Tag Archive for: purpose

Cybersecurity Awareness: Definition, Importance, Purpose and Challenges


What is cybersecurity awareness?

Cybersecurity awareness is an ongoing process of educating and training employees about the threats that lurk in cyberspace, how to prevent such threats and what they must do in the event of a security incident. It also helps to inculcate in them a sense of proactive responsibility for keeping the company and its assets safe and secure. In simple terms, cybersecurity awareness is knowing what security threats are and acting responsibly to avoid potential risks.

Cybersecurity awareness includes being aware of the latest security threats, cybersecurity best practices, the dangers of clicking on a malicious link or downloading an infected attachment, interacting online, disclosing sensitive information and so on. Security awareness training programs help to enhance your organization’s security posture and tighten its processes, thereby paving the way to building a more resilient business. Cybersecurity awareness must be an organization-wide initiative for it to be most effective and beneficial.

Why is cybersecurity awareness important?

Despite having best-in-class defense systems and measures in place, many organizations still experience security breaches. Unfortunately, it is often human error that has been a major contributing factor behind many data breaches. According to Verizon’s 2022 Data Breach Investigations Report, more than 80% of breaches involved the human element, including social engineering attacks, errors and misuse of stolen credentials. Threat actors look to exploit this weakness to infiltrate an organization’s networks and systems. This is where cybersecurity awareness comes in.

Cybersecurity awareness helps educate your employees about malicious methods used by cybercriminals, how they can be easy targets, how to spot potential threats and what they can do to avoid falling victim to these insidious threats. It empowers your workforce with the right knowledge and resources to identify and flag potential threats before they cause any damage.

Ignoring or not conducting cybersecurity awareness training regularly can have serious consequences on your business such as legal penalties, financial loss and cost of remediation, loss…

Source…

China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying


Steven Adair hunts hackers for a living. Back in January, in a corner-of-his-eye, peripheral kind of way, he thought he saw one in his customer’s networks — a shadowy presence downloading emails.

Adair is the founder of a cybersecurity company called Volexity, and he runs traps to corner intruders all the time. So he took a quick look at a server his client was using to run Microsoft Exchange and was stunned to “see requests that we’re not expecting,” he said. There were requests for access to specific email accounts, requests for confidential files.

He followed all this requested information to a virtual server off-site. “The hair is almost rising on my arms right now when I think about it,” Adair told NPR later. “This feeling of like, oh, crap this is not what should be going on.”

What Adair discovered was a massive hack into Microsoft Exchange — one of the most popular email software programs in the world. For nearly three months, intruders helped themselves to everything from emails to calendars to contacts. Then they went wild and launched a second wave of attacks to sweep Exchange data from tens of thousands of unsuspecting victims. They hit mom-and-pop shops, dentist offices, school districts, local governments — all in a brazen attempt to vacuum up information.

Both the White House and Microsoft have said unequivocally that Chinese government-backed hackers are to blame.

NPR’s months-long examination of the attack — based on interviews with dozens of players from company officials to cyber forensics experts to U.S. intelligence officials — found that stealing emails and intellectual property may only have been the beginning. Officials believe that the breach was in the service of something bigger: China’s artificial intelligence ambitions. The Beijing leadership aims to lead the world in a technology that allows computers to perform tasks that traditionally required human intelligence — such as finding patterns and recognizing speech or faces.

“There is a long-term project underway,” said Kiersten Todt, who was the executive director of the Obama administration’s bipartisan commission on cybersecurity and now runs the Cyber Readiness Institute….

Source…

An NSA cyber weapon is reportedly being used against American cities by the very adversaries it was meant to target – Task & Purpose

An NSA cyber weapon is reportedly being used against American cities by the very adversaries it was meant to target  Task & Purpose

In less than three years after the National Security Agency found itself subject to an unprecedentedly catastrophic hacking episode, one of the agency’s most …

“cyber warfare news” – read more