Articles by tag "cyber-security"

Cyber security is the protection of systems, networks and data from attack. Cyber security audits examine the threats, vulnerabilities and risks facing your organization and addresses mitigating these risks. When assessing your cyber security there are three key areas to take into account: people, processes and technology. Thorough audits should be performed regularly not only to protect your organization but also to comply with legislation regarding protection of personal data. Digital Edge's VP of Compliance answers the most important questions regarding audits: 

• What is the difference between a cyber security audit and a cyber security assessment?
• What do I need to have in place for Incident Response?
• What if users are my Biggest Security Risk?
• Why are Cyber Security Audits Important?

You might’ve configured your email logging system incorrectly. How would you know until you got hacked? It’s fine -  you have cyber security insurance that will cover you right? WRONG. Recently, an undisclosed client experienced a major breach and was denied of their claim. Having cybersecurity insurance doesn't guarantee the safety net you might think it does -  not unless you meet the basic security guidelines.  Digital Edge’s Cybersecurity and Compliance experts are available to help you meet these standards in addition to protecting your infrastructure. 

"DFS"

Last month, many New York State Financial Institutions received their scary “Failure to File Certification of Compliance” email and were perplexed by what to do next… Don’t fear, the Digital Edge's VP of Compliance is here to answer your many many submitted questions regarding NYS Department of Financial Services Part 500 Mandatory Cybersecurity Requirements! These are the questions for this month:

• I thought I was exempt and now I’m being notified that I’m PAST DUE, what do I do next?
• Where do I find a sample Certificate of Compliance? Do I have to create my own?
• What does Entity ID mean on the portal?
• Should I file this certificate if we are not yet in compliance with all applicable requirements of Part 500?
• This law requires me to report any cyber-security breach, is there a particular time frame?
• Are all Third-Party Service Providers required to implement Multi-Factor Authentication and encryption when dealing with a Covered Entity?
• What constitutes "continuous monitoring" for purposes of 23 NYCRR 500.05?

Wi-Fi vulnerability has been of recent speculation; indicating that a hacker can exploit Wi-Fi networks. Digital Edge wants to raise awareness by sharing an article written by our friend Henry Jiang (CISO, CISSP) that covers this topic extensively. In addition, you will find the results of our conversation with a security expert who witnessed a “Proof of a Concept” of the Wi-Fi exploitation using modern white hacking approach - THE RESULT IS SHOCKING. 

Please get the full article here. 

Using cloud platforms does guarantee that customer deployments on those platforms will be automatically secured. Regardless of how advanced the security of the products is, if a customer leaves login as admin/admin - the entire deployment will be vulnerable. This admin/admin is only one very simple example, and is exactly why Equifax had its major security breach. 

Digital Edge not only suggests, but implores companies to implement security frameworks such as ISO 27001, NIST Core or SOC2.

Recently, the resumes of potential, current, and previous employees of the US Department of Defense and the US intelligence community were exposed. The documents were found on an insecure Amazon S3 bucket that was not password protected. Amazon needs a stronger third-party cybersecurity to prevent these issues, especially since it is such a large company. This can become very disastrous, for clients and Amazon if the problem isn’t fixed. To find out more information, click here!

There is a great relief for the many companies which still use legacy systems that are no longer supported by the manufacturer, as the case with Windows XP and Windows Server 2003 - Microsoft is including these operating systems in the updates to patch for the existing vulnerabilities exposed in this attack. For those customers who still have legacy systems, this is vital to protect their overall customer ecosystem.
 
Download English language security updates for: 

• Windows Server 2003 SP2 x64
• Windows Server 2003 SP2 x86 
• Windows XP SP2 x64
• Windows XP SP3 x86 
• Windows XP Embedded SP3 x86
• Windows 8 x86
• Windows 8 x64

To download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

As per all news agencies and cyber security organizations, multiple countries are under a massive ransomware attack. The ransomware spreads through Europe but specialists are sure that it will eventually spill into US. 

The Digital Edge Security Team is assessing the situation and will assist all the clients and any IT organization that require cyber security help. 
 
We feel that the threat is serious as the infection has a “hunting” functionality that is used to infect other computers that the infected computer has access to through vulnerable Windows SMB Protocol. Microsoft Windows vulnerability called EternalBlue is used by NSA tools leaked to WikiLeaks earlier. The attack might be inspired by NSA weaponry or by NSA itself.

Simply put, if a user opens a malicious email or a website on a desktop that was not patched after March 14, 2017,  there is a big chance that the user’s computer will be infected and the virus will spread inside of the organization.  

Please open a support ticket if you need immediate help at: https://www.digitaledge.net/support/
 
Please click here for more information how to protect your systems.

More and more, security organizations report cyber security vulnerabilities in devices that are not exactly computers. Those devices may include routers, video cameras, and other “internet of things” gadgets. 

It is critically important to know that your home devices with access to the internet are secured. Some of these weaknesses could be related to well-known default user ID and password combinations or whereas, some devices do not even have patching capabilities making people permanently vulnerable. 

Digital Edge is monitoring known vulnerabilities in consumer devices and notifying our friends and colleagues about such cases. 

Click here to see recent vulnerable devices.
 

The Federal Trade Commission (FTC) has announced a new web site – a single point to report Identity Theft - https://identitytheft.gov/

In many cases, reports from this site will be accepted as an official police report. 

Please see how Digital Edge’s Log Management Service can be utilized as an SIEM (Security Information and Event Management) Dashboard.

Digital Edge was engaged by a US based hardware manufacturer to implement Cisco Identity Manager and BYOD Policies. The client infrastructure is deployed in US Based headquarters, 2 offshore development offices, 2 datacenters, and AWS web services.

The project was successfully delivered and accepted in April 2017.