Leveraging the right response strategy, following the regulations, and understanding the ransom entity are the fundamentals in any ransomware outbreak.
About adminThis author has not yet filled in any details.
So far admin has created 29 blog entries.
Online shopping will be more popular than ever with consumers... and with malicious actors too. The pandemic has had a significant impact on retailers across the spectrum from apparel brands to grocery stores to big-box retailers. While each category of retail has faced its own specific challenges, there has been one common theme across industry: increased demand and traffic across online platforms. As retailers rush to meet these online demands, many have had to fast-track their digital roadmaps and establish new protocols to launch omnichannel services like BOPIS (buy online and pick-up in-store) and curbside pickup. Many retailers know that when it comes to reliability, just a second in lag time can mean the difference between a sale and an abandoned cart. Research shows that nearly 90% of consumers would leave a website and 30% of shoppers would think twice about being a return customer if a website was too slow. But these sudden increased shifts to online shopping have also brought attention to new surface areas that retailers must secure. Case in point: Since March 2020, our security service reCAPTCHA, which protects websites from fraud and abuse, has seen a 40% increase in usage. Businesses and services that previously saw most of their users in-person have shifted to online-first or online-only models. This increased demand for online services and transactions can expose businesses to various forms of online fraud and abuse. In fact, 8% of online business revenue today is lost to fraud and account takeovers. And there's no busier online shopping time than the holiday season. It's never been more crucial for retailers to protect their customers as they use their online services. Despite traditionally being an in-store holiday, Black Friday topped Cyber Monday in 2019 as the busiest day for online purchases with 93.2 million shoppers compared with 83.3 million. This year, many retailers have decided to close their doors on Thanksgiving and are rolling out online promotions and deals throughout November and December, to keep shoppers and employees safe. We're planning for a "peak on peak" online holiday shopping season for 2020. As shoppers seek to take advantage of the hottest bargains and retailers prepare for a predominantly online holiday shopping season, cybercriminals are looking to do the same with vulnerable IT systems and websites. There are several automated threats businesses must be on the lookout for to protect from brand damage and negative impacts to the bottom line. For example, attackers could use leaked credentials to hijack user accounts and stolen credit cards to make fraudulent purchases. Elevated basket abandonment, a higher proportion of failed payment authorizations, and disproportionate use of the payment step are all possible signs of card cracking. Or denial of inventory attacks, which involves attackers taking ecommerce items out of circulation by adding many of them to a cart/basket, but never actually proceeding to checkout — which creates stock-outs, preventing legitimate buyers from making a purchase. Just like phishing and malware target employees, users are also under attack. Imagine if infected URLs are being shared on websites or social channels to take customers to malicious pages to steal payment info or account credentials. Retailers need access to tools to prevent this kind of activity and, at the same time, need to be able to warn users before they visit sites that are known to be unsafe. These are just a few tricks bad actors might have at the ready this holiday season. So, how can security teams detect these emerging attack methods and reduce their customers' and business' chance of compromise or revenue loss? One way is to deploy CAPTCHA systems on sites to prevent fraudulent activity, spam and abuse. The CAPTCHA system should leverage machine-learning and advanced risk analysis to help customers tell humans and bots apart. The CAPTCHA system should also have accurate detections to minimize false positives and offer risk scores with reason codes for security teams to take action within the context of a company's website. For example, if the CAPTCHA system shows a low score, next steps can be to require two-factor authentication or email verification in order to allow a user to continue. Moreover, the CAPTCHA system should have enterprise-level service level agreements and terms of service. We also recommend using an API of constantly updated lists of unsafe Web resources, which retailers can use to keep risky URLs off their sites and protect users. This year has been one of frantic and unexpected change, but there’s no reason to be caught offguard this holiday season. Security must continue to be a top business priority as attackers will always look for ways to disrupt or damage businesses during the pandemic, during the holidays and beyond. Achieving a sustainable security posture is essential to a successful business transformation. Now is the time for retailers to be proactive about securing online environments to make this new normal, a safer normal, so they can deliver holiday cheer. Sunil Potti is General Manager and Vice President of Cloud Security at Google Cloud. In his role, he focuses on bringing the best of Google Security's practices to the GCP platform and its enterprise customers. Prior to Google Cloud, Sunil served as the Chief Product & ... View Full Bio Recommended Reading: More Insights
A confluence of trends and events has exploded the whole idea of "the perimeter." Now there are many perimeters, and businesses must adjust accordingly.
