The Next Phase of Cybersecurity

From the usage of anti-money laundering software all the way to endpoint security, the enterprise space is always preparing for the next attack. Recognising the fact that as much as you train and prepare your organisation, adversaries will also continue to advance can be anxiety inducing. Yes, organisations lose billions every year to fraud and the beginning of 2021 was met with a huge influx in cybercrime, but it's the methods that the adversaries are using that is truly concerning. Social engineering is a method used by adversaries in the cyberspace that works by gaining the trust of their target. By impersonating a colleague, bribing or blackmailing the victim or even just assuming the voice of an authoritative figure, adversaries are coercing employees into cooperating and, potentially, into wiring money to them. It's psychological warfare and it's not slowing down; social engineering attacks make up 98% of attacks every year, so what can you do to prevent it?Educating us in this episode of The Next Phase of Cybersecurity is Greg Hancell, Senior Manager Fraud Consultancy a OneSpan. Greg details to us the use of automation in fraud operations, how AI is saving banks and what current methods an adversary might use in conducting a social engineering attack.

When it comes to using a cybersecurity product, relying on new technology has often been seen as the primary objective. What cybersecurity experts are starting to realise, however, is that technology by itself has limitations; the perfect combination actually comes from having good technology and skilled professionals who know how to use it. Many security technologies rely on an alert basis; a method that notifies professionals to investigate problems as and when they appear. The problem with this is that, according to Arctic Wolf, 44% of security alerts are actually not investigated. What cybersecurity solutions do I need to know about?Threat hunting is, as our guest today points out, the method of "proactively identifying malicious activities or security concerns within an organisation." This means that malicious activities could have previously been detected or maybe the hunter is looking for threats before they have even made their first appearance. In fact, the method of being anticipatory when it comes to cybersecurity has always proved to be more effective than being reactionary. Our guest today is Christopher Fielder, Director of Product Marketing at Arctic Wolf. Christopher takes us through the steps of incorporating threat detection in your organisation, what the fundamental misconceptions are about threat hunting and how it can save your business more than it costs. 

Cybersecurity has revolved around several different methodologies over the last decade, but the arguments for and against using an approach based on "Indicators of Compromise" remain prevalent to this day. Relying on the top indicators of compromise, or IOC, depends upon finding threats as and when they appear. New methodologies incorporate a slightly more anticipatory model, however; Indicators of Behaviour, or IOB, work to understand the common signs that could potentially lead an organisation to be struck by a cyber attack.Having a firm understanding of these topics is essential for any CISO or anyone involved in the security field, however it can be time consuming. That's why, on this episode of The Next Phase of Cybersecurity, we have interviewed Richard Walters, CTO at Censornet. Using his expertise, Richard walks us through the detailed differences between IOB and IOC, the ROI organisations could see from implementing an IOB based approach and how to implement the switch from IOC to IOB. 

Since the Facebook-Cambridge Analytica data scandal of 2018, the populous has become so accustomed to data mismanagement and even data leaks that it no longer makes the headlines. In fact, even in 2021 Facebook faced scrutiny for a data leak that revealed over 530 million people's private information, in some cases including phone numbers. Of course, legal action has been taken by individual bodies but, as many experts point out, tech giants such as Facebook and Google have the monetary capacity to hire complex legal teams that allow them to navigate around GDPR and other data violations. Data leaks are now being normalised, which causes more risk to both individuals and even organisations. The latest development comes under the bracket of 'data scraping'; a controversial topic in the technology industry.Data scraping is, in its essence, a technique that allows a computer to extract data from an output that's generated by another program. Now, data scraping in its core form is not necessarily harmful but the risk of leaks that occur from data scraping, or the purpose of data scraping, raises a lot of questions. Joining us in this episode of The Next Phase of Cybersecurity is Derek Taylor, Lead Principal Security Consultant at Trustwave. In this podcast, we explore some of the reasons why data scraping is so alarming to cybersecurity experts, how user's privacy calculus around data disclosure decisions are being manipulated, the 'privacy paradox' and reversing the normalisation of data leaks.

