Tuesday, November 3, 2020

BUSINESS CONTINUITY PLAN

 

What is a plan that serves as a step-by-step guide that you can follow during an emergency? A business continuity plan.

Is a business continuity plan a sure shot method to survive a crisis? Will it instantly eliminate the impact of the disaster? No, but it gives you the best chances of survival.

We call a business continuity plan the process used to create the blueprints that will help your organization respond and recover, in useful ways, from an unforeseen disaster or mishap. Business continuity plans help in case of events like natural disasters, pandemics, or accidents that involve only your place of business like fire or a cybercrime attack directed at your business in particular; basically, any event that can paralyze your business.

A business continuity plan helps retain clients, salvaging your brand, image, and reputation by addressing beforehand situations where you might not be able to communicate with your clients. It can help reduce client dissatisfaction. Even if only your business is affected by certain events such as ransomware attacks, data leaks, or virus attacks, having a business continuity plan can be a godsend in times of such crisis.

Essentially your business continuity plan should be composed of nine essential items:

  • Lists of your key contacts – HR, C-level execs, IT, client relationship managers, etc.,
  • Lists of your comprehensive IT inventory – Software, apps, and hardware.
  • Data backups – critical to your recovery.
  • Plan B – Cold, hot storage, alternative sites, BYOD plans.
  • Your building/office space floor plans.
  • SOPs - a set of step-by-step instructions compiled by your organization to help workers carry out complex routine operations.
  • Regular audits of your business continuity plan – to ensure its relevancy and up-to-date information.
  • Have a team – for your business continuity project.
  • Drills – run regular dry run and mock drills

Regardless of the size of your organization, business continuity planning is vital. Bigger organizations often have their own staff (IT/non-IT) for business continuity planning, but for small businesses and non-profits to have their own business continuity planning team can be a bit of a challenge, and not always there are available resources. Consider teaming up with a managed Service Provider, or Managed Security Service Provider who is experienced in disaster recovery planning, so you don’t cut corners now to regret later.


Monday, October 26, 2020

What can parents do to combat cyberbullying

 


Cyber harassment is nothing new, but experts warn parents about an acceleration of the phenomenon during the pandemic. Therefore, it becomes essential for parents to know what cyberbullying means and how a young victim can be supported.

What is cyber harassment?

Cyberbullying means the deliberate attempt to harm other people (annoying, saddening, or scaring them) using digital technologies. It can happen on social platforms, messaging, gaming, or mobile phones. Examples of cyberbullying include offensive comments, threats, rumors, photos, and videos posted or circulating online.

Cyber harassment can take place in any environment where children and adolescents connect with each other.

Types of cyber harassment

Cyberbullying is a serious and socially entrenched problem that can take many forms. Here are some of them:

  • Altercations in the online environment: Quarrels in the online environment through e-mails, instant messaging, or chat rooms
  • Harassment and tracking: Offensive and dangerous messages sent repeatedly to an individual or group of individuals
  • Denigration: Sending or posting gossip or rumors about a person to tarnish their reputation or damage their relationships with friends
  • Identity acquiring: Breaking into a person's email account and using it to send malicious or embarrassing content to others
  • Deception: Conversing with a person on an instant messaging platform and fooling them into revealing sensitive information, followed by sending that information to others
  • Exclusion: Deliberate exclusion of a person from an online group. It is followed by malicious comments and harassment of the rejected person.
  • Tracking cyber: Harassment and repeated and serious denigration that includes threats or fear like
  • Disguise: An aggressor creates a false identity to harass someone under the protection of anonymity. In addition to creating a false identity, the aggressor can assimilate someone else's identity to send dangerous messages to the victim.

What parents can do if their child is being cyberbullied: 

Deciding when and how to intervene is not easy. However, if your child is being harassed, take the situation seriously and take action, working with him/her.

  • Listen to your child and offer to help him/her. Remind her that there is nothing shameful about being a victim of cyberbullying.
  • Remind your child that you will be with him/her no matter what happens. Most likely, your child has been troubled by this problem for some time.
  • Collaborate to end the harassment. Keep evidence, take screenshots, report, delete, and block the aggressor.
  • Discuss the situation at the school where the child is studying and with other parents. Talk to teachers and other parents about the problem. Let them know about the problem and give them a chance to take action.
  • Monitor the situation. Keep talking to your child and always listen to what he has to say. Indeed, the answer to questions like "How was school today?" it will often be "Okay" or, if we're talking about a teenager, maybe he'll just mutter. However, it continues to take a positive stance.
  • Check out resources that can help you combat harassment in your area. There are aids you can turn to. For more advice, try contacting anti-harassment organizations.

