Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label National cyber security strategy. Show all posts
United States
cyber rules Cyber Security Cyber Security awareness Cyber Security News National cyber security strategy United States

TSA: New Cybersecurity Directives Issued for US Passenger and Freight Railroad Carriers

 

The Transportation Security Administration (TSA) has recently announced a new cybersecurity security directive. The directive is issued in order to improve the cybersecurity of railroad operations and regulate passengers and freight railroad carriers. 
The TSA announcement demonstrates the Biden-Harris Administration’s commitment to strengthening the cybersecurity of U.S critical infrastructure. The security directives will further improve the nation’s railroad operations’ cyber security preparedness and resilience, building on the TSA's work to fortify defenses in other modes of transportation. 

Why are the new directives important?  


The latest measures are taken by US officials following the series of ransomware attacks and hacking incidents in the past years.  

In 2016, San Francisco Municipal Transportation Agency was targeted by a ransomware attack, which caused administrators to disable ticketing machines and turnstiles for metro stations for a weekend. 

Last year, the US witnessed the disruptive potential of a cybercrime incident, where a major pipeline company had to halt its operations for days following a ransomware attack. 

The new TSA directive instructs rails companies to report hacking incidents to the Department of Homeland Security, having a strategy in place to prevent a cyberattack from affecting their business operations. 

The directive essentially focuses on creating access controls to prevent unauthorized access to critical systems.  

The operators must ensure that these systems are constantly monitored and detected by policies and procedures. Additionally, they must also make sure that the operating systems, applications, drivers, and firmware of the critical systems are patched and up to date. 

About the new directives, TSA Administrator David Pekoske said, “The nation’s railroads have a long track record of forward-looking efforts to secure their network against cyber threats and have worked hard over the past year to build additional resilience, and this directive, which is focused on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack.” 

“We are encouraged by the significant collaboration between TSA, FRA, CISA and the railroad industry in the development of this security directive.”  

As per Anne Neuberger, a senior White House official, the US officials are also working on cybersecurity measures for the water and healthcare sectors. Alongside regulations for the communications sector, including emergency warning systems are also underway.
Read more »
National cyber security strategy
Cyber Security Cybersecurity Indian Cyber Security Insider Threat National cyber security strategy

Imperva: Majority of Indian Organisations Don't Have a Strategy for Stopping Insider Threats Despite Growing Risk

 

New research from Forrester (commissioned by Imperva) has found that three-quarters (74%) of APAC organisations do not have an insider risk management strategy or policy. In India, it is 69%. 
 
This approach is at odds with today’s threat landscape where the risk of malicious insiders has never been higher due to the rapid shift to remote work and ‘The Great Resignation’. The research backs this up, with insider threats being the cause of the majority (58%) of incidents that negatively impacted sensitive data in the last 12 months. 
 
Other key findings of the report include: 
 
· The majority of APAC respondents blame lack of budget (41%) and internal expertise (38%) 
 
· The main strategies being used to protect against insider threats are encryption (54%) and periodical manual monitoring/auditing of employee activity (44%) 
 
New research, commissioned by Imperva and conducted by Forrester, found that the majority (58%) of incidents that negatively impacted sensitive data in the last 12 months was caused by insider threats, and yet more than half (59%) of APAC organisations do not prioritise insider threats the way they prioritise external threats. 
 
“This approach is at odds with today’s threat landscape where the risk of malicious insiders has never been higher,” says George Lee, Vice President, Asia Pacific and Japan, Imperva. “The rapid shift to remote working means many employees are now outside the typical security controls that organisations employ, making it harder to detect and prevent insider threats. 
 
“Further, ‘The Great Resignation’ is creating an environment where there is a higher risk of employees stealing data. This data could be stolen intentionally by people looking to help themselves in future employment, or it could be taken inadvertently when an employee leaves the organisation.” 
 
Why are organisations not prioritising insider threats? The majority of APAC respondents blame lack of budget (41%) and internal expertise (38%), but other problems abound. A third (33%) of firms do not perceive insiders as a substantial threat, and 24% say their organisational indifference to insider threats is due to internal blockers such as a lack of executive sponsorship. In fact, three-quarters (74%) of APAC organisations do not have an insider risk management strategy or policy, and 70% do not have a dedicated insider threat team. 
 