Implementing the best software security practices in 2021 is an absolute minefield when there are varying different softwares and technologies that all seem to be promising the same thing. For many application developers, the use of open-source libraries grants them greater freedom when developing their apps but simultaneously leaves them vulnerable. Application security remains a corner stone of the app development world, but so few developers take it as seriously as they should. In a recent open-source edition of Veracode's State of Software Security Report, it was revealed that a shocking 70% of applications have a security flaw in an open source library on initial scan. Beyond this being a flaw within some open source software, one of the most striking statistics is that ‘79% of the time, developers never update third-party libraries after including them in a codebase'. This calls for stronger security within application security, but what steps can developers take in order to ensure the longevity of application security?In this podcast, we speak to John Smith, Manager, Solutions Architect, EMEA and APAC at Veracode. John takes us through some of the findings from this report, the vulnerabilities within open source software, the needed steps to improve application security and what awaits in the future.

Building your career and starting a cybersecurity job comes with its perks, but it of course comes with its difficulties and shortcomings. Some people cite that the career can often result in low pay based on the amount of labour that's put in, while others find the career attractive but are unsure at what level to start with. One of the biggest problems facing organisations today is the lack of cybersecurity professionals available, and it absolutely could be to do with the drawbacks of having a cybersecurity job. There are other arguments to be made, however, most notably that the cybersecurity field changes with every month. New adversarial technologies and approaches plague organisations, and having someone that is fully equipped and trained to deal with these challenges is a nightmare. According to The New York Times, there will be over 3.5 million unfilled cybersecurity jobs by the end of 2021, so what can be done about it? Joining us in this podcast are Samantha Humphries, Head of EMEA Marketing and Security Strategy at Exabeam, and Phil Jackman, Director of Dynamo North East. They will be exploring the necessities of networking for cybersecurity professionals, the steps that need to be taken to encourage more cybersecurity professionals and the difficulties facing the career today.

Within any sector, the automation of processes comes with technological, social and skill-gap orientated challenges, but cybersecurity really takes the cookie. The adoption of automation has certainly been widespread, with 95% of correspondents stating that they have automated some of their processes, but it always comes with challenges.According to a report by ThreatQuotient, only 8% of correspondents had not encountered any problems when automating their cybersecurity processes. If cybersecurity automation is proving to be so flawed, why should organisations adopt it as a methodology?Improving the Automation of Processes Within CybersecurityWithin cybersecurity, the automation of processes provides technologies with a mind of their own, allowing them to intercept problems without having to rely on the variables that humans are usually compromised by. Beyond this, adversaries themselves often use automation as a way to hack into endpoints. In order to keep up with the pace of adversarial technologies and approaches, organisations are going to have to fight fire with fire. When you adjust your cybersecurity approach to include the automation of processes, cybersecurity technologies ramp up their speed in dealing with these issues. Becoming faster, and inevitably more furious, is ultimately the primary goal of threat interception.How do senior-level professionals feel about cybersecurity automation?While the vast majority of senior-level security professionals (77%) believe that automation is important, that same 23% are still struggling to see the benefits it would bring. This makes the automation of processes a rather difficult task for many entry-mid-level employees that have a stronger understanding of what will benefit their business. That said, the vast majority of  experts who are automating have strategic reasons for doing so. 34% of correspondents, for instance, stating that automation was essential for improving or maintaining security standards while 31% implemented it to improve efficiency and productivity. In this episode of The Next Phase of Cybersecurity, Leon Ward, VP of Product Management at ThreatQuotient, walks us through the best way to overcome the technological challenges of implementing automation, the types of processes that are being automated in 2021 and why there is a lack of trust in STEM in the current digital landscape.

