by Rebeca | Dec 7, 2022 | cybersecurity, soffid
Cybersecurity Trends in 2023
According to a report recently published by the insurer Hiscox, cyberattacks in Spain have an average cost per company of 105.000 euros, almost double compared to 2020, which was 55,000 euros. The cost per company reaches, on average, 78,000 euros worldwide.
The reputational damage must be added to the economic cost, becouse a security breach can cause reluctance or fear among users and clients when hiring their services.
Today we share the trends in cybersecurity in 2023.
Businesses will continue to fight phishing, ransomware, and DDoS. Remote work is here to stay, along with the security risks that come with it. Unshielded home networks, untrained employees, and the absence of a cybersecurity culture will pose a serious threat to organizations unless they take the proper precautions. A new geopolitical reality. The ongoing war, coupled with the energy crisis, may result in attacks on critical energy infrastructure.
Security Practices improvement
The CISO is responsible for setting the strategy, but cannot implement that strategy if there is no buy-in from other areas of the organization. It is up to the members of each department to apply the controls that the security team recommends or requires. This disconnect between the expectations of the security team and the actual implementation is where things fall apart. In 2023, organizations will look to solve this problem and place more departmental emphasis on implementing security best practices.
Businesses will address ransomware threats from several ways, from improving cyber skills by working with the security team, to the right security tools such as multi-factor authentication, and training courses. Zero-trust architecture investment to validate access and improve security will increase.
Transparent Cybersecurity with customers
The way companies interact and communicate with their customers will need to change in 2023 as the public becomes increasingly aware of ransomware threats and data privacy issues.
As data breaches become increasingly public, rather than trying to downplay or hide the incident, organizations will need to admit the problem and provide details about the steps they are taking to mitigate the problem and prevent future breaches.
Customers will appreciate this honesty and will be more likely to do business with companies that are open and transparent about their cybersecurity practices.
Visibility and security of connected devices
Leading organizations will target connected device cyber practices by establishing or updating related policies and procedures, updating inventories of their IoT connected devices, monitoring and patching devices, refining device acquisition and disposal practices with security in mind , correlating IoT and IT networks, monitoring connected devices more closely to further secure those endpoints, manage vulnerabilities, and respond to incidents.
Supply chains threats
Today’s hyper-connected global economy has led organizations to rely heavily on their supply chains, with threats evolving in complexity, scale, and frequency, so organizations will continue the drive to innovate and mature their transformation capabilities. risk and security.
Organizations are focusing on implementing and operating identity and access management (IAM) and Zero Trust capabilities that better enforce authorized third-party access to systems and data, and reduce the consequences of a compromised third party.
Shall we talk?
by Rebeca | Feb 3, 2021 | News, Resources
Cybercriminals are constantly seeking to take advantage of your computer security vulnerabilities.
The move to remote-first has underlined the increasing reliance on cloud and web technologies while also confirming what the software development world has known for at least a few years: that web-only is finally a viable option.
While the goals of these cybercriminals may vary from one to the next (political motives, monetary gain, or just for kicks/prestige), they pose a significant threat to your organization.
Part of protecting your business against modern cyber threats is being aware of the different types of vulnerability that might put your network at risk—and then securing those weaknesses before an attacker can use them. What are some common network security vulnerabilities, and how can you counter them?
IT security pros have never faced more threats, whether it’s from the huge increase in remote work. While there will always be new holes to plug, security vulnerabilities usually stem from the same few causes: unpatched vulnerabilities, misconfigurations or user error, and even the most tech-savvy companies are vulnerable to these mistakes.
Here are some of the most common IT security vulnerabilities. By taking a proactive stance against the most common cyber vulnerabilities and security misconfigurations, you can prevent many cyber attacks from happening.
- Missing Data Encryption. When your data is not properly encrypted before storage or transmission, your vulnerability to a cyber threat increases.
- OS Command Injection. OS command injection, or shell injection, happens when an attacker executes operating system (OS) commands on your server while it’s running an application. This vulnerability can be used to prey upon other parts of your infrastructure to gain deeper reach into your organization. It is typically caused by incorrect or complete lack of input data validation.
- Buffer Overflow. Most software developers understand the threat posed by buffer overflow. Even still, the occurrence is common because of the wide variety of ways buffer overflows can occur, and the error-prone techniques often used to prevent them.
- Missing Authentication/Authorization. This vulnerability is due to insufficient authorization or authentication limitations. Attackers step in to take advantage where weak authentication or privilege limitations exist.
- Cross-Site Scripting And Forgery. CSRF, also referred to as XSS, XSRF, Sea Surf or Session Riding, tricks a web browser into executing an unwanted action. When it works, CSRF can impact both the business and its use.
- URL Redirection To Untrusted Sites. Redirects can leave the door open for attackers to drive users of your application to an untrusted external site, creating security issues for your user and leaving your reputation at risk.
- Path Traversal. Directory traversal (also known as file path traversal) is a common vulnerability that allows a potential attacker to read files on the server that is running your application, such as code and data, credentials for back-end systems and sensitive OS files.
- Poor password policies. Brute force attacks do no longer try to attack an account with thousands of passwords. Instead, they try to login to thousands of accounts with two or three common passwords, like abc123 or your company name plus the year number, and it’s likely to succeed in most cases.
- Unused accounts: keeping inactive accounts enabled increases the attack surface. It’s important to disable or remove accounts of former employees or contractors.
Vulnerability assessment, scanning, penetration testing and patch management are important steps for controlling vulnerabilities. They should be conducting regularly, if not continuously.
Misconfigured web servers and applications make easy targets for hackers to exploit. Misconfigurations can happen at any level of the tech stack – from your web server to its database to your framework or virtual machines. Cybercriminals take advantage of security misconfigurations through unauthorized access to default accounts, rarely accessed web pages, unprotected files and folders, directory listings, etc.
There is a relatively high chance that some security misconfigurations exist in your system at this very moment. If you want to see how common they are, just see this white-hat hack of Apple from a few months ago. Businesses that use a hybrid approach of in-house and cloud environments can experience the highest level of risk exposure. Keeping a careful watch for security misconfigurations during the frequent updates is an essential factor for protection. Visibility and attention are key.
Common Types of Security Misconfigurations
These are some common misconfigurations that security and IT teams should be on the lookout for:
- Applications and products under production phase in debug mode
- Running unwanted services on the system
- No proper configuration for accessing server resources and services
- Leaving default keys and passwords as is
- Incorrect exception management—can disclose unauthorized data, including stack traces
- Using default accounts with default credentials
Keep your identities information clean and safe. Getting a good quality for identities data is critical nowadays.