Cybersecurity News - August 2020
The remote workforce relies on cloud tools like Microsoft OneDrive to function and collaborate. To protect sensitive data, including personally identifiable information (PII), personal health information (PHI), and financial information, organizations need to take additional security measures.
Cloud storage makes it easy to reach files from any location, but it is not a backup solution. If files are accidentally deleted or attacked, they are lost. Organizations have high volumes of data, so a cloud backup service is needed to automatically copy data so it can be restored.
Cloud storage presents data risks like data theft or loss, corrupted data, and inadvertent sharing of information. Because cloud storage provides easy access to data, it presents compliance violation risks. Establish a ransomware protection service that scans OneDrive and other services and automatically blocks attacks. In addition, optimize security for cloud storage systems like OneDrive, with strict protocols:
Source: Asatryan, Davit. 5 keys to protecting OneDrive users, Help Net Security, June 11, 2020.
With remote work now the norm, a healthy, secure culture that encourages positive behaviors is an important as part of organizational cybersecurity. To shake the dull, technical stigma associated with security training, Help Net Security asked for insights on security awareness training from global experts.
Embrace diverse learning for better participation and retention rates
Provide frequent training, but keep it short
Test awareness, publish results, and ensure results are tangible
Source: Zorz, Mirko. How do I select a security awareness solution for my business?, Help Net Security, June 18, 2020. https://www.helpnetsecurity.com/2020/06/18/select-security-awareness-solution/.
The number one trend noted by Gartner, Inc. in Top 9 Security and Risk Trends for 2020 is the emergence of extended detection and response (EDR) capabilities. This new, enhanced EDR model is called “XDR”, which is able to detect attacks across endpoints, networks, software-as-a-service (SaaS) applications, cloud infrastructures, and any other network. XDR enables an organization to collect and correlate data across multiple security products to improve threat detection and provide incidence response for increased accuracy and productivity.
Uri May explains in the Security Boulevard article XDR: The Cybersecurity X-Factor: “XDR lets enterprise cybersecurity teams “punch above their weight” through the integration of advanced security operations capabilities. In particular, XDR promises to address today’s snowballing threatscape by amplifying the speed, scale, and scope of attack detection, connecting the dots across sparse data sources and siloed telemetry.”
While an organization has systems like firewalls, log management, and intrusion prevention in place to detect and protect against threats, XDR threat hunting assumes that advanced threats are evading these defenses and exist within the compromised environment.
The information above is provided as a convenience, without warranties of any kind and MUFG Union Bank, N.A. disclaims all warranties, express and implied, with respect to the information. You are solely responsible for securing your systems, networks, and data. You should engage a qualified security expert to advise on your specific needs and requirements.