Cyber Strategies in the New Normal

We have nearly reached the end of this pandemic year 2020, where mostly we have spent our time at home as still when we write this blog many would be working from home and some who have joined their work task force are trying to adjust the new normal.

This year where not even the IT officials but the students or kids are attending their classes from home. Since everyone is working from home there has been an increase in bandwidth and data utilization around the globe.

The organization which has a business continuity plan ready had a smooth transformation to work from the environment without any hindrances it was proved that CS having a foresight had an efficient way for the organization. A new area of cyber is cyber innovation, risk is mitigated risk is all about taking a risk. Cyber innovation is an area to look at. 

As per Gartner, there are five principles:
  • Continuous adaptive risk and trust assessment based on agility.
  • Secure DevOps
  • Replace the one-time security gate
  • Put the continuous security pro-actively 
  • Build the architecture with security, not with silos 

The average knowledge about cyber-attack prevention is deficient. Yes, cybercriminals are getting better all the time. But if we become proactive in our approach instead of reactive, they can be pushed back continually and hopefully sit mostly on the drawing board!

There is some positive aspect of COVID 19, that it has helped companies to identify that employees to work from their living room, whereas lots of expenditure has been spent on companies infrastructure. Even our environment which has been polluted has been saved by not using the vehicles on a daily basis. 

So, things to keep in mind during this pandemic is to secure your computer systems and wear a mask to protect yourself and others around you.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolssFacebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

What is Hardware Security?

Hardware Security

To know about the hardware security, lets first understand what all is covered under hardware security here :

  • Mobile Device Security (MDS)
  • IoT Security
  • Vulnerable Device Lists
  • Physical Security
  • Drone and Vehicles
  • SCADA
  • BIOS and UEFI
  • Self Encryption Device
  • Hardware Security Module

Mobile Device Security (MDS)

As we first insert a SIM (Subscriber Identity Module) in our mobiles there is a pop up message on our mobile which asks for a SIM pin which acts a SIM locking mechanism and protect ones information which could be of SMS text messages, contact lists , subscribers information etc.

IoT Security

To know about the IoT security, please check our previous blog, click here.

Physical Security

Lockdown cables for laptops, computers or making secure to the servers . There is also locked server room racks.

Drones and Vehicles

Drones are considered to be an normal aircrafts fitted with the cameras. The firmware in a drone has geo-fencing software. There are vehicles which have internal networks. There are crucial functioning of a vehicle which is called “Controller Area Network (CAN)”.

SCADA

This stands for Supervisory Control and Data Acquisition, which is used to control industrial processes such as as with manufacturing or critical infrastructure like water, electricity, oil refineries which consists of both hardware and software to make all this happen. There are some protocols which also works with it like DN3P, T101 etc.

BIOS and UEFI

A web page labeled “BIOS Simulator Center” : opens in a web browser. It contain a sample simulator labelled”Lenovo BIOS Setup Utility”. It is divided into two parts i.e. menu bar and Content pane.

Self Encrypting Drivers

This provides protection at the hardware level for the data stored on a drive, if the drive or the device housing the drive is lost or stolen and depending on the configuration of the self encrypting drive, it might not require any user interaction after it’s configured.

Hardware Security Module (HSM)

It provides protection and storage for cryptographic secrets at the hardware or firmware level and supports hardware crypto processing. HSM are FIPS 140-2 compliant which means that they are compliant with US government security standards for cryptographic modules.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/  | Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

What is Vulnerability Management?

Vulnerability management (VM) which is a program that consists of a variety of technologies that identify, evaluates, treats, and reports on security vulnerabilities in a system. There are tools that are used to identify Cyber Exposure risks across an entire organization, and aligns them with your operational goals and objectives.

In cyberseuirty terms there are some important good to know what vulnerabilities, threats, and exploits mean:

  • Cybersecurity Vulnerabilities. A vulnerability is a potential weakness in a security architecture that opens an organization or individual to cyberattacks.
  • Cybersecurity Threats. “Cybersecurity threat” refers to a combination of tools and methods involved in a cyberattack. These threats are not inherent to the network. Instead, they leverage vulnerabilities on the network.
  • Cybersecurity Exploits. Exploits are those when a cybersecurity threat is applied to a vulnerability to conduct some form of malicious activity. Impacts of these exploits may vary by threat and vulnerability type.

LifeCycle of VM

Find below the phases of the Vulnerability Management Lifecycle:

PHASE 1 – The Cloud Platform that provides multiple technologies, including scanner appliances, agents, sensors, and connectors to help you detect and discover both on-premise and cloud-based host assets.

PHASE 2 – The scanners, agents, sensors, and connectors work together to identify host assets throughout your entire enterprise architecture.

PHASE 3 – The primary objective of the assessment phase is to find vulnerabilities on the host assets in your VM subscription.

PHASE 4 – Regardless of the data collection techniques you use, all findings are securely stored in the Cloud Platform, where reporting tools and features allow you to identify the vulnerabilities that pose the greatest risk to your organization, and share these findings with your patch and operational teams.

PHASE 5 – The remediation tools and features built-in to the VM application, will help you to prioritize detected vulnerabilities and identify the vulnerabilities that have been successfully mitigated.

PHASE 6 – Verify any vulnerabilities that have been patched or fixed. This task is performed automatically every time a scanner appliance, agent or sensor provides new assessment data to the Cloud Platform.

Note: The above information on VM lifecycle has been taken from Qualys Training sites, for more information , please click here.

To know more about VM or its best practices please connect with us below.

We make Technology Eazy via Docs

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/  | Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

Website Built with WordPress.com.

Up ↑

Create your website with WordPress.com
Get started