The threat of data extortion adds new layers of risk when determining how to respond to a ransomware attack. Ransomware has grown an additional gnarly tentacle: data extortion. It was gruesome enough with threat actors encrypting data in place but has morphed and added data extortion to the mix. Cases are emerging with a two-part payload of data encryption and data extraction, where data is encrypted in place while a small portion of unknown data is ferried offline under the threat of publication. (Or, in the case of cybercriminal organizations such as the now defunct Maze group, actual publication of a portion of the data — with threats to publish more on the way.) In previous ransomware scenarios, an organization just had to decide whether to pay a ransom to get the key to unencrypt the data. But now it must consider making what is essentially a "forever promise" with a criminal organization. The threat actors are demanding payment in exchange for alleged proof that they deleted the data. In practice, they are saying "trust us" to delete data that they previously threatened to publish. It's not a great situation to find yourself in. Having lived through this several times with my clients, I have learned some immediate tactical considerations any organization must keep in mind before deciding how to respond to a ransomware attack. 1. Negotiate? If so, should you do it yourself or use a professional negotiation company? Even when you have logging in place, it may be impossible to discern exactly what the threat actor removed from the network. Even if the threat actor claims they took only a small portion of data, they often leave you guessing about what else they may have in their possession. Therefore, you're racing to determine what information may be dumped into the Dark Web. So, do you negotiate? This may be wise — even if you don't plan to pay — so that you can buy time to determine more about what information may have been lost. The decision to hire an outside negotiation company is really an incident-by-incident decision. Often, skipping the extra cost can be the best bet but it can be very circumstance specific. Work with your legal team on strategy before engaging an outside negotiation company. 2. Deleting the data doesn't alleviate your legal risks. Even if the threat actor deletes the data they exfiltrated from your network, this does not alleviate your legal responsibilities or risks. Generally, the law will look at whether the data was both "accessed and acquired" or, in the case of other statutes, accessed with some proof of misuse. Given that a threat actor has taken the data, there is no way to dodge the "acquired" component of the law. You are legally required to notify any individual whose information was taken — even if the threat actor deletes the data. 3. Will you pay? Or pay and face a sanction? The US Department of Treasury Office of Foreign Assets Control issued an advisory opinion on Oct. 1, noting that there are risks of sanctions associated with certain ransomware payments because ransoms often fund criminal activities. So, if you are considering making a ransom payment, analyze the issue thoroughly with counsel to make certain you do not jump from the frying pan into the fire. Cyber data-extortion incidents are wicked. And because they are fraught with liability, it's best to work through these issues with your lawyer to cloak your investigation and actions with attorney-client privilege while navigating the legal risks associated with the extortion. Beth Burgin Waller is a lawyer who knows how to navigate between the server room and the board room. As chair of the cybersecurity & data privacy practice at Woods Rogers, she advises clients on cybersecurity and on data privacy concerns. In this capacity, she ... View Full Bio Recommended Reading: More Insights
We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready? Despite dedicating the majority of my life to protective intelligence in the private and public sectors, I still find it hard to believe when I see companies that have thousands of employees and dozens of offices and facilities — but a scant few physical security professionals using legacy tools and processes to try to keep the business harm-free. It's almost an exercise in futility. In the 1980s and '90s, when I was a special agent in the counterterrorism and protective intelligence division in the Diplomatic Security Service at the Department of State, we did the best we could to organize and analyze intelligence by scouring through hundreds of cables, paper documents, and files. Decades later, physical security and safety professionals are gathering time-sensitive and sometimes life-saving insights, but still using paper records and manual processes, unnecessarily limiting their ability to more efficiently detect, link, and mitigate threats. Sure, change isn't easy. When things have been working "just fine" and management thinks it's "good enough," getting an organization to try new processes and tools is a challenge. Adopting new ways to address physical threats may, to some, feel threatening and costly. But for far too long, although it's not intentional, corporate physical security teams have been reactive, and only after something bad occurs are they given the resources and investment they truly need. For holistic physical security programs, change must focus on augmenting and enhancing existing operations with new technology platforms that can efficiently scale the identification, investigation, assessment, monitoring, and management of physical security threats. Protective Intelligence — Then and NowHistorically, eyes, ears, and acute observation kept physical assets safe. We would spend hours looking and watching for pre-operational surveillance to unpack the attack cycle. In gathering protective intelligence, teams would store data in command-post hotel rooms, surveillance cars, and handwritten logs. After an incident, we would record each event's specific details, which became data for future use. Detecting and vetting a threat on the street