Tag Archive for: prepare

how financial institutions can prepare to react quickly through regulatory compliance


All over the world, the number of attacks by cybercriminals targeting the financial sector is increasing, and the UK & Ireland is no exception
to this trend. According to Veritas research half of UK organisations said that, over the past two years, they had been the victim
of at least one successful ransomware attack in which hackers were able to infiltrate their systems.   

The increasing profitability of these attacks for the criminals, means a whole new industry – Ransomware-as-a-Service (RaaS) – is growing rapidly.  Professional hackers, exploiting AI-driven target identification, breach execution, victim extortion, and
ransom collection, all offering their malware as a service to the highest bidder.  

The increasing threat this poses to national economies led the EU to pass the Digital Operational Resilience Act (DORA) setting out specific requirements
for financial service providers concerning risk management. DORA legislated specifically on key areas including reporting accuracy of any ICT-related incidents, and management of third party risk.   

This means that when an attack on any financial services provider occurs, the decisions and actions taken in the hour following an attack will be decisive for the level of organisational impact, and the ultimate survival of the business.  

For financial institutions, process predictability is paramount  

IT teams must prepare thoroughly to anticipate an attack by implementing effective operational resiliency practices to secure their data.  Ongoing training for IT and business teams, together with tools for data identification and visibility, are critical
when it comes meeting regulatory requirements.   

As part of the ICT risk management process to comply with DORA regulations, successful completion of a specialised audit to identify all types, locations and classifications of data and storage infrastructure must be carried out. These rules have been developed to
help prevent and mitigate cyber threats and ensure that financial entities can withstand, respond to, and recover from all types of ICT-related disruptions and threats.  

Compliance with these processes…

Source…

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks


Application Programming Interfaces (APIs) have profoundly transformed the internet’s fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities.

APIs are the conduits through which software components communicate, interact, and share functionalities; this has led to an environment where applications, platforms, and services seamlessly collaborate, transcending their capabilities. The internet, once a collection of discrete entities, has morphed into an intricate web of interwoven functionalities that users traverse effortlessly.

Moreover, APIs have been instrumental in democratizing technological innovation. By allowing developers to harness existing functionalities, APIs accelerate the creation of novel solutions, propelling the evolution of applications across domains like e-commerce, mobile apps, cloud computing, and beyond.

The concept of modularity has been reshaped by APIs, giving rise to microservices architecture. This approach, underpinned by APIs, enables applications to be composed of smaller, specialized services that communicate harmoniously. Consequently, scalability, maintenance, and flexibility are greatly enhanced.

In essence, APIs have unfurled a landscape where digital interactions are fluid, innovation is rapid, and the internet’s potential is boundless. The transformation they’ve ushered in has redefined how we envision, construct, and experience the digital realm.

As API adoption increases, so too have the attacks launched upon them. Unique attackers have grown by 400% within a six-month period. And API attacks can be highly damaging; an attack on the Australian telecoms giant Optus exposed the information of more than a third of Australia’s total population. This article will explore the evolving landscape of API-based cyber threats and outline practical strategies to bolster your defenses.

API-Related Cyber Threats

  • Injection Attacks: Like traditional software applications, APIs are…

Source…

Healthcare Ransomware Attacks are Increasing: How to Prepare


The healthcare industry has seen a significant increase in ransomware attacks in the past few years, with a 94% increase in the last year alone. The amount of patient data collected, and the rapid technological development happening in the industry, make it an attractive target, notably when combined with small cybersecurity budgets. Sophisticated cyber actors leveraging common management tools make recent attacks hard to spot, as they are challenging to decipher from legitimate business activities.

Zero-trust network access (ZTNA) is the first step to preventing these types of attacks. This means that no one from inside or outside the organisation is trusted on the network, and any access to data or resources must include verification and authorisation. Multi-factor authentication (MFA) is a good place to start, as it requires additional authentication beyond username and password credentials. Additionally, ensure that only those users who truly need access to data and systems have it, following the principle of least privilege. The fewer entry points into a network, the better.

Assessments are key to improving cybersecurity within a healthcare organisation, especially when working with a tight cybersecurity budget. It is much easier to determine where to focus limited resources when it is clear where there are weaknesses or vulnerabilities, and an understanding of the cyber risk to data, systems, or processes that are critical to protect. Automation can assist in making the most of limited resources, including implementing automated endpoint device configurations and patch management. Making endpoints more resilient will assist in eliminating weaknesses in a network, as most ransomware attacks start with access to a single endpoint.

It is more important than ever that the healthcare industry prioritise cybersecurity in order to protect sensitive patient data and continue operations without disruption in an increasingly digital healthcare world.

Healthcare CISOs and their teams need to consider the following strategies for getting started:

Get a compromise assessment done first and consider an incident response retainer.

Source…

Prepare For A Record-Setting Quarter For Cyber Security Stocks


Prepare For A Record-Setting Quarter For Cyber Security Stocks

The Internet Security Stocks have been in a deep correction all year because of fears of slowing growth but still, there is no sign of that yet—results from Checkpoint Software (NASDAQ:CHKP) to SentinelOne, Inc. (NYSE:S) prove that demand for cyber security is not only still strong but accelerating on many fronts.

The latest news is from Zscaler, Inc (NASDAQ:ZS) which offers cloud-based cyber security solutions up to and including the enterprise level.

Get The Full Series in PDF

Get the entire 10-part series on Charlie Munger in PDF. Save it to your desktop, read it on your tablet, or email to your colleagues.

Q2 2022 hedge fund letters, conferences and more

SohnX Hong Kong: Oasis Management’s Seth Fischer, The Best Way To Invest In Vietnam

Screenshot 2022 09 08 16.45.41At the 2022 SohnX Hong Kong Investment Leaders Conference, Seth H. Fischer, the founder and Chief Investment Officer of Oasis Management, highlighted his favorite investment in Vietnam and explained why he believed the business was one of the best opportunities in this rapidly growing emerging market. Fischer founded Oasis in 2002 following a successful seven-year Read More

 


Find A Qualified Financial Advisor

Finding a qualified financial advisor doesn’t have to be hard. SmartAsset’s free tool matches you with up to 3 fiduciary financial advisors in your area in 5 minutes.

Each advisor has been vetted by SmartAsset and is held to a fiduciary standard to act in your best interests.

If you’re ready to be matched with local advisors that can help you achieve your financial goals, get started now.


The company just announced a top and bottom line beat and increased its guidance which is noteworthy not only because the sector is set to outperform in the Q3 and Q4 reporting period but because the entire sector has been lagging behind the S&P 500 since the pandemic bottom. That’s silly.

Cyber security stocks are as fundamental to the outlook of the Internet and the digitization of business as any part of the IT picture, and demand is driven by a widespread and growing need for safety. Each time the good guys make an advancement the bad guys make one to match. 

Zscaler, Inc. Leads With Robust Results And Outlook 

The cyber…

Source…