Posted: Wednesday, September 28, 2022

Reconnaissance – An Organization’s Cybersecurity Nightmare and How to Stop It

Reconnaissance – An Organization’s Cybersecurity Nightmare and How to Stop It

By : Sentia

Cybersecurity experts predict that at least 33 billion records will be compromised by 2023. The number may increase as cybercriminals leverage advanced technologies to develop sophisticated malware and tools for scanning for vulnerabilities in a target network. While most organizations focus on reactive cybersecurity measures to stop an attack after it has started, they overlook that they can stop an attack right at the reconnaissance stage. Reconnaissance is one of the first phases of an attack. Attackers use various tools to understand the target’s networks and systems to determine the possible entry points and exploitable vulnerabilities.

Read more »

Number of views (74)

Posted: Tuesday, September 13, 2022

Fileless Malware - What is it and Why Traditional Security Practices Can't Protect Against It

Fileless Malware - What is it and Why Traditional Security Practices Can't Protect Against It

By : Sentia

Fileless malware is a malicious activity that infects a system using built-in legitimate and native programs. In contrast to other malware programs like ransomware, attackers don’t need to install a malicious program in the system to execute an attack, which makes it hard to detect and prevent. A traditional anti-malware solution detects malware by matching files against a database of known malicious programs. However, fileless malware payloads reside in the memory only and do not write any files to the hard drive making it difficult for signature-based security solutions to detect it. Thus, cybersecurity experts agree that attackers are ten times more likely to succeed when executing fileless malware attacks than file-based attacks.

Read more »

Number of views (151)

Posted: Tuesday, August 30, 2022

Enhanced Data Protection with a Robust Cyber Resilience Strategy

Enhanced Data Protection with a Robust Cyber Resilience Strategy

By : Sentia

The cyber threats landscape in the past few years has redefined how organizations secure and protect critical systems, assets, proprietary assets, and business and customer data. As a result, cyber resilience is not only an exclusive role of the IT and security professionals. Rather it is a company’s shared responsibility to identify and mitigate cybersecurity risks to achieve operational sustainability and strategic viability. In the current volatile IT and digital environment, cyber resilience should comprise measures of how enterprises anticipate, identify, understand, and recover from the impacts of a cyberattack.

Read more »

Number of views (213)

Posted: Wednesday, August 17, 2022

Cybersecurity Today and Where It's Going: A Mid-year Review

Cybersecurity Today and Where It's Going: A Mid-year Review

By : Sentia

It's hard to believe that we are already just a few months shy of 2023. In this mid-year review, we take a quick look at the current state and continued evolution of cybersecurity. The corporate landscape is awash with news of organizations that have fallen victim to costly ransomware attacks, social engineering scams, data breaches and leakages, and malware attacks that have caused costly consequences, such as damaged reputation, huge fines, and disrupted business operations. Therefore, if your company does not want to make headlines tomorrow, it is essential to remain abreast of the mid-year cybersecurity trends and statistics in 2022.

Read more »

Number of views (381)

Posted: Tuesday, August 9, 2022

Pen-testing & Vulnerability Scanning: What’s the difference?

Pen-testing & Vulnerability Scanning: What’s the difference?

By : Sentia

Penetration testing and vulnerability scanning are vital for enhancing an organization’s cybersecurity postures. However, most businesses are confused about differentiating the two services. For example, a vulnerability scanning process looks for existing security weaknesses and vulnerabilities, such as unpatched systems, lacking authentication schemes, misconfigurations, and weak password security, and reports them as potential exposures. On the other hand, a penetration test looks to exploit identified security weaknesses in the organization’s systems and IT network architectures to determine the extent to which an attacker would compromise your assets. Also, a vulnerability scan often utilizes automated software programs and tools, whereas a penetration test is a manual process carried out by a security expert.

Read more »

Number of views (536)

Posted: Thursday, July 28, 2022

Security Awareness Training

Security Awareness Training

What is it and Why is it Important?