Previous analysis by Imperva into the biggest data breaches of the last five years found one quarter (24%) of these were caused by human error (defined as the accidental or malicious use of credentials for fraud, theft, ransom or data loss) or compromised credentials. 
 
APAC firms are prioritising external threats over insider threats, despite the fact that insider events occur more often, says Lee, “Insider threats are hard to detect because internal users have legitimate access to critical systems, making them invisible to traditional security solutions like firewalls and intrusion detection systems. This lack of visibility is a significant risk to the security of an organisation's data. That is why leaders need to focus on the potential threats lurking within their own network.” 
 
The main strategies currently being used by APAC organisations to protect against insider threats and unauthorised usage of credentials are encryption (54%) and periodical manual monitoring/auditing of employee activity (44%). Many are also training employees to ensure they comply with data protection/data loss prevention policies (57%). Despite these efforts, breaches and other data security incidents are still occurring and more than half (55%) of respondents said that end users have devised ways to circumvent their data protection policies. 
 
“If your organisation hasn’t created a focused strategy to adequately address insider risk, this needs to be a priority for 2022. An effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behaviour, but also filter through the large number of alerts and eliminate false positives. Also, as protection of a companies’ intellectual property begins at the data layer, a comprehensive data protection plan must include a security tool that protects the data layer,” says Lee. 
 
According to Imperva, organisations looking to better protect against insider threats should take the following steps: 
 
● Gain stakeholder buy-in to invest in an insider risk program. Insider risk is a human problem, not a technology issue, and must be treated as such. It is also a risk that cuts across all parts of the business. Therefore it is important to get senior executives from across the company to endorse and support the insider risk program for it to be successful. Start at the top to gain buy-in and sponsorship, then engage with leaders from HR, Legal, IT, and other parts of the organisation. 
 
● Follow Zero Trust principles to address insider risk. Following a Zero Trust approach helps protect data and users while limiting the ability of insiders to use sensitive resources not required by their function. 
 
● Build a dedicated function to address insider risk. Since insider risk is a human problem and very sensitive in nature, it requires dedicated resources. These may be part of the security team or, better yet, a separate dedicated function. Either way, this team needs a specific mandate for insider risk and training to recognize and respond to insider threats. 
 
● Create processes for your insider risk program and follow them. The sensitivity of insider risk and its associated privacy concerns require that strict policies are implemented and followed. Treat every investigation as if it will end up in court and apply policies consistently. 
 
● Implement a comprehensive data security solution. A complete solution goes beyond DLP to include monitoring, advanced analytics, and automated response to prevent unauthorised, accidental, or malicious data access. The technologies you deploy should support the processes you’ve created and the mandate for your insider risk function. Your organisation will see cost savings and a reduction of risk from business impacting security events. 
 
Read more »
United States
Cyber Security Cyber Security News National Cyber Security National cyber security strategy Russia United States

United States rejected Putin's offer to cooperate on cybersecurity

The US authorities for the first time publicly responded to the proposal of Russian President Vladimir Putin to resume cooperation in the field of international information security. US Assistant Attorney General for National Security John Demers called the Kremlin's initiative "nothing more than false rhetoric, cynical and cheap propaganda.” And Secretary of State Mike Pompeo said that Russia is dismissive of public security and international stability in cyberspace.

On September 25, Vladimir Putin invited the US authorities to resume cooperation in the field of international information security, which began in 2013 but was frozen due to disagreements over Ukraine and Russia's alleged interference in the 2016 US presidential election.

The President of the Russian Federation then stated that the dialogue in the cyber sphere should not be a "hostage" of political disputes, and proposed a four-point program for restoring cooperation.

In a statement, the Russian President said that "the risk of a large-scale confrontation in the digital sphere is one of the main strategic challenges of our time." "Special responsibility" for preventing cyberwarfare lies, as the Kremlin said, "on key players in the field of international information security," that is, primarily on Russia and the United States.

