Connect with us

Expert Speak

New Essentials for Security Monitoring

Published

on

For a long time, SIEM solutions and Security Monitoring were synonyms in the world of Security Operations. Today it is understood that there are limitations to this thought process and there is a real need for security teams to focus on other areas as well to have trust in the monitoring that is being carried out.

Monitoring Beyond Compliance
Traditional
Even today, many organizations establish a SOC primarily to cater to the needs of compliance. If this is only what we need to achieve, then having a SIEM solution and building some basic building blocks for SOC monitoring will suffice. However, as the saying goes, “As you sow so shall you reap,” and the benefits of achieving anything substantial will be very limited. In this compliance first approach, the primary focus is on obtaining alert notifications and sending them to the right teams for their investigation. It also involves obtaining reports to support the teams for basic analysis and maintaining those reports for justifying future audits. In addition, with this approach, devices are identified for monitoring and use cases are built based on these integrated log sources.

New Age
To achieve a true security objective, the focus should be on going beyond compliance where it is absolutely important to have clear risk based use case modeling done and implemented based on business risks. Since the focus is on monitoring these business risks, it is important to look at the log source integration based on the risks and the needs of the use cases. The focus should also be to clearly shift from having all of the alerts received and instead having a good mechanism to quickly triage the alerts, investigate them, and work on only the qualified incidents. This shift in focus will also mean a shift from the regular KPI of time to notify alert or send reports. The new KPI would instead focus on the number of potential incidents investigated.

A Monitoring Paradigm Shift: The Inside Out Challenge and Big Data
Traditional
The earlier trend of finding holes in the perimeter to attack guarded targets led monitoring to watch for what is happening at the perimeter and any publicly exposed devices and applications. Most of the attacks originated from outside and hence the idea of watching the gates made a lot of sense. It also made economic sense to look at just the exposed targets rather than trying to monitor everything in the organization’s infrastructure. In other words, watching the outside made sense; however, today there is a huge paradigm shift where attacks happen from the inside and it is only the weapon that is delivered from outside. This is what I call the “Inside Out challenge.” In a sense, the inside has become what was previously outside and every attacker is now working on both delivering the weapon and attacking from the inside.

New Age
To address this inside out challenge it is not easy if we are looking at the traditional models of using the SIEM and integrating all of the possible devices. The infrastructure, both in terms of hardware and software licensing costs, makes it prohibitive for everyone to use. To have the highly skilled staff to use the infrastructure and deliver the output is not going to be easy to find in the market. The cost of retaining such a resource is a completely different story. One way to look at solving this is by using good platforms built on Big Data Analytics. Instead of receiving everything in real time, which has its own challenges, it is worth doing analysis every day on historical data, picking the anomalies, and then investigating them. When the statistics say APT need to stay in the network for a long time before they cause considerable damage, big data analytics can help predict the existence of threats much earlier. Apart from having a big data analytics platform, it is necessary to have a way to convert the successful methods used by skilled resources to identify anomalies into good models that can then be repeatedly used. This method of creating models is essential for the success of the program.

Breach Investigation – A More Effective Security Audit
Traditional
The traditional information security management systems audit focuses a lot on controls and the enforcement of the same. They also come with frequent audit programs such as internal audits and external audits to ensure the controls are in place and working.

New Age
However, the need of the hour is beyond these audits and running a Breach Investigation Audit can help. Like every other audit, it is necessary to have a program to regularly check for the possibility of an exposure to a breach in the organization and to also identify if something is happening or has happened. The program needs to be orchestrated regularly by specialists and should complement an organization’s established monitoring program. It will probably not be too long before regulations are established to ensure such audits are happening in an organization.

arun-kumar-hallurpaladionWith the huge challenges being faced by organizations in regards to Cyber Security, I believe the above mentioned aspects are some of the New Essentials for Security Monitoring.

The article is contributed by the head for Global Security Operations Centers at Paladion, Arun Kumar Hallur and the person responsible for developing cyber battlefield strategies that protect enterprises from current and sophisticated cyber threats and explains the shift of technology leading us to shift our gears to security monitoring to safeguard us from rising threats.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Expert Speak

The Pros and Cons of Choosing Between SSD and HDD as External Storage Device

Published

on

Written by Antoine Harb, Team Leader – Middle East and North Africa at Kingston Technology

As we spend longer hours online for work, school, entertainment, and other activities, more and more files are being saved in the internal hard drives of our computers every single day. Eventually, this internal hard drive will not be enough to accommodate all our files, making it all the more vital to find high-performing and secure external devices for backup and new data storage.

When it comes to external storage devices, the options include external solid-state drives (SSDs) and traditional hard disk drives (HDDs). SSDs are commonly installed into your computers as their internal storage. These days, however, a number of people are turning to SSDs to use them as their external storage as well.

The two technologies have different speeds, durability, capacity, and cost. Before buying an external storage device, it is best to determine your needs, desired specifications, and your budget. This way, you are guaranteeing that you are purchasing a device suitable to your requirements.

