Top Cybersecurity Problems
Companies around the world have started to take a cyber-security discourse in which they advocate standardization and greater security, but little have they acted to create and maintain meaningful standards that prevent or respond efficiently to such cyber attacks. The thesis was defended by Purveyor Dark Intelligence and professor at the University of Nottingham, England, John Walker.
"We need less compliance and more security. It is also necessary to adopt Red Teaming, that is, to self-test to test their abilities and vulnerabilities ", defended the specialist who has an extensive curriculum in Cyber Crimes. John went through the Royal Air Force Intelligence, Investigation and Counterintelligence Operations, served as GCHQ and CESG in the US and UK Agencies, and was ITSO and System Security Systems Manager Accredited by the CIA.
He also stressed that having an action plan for attacks is as important as predicting the risks. "The cyber-security industry is bad. Businesses have a hard time dealing with threats today. Incident response is the key and is something that needs to be planned in advance. "
He even reminded even companies that are considered model in cybersecurity are also targets of attacks. He cited the TalkTalk case in which IT staff were warned of a vulnerability in their system but ignored and hacked. "A company that in 2018 was praised and considered an example of infrastructure and security."
Another company cited by him was Tesco Bank, which was considered a reverse engineering model. "By 2016, 20,000 customers had their accounts hacked on a Saturday morning. Why on a Saturday? Because few people work that day, "he explained.
Walker also listed the most common problems in companies.
Many companies believe they do not have to care about cyber attacks, as well as cybercrime, and they think they are enough and above all else.
Lack of knowledge of new threat engines
Lack of imagination about new threats. We need to think more about defense. We can not be afraid of inversion.
Only safety certification is not enough, we must also have along with the certification skills to act with cyber security.
Unfortunately this problem is also recurrent, of people who achieve certification, but then use it for cybercrime.
Lack of leadership and skills
Today, we have heard that security is not just a question of who works in the area, but of all people. The public is the greatest vector of this subject. Therefore, it is always important to be in contact with people to seek to understand what is happening around.
Many ignore small businesses, but they can also be sources of cyber attacks. This can not be overlooked.
Cyber crime cutting edge
Cybercrime is more and more daring and attacks various types of systems such as insecurities, cars, hotels, developement.
Answer is the key
Incident response is the key, and it is something that needs to be planned first. It can not be last minute.
Test your skills and vulnerabilities, train people.
You have to be proactive with yourself, attack yourself.
Touch the untouchable
You need to talk to those who are at risk.