was challenging and inefficient. Institutional memory was the norm. Information was passed via cables and memos and sometimes via the diplomatic pouch — a slow and tedious process. We got our first glimpses of digital transformation in the 1980s with Polaroid cameras, Sony VHS tape recorders, and Motorola radios and pagers. As more sophisticated technology and mobile applications were developed, the idea of transmitting intelligence via a pager headed for retirement, and a new era of physical security emerged. Physical security technologies and innovations also appeared due to catastrophic embassy attacks, kidnappings, and aircraft bombings. Bridging Digital Transformation and Physical SecurityAccording to Gartner, 82% of CEOs have a digital transformation program underway. And yet, physical security is still often perceived as "guns, guards, and gates." But we know today it is much, much more. The recent detection of a plot to kidnap Michigan Governor Gretchen Whitmer and the arrest of those involved was, of course, due to tremendous efforts by law enforcement. Virginia Governor Ralph Northam was also considered, which doesn't surprise me. In every case I've worked, the bad guys always look at multiple targets. While they are looking, they are usually the most vulnerable to detection. Many threatening signals were found on social media, and FBI undercover informants played an essential role. Health and economic challenges have converged. Global workforces under hybrid office-home corporate structures have also emerged. Retail safety requirements are heightened. The scope and scale of liability for companies not actively and holistically monitoring for growing threats has increased dramatically. We must bridge generations: those who developed, tested, and proved the value of protective intelligence, and those applying technology and data to bring a new level of expediency and effectiveness to protection. As organizations undergo digital transformations, physical security teams that embrace digitization can automate mundane work and use their creativity and insights to enhance their approaches, minimize liabilities, and usher in a new era of advancing safety. Many corporations believe that their current security program is good enough. But I would argue that we are at an inflection point. The threats we face are dynamic, emerging, and global. We are rapidly approaching a new frontier that allows for mobile applications and massive amounts of real-time physical threat data to be structured into single, easily maneuverable platforms that are more than good enough; they are what human lives and livelihoods deserve. Fred is the Executive Director of Ontic's Center for Protective Intelligence. He is one of the world's foremost experts on security and counterterrorism. A former police officer, special agent and New York Times best-selling author, Fred has served on the front lines of ... View Full Bio Recommended Reading: More Insights
And with more data compliance laws on the way, audit fatigue could be a real challenge for infosec professionals. Many of you know (and some love) the 1993 movie Groundhog Day. For those who haven't seen it, the main character, Phil Connors (played by Bill Murray), is forced to live the same day over and over until he gets it right. He meets the same people in the same places and experiences the same moments wherever he goes. Even the same song — Sonny and Cher's "I Got You, Babe" — is playing when his clock radio comes on at the same time every morning. The challenge he faces is that he's been given no rules or guidelines about how to get out of this fix. Nothing he does can break the cycle of waking up and reliving the same events day after day after day. In my conversations with colleagues that deal with IT risk or privacy compliance, their experiences begin to sound identical to Phil's trapped existence. Why? I think a large part of it is the frustration and exhaustion of having to report on the same data about the same security controls over and over, every time a new audit request comes in. Fatigue comes in many forms, whether it's work fatigue, Zoom fatigue, or COVID fatigue. There is no question that a large part of work fatigue for security professionals stems from compliance requirements. Lately, it feels like a new regulation or compliance standard is introduced every few months. In 2018, we saw the introduction of the European Union's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA). Two major privacy regulations in one year certainly left organizations overwhelmed with more standards to comply with in addition to what was already on their plate. While these regulations are needed, it looks like GDPR and CCPA are just the beginning. The Costs of Compliance Now that the dust has settled on these major regulations, it is only a matter of time before other states follow suit and begin to implement their own standards, which inevitably means more compliance headaches to come. According to a recent survey by Telos Corp., commercial organizations must comply with an average of 13 different IT security and/or privacy regulations. On top of that, organizations spend around $3.5 million annually on these activities, and it takes three working days to respond to a single request. When you break it down, that means that compliance audits consume an average of 58 working days each quarter. And let's remember that's an average across sectors, not just heavily regulated industries like financial, healthcare, or energy. Organizations across industries universally experience audit and compliance fatigue. With the additional fatigue people and enterprises face in so many other areas at this point in time, alleviating this particular form should be at the top of every organization's list. The common denominator behind every company is its workforce — the personnel that keep things running and respond to every crisis. However, they are experiencing an unprecedented amount of stress, and the infosec community is just waking up to the serious problem and growing prevalence of