Weighing the devices’ pros and cons is the way to go to ensure you get the best value for your money.

External SSD vs. External HDD
Compared to SSDs, HDDs are more affordable with higher capacities. An HDD is better suited for archiving inactive and/or less frequently accessed data. With that said, however, an HDD in contrast to an SSD, is more prone to failure of moving parts that can lead to data loss. The high-capacity SSDs, on the other hand, is faster and more powerful than HDDs, thus enabling quick access to your files. With a lightweight design for portability and easy use, they are smaller in size and have better transmission speeds. They can also be relied upon if you need external storage with superior performance.

There are other benefits of using external SSDs. While known for its fast processing of a large amount of data, an external SSD operates without the distracting noise and vibration typically present when utilizing an HDD. Additionally, the shock-resistant SSD scores way better in the area of durability —the lack of moving parts allows the technology to withstand harsh environmental conditions.

But with its advanced and reliable features, the super-fast external SSD storage device costs more than the traditional HDD. If, however, you are planning to buy a faster or larger capacity SSD to upgrade your current PC storage, you can opt to recycle the old one and use it as external storage. In order to have more space, you will need to either remove the existing files or reformat the old SSD. This strategy will help you save on cost while enjoying a faster external storage product.

Furthermore, when purchasing an SSD as your external storage, you have to keep in mind that this technology is not suitable for data archiving or cold storage of data. The reason behind this is that an SSD, which is designed for everyday use, caters to those who require high-speed performance.

External SSDs and HDDs differ in many ways. They both come with pros and cons.  When choosing the right one for you, it all boils down to meeting your needs.

Continue Reading

Expert Speak

Watch Out for These Scams Targeting Amazon Customers

Published

on

Written by Amer Owaida, Security Writer at ESET

Amazon is the largest online marketplace in the world boasting over US$386 billion in revenue in 2020 with 200 million subscribers to its Amazon Prime service just in the United States. And that’s just a fraction of the whole customer base that it serves around the globe year-round. Of course, such a huge customer pool attracts cybercriminals who are looking to make a bank by scamming unsuspecting victims with a variety of tricks that they have in their arsenal of scammery.

Fake order phishing email
As with any major service, Amazon is no stranger to being spoofed or impersonated by enterprising fraudsters who are looking to dupe people out of their personal information or to access credentials to their accounts. The emails you may receive can take on various forms, however, they usually impersonate a common Amazon dispatch email, that regular customers have encountered many times over. For example, you might receive one confirming a purchase that you didn’t make and tries to trick you into clicking on various links that look like contact information to Amazon’s customer service.

These links can then redirect to something looking like the official Amazon login page, however, when you try to sign in you will have divulged your credentials to the scammer. Alternatively, by clicking on the link or attachment in the email you may download a malicious payload to your device that will attempt to download keylogging software that will try to harvest your credentials to any services you use.

Generally speaking, unless the fraudster behind the scam did an immaculate job with the counterfeit email there are several warning signs that will give it away as an attempt at phishing. If the email contains, typos, grammar mistakes, or an attachment it is most assuredly a scam. When checking out a link that you’ve received in an email, by hovering your cursor over it, check whether the address is something.amazon.com where something is one of many valid Amazon subdomains – for example, pay.amazon.com or www.amazon.com. If you suspect that you’re being phished you should contact Amazon directly, since it takes these issues seriously.

Gift card scams
Gift card fraud is another perennial problem that you can encounter. The con-artists may utilize different strategies to dupe their victims, however, the ultimate goal remains the same – trick them into purchasing and sending Amazon gift cards. Popular tactics usually include evoking a sense of urgency or pressure in order to make victims act quickly rather than give deep thought to the contents of the message or phone call.

Victims may receive unsolicited email messages or phone calls about a pressing issue involving their social security numbers or benefits and to resolve it they’ll have to pay a penalty using gift cards. Alternatively, victims may be told that a family member is in trouble and needs financial help. There are multiple scenarios at play where fraudsters can also impersonate Amazon itself, claim to be someone from the management of the victim’s employer, you name it.

However, fortunately, most of these scams can be uncovered quite easily if you keep a cool head. Government officials will never ask you to pay a fine or penalty with a gift card, so you can be 100% sure that if you get such a request it’s a scam. As for the rest of the scenarios, to verify the claims you just need to call your family member to see if they’re in trouble or the person from your company that requested the gift cards. And of course, it goes without saying that you should contact all of the aforementioned people or institutions through the verified official channels.

Payment scams
Payment scams come in many shapes and sizes, and while the form may differ, in the end, the scammers behind them are after only one thing – the contents of your bank account. There are multiple ways that this can occur. One tactic that is often utilized is trying to convince you to pay outside Amazon’s secure platform. The crooks will try to lure you in various ways by offering a discounted price, for example, however, if you relent, the most probable outcome is that you’ll both lose your money and won’t get the product.