On October 7, in an interview with the Russia TV channel, Vladimir Putin complained that there was no response to his proposal from the United States. "Unfortunately, as with a number of our other initiatives, there is no response to this, I believe, very important topic, although there are continuing complaints against us about our hyperactivity in the information sphere, interference in elections there, and so on, which have absolutely no basis,” said Mr. Putin.

Read more »
Vulnerability
Coronavirus Cyber Security National cyber security strategy Vulnerability

The Union Government To Come Up With National Cyber Security Strategy 2020

National Security Adviser Ajit Doval announced that the Union government is set to come up with National Cyber Security Strategy 2020 for guaranteeing a safe, secured, trusted, and resilient cyberspace. 

The proposed strategy toward uniting all cybersecurity agencies for making sure about, reinforcing, and synergizing the cybersecurity ecosystem by closely connecting with businesses, citizens, and beyond.

That endeavors were being made by adversaries to exploit the crisis in the wake of the pandemic through different misinformation, fake news, and social media campaigns. 

"For our adversaries, the huge data floating around in cyberspace is a goldmine for extracting information to undermine the privacy of our citizens and add to the vulnerability of protecting data of our critical information infrastructure, “Mr. Doval said.

He said that phishing campaigns utilizing the Coronavirus theme targeted banks, defence, and critical infrastructure during this period. 

Mr. Doval drew attention to how various conspicuous UPI IDs and web portals were produced while fake Arogya Setu applications propped up to misuse individuals' data only hours after the Prime Minister announced the launch of the PM Cares fund. 

He stated, "Malicious domains and websites to the tune of around 5,000 were registered in a short span of time. We have also witnessed an increase of 500% in cybercrime owing to people’s limited awareness and poor cyber hygiene. Financial frauds have also increased tremendously owing to the increased reliance on digital payment platforms...”

He regretted that absence of indigenous digital solutions like information-sharing facilities and social media platforms had antagonistically influenced the country's self-reliance and cybersecurity. 

He encouraged new start-ups to think of solutions linked with the nation's requirements and build-up ability to guarantee that the country's critical cyber assets were being monitored by skillful native professionals in resonance with the Prime Minister's take for Atmanirbhar.

Read more »
National cyber security strategy
Cyber-security Economic crisis Ireland National cyber security strategy

Warning! Ireland's National Cyber Security Strategy; Fight Against Cyber-Crime


Ireland is all set to fight cyber-crime with its recently updated “National Cyber Security Strategy” which is way ahead of the last one the nation had.

This security strategy is just a way to meticulously ensure that the Irish netizens fully enjoy their digital rights and contribute to the internet society.

Per sources, the report cites that any minor or major cyber-attack on the multinational titans of the technological world could directly harm the security of data centers of the county.

The nation’s economic as well as political future depends on its cyber-security. The forthcoming Irish elections could be hindered easily if it were left to un-secure cyber-points.

Per reports, Ireland happens to hold more than 28% of the European Union’s data which in turn, in turn, is the headquarters of numerous big-time technology companies across the globe.

Hence, it is of the utmost importance to keep the country’s networks and devices essentially secured and tight against cyber-attack which is the aim of the Irish “National Cyber Security Strategy”.

If any of the prestigious institutions were to be even slightly compromised it would pose a direct threat to the business encompassed within the EU which in turn could lead to an economic disaster.

Ireland has never been too strong in terms of its cyber defense tactics and strategies as proven by the various attacks it has faced over the years.

Allegedly, the Cyber Security Strategy clearly mentions the challenges the Irish government faces especially regarding sensitive information.

Earlier the concepts of cyber-security were restricted to devices and networks that functioned on the internet wherein the targets could have been technology giants or other individuals.

But ever since the diaspora of the cyber-world and the evolution that it’s enjoyed ever since there are more serious matters that need attention like the electoral processes and other legislative tasks that need excessive secure conditions.

Irish military infrastructure, public sector security, the Irish political processes and almost every other thing that requires interconnected networks and devices, are all strong at the mercy of a safe and secure cyber environment.

Therefore it’s imperative for the nation to completely and effusively realize every single part of the strategy to their utmost capacity.
Read more »
Subscribe to: Posts (Atom)