Top Cybersecurity Problems

Sep 02, 201917

Companies around the world have started to take a cyber-security discourse in which they advocate standardization and greater security, but little have they acted to create and maintain meaningful standards that prevent or respond efficiently to such cyber attacks. The thesis was defended by Purveyor Dark Intelligence and professor at the University of Nottingham, England, John Walker.

 

"We need less compliance and more security. It is also necessary to adopt Red Teaming, that is, to self-test to test their abilities and vulnerabilities ", defended the specialist who has an extensive curriculum in Cyber ​​Crimes. John went through the Royal Air Force Intelligence, Investigation and Counterintelligence Operations, served as GCHQ and CESG in the US and UK Agencies, and was ITSO and System Security Systems Manager Accredited by the CIA.

 

He also stressed that having an action plan for attacks is as important as predicting the risks. "The cyber-security industry is bad. Businesses have a hard time dealing with threats today. Incident response is the key and is something that needs to be planned in advance. "

 

He even reminded even companies that are considered model in cybersecurity are also targets of attacks. He cited the TalkTalk case in which IT staff were warned of a vulnerability in their system but ignored and hacked. "A company that in 2018 was praised and considered an example of infrastructure and security."

 

Another company cited by him was Tesco Bank, which was considered a reverse engineering model. "By 2016, 20,000 customers had their accounts hacked on a Saturday morning. Why on a Saturday? Because few people work that day, "he explained.

 

Walker also listed the most common problems in companies.

 

Self Survival
Many companies believe they do not have to care about cyber attacks, as well as cybercrime, and they think they are enough and above all else.

 

Lack of knowledge of new threat engines
Lack of imagination about new threats. We need to think more about defense. We can not be afraid of inversion.

 

Certification
Only safety certification is not enough, we must also have along with the certification skills to act with cyber security.

 

Fake credentials
Unfortunately this problem is also recurrent, of people who achieve certification, but then use it for cybercrime.

 

Lack of leadership and skills
Today, we have heard that security is not just a question of who works in the area, but of all people. The public is the greatest vector of this subject. Therefore, it is always important to be in contact with people to seek to understand what is happening around.

 

Small business
Many ignore small businesses, but they can also be sources of cyber attacks. This can not be overlooked.

 

Cyber ​​crime cutting edge
Cybercrime is more and more daring and attacks various types of systems such as insecurities, cars, hotels, developement.

 

Answer is the key
Incident response is the key, and it is something that needs to be planned first. It can not be last minute.

 

Red Team
Test your skills and vulnerabilities, train people.

 

Minority Reporting
You have to be proactive with yourself, attack yourself.

 

Touch the untouchable
You need to talk to those who are at risk.

 


Related Articles