What can friends of the victim of cyberbullying do?

Usually, the victim's friends are the first to witness cyberbullying as it occurs in their environment (at school, in social networking groups/communities, in chat rooms, gaming groups, etc.). who is being harassed, here's how you can help him/her:

  • Do not forward or share posts, texts, or images that could harm someone.
  • Talk to the victim of harassment and remind them that you care about him/her.
  • Ask the harassed person if he or she is well and in need of help.
  • Report the situation online or show it to an adult who can help you report it.
  • Do not take part in harassment by replying to messages.
  • Say a kind word to the harassed person.
  • Tell cyber attackers it's not right what they're doing.
  • Suggest that the victim of harassment report, block, or delete the abusers.
  • Leave the group or conversation.

Cyber harassment should not be ignored as it can have harmful psychological effects on children.

FAKE NEWS (imply)

Whether we are talking about false information distributed through channels specially created and dedicated to their promotion (fake news or fake articles designed to distribute malware by attracting a large number of readers) or about false promotional campaigns propagated for criminal purposes (phishing, scam, spam, etc.), we must be aware that there are ways we can inform ourselves to stay away from harmful content and to protect ourselves and those close to us.

Behind every site or profile on social networks, there is information that could expose the deception, forgery, and danger to which we are exposed in the online environment.

WHAT IS SECURITY AND HOW TO PROTECT DATA

 

Digital devices and IT are at the center of both our day-to-day work and leisure activities. Information affects many aspects: think of communication, the details of our lives that we share on social networks, and internet searches.

All this forms a unique and detailed package that takes the name of a digital identity. For example, messages that are exchanged every day on some systems do not reside locally on the device but are saved in such a way as to be readable, for example, by the PC. It's cloud technology that saves data on a server and then shows them on demand. Another use of the cloud is to save your files to non-physical storage to have a copy available from any internet browser. This prevents the loss of data that may result from damage to a hard drive or theft. There are cases of so-called passive security, that section of computer security that cares about unwanted unexpected events. This fascinating branch has a whole set of practices that for example keep servers in an armored, supervised room, in the case of companies handling sensitive databases. Or the proper maintenance of the machines used to handle this data.

What derives from using cloud systems is the need to be careful about the passwords set up and use, and applies to all the services you subscribed to. Social networks, email providers, or others. It is advisable to use different access keys for different services and change them frequently, for precaution.

Useful tips

Verify -the networks you connect to are closed or open Wi-Fi hotspots? Avoiding unsafe connections is the basis for protecting your data over the internet.

Generate - passwords that are far from personal, non-trivial, and complex: avoid birth dates, pet names, or peculiar features that may come to your person.

Be careful -don't trust emails that ask for credit card credentials or information that is generally not requested via email or chat.

Delete -periodically visit your website visit history. Deleting your browser cache not only speeds up but also eliminates stored information that may no longer be needed.

Handle -the permissions of your social networks profiles so that only the information you want to be shared is of public domain. For example, you can limit the consultation of Facebook's diary to friends.

But the field is much broader: IT security is a science that has the object of protecting from attacks or attempts at data theft, or even forgetfulness and unforeseen events that can compromise what we do with digital systems. The so-called passive security concerns all those actions that can be taken to prevent those who do not have permission to access our sensitive information.

The active safety implies, however, the configuration of defenses through software or hardware systems in order to put barriers and limitations to the various attempts put in place by attackers. It can be the installation of a firewall such as regular antivirus, multi-factor authentication, or fingerprint authentication (widespread on the latest generation smartphones and business locations).

Due to the constant evolution of this industry, it is necessary to have a total and always up-to-date approach to the issue: all aspects of IT protection need to be well-chained and function in an integrated way, without creating weak points. The subject is delicate and precisely for this since the dawn of computer science and the introduction of computers and mobile devices in the homes and pockets of each one we have made giant steps. Companies have available not only external threat detection systems but also timely intervention to remedy any annoying situations in terms of data leakage or corruption.


