clients or suppliers. This means, YOUR COMPANY IS NOT TOO SMALL TO BE HACKED.
  2. Security awareness training takes take time and money and the potential benefits are sometimes ignored, especially by smaller companies.
  3. The age, sex or IT knowledge of the end user does not indicate an enhanced awareness of the potential threats or how they will be carried out. A BBC article focused on the on the results of a survey which indicated that British people aged 18-25 lacked cybersecurity awareness, using the same password for multiple services and sending sensitive data (including passport information) over email and messaging systems. detective inspector Mick Dodge, national cyber protect coordinator with the City of London police said: “Your email account is really a treasure trove of information that hackers won’t hesitate to exploit… You wouldn’t leave your door open for a burglar, so why give criminals an open invitation to your personal information?”
  4. Internal threats are much more difficult to handle than external ones, as most technological solutions are designed to block external network attacks.

As Przemysław Jarmużek, Technical Support Specialist at SMSEagle, pointed out: “Companies that ignore security awareness training are putting themselves at risk unnecessarily. Cost is not a barrier when free courses are available online. The inconvenience of losing an hour’s productivity each month is nothing compared to the time lost if data loss or network outage occurs. Not everyone is an IT expert and security awareness training must consider that. In addition, perhaps the most important aspect of security is that everyone who accesses the company network, whether on LAN or using Wi-Fi, needs to be aware of how hackers attack the user. In adopting a security-conscious culture, everyone at SMSEagle has mandatory awareness training and this includes senior management.”

In conclusion, if you take nothing else from this post, it is that security awareness is essential, a free course is available to all (I’m sure there are others) and that ongoing security awareness training is a must as new security threats are identified. It’s not necessary to spend hours per week on training. Instead make sure that all employees take the initial course for an hour or two then perhaps a half an hour each month will suffice, to advise everyone on new potential threats and to show the attempts that were made the previous month, even the common lottery winner alerts or other email scams. If you foster an “us vs. them” proactive attitude (against hackers) within your company, then every attack that is prevented will seem like a victory for all.

Michael O’Dwyer is a Hong Kong-based business and technology journalist, independent consultant and writer whose stories have appeared on Forbes.com, The Street, IBM’s Midsize Insider, HP’S Pulse of IT, Dell’s Tech Page One and other IT portals, typically covering areas where business and technology intersect. He writes for both US and UK audiences and acts as a technology and open source advocate. Twitter: @MJODWYERHK

The Best Way for Finance Companies to Improve Wireless Network Security

As finance companies deploy Internet of Things (IoT) solutions, they must ensure that connections and critical data are secure.

As finance companies continue to update security technologies, and make use of all types of IoT) solutions, there are more opportunities for network security breaches.

These technologies are used for all types of things—from everything like finding optimal locations for new establishments, to personalizing offers for customers, to protecting their own internal data. The potential for network security failure lies everywhere.

Among the financial industry, banking malware is common. According to SecureList:

In 2017, the number of users that encountered Android banking malware decreased by almost 15% to 259,828 worldwide. Just three banking malware families accounted for attacks on the vast majority of users (over 70%).

As banks and financial technologies adopt more connected devices like sensors, Bluetooth low energy beacons, IP-connected cameras and more to their information technology (IT) environments, steps to secure those devices and their data need to be taken.

The best way to ensure financial institution network security is a mix of strong encryption, segmentation and a willingness to perform penetration testing and replace connected devices regularly.

Reduce Device Security Load with Network Segmentation

Network segmentation is the practice of isolation different IoT devices. Segmenting these devices reduces the risk that one breached device will be able to harm other devices that are a part of the network.

Marc Blackmer, Product Manager of Industry Solutions for Cisco was quoted in CDW talking about the benefits:

“Existing best practices, such as network segmentation, will help take some of the security load off of these devices.”

Once devices are segmented, IT departments need to ensure that there is strong encryption across the board to protect against a breach.

Encrypted Devices Need to Span Across the Board

The same security tools used for wireless networks needs to get carried over to devices.

Yariv Fishman, Head of Product Management for Vertical Solutions and IoT at Check Point Software Technologies, tells BizTech how to eliminate potential attacks:

“Establishing an encrypted virtual private network connection between a device and the network helps eliminate potential attacks, such as ‘Man in the Middle,’ that compromise the integrity and validity of the information provided from the device to the network and vice versa.”

