sb-as logo
Story image

Organisations in Asia uncovering potential of advanced cybersecurity services

08 May 2018

Organisations in Asia are looking beyond standard cyber threat protection and starting to ask for more advanced cybersecurity services including reconnaissance and early kill chain services.

According to cybersecurity consultants Adura, those organisations are moving beyond compliance requirements to see value in threat intelligence, network AI behavior and phishing susceptibility.

Whilte traditional cybersecurity programs focus on compliance through means such as ethical hacking, staff training, or cyber audits, these rely on older frameworks that are behind the security curve.

Adura says by the time a framework is approved, a whole new set of cybersecurity challenges have emerged.

The company’s Threat Intelligence Services worked on behalf of its clients to mitigate more than 750 high-risk asset exposures on the dark web last year. Exposures included leaked confidential files, pre-emptive cyber attack intel, VIP and corporate impersonation, harvested staff system credentials, social media exposure, email forensics, and security configuration.

“Our work managing cyber incidents in the Darkweb shows that cyber threats are commonplace in today’s digital world and can have a serious impact on businesses of all sizes,” comments Adura head of Cyber Security Services, Barnaby Grosvenor.

“The sheer volume of threats and rapid change in cybersecurity and best practices makes it difficult for companies to effectively manage their cybersecurity needs. Solid cybersecurity programmes follow a prevention-led approach, continuously identifying and closing gaps in employee awareness, security management processes and skills as well as technology.”

The company helps clients work through the key pillars of any cybersecurity framework: People, process, and technology.

People

Trends such as bring-your-own-device coupled with highly variable employee awareness of cybersecurity best practices and shadow IT can open the door for cyber criminals. It is vital to educate employees about cyber threats, lowering their susceptibility to social engineering attacks and email phishing.

In phishing simulations run by Adura across its clients, 20% of staff opened phishing emails disguised as social media invites or internal organisational messages. Despite receiving training on how to spot phishing emails, finance and HR department members, two departments that manage sensitive employee information, were found to be more likely to be misled by phishing emails.

This highlights the importance of continuous and effective employee training on cybersecurity issues.

Process

Managing cybersecurity risk requires a well-rounded approach, and Adura works with companies to put in place the right processes and plans depending on customers’ size, industry and business goals.

In Adura’s experience, 99% of web servers lack at least eight critical security patches because of weaknesses in in-house cybersecurity processes, leaving businesses exposed to cyber threats. Adura helps customers reduce their risk exposure by identifying vulnerabilities, and prioritizing security updates.

Technology

As the technology landscape and cybersecurity best practices continue to evolve, companies need skilled cybersecurity personnel on hand at all times to help them assess and manage their risk profile.  Adura has found that 20% of companies in the region do not have a Chief Information Security Officer (CISO) or sufficient specialist staff.

To help ensure companies always have access to the best talent at hand, Adura offers a Virtual Chief Information Security Officer (vCISO) service. It provides the senior-level counsel and insight of a traditional CISO, without the customer needing to hire additional personnel in their IT team.

Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Exploits on organisations doubling every two to three hours after news of Microsoft Exchange’s four zero-day vulnerabilities
The race has started between hackers and security professionals following the disclosure of vulnerabilities on Microsoft Exchange Servers, according to Check Point Research.More
Story image
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Story image
Financial malware activity dropped in 2020 as creators honed their wares
Cybercriminals used the time to plan more malicious propagation techniques, both new and evolved from previous methods.More
Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More