Ethical hackers praised for their innovative ideas to overcome COVID-19

photo5

Cyber geniuses have been praised for their interventions during the coronavirus outbreak. A self-taught coder based in South Korea was the brains behind Coronamap.site, which has been tracking the spread of infections since January. It seems the tech giants are sitting up and taking notice too, as they are now developing their own contact-tracing software for smartphones to determine where people may have picked up the virus. These civic hackers or “good guys” are instrumental in helping to identify where more resources are needed, such as face masks.

SHOULD BUSINESS LEADERS EMBED CYBERSECURITY IN THEIR ORGANISATION?

photo1

Half the world is currently fighting a pandemic. The new coronavirus has exposed considerable holes in our protective systems, forcing 3.9 million people in 50 countries into confinement and bringing unprecedented losses in its tail.

How did that happen?

First, let’s put the situation in context. Pandemics of this scale were long gone from our living memory. The last one, the Spanish flu, had infected a quarter of the world population and ended almost exactly 100 years ago. We can legitimately not underestimate the surprise factor. This situation is new for everyone.

Could it be avoided?

Some countries had simulated pandemics to prepare for the real ones. But all their preparation was just mitigation. Yes, having a stockpile of masks, ventilators, protective blouses for healthcare workers… absolutely changes how you respond to the crisis. And prepared countries can dramatically reduce the spread of infections, help more people survive and rebound faster economically.

But mitigation alone cannot be the only strategy, just as extinguishing fires cannot be the only strategy to prevent massive fires. In France, the forest regulation limits the spread and damage of any new fire by forcing people to reduce the size of tree clusters near their homes. It is a far more efficient and cost-effective strategy than waiting for them to become large then try to extinguish them, especially in regions where wildfires are a known recurring plea.

How does it apply to cybersecurity?

In cybersecurity, this logic would translate into reducing the size of clusters of systems and data that can be accessed through the same door. At the moment, the two leading practices in most organizations have the same effect. People either centralize systems and data access at one point, through a login and password or biometric. Or they use similar credentials to access all your systems or data (which means if a hacker gets one of your systems credentials, they can reuse them for others). Both practices lead to the same result: a very high risk that the whole organisation and third parties get infected from one breach.

As with wildfires or biological pandemics, investigating and patching a cybersecurity breach will always be less effective than preventing a virus from massively spreading in the first place. As 81% of all breaches start with an intrusion through passwords, any cybersecurity plan should therefore start with reducing the size of clusters, making all accesses independent and decentralising credentials.

How to build a strong and secure access architecture?

A secure access architecture is based upon strong unique and independent credentials for all systems, networks, applications, databases and devices inside the organisation. By reducing the size of clusters that can be accessed through any credential, organisations can dramatically reduce the size of breaches when they happen, stop virus from spreading far and wide into their systems and that of third parties.

That strategy implies putting users front and center of your cybersecurity strategy. Just like with COVID-19, getting people to practice social distancing, self-isolate when they have symptoms and wash their hands is far more effective to stop the virus from spreading than only monitoring them. And as with fires or viruses, you need rules and tools to help people protect themselves, inside and outside the organization.

But aren’t cybersecurity solutions complicated and expensive?

Most cybersecurity solutions are indeed long and expensive to implement. But you can now leverage a well-architected solution that is simple to deploy, easy to use and very competitive to cover over 80% of your cyber risks. And the good news is you can start doing it today.

Next time you see someone typing a password, think about its potential consequences for your organisation and your ecosystem. Why not embed cybersecurity in your organisation by including your users in your strategy instead?

Don’t know where to start? Get a free assessment on your credentials security level here or contact us at info@mycena.com

CYBER SECURITY “THE RESPONSIBILITY OF GLOBAL LEADERS”

photo1

The World Economic Forum has made a striking declaration about cyber security – that it is the responsibility of world leaders. As part of the World Economic Forum Annual Meeting, experts claimed that security has been the domain of the IT department for too long, and we must all get involved as cyber-attacks grow in sophistication. Conclusions from the meeting included a need for a “culture of cyber security” and a rethink into organisational structures, as well as investment into evolving technologies.  

MULTI-FACTOR AUTHENTICATION ATTACKS TO RISE IN 2020

photo2

A new report has found that multi-factor authentication attacks are expected to rise in 2020. Multi-factor authentication involves using more than one device or access method to log in to a user account, for example a fingerprint scan and a unique pin. According to the report, 57 per cent of global businesses now use multi-factor authentication, making it a new target for hackers. Experts are predicting a rise in ‘9am attacks’ whereby end-users receive a notification to log in when they arrive at the office, inadvertently giving hackers access.

UK GOVERNMENT ON THE LOOKOUT FOR NEW SECURITY LEAD

photo3

The UK head of cyber security is to step down in 2020 after more than six years of service. Ciaran Martin, who founded the UK’s national cyber security unit, is moving to a role in the private sector for summer 2020. In response, Downing Street is going to implement a “strategic review” of British defence and security, focusing on cyber security. Martin’s top achievements include linking state-sponsored cyber attacks to Russia. In a statement, he said the time had come for a new successor to “take the organisation to the next level”.

OIL AND GAS SECTOR FACE NEW CYBER SECURITY THREATS

photo4

2020 has been marred with news of attacks on non-renewable energies. At the turn of the decade, the North American Power Grid was subject to threats from organisations such as Parisite, which exploited vulnerabilities in industrial control systems. Meanwhile, Bahrain is under attack from a new Iranian data wiper malware threat, which has taken down national oil company Bapco. Experts now claim that cyber security must be at the forefront of energy companies’ minds, particularly as we continue to rely on external suppliers.  

CIVIL AVIATION AUTHORITY ANNOUNCES NEW SECURITY OVERSIGHT SCHEME

photo5-1024x619

Transport organisations are recognising the increasing cyber security challenges before us. In the UK, the Civil Aviation Authority has launched a scheme in collaboration with Crest to help the aviation industry manage risks. It will take the form of an accreditation to show companies’ commitment to security.

WISHING OUR READERS ALL THE BEST FOR 2020!

photo5-1024x619

2019 has been a fantastic year for the whole team at Mycena. We’ve been developing our products and onboarding new clients, plus we’re looking forward to new developments with Mycena Personal Fortress. We’ll be back in 2020, and wish you all a very Merry Christmas and a Happy New Year.

INTRODUCING THE NEW MYCENA PERSONAL FORTRESS

photo4-2-1024x619

We’re thrilled to announce the launch of the new Mycena Personal Fortress website. This unique product offers three levels of security for personal passwords, offering the same level of security and comfort as for business users. To celebrate the launch of the new website and the end of the decade, we’re offering one-time vouchers of up to 60% discount. This offer is available for a limited time only, so head over to the launch offer page.

RESEARCH SHOWS KNOWLEDGE DISCONNECT BETWEEN IT AND OTHER STAFF

photo3

A recently published report has uncovered troubling attitudes around cyber security in the workplace. New findings from Bdaily News reveal that 60% of staff feel their IT colleagues are a nuisance, while 46% show hostility towards their IT departments and would blame them for security issues. The team have concluded that confidence is the issue, with staff members not feeling comfortable contributing to companies’ information security.