Year on year, cybercriminals are expanding their attack toolkits and coming up with different ways to cause disruption across the enterprise. However, according to cybersecurity experts, deceptive technology can be used to effectively intercept these crimes. Investigating this destructive attack vector in this week's episode of the Next Phase of Cybersecurity is Carolyn Crandall, Chief Security Advocate at Attivo Networks. Carolyn was first featured on the EM360 Podcast to talk about deception technology and its ability to turn the table on attackers. This time, she is here to set out how to disrupt attackers' toolkits and ultimately render them powerless.

Ensuring quality automotive products in the age of cyber crime is becoming harder and harder due to the amount of endpoints that can easily be compromised within the supply chain. Regardless of where you sit within an organisation, with the increase of hybrid working and remote work, risks of ransomware still remain at large.CyberAngel recently released a report that stated that there are vulnerabilities in Ford, Volkswagen, and Tesla Advanced Driver Systems. Furthermore, a semiconductor shortage has made profit tighter and production more difficult. If that's the case, how can we know that the products are truly reflective of quality automotive standard? What vulnerabilities in their supply chains will end up affecting the consumer and how stable are the companies that are producing quality automotive vehicles?According to this same report, 1 in 10 employees have exposed publicly accessible credentials available online. Joining us on this episode of The Next Phase of Cybersecurity is Pauline Losson, Cyber Operations Director at CybelAngel. In this episode, we will be exploring topics such as:Why automotive industries in particular are vulnerable to leaked credentialsHow you can ensure a strong cybersecurity strategy within your organisationThe best way to prevent credentials from being leaked onlineThe trends across North America and Western Europe.You can also find this podcast on Spotify and Apple Podcasts under "The Next Phase of Cybersecurity."

Testing application security challenges is essential to ensure that we are moving forward with cybersecurity technology, however many organisations are still unable to identify the key challenges within their infrastructure. As with most facets of life, many organisations are still rooted in traditional attitudes; they previously invested in one approach to security and they are skeptical of rocking the formula. IT environments have, however, evolved dramatically over the last decade and organisations have moved beyond cloud migration programs and are now overhauling their applications in cloud-native ecosystems. These changes have led to strives in innovation, while also leaving space for vulnerabilities. This is where organisations need to start testing application security and building a more robust framework to protect their applications.In this podcast, Head of Content Max Kurton talks to Andreas Lehofer, Chief Product Officer at Dynatrace. Andreas runs us through:How to get a transparent view of application securityHow to avoid consistent, distracting security alertsThe rate of evolution of IT environments in 2022.

In this podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, joins Mackenzie Jackson, Developer Advocate at GitGuardian,to explore Secrets Sprawl or the phenomenon of (unwanted) secrets distribution across Git repositories and DevOps tools.

Andy Ramgobin, Principal Technology Evangelist at Technimove, talks about the Science of Cyber Security & Cyber Resiliency Periodic Table and how enterprises can fully understand the digital threat landscape

CIAM enables organisations to securely capture and manage customer identity and profile data, as well as control customer access to certain applications and services. Usually providing a variety of features including customer registration, self-service account management, and 2FA/MFA, the best CIAM solutions ensure a secure and seamless customer experience. But how can enterprises hit a balance between security and customer friction?In the first of two EM360 analyst podcasts with Beyond Identity, Chief Research Analyst at IT-Harvest, Richard Stiennon speaks to Jing Gu, Senior Product Marketing Manager, about the role CIAMs play when it comes to managing end-user activities.

