4 Common Cybersecurity Threats

4 Common Cybersecurity Threats

By: Alex Shanteau, Senior Security Consultant, MAD Security | January 3, 2019   As the untamed cyber threat landscape evolves in scope, sophistication, and reach, the risks organizations face will continue to increase not only in number, but in severity, and they are finding new ways to infiltrate your internal and external networks every day. In this blog post, we’ll take a look at some common threats you’re likely to see throughout 2019, and over the next several weeks we will go in-depth on prevention and mitigation of these types of attacks.   Sophisticated Phishing Campaigns   Most phishing attacks come in the form of email spam, tricking users out of their credentials, financial, or other sensitive information. Phishing emails have come a long way from the cliché Nigerian Prince scam. Most current phishing emails replicate an email you may think is completely normal and credible, and can come in a number of formats, from a LinkedIn request to a fraudulent invoice. These phishing emails are becoming ever more sophisticated, including the successful usage of multi-factor authentication, the inclusion of homographic domain names, and almost perfect impersonation of legitimate applications. This attack vector exploits the weakest link in the cyber defense chain – people – and can lead to devastation and sometimes catastrophic compromises for companies.   During a recent red team exercise we conducted for an enterprise-sized company, LinkedIn phishing requests were sent to targeted employees that were identified by combing publicly available information on the Internet. These users received an email asking them to join a group associated with their company on LinkedIn. When users clicked on the...
How to Build a Winning Cybersecurity Program

How to Build a Winning Cybersecurity Program

By: Cliff Neve, COO, MAD Security As a consultant I have had the opportunity to evaluate hundreds of organizations’ cybersecurity programs, which span the gamut from nearly non-existent to robust. The successful programs generally have very similar characteristics, which are addressed in an actionable step-by-step manner below. Step 1: Gain Executive Buy-In and Assign Responsibility Winning organizations have top-level support from senior leaders that understand the importance of cybersecurity, integrate cybersecurity risks with other business risks, and empower an individual in writing – and in reality – with the authority, responsibility, and resources to manage the cybersecurity program. Every successful cybersecurity program I have seen has a strong champion clearly designated and empowered to lead the program. Unsuccessful programs, on the other hand, typically possess fragmented or unclear lines of authority represented by fiefdoms resulting in destructive power struggles and ad hoc, chaotic behavior. Step 2: Conduct a Business Impact Analysis and Establish a Data Classification Guide The reason for investing in cybersecurity is to enable the organizational mission and protect organizational assets, so it is imperative to begin with documenting business functions and their requirements for system availability and data protection. For instance, an organization may have high availability system requirements for medical systems, 911 call centers, or bridge controllers where availability trumps confidentiality and integrity. In an HR system, on the other hand, confidentiality might overshadow the need for availability and thus if there was potential compromise, it would likely be a better decision to disconnect access from the network rather than risking data exfiltration. By assessing all requirements for information and information systems in a business...