burnout across the industry. Don't Discount BurnoutAccording to a CISO Stress Report released earlier this year by Nominet, 88% of CISOs suffer from moderate or high stress. Almost half of those surveyed revealed that these stress levels have impacted their mental health. In fact, the pressures on CISOs are so significant that Nominet even developed a CISO Stress Calculator to support this finding. Burnout is yet another form of fatigue fueled in part by demanding compliance regulations, and organizations are working to find ways to ease this burden. While CISOs and CIOs undoubtedly experience stress and fatigue, tsecurity practitioners, internal auditors, and compliance teams also get burned out. The stress of pre-audit activities, endless repetitive tasks, and constant back-and-forth requests for the same data, over and over again, lead to these career security professionals burning their candles till they reach the end of their wick. The Costs of NoncomplianceDespite the extreme costs of compliance, in many cases, noncompliance costs can be significantly greater, as it often leads to considerable fines, loss of investor confidence, and damaged reputations. In taking a look at some of the biggest blunders in the past five years alone, we've seen British Airways ($230 million), Marriott ($123 million), Google ($57 million), and other large corporations quite literally pay the price for noncompliance. According to Telos' survey, organizations faced an average of eight fines over the last two years, costing them more than $460,000. Conquering Cloud Migration and Looking ForwardTo add to the challenges faced by CISOs and cybersecurity professionals, migration of compliant workloads to the public cloud opens up an entirely new world of compliance activities. Some 94% of respondents to the Telos survey report that they face challenges when it comes to IT security compliance and/or privacy regulations in the cloud. The most likely challenge is their ability to keep track of the sensitive data stores or how many instances of that data exist at any one time. The cost, coupled with rapid changes in cloud regulations and unfamiliarity with the practice, are the main obstacles associated with cloud compliance. With all of this in mind, there is no question that a better path forward is needed. Where possible, we need to let the data speak for itself through automation — a real answer that's ready today to alleviate audit fatigue. Automation can increase audit evidence accuracy, reduce time spent in the auditing phase, and improve the ability to respond to audit evidence requests more quickly. Additional solutions for relieving audit fatigue include establishing a compliance risk team to triage requests and offering solid, intelligible compliance training that employees can put into practice. Continuously improving your compliance program and being proactive, especially during slower periods, is another way to stay ahead of the curve. In compliance, there is not always a one-size-fits-all approach. Finding the proper solution to handle compliance and audit fatigue may take some time for each organization, but it's clearly worth the effort. Joining Telos in 2006, Steve Horvath established a new model for providing professional services in support of the company's Xacta risk management platform. He currently serves as Vice President of Strategy and Cloud with a focus on long-term strategic partnerships and ... View Full Bio Recommended Reading: More Insights
It's never been easier for employees to download company data and take it with them to their next gig. The accelerated shift to remote workforces resulting from the COVID-19 pandemic has exasperated the challenge of protecting corporate data and intellectual capital. It has never been easier for employees to compromise their employers' systems. Absent protocols designed for remote workforces, many companies are scrambling to keep tabs on the whereabouts of their property and IP. The cookie-cutter protections that are typically in place don't safeguard against data theft nearly as much as companies think they do. As a result, employees are departing one employer for another with intellectual capital and trade secrets in tow and undetected. Free and open-source network file transfer apps have made it easy for sophisticated engineers to compromise their employers' systems. Consider the widespread use of PuTTY, a program that establishes an encrypted secured shell (SSH) tunnel from a work computer that can export its entire contents to any device of choice. All done without leaving a traditional forensic trace. But it's not just potential IP theft that should alarm companies. Significant legal exposure exists when onboarding new employees who may bring IP with them. Even if a new employer is unaware of a transgression, it could prove costly. Juries and judges of trade secret cases consistently yield some of the highest verdict awards imaginable. How can companies better protect themselves? Here are the five steps to take right now. Hiring Process ReviewSet the expectation from the start that the company takes confidential information seriously. In all cases, but especially when recruiting talent from competitors, be able to demonstrate a process of reasonable steps taken to protect against litigation. This begins in the interview phase, ensuring that interactions prevent any third-party confidential information from being solicited or divulged. During the on-boarding process, new employees should certify they searched for and returned all third-party data and that they did not store such information in personal accounts, cell phones, or other devices. To ensure there has been no inadvertent or intentional porting of third-party data onto the their servers, and to rebut any allegations to the contrary, companies should also do a forensic check of their systems within the first 45 days of a start date. Update Acceptable Use PolicyWith the work-from-home trend in full swing, companies need clear and enforceable policies around cloud and USB usage, as well as usage