The mobile threat is real—In Verizon’s “Mobile Security Index 2018” report, 25 percent of those surveyed who work in the financial services sector reported that they have experienced a mobile-related incident and 18 percent said it was a major one with lasting repercussions.

Strong encryption, coupled with the willingness to replace existing IoT devices with new, upgrades will enhance. security protections.

Penetration Testing for Mobile

Finally, it’s clear that the finance industry sees the potential threats that IoT and other wirelessly connected devices can bring.

The most important thing you can do is to identify malicious activity and identify vulnerabilities in IoT devices before a breach happens.

To do so, bring in penetration testers on a regular basis, and if you can’t afford to do that, conduct red team exercises with your staff. As technology advances, the opportunities are imments, but new devices need to be deployed securely to ensure a safe future for companies and their clients and customers.

Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.

3 Ways Network Security is Changing as IT Departments Transform Digitally

Network security practices are familiar to most organizations as the policies and practices that protect your computer from cyber attacks.

Information Technology (IT) professionals and executives generally agree they’re necessary, but some of these practices are becoming outdated as organizations transform digitally.

Basically—it’s time to rethink the old school way.

Traditionally, you have public and private security—one reserved for use by employees at work, and the other for the public—and the tech has been the same for years.

It isn’t enough in the face of new digital technologies. Below are some tips from Chief Information Officers (CIOs) facing this changing landscape, with advice on how you can too.

You can’t just invest in protections for physical networks anymore—you need to protect your cloud.

As your infrastructure and your applications move to the cloud, so should your network security policies and practices. As organizations transform digitally, they rely less on physical networks and more on cloud services.

In fact, Research firm IDC estimates that nearly one third of the worldwide enterprise application market will be SaaS-based by 2018, driving annual SaaS revenue to $50.8 billion, from 22.6 billion in 2013.

Neil Thacker, European CIO of Netskope, told ComputerWeekly.com that the way to focus more on cloud security is to work in layers:

“The traditional seven-layer OSI model has…been replaced with three layers: identity, application and data. In summary, organizations must have better visibility into these three layers without necessarily prohibiting the use of services that businesses rely on.

“Cloud is not just the future, it’s how businesses work in the present day. Therefore, the security of these services and the data that resides in them must form part of a CISO’s principal strategy,” he adds.

Your identity, applications and data are all moving towards the cloud, if they’re not there already. Having protections in place for all three layers will greatly help reduce the risk of attack or breach from a third-party.

IT pros are taking a layered approach—they’re developing infrastructure as a service (IaaS).

As you approach network security in the cloud, you need to take into account that perimeter controls restrict the traffic that reaches your applications. This provides a lot of strength for an organization when they look at that traffic in layers.

Alex Ayers, Head of Application Security at Wolters Kluwer, also told ComputerWeekly.com that it’s particularly crucial for companies to develop IaaS:

“Supporting the architectural and technical controls is a security monitoring layer which, while often seen as an insurance policy, provides data that can be used to augment service health and performance indicators

“Through these different layers, our company is able to deploy, tune and replace discrete specialised technologies in response to changes in threats or business requirements.”

The adoption of IaaS is growing—according to Statista, IaaS’s share of the public cloud market in 2016 was 33.2%, and the number of installed cloud workloads for IaaS in 2018 was 50 million worldwide.

According to Ayers, the addition of these layers is a makes corporate network boundaries a thing of the past. They balance and corporate network, a host of SaaS products to run their business.

Finally, invest in more modern detection and response technologies.

The amount of time it takes you to react to a security breach today is critical. According to Geoff Belknap, CSO at Slack, investing more in modern detection and response technologies is one of the more important things you can do.

They’re not the only ones—Gartner reported last year that detection and response is top security priority for organizations of all kinds.

According to Belknap, Slack uses a suite of technologies like firewalls, network-based intrusion detection, and modern network and endpoint-based malware detection methods. They monitor at the kernel level to see how their services communicate, and of course to detect potential threats.

“We are also big believers in the beyondcorp/zero trust school of thought. We don’t assign any trust based on the source network that a given device’s request originates from,” Belknap said.