By : Sentia

Cybersecurity is a top priority for all organizations today. Still, the rapidly changing security landscape introduces unique challenges that require users and cybersecurity professionals to stay informed and adopt best practices. Security awareness training educates employees, third-party partners, contractors, and other relevant stakeholders concerning the current cyber threats, cybersecurity responsibilities, procedures, and policies. It is a critical program that helps inform the necessary threat prevention measures and assists in complying with industry-standard data privacy and security regulations.

Unfortunately, according to Proofpoint’s 2022 State of the Phish Report, only 25% of companies train their employees for two or more hours annually. Yet, a Verizon Data Breach Investigations Report shows that eight out of ten, approximately 82%, data breaches are due to exploitable human vulnerabilities. In addition, untrained and unaware employees account for the largest number of social engineering attacks, stolen credentials incidents, and phishing scams.

Read more »

Number of views (334)

Posted: Tuesday, May 31, 2022

Creative Solutions to Address the Cybersecurity Skills Shortage

Creative Solutions to Address the Cybersecurity Skills Shortage

By : Sentia

The cyber risk landscape continues to evolve at an alarming rate. Cyber adversaries are leveraging new technologies to innovate powerful malware variants and new hacking techniques. On the other hand, a pervasive cybersecurity talent shortage hampers organizations’ efforts to secure their critical infrastructure and data from attacks. However, companies can mitigate the chronic shortage of knowledgeable cybersecurity professionals by prioritizing talent, expertise, and experience over the traditional hiring practices, including those that require minimum educational qualifications.

Read more »

Number of views (627)

Posted: Monday, May 16, 2022

E-commerce and Cybersecurity: What Online Merchants Should Know

E-commerce and Cybersecurity: What Online Merchants Should Know

Best Practices to Secure Your E-Commerce Business

By : Sentia

E-commerce platforms and sites are hot targets for attacks and breaches since cybercriminals consider them as treasure troves of financial, personal, and business data. Regardless of the business size, a breach of an e-commerce platform can cause huge financial losses by destroying customer trust, lawsuits, and stolen data. eCommerce businesses are mindful of the security issues facing them and have increased spending on security measures. A 2020 VMWare Carbon Black Cybersecurity Outlook Report revealed that 77% of companies included in the study have invested in new security measures, whereas 69% have hired more security personnel.

Read more »

Number of views (594)

Posted: Thursday, May 5, 2022

Understanding Multifactor Authentication (MFA)

Understanding Multifactor Authentication (MFA)

How It Works and Why Companies Should Consider Adapting It

By : Sentia

"For every lock, there is someone trying to pick it, or break it." - David Bernstein

One of the biggest problems with traditional user ID and password login is the need to maintain a password database. Whether encrypted or not, if the database is captured it provides an attacker with a source to verify their guesses at speeds limited only by their hardware resources. Given enough time, a captured password database will fall.

As processing speeds of CPUs increase, brute force attacks have become a real threat. GPGPU cracking can produce more than 500,000,000 passwords per second even on lower end gaming hardware. Depending on the software, it can take as little as 160 seconds to crack a 14-character alphanumeric password. A password database alone does not stand a chance against such methods when it is a real target of interest.

Read more »

Number of views (2733)

Posted: Tuesday, April 26, 2022

What Do Cyber Threats Mean for the Financial Sector

What Do Cyber Threats Mean for the Financial Sector

And How Can You Protect Yourself?

By : Sentia

The financial industries of most countries worldwide use emerging innovative technologies to cut down operational costs, enhance customer services, and automate work. For example, organizations in the Canadian financial sector heavily depend on Fintech, the Internet of Things, quantum computing, the cloud, and artificial intelligence, among others, to enable electronic financial transactions and data transfer between payment systems, institutions, vendors, and clients.

However, while these interconnections promise increased efficiency and faster communications, they have become attractive targets in today’s highly sophisticated and rapidly evolving cyber threat landscape. For example, a cyberattack that compromises only one financial organization can potentially spread to external partners, which may ultimately disrupt critical international and national financial systems.

Unsurprisingly, motivations like financial gains from transaction values that amount to billions of dollars daily have seen the financial industry face frequent and complex cyberattacks. For instance, Canada’s population has embraced online banking transactions more and more, with 76% of Canadians preferring mobile devices and online banking for all transactions.

Read more »

Number of views (940)

CategoryID: 53