In recent years, ransomware attacks evolved from simple and basic encryption malware to a complex and organized industry. With this evolution, attacks have now a far more important impact on business continuity and company reputation.
Secure the SWIFT Network
In 2016, users of Society for Worldwide Interbank Financial Telecommunication (SWIFT), Bangladesh, Vietnam and Ecuador suffered cyber-attacks and had huge financial losses. Due to the exponential increase of cyber-attacks and frauds against financial institutions, the same year, SWIFT introduced its own Customer Security Programme (CSP). The main goal of this programme is to ensure and improve the security level of each SWIFT customer to bring more confidence in the SWIFT’s network. To follow this aim, SWIFT proposed three guidelines: Secure your environment, Know and Limit Access, Detect and Respond.
For an independent company, starting its own Security Operation Center might sound like a good idea. However, it turns out that it often presents a huge challenge with very mixed results. Thus, we will review some of the themes that can lead to internal failures of SOC projects based on our customer’s feedback.
On August 25, 2020, the Commission de Surveillance du Secteur Financier (CSSF) introduced and published a new circular (CSSF 20/750). This circular is applicable to all credit institutions, all Professionals of the Financial Sector (PFS), all payment institutions, and all electronic money institutions. The main objective is to implement the guidelines of the European Banking Authority EBA/GL/2019/04 relating to the management of risks linked to information and communication technologies (“ICT”) and security.
Antivirus vs EDR
Nowadays, antivirus engines use static and dynamic analysis, as well as detection based on heuristics in order to detect and block endpoint threats. Their main limitation is the lack of detection regarding post-exploitation actions. Indeed, when the attacker execute a malware successfully on a host, he wins.
We’re all human: we make mistakes. Unfortunately, there will always be people trying to take advantage of our mistakes for their own benefit, which can cost our business tremendous financial loss. No matter how sophisticated our cyberdefenses are, how advanced our technologies are, how good our security practices are, we will always be constrained by this human factor.
In this newsletter, we’ll cope with the Pushing Left approach. What is this approach? Why do we need it?