policies for personal devices and hardware. Employee certifications and disclosure of off-server data storage and transmission should become standard practice. Shared use policies should also address the realities of a work from home environment and define the expectations. For example, prohibiting access to confidential data, sending to personal or partner accounts to print, and the handling and storage of hard copy documents must be clearly articulated. Turn on Full Logging for All DevicesYou can't protect what you can't track, so companies must account for new hardware and software. It's no small task given today's geographically diverse and remote work environment, but it is critical. While full logging does take up a lot of storage, turning on VPN logs, server access, document/code repositories and other databases are the only ways to track what's happening with company property. Some companies are deploying data loss prevention (DLP), and cloud solutions may alleviate some of the storage burden. Implement Home Security PoliciesBad actors prefer targeting unsecured home environments because people are generally lackadaisical about their personal devices. Leaving computers turned on 24 hours a day is an open invitation to hackers, and home Wi-Fi networks with weak passwords and no encryption offer other easy entry points. Companies need to provide clear instruction and require employees to take steps to strengthen their remote work environment. That includes mandating computers being powered off each evening, and activating and updating Wi-Fi encryption to WPA2 and more secured passwords. Employees need training to recognize and report data theft danger signs such as extreme functional slowdown, which may indicate intruder access. Institute High-Risk Departure ProgramsCompanies need to be well-prepared for the inevitability of high-risk remote workers leaving for a competitor. This means HR, IT and legal should develop protocols for the exit process. Exit protocols should include appropriate procedures for automatic hardware shut-offs, putting employees on paid leave, preserving hard drives, and the immediate accounting for data, including the forensic remediation and review for evidence of data theft. Additionally, companies should not be too quick to reissue that hardware, as forensic preservation is key so if a problem arises it can be analyzed at a later date. Lastly, exit certification is a must for getting on record the exiting employee's testimony of compliance. It is also an opportunity to be very clear about an employee's continuing obligations to the organization after they are gone. The mitigation of data theft risk is a team effort. It requires a multi-pronged approach that includes IT security, HR, site security, protocols for handling data internally, and protections from external intrusions. And it all begins with a sober assessment of an organization's current state of vulnerability during these extraordinary times. Bradford Newman is a Palo Alto-based attorney who specializes in matters related to trade secrets and artificial intelligence. He serves as Chair of Baker McKenzie's North America Trade Secret Practice as well as Chair of the American Bar Association's Artificial Intelligence ... View Full Bio Recommended Reading: More Insights
The most effective way is with employee security education. Question: How can I help my remote workers secure their home routers? John Bock, senior research scientist at Optiv Security: With so many organizations' employees working remotely due to the pandemic, what security teams can do to help secure their home routers/firewalls is getting renewed attention. Why should we view an employee's home router as any different than one at a coffee shop or hotel network? Well, for one, it's a more static and predictable location for an attacker, especially if we are including Wi-Fi access points, common to all-in-one gateway devices. These days, the home router also likely includes a home network with a variety of entertainment and home automation devices, all of which could have their own vulnerabilities. Most organizations will manage this situation with a focus on hardening the endpoint to operate in an assumed hostile environment, which aligns with modern best practices for host defense. Without good public examples of extending enterprise vulnerability management down to the personal home network, the most direct route is with employee security education that focuses on basic home gateway maintenance and avoids advanced configuration topics. Our technical users are likely ahead of the curve when it comes to home security issues anyway, and it's the users who have never logged into their home routers who cause the most concern. Here's a basic set of guidance to tell your users: Log in to your router, check for firmware updates, and upgrade if one is available. Set up a monthly task, maybe alongside bill paying, as a reminder to log in to see whether any new versions are available. Verify that "Remote Administration" or "Administration from WAN/Internet" are disabled. If enabled, they allow access to the management UI from the Internet. Review firewall settings for any open or proxied ports. If you're unsure of the origin of a particular entry, disable it. Check Wi-Fi network settings, if applicable, and verify you're using WPA3 Wi-Fi security standard – if your devices support it – or, at least, WPA2. Make sure your network password is complex and not related to the network name. Review your attached devices list for anything suspicious, and verify the identity of unknown hosts. John Bock is senior research scientist at Optiv. Prior to this role, John was vice president of threat research, and before that he was the leader of Optiv's application security practice, which provided application pen testing and other software security services. With more ... View Full Bio Recommended Reading: More Insights