And additionally, you won’t be able to lodge a complaint with Amazon since you paid the fraudulent charges outside the confines of their platform. Other flavors of payment scams to watch out for include paying to claim a prize that you’ve supposedly won or to a seller whose identity you can’t verify, and avoid offers that seem too good to be true or that you find suspicious.

The obvious advice, in this case, is to stick to Amazon’s platform for all orders and payments. Even the company itself warns against sending money outside the confines of its platform: “Don’t send money (by cash, wire transfer, Western Union, PayPal, MoneyGram, or other means, including by Amazon Payments) to a seller who claims that Amazon or Amazon Payments will guarantee the transaction, refund your funds if you’re not satisfied with the purchase, or hold your funds in escrow.”

Dodgy phone calls
Sometimes scammers will resort to more “analog” means to try and hoodwink their victims – fake support calls. The content of the calls might vary, however, they often sound like a pre-recorded message impersonating Amazon claiming it has registered something wrong with your account, something that would pique your interest – a fishy purchase, lost package, etc.

According to a warning issued by the United States Federal Trade Commission, the message will then either inform you to press 1 to speak to a customer support agent or give you a number to call back. If you engage in conversation, the scammers will most likely try to wheedle sensitive data out of you like your personal information or your payment data.

The most sensible thing to do, before going into full-blown panic mode, is to check if there is anything suspicious going on by contacting Amazon through the direct channels listed on the support section of their website. The company does acknowledge that in some cases it may make outbound calls but it will never ask customers to reveal any sensitive personal information in order to verify their identity.

In summary
When it comes to online shopping and its related activities the saying “trust but verify” remains as true as ever. To sum it up, most of the scams can be avoided if you remain vigilant, curious, and keep your wits about you. If you receive any unsolicited emails be extra careful to verify their provenance and never divulge personal sensitive information to anyone claiming to be a “customer support representative or agent”.

Continue Reading

Expert Speak

Create a Ring of Security Around Your Home

Published

on

With an app and a couple of gadgets, technology can provide peace of mind in the toughest of times – whether you’re at home or away, says Mohammad Meraj Hoda, vice president of Business Development – Middle East & Africa at Ring

Over the last year, we have learned that there’s no such thing as a predictable routine. Even as UAE authorities do their utmost to prevent the spread of the coronavirus, once-mundane everyday schedules can easily be disrupted by abrupt school closures, sudden quarantines or even an endless procession of deliveries of all kinds. At times when it can all get a bit too much, an extra layer of security can offer peace of mind.

But when you can’t bring in new household help with visa and travel restrictions, technology can do your bidding instead. Indeed, technology is now so far advanced that with a couple of installs and a few quick tweaks, you can protect your home inside and out. With a video doorbell, indoor cameras around the house, and an app, you can create a ring of security around your home within a few minutes.

When you choose a single brand of products, such as Ring, the appliances can easily work together, and best of all, everything can be monitored from your smartphone – even if you happen to be elsewhere physically. As UAE residents have become more alert to visitors and the risks accompanying them, convenience and safety are more important than ever. This is where Ring’s bouquet of products can help.

Video Doorbells Help Everyone
Since they were first created in 2013, video doorbells have proved their worth repeatedly in many different situations around the world. From a bear trying to open a car door to meteors flying through the skies, they have captured a number of untoward and unwanted visitors around the world. Products such as the Ring Video Doorbell 3 are activated by motion around your front door and begin recording events within their line of sight. Because Ring video doorbells connect to the internet via your home Wi-Fi system, this video feed can be set to be livestreamed straight to your phone, or you can access it later.

Even if you are at home, there is no need to go to the door. You can see who your visitors are from your smartphone. With the Ring Video Doorbell 3, you simply tap on the alert to check who’s at the door and even communicate with them. Even if you are at home, you can safely keep your distance from visitors, and if necessary, ask them to leave packages at your door.

Indoor Cameras Offer Peace of Mind
Meanwhile, for family-focused people who are away in the office or at an event outside the home (perhaps even in another emirate!), an indoor camera provides the assurance that no untoward incidents have taken place at home. Perhaps you want to chat with those who are at home, verify if your teenage kids are getting to their homework, or if your cat has been playing up while you’re away. A quick check is easy with a compact indoor camera such as Ring’s new Indoor Cam, which slots unobtrusively into small spaces around the home.

This clever new device makes it easy to speak with older family members or see if school children have reached home. Between the indoor cameras and the outdoor doorbell camera, you can easily keep an eye on every corner of your home from anywhere. In addition, with Ring’s Protect Plan, it’s easy to add an extra layer of security to your home.

Although life has become more challenging on so many fronts, technology can help the stresses of living through these strange times. A little planning and a few moments’ work can go a long way to securing peace of mind for everyone at home.

Continue Reading
Advertisement
Advertisement
Advertisement
Advertisement

Latest Reviews

Follow us on Facebook