Sunday, October 25, 2020

Ransomware(mplicity)

 

Ransomware is a type of malicious software (or malware) that blocks the victim's access to the computer and demands payment of a reward. The reward and the official reason why the victim should pay depends on the type of virus. Some versions of ransomware claim that payment should be made to avoid punishment by a government authority (usually the FBI or a local agency), others report that this is the only way to decrypt encrypted data.

Types of ransomware

There are various types of ransomware programs that use different methods to make PC users pay the ransom. There are currently three different versions:

Ransomware that encrypts files. This version of ransomware is generally spread with the help of Trojans. Once it infiltrates the computer, it will discover the most used files and encrypt them. Traditionally, files include images, audio files, art, business data, and other data that are considered important to the victim. In addition, this ransomware begins to display a huge warning message claiming that the only way to decrypt data is by paying a reward. In fact, it is true that most of this malware deletes copies of these files and prevents their recovery.

Non-encrypted ransomware. This type of ransomware locks the entire PC system and seeks to threaten the user to pay a fee. For this, it is presented as a warning message to a government agency. Hackers normally use names such as the FBI, police, and others. Immediately after infecting the system, it will check it for illegal files, such as pornographic content or unlicensed versions of programs on the victim's computer. As soon as they are detected, a virus will block your PC and display a huge message that looks just like one that belongs to a government authority. In this case, the victim is informed that he has illegal files that were detected after scanning his/her computer. In addition, the user is required to pay a fee to avoid going to jail.

Ransomware blocking the browser. This version of ransomware does not infect the computer system. It is based on JavaScript which blocks the browser and causes a huge warning message. This fake notification is very similar to the one displayed by non-encryption ransomware. Mainly, it tells about the illegal activity of the user on the internet and asks for a reward to avoid prison. Of course, this ransomware has nothing to do with the FBI, Europol, or other government authorities.

Distribution techniques and methods

False pop-up notifications. Other ransomware is distributed through fake pop-up notifications that can be seen on either illegal or legitimate websites. Most are set to report missing updates, but they can also "inform" you about a free scan that is needed to remove viruses from your system. These ads usually contain dubious legitimate names and credentials, so they can trick even the most experienced PC users into clicking on them.

Email / Phishing. An already well-known method is to distribute ransomware viruses through mass emails. In emails, attackers impersonate different companies or individuals, asking the recipient to open an attachment or access a link, once downloaded and executed, the ransomware will begin to encrypt the data.

What can you do?

  • Use an up-to-date operating system
  • Use an updated antivirus
  • Make regular copies of files and store them on offline devices (stick, portable hard drive) or cloud
  • Do not open attachments from strangers
  • Do not panic
  • DO NOT PAY! You are not guaranteed to receive the decryption key.
  • Contact an expert

https://www.linkedin.com/pulse/ransomware-john-giordani/

Wednesday, October 21, 2020

Cybersecurity: who is already using (and how) artificial intelligence

 

Nowadays, the defense of a company perimeter is a lost war: the possible flaws are too numerous, and even if we had to cover all software vulnerabilities, social engineering always provides access to those who know which strings to vibrate. Fortunately for IT security managers, the time is ripe to receive valuable help from technologies that were relegated to science fiction films up to 5 years ago: artificial intelligence.

Machine learning, deep learning, and (inappropriately) AI are not new terms in the field of information security, on the contrary ... the heuristic analysis and pattern recognition engines of modern endpoint defense systems have explored the field for years, but now things are getting more interesting, and the approaches have diversified.

A striking example of "new generation help" is IBM's Watson for Security, which is presented as an advanced tool for human analysts rather than as an autonomous defense platform.

Watson is an extremely powerful platform, but it is not a surveillance tool. Its functionalities are activated by the security manager on specific events chosen among those that are brought to his attention by SIEM. Once triggered, Watson correlates an impressive amount of data and provides the human analyst with a very complete and clear picture of what has happened, saving him weeks of work. Watson's innovation is that it behaves exactly like the homonymous doctor in Conan Doyle's books: it is a very effective assistant that then leaves the analyst Sherlock Holmes to solve the mystery.

Very different, however, is the task that Darktrace has assigned to its artificial intelligence platform. While Watson becomes part of the security software framework, installing itself partly on the company's servers, Darktrace is entirely contained in a separate computer that is connected to the existing network. For the first hours, it remains in "listening mode," in order to analyze all the traffic learning its normal flows. When its analysis model is ready, the AI begins its surveillance operation, proving to be very effective in detecting anomalies. It is very simple to install, but extremely effective in detecting all the slight deviations that are caused by an electronic attack.