As public and private spaces are opening up, the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech. Since the start of the coronavirus pandemic, one thing has been clear: Protecting the health, safety, and security of individuals is increasingly challenging and a core priority for helping the US get safely back to business and back to school, as well as for a sense of well-being. And all of this amid a changing view of the future of work and the core factors for quality of life. Early on in the urgent attempt to prevent the spread of the virus, stay-at-home mandates swept the nation as restaurants and retailers were forced to close their doors, and employees were adjusting to a new work remote/work-from-home lifestyle. As a result, several organizations, including the World Health Organization, experienced a dramatic rise in attempted cyberattacks on the workforce. The FBI reported a 400% increase in cybersecurity complaints compared with before the pandemic. Now, as both public and private spaces are opening up — and offices are inviting employees back slowly and in reduced capacity — the need for a converged approach to cybersecurity and physical security is essential, as is integration with health measures and tech. Physical Security & Safety in a Pandemic EraEarly on in the pandemic, many businesses were vacant and therefore more susceptible to crime and theft. This spiked demand for security systems such as alarms and monitoring, especially for small and midsize businesses, including bars, restaurants, and retail. Responsible use of facial recognition technology is also being further developed and put to use in modernized airports and for public safety and access control uses. There has been concern about people wearing masks being a barrier to effective identification. Fortunately, there are facial recognition technologies available that are not hindered by masks. The technology can still verify an individual's credentials, and as a result, enable a number of contactless solutions (such as touchless sign-in and payment) and access monitoring. In addition, if an individual enters a venue, office, or store without wearing a mask, or is not wearing it correctly, facial recognition technology can be used to help detect the individual and discreetly alert staff. Regarding personal safety, which has been affected by the pandemic, individuals are very aware of their health and safety needs and are adapting to social distancing rules. There is also increased demand for contactless access control solutions. For example, pre-COVID, many employees would be granted access to their office building by a simple key fob or key card. However, post-COVID, this won't be enough. In fact, many office buildings already have been experimenting with access control technology that prevalidates individuals who are permitted to enter the building, utilizes mobile phones, and can also ensure that capacity limits are being followed. Product development is underway for integration of security and health technology, including access control systems that combine functionality of identity verification and temperature checks. We are also rapidly seeing this with multipurpose use of video technology, across the spectrum of surveillance for threat detection, temperature checks, and capacity counts. While these are effective steps for this phase, to establish large-scale reopenings, real-time testing needs to be deployed pervasively while work continues on producing a safe vaccine and distribution process. Rethinking Cybersecurity for Employees: Rise of Vishing FraudAs professional workers continue to do their jobs remotely, even as offices are reopening, bad actors have been clever during these COVID times with tailored campaigns designed to prey on consumers' increasing vulnerability. Recently, the FBI and the US Cybersecurity Infrastructure Security Agency (CISA) issued an alert regarding vishing (voice phishing) scams aimed at workers. Here's a quick look at how vishing works: First, a bad actor compiles every bit of information he or she can on an employee via public website information and social media. Next, that person calls the employee pretending to be an IT staff member with some excuse about troubleshooting an issue and subsequently ask the staff member to use a new — and fake — virtual private network (VPN) page to access company servers. Ultimately, if an employee obliges, this provides the fraudster credentials and access to private information. There are a number of actions an organization can take to prevent social engineering attacks like this, including but not limited to employee software that can actively scan and monitor for unauthorized access and anomalous activity. Above all else, employees must be educated on these new threats, get training on how to spot malicious access attempts, and be provided clear instruction on how to flag them via the proper channels. Cybersecurity, Physical Security, and Health Tech: The Pandemic TrioOne of the biggest takeaways for the security community as we continue to emerge through the pandemic is that cybersecurity along with physical security and health tech safety must be prioritized together. Industry professionals have to be wary of increasingly sophisticated cybersecurity threats, and quickly deploy proper physical and health safety protections and solutions that will address all equally and with strong collaboration. In the last four years, this trend of organizational collaboration emerged due to increasingly pervasive connectivity and Internet of Things-enabled devices. Now with health issues being a long-term, front-burner priority, this will further stimulate the need for cross-departmental communications and a command center approach. Physical security, facilities, operational technology, IT, and HR professionals have a core essential role to take the lead to ensure the safety of employees, customers, and the public. Will Wise is Group Vice President, Security Events, at Reed Exhibitions. He oversees ISC Security Events, ISCnews.com, ITS America Events, CNP/CardNotPresent.com, Natural Disaster & Emergency Management Expo, and G2E Events and G2E Insider. View Full Bio Recommended Reading: More Insights