“We treat all our networks as untrusted. Instead we make device identifiers a key component of our security, which allows us to make more accurate decisions about access control and make more informed decisions about suspicious activity.”

Network security practices have been around for a long time, as as we continue to evolve digitally, the threats to our security will only evolve too. Preparing for this evolution with updated policies and practices is the first step in keeping your organization’s data safe.

SMSEagle is Hardware SMS gateway to send and receive SMS text messages. To find out how we can help support your network security program, check out our online store.

Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.

Network Security and Business Agility Can Coexist

You’d be hard pressed to find any business leader that said they didn’t want to be agile. The ability to pivot quickly, make fast decisions and change course in the midst of a project is valuable today as the business landscape becomes more volatile.

The thing is, we’re also bombarded with news of security breaches, hacks and stories of people and businesses that have been robbed of sensitive information. This requires management, processes, policies—all of the things you’d probably say work against agility.

It doesn’t have to be this way, though—you can have both agility and security.

But how? It’s hard to imagine a word with both when cyber security issues are becoming so overwhelming. Network World’s 2017 State of the Network report cited data breaches and leaks as the top challenge for IT decision makers in businesses of all size. Part of the problem is understaffing the security operations centers (SOCs) themselves.

“Understaffed and under-skilled SOC teams depend on key individuals and manual processes to get their jobs done,” ESG’s Jon Oltsik wrote for CSO Online. “And when cyber security professionals detect something wrong, they don’t work well with the IT operations team to fix problems in an efficient manner.”

The problem today has roots from the internet’s beginnings.

One major problem—we’re using IP addressing to a greater extent than anyone ever imagined. The founders of the web didn’t expect us to use it to attack one another.

The problem lies in the workaround we’ve created for the IP address:

“Since it’s impossible to give every device its own unique IP address, the clever folks at networking companies came up with an assortment of workarounds, such as being able to NAT (network address translation) non-routable, private addresses,” Moreover, as industry analyst Zeus Kerravala wrote in Network World.

“And as we’ve added more dynamic environments, such as private and public cloud, defining policy based on addresses or ranges has become unsustainable.”

The Internet Engineering Task Force (IETF) has tried to solve this problem with a new standard to address the flaws in TCP and IP addressing. With this standard, the host identity protocol (HIP) separates endpoint identifiers from IP address locator roles and introduces a new namespace based on public keys from that endpoint.

The solution—you need an inherently agile network.

HIP is part of the solution to this problem, and can help you bring both business agility and security into your framework.

One solution—secure network overlays based on cryptographic namespace identities.

With this solution, end-to-end or peer-to-peer encrypted networking is now possible and can be done in as little as three steps, even for traditionally non-routable endpoints.

SMSEagle is Hardware SMS gateway to send and receive SMS text messages. To find out how we can help support your network security program, check out our

Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.

5 Security Experts on Why IT Leaders Need to Start Automating

Automation has been cited as the next big thing for IT leaders looking to secure their communications in all types of cloud environments—but leadership knows the challenges they face in doing so.

Answering to a Network World survey, 47% of respondents claim that it is difficult to monitor network behavior from end-to-end, and 41% say these security operations have difficulties that arise from cloud computing.

The main problem with not automating security operations is scalability and the difficulty in setting up these systems. But it’s necessary—it’s impossible to keep up with the increasing pace, limited cybersecurity, and network operations personnel, all while managing network security operations on a box-by-box, or CLI-by-CLI basis.

But don’t take our word for it. These five security experts have driven deep into the world of network security, and have their own reasons for passing along advice to IT leaders to start automating security processes today.

Security Experts and their Reasons for Encouraging IT Leaders to Automate

According to the Enterprise Security Group (ESG) 63% of networking and cybersecurity professionals working at enterprise organizations (more than 1,000 employees) believe network security operations is more difficult today than it was two years ago.

The bottom line – the main roadblock standing in the way of IT leaders and automated security process is difficulty. Here’s why you should take the plunge despite the challenges.

Jon Oltsik, ESG Senior Principal Analyst and Founder of the Firm’s Cybersecurity Service

Oltsik knows the scalability problems that security leadership faces, even though leadership knows the risk they’re taking without it. He cites a survey of 150 IT professionals, where 31% of respondents say automation is “critical” to address future IT initiatives, while 58% claim it is “very important” to address future IT initiatives.