Cyber risk intelligence is critical for businesses that operate in the digital world. It is the collection, evaluation, and analysis of cyber threat information by those with access to all-source information. Like other areas of important business intelligence, cyber threat intelligence is qualitative information put into action to help develop security strategies and aid in identifying threats and opportunities. In the episode of the EM360 podcast, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Caitlin Gruenberg Director, Risk Solutions Engineer at CyberGRX as the pair explore: Third-party cyber risk management vs self-assessmentsCyber risk intelligence in the wake of huge, high-profile breachesThe meaning of a true risk exchange

Cyber insurance helps to provide critical cover for those who need protection against digital threats.While businesses are responsible for their own cybersecurity, liability coverage can help provide crucial support to help them stay afloat when the worst happens.This includes the costs of investigating a cybercrime, recovering lost data and restoring of the systems. It can even recoup the loss of income, manage reputation, and notification costs if required to notify a third party.In this third episode of a three-part series with Sophos, Senior Director Nicholas Cramer talks to Dr Eric Cole CEO and Founder of Secure Anchor Consulting about:The current state of cyber insuranceDifficulty in getting policiesHow to better position your EDR and MDR

When it comes to cybercrime and cybersecurity threats, social engineering attacks are unique in the way that they rely on human error versus software and operating system vulnerabilities. This is because as technological defenses become more and more robust, cybercriminals are increasingly targeting the weakest link in the chain: people. Using a variety of means both online and offline, unsuspecting users can be conned into compromising their security, releasing sensitive information or even transferring money. Secureworks Adversary Group, a security consulting department within Secureworks, walk-us through various social engineering scenarios used during their attack simulations.In the third episode of this three-part podcast with Secureworks, our host Dr Eric Cole the Founder and CEO of Secure Anchor Consulting will be talking with Ben Jacob, Technical Lead at Secureworks, about: Social engineering attack techniques and their lifecycleHow phishing, vishing, and spear-phishing impact industries from a social engineering standpointWhat can companies offer from a training and education standpoint to help mitigate these risksValue of XDR in detecting suspicious user behaviour

In 2021, more than half of all widespread threats began with a zero-day exploit that was targetted by threat actors before vendors could even make patches available. With security teams now being put under immense pressure, what can organisations do to help secure their online presence against modern cyber threats?In this episode of the EM360 podcast, Content Producer Matt Harris talks to Caitlin Condon, Vulnerability Research Manager at Rapid7, as they explore: How security teams can respond to threats more swiftly and effectivelyRemote working’s effect on company weakpointsHow enterprises can better understand and remediate high-priority threats

The Nature of Cybersecurity is undergoing rapid evolution. Cyber attacks are becoming more violent - and sophisticated. Big developments in tech over the last few years have led to some of the most shocking ransomware incidents.Are IT teams capable of keeping up, or are we leading towards cyber doomsday?In this episode of the EM360 podcast, Chief Research Analyst at IT-Harvest, Richard Stiennon speaks to Mariana Periera, Director of Email Security Products at Darktrace, to explore:How businesses can come back stronger following a threatThe email supply chain and how attackers are using legitimate credentials to attackCore capabilities and the importance of augmenting with AIThe true changing nature of cybersecurity

Businesses today are under increasing pressure to level up data security as ransomware and data theft continue to rise. Data-first security solutions provide businesses with next-generation protection against exfiltration while maintaining accessibility for day-to-day operations, even during an attack.In this episode of the EM360 Podcast, Dr. Eric Cole, CEO and Founder at Secure Anchor Consulting speaks to Paul Lewis, CEO of Calamu, about:Today’s biggest threats to dataThe problem of data exfiltrationHow a data-first security approach provides next-generation protection

Attack surface management is the sustained monitoring, classifying, and inventory of a businesses IT infrastructure.It sounds as simple as asset management, but ASM is different in the way it approaches these responsibilities from an attacker’s perspective.The security of an enterprise's surface is paramount in the current era of cloud - but how can companies manage their cloud security posture management and tackle basic misconfigurations?In this episode of the EM360 Podcast, Chief Research Analyst at IT-Harvest Richard Stiennon speaks to David SooHoo, Director of Product Management at Censys, as the pair discuss: Attack surface management vs asset managementThe shift of the cloudZero-day attacks and how to mitigate them