But in addition to finding attacks and conducting investigations, artificial intelligence also plays an important role in the prevention of unauthorized intrusion or automated collection of sensitive information. «Our antibot systems - one of Akamai's regional manager - have stored a huge amount of data on how users type passwords and how they behave when they browse websites. This way, our artificial intelligence can verify if who is visiting a page is a human being or a robot ». A series of parameters are examined, such as the path that the mouse performs to go to click on the buttons, the changes in speed in typing passwords or the duration of clicks on links, to prevent automatic systems trying to exploit stolen credentials or to draw on databases such as records or price lists. More and more the safety of users will depend on how artificial intelligence will recognize them and less from the passwords that will be inserted.

Sunday, October 18, 2020

Non-profit organizations and Cybersecurity

Cybersecurity Risk Management of non-profit organizations is a topic not discussed in the IT industry and deserves a deepening. This sector has characteristics that strongly differentiate it from traditional profit-oriented businesses, so even IT require specific terms and conditions. 

The main peculiarity is that the standard solutions offered by the market do not provide adequate protection since for the non-profit “one-size-fits-all ” products do not work. What is needed is, instead, personalized Risk Management products and specially designed for the needs of individual organizations. 

It is not easy to find in the companies (or independent consultants) the skills needed to grasp the peculiarities of each organization and to be able to develop policies and procedures that provide total coverage. Nowadays, every business is exposed to the risk of cyberattacks, including non-profit. The most vulnerable are those who receive donations through their website, who organize online fundraising campaigns, or who have digital databases.

Non-profit organizations need to start paying attention, as smaller organizations and businesses tend to be targeted by cybercriminals due to the lack of smart and sophisticated cybersecurity technology.

There are many reasons why nonprofits are concerned about cybersecurity:

  • Non-profit sites that end in .org are often targeted by hackers because sites that end in .org are highly ranked by Google. This means that they usually appear early in search results leading to high visibility.
  • Nonprofits manage sensitive data volumes every day. Customer records, donor information, confidential emails, and hundreds of other transactions.
  • Non-profits rely heavily on donor trust, a breach of IT security can be fatal, especially for small organizations.

How concerned should non-profit organizations be in the face of recent cyber attacks and security threats?

Clark School study is one of the first to quantify the near-constant rate of hacker attacks on computers with Internet access—every 39 seconds on average—and the non-secure usernames and passwords we use that give attackers more chance of success. (It’s important to note that these are simply active efforts by cybercriminals – not all of them are successful.) Statistics show that more than 70% of non-profits have never run not even once a vulnerability assessment to evaluate their potential risk exposure.

How can we make sure that our sensitive data is secure, and how can we deceive donor fears as more and more hacking scandals come to light?

  • Invest in Cybersecurity: non-profits and associations do not fly under the cybercriminals' radar! It is always more expensive to recover from a cyberattack than it is to prevent it from happening in the first place. Non-profits with small or no IT department should outsource their cybersecurity.
  • Strong passwords and restricted privileges: avoid password reuse, use unique passwords possibly created using a password manager. regular employees or volunteers should not have administrative privileges that allow making changes to critical systems or access to confidential information.
  • Train your employees and volunteers: do not assume that everyone understands terms like phishing or ransomware. Can you recognize malicious links in emails? Develop with the help of your IT team or cybersecurity consultant, strict policies, and recommendations.
  • Online donations processing: Consider third-party alternatives to PayPal. There are reliable payment processors services specifically designed for nonprofits, such as Network for Good or Razoo.
  • Keep up with policies and privacy laws: regulations and guidance are constantly changing, non-profit professionals should be aware and informed about these changes and how they will affect the security of their non-profit data.
  • Consider cyber insurance: cyber insurance is increasingly a point of consideration for nonprofits.

Non-profit organizations provide vital services, most often operating on limited budgets. But, for the reason that they often believe that cybercriminals don’t see them as lucrative targets, they don’t invest closely as much money in cybersecurity as they should to defend themselves against cyber threats. Regrettably, this mindset doesn’t resemble reality, and all non-profits should change it as soon as possible to avoid a potentially disastrous cyberattack.


BUSINESS CONTINUITY PLAN

  What is a plan that serves as a step-by-step guide that you can follow during an emergency? A business continuity plan. Is a business cont...