Because of the recognition of its importance, the technology industry is listening – Companies like Cisco, Fortinet, Check Point, and more have all introduced solutions that will assist security network operations teams in automation and visibility of their networks. His advice to leadership is to adopt these technologies:

“Since relying on people and manual processes can’t scale or keep organizations secure, CISOs and network operations managers should assess where they are in the network security operations automation transition as soon as possible, making sure to look into their people, processes and technologies.

Once shortcomings and bottlenecks are discovered, large organizations should develop a plan to address these areas and institute network security operations automation projects, phasing in capabilities over the next few years.” Jon Oltsik

Stephanie Tayengco, SVP of Operations, Logicworks

Tayengco is a proponent for automation, but automation the right way in the face of risk. Her bottom line—you need to get rid of as much manual work as possible to stay secure.

According her, it’s important to automate infrastructure buildout first, continually check instances across the environment, fully automate deployments, include automated security monitoring in those deployments, and finally, prepare for the future of automation.

“Ninety-five percent of all security incidents involve human error, according to IBM’s 2014 Cyber Security Intelligence Index.

This year alone, enterprises will spend $8 billion on cyber security, but these initiatives are often useless in preventing an engineer from misconfiguring a firewall or forgetting to patch a security vulnerability on a new server. Manual work is risk, and manual security work is a disaster waiting to happen.” – Stephanie Tayengco

Gabby Nizri, CEO, Ayehu

Nizri is worried about the rising number of security breaches. According to the ISACA 2015 Global Cybersecurity Status Report, 781 publicized cyber security breaches resulted in 169 million personal records being exposed.

Well-known companies like BlueCross, Harvard and Target were involved, making it clear that even the most sophisticated and well-funded security departments aren’t safe. Even so, only 38% of organizations across the globe can confidently say they are prepared to handle a sophisticated cyber-attack. Because of this, Nizri urges you to automate.

“Simply put, IT personnel are no match for such intensive, sustained attacks. Not only are humans incapable of keeping up with the sheer volume of incoming threats, but their ability to make quick and highly-impactful decisions to manually address such an attack is equally inefficient.

This is why automation is becoming such a powerful and effective component of cyber security incident response. To combat the onslaught of incoming threats, organizations must employ an army of equivalent strength and sophistication.” – Gabby Nizri

Danelle Au, VP of Strategy and Marketing at SafeBreach

Automation isn’t all about just avoiding mistakes. Au cites instances where automation makes an IT department more agile, and improves processes such as application delivery.

For the private cloud environment, applications and desktops are being virtualized at an faster than ever before. According to Au, As the number of virtual machines (VMs) increases, automation and orchestration is no longer a “nice to have.”

“The ability to translate complex business and organization goals into a set of automated data center workflows is critical to not slowing down the application delivery process. It is also an essential part of making compliance and security requirements a lot easier to manage in a very dynamic environment.

To fully realize the promise of private clouds or software defined data centers (as VMware defines it), the traditional IT infrastructure — in particular network security — needs to transform into agile and adaptive end-to-end automated processes.” – Danielle Au

Brian Dye, VP of Intel Security Group

A recent ESG study noted that 46% of organizations said they have a “problematic shortage” of cybersecurity skills—up from 28% just a year ago. That means the development of these skills in IT personnel isn’t improving at a rate needed to keep up with threats.

One-third of those respondents said their biggest gap was with cloud security specialists. According to Dye, this is the reason security automation is important, as well for working with SDN technologies and responding to breaches.

“As organizations explore software defined networking (SDN), they see a need for more automation skills, as security policy must co-exist with the orchestration to fully exploit an SDN environment. These skills become especially important as virtualization expands beyond servers and into networks and storage.” – Brian Dye

Network security automation is important for many reasons – the risks associated with manual processes, adaptation to new technologies, the agility of the cloud, and the race to keep up the skills needed in personnel to use new emerging technologies.

Creating the proper mix of skillsets, automation and processes will provide IT leaders with the security confidence they need moving forward.

SMSEagle is Hardware SMS gateway to send and receive SMS text messages. To find out how we can help support your network security program, check out our online store.

Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.