Protect – Page 9 – The SECOND Advisories Limited

Treat or Trick

28th October 2019 By cliangNo Comments

Halloween is coming and the tradition is once annually. It is a children's custom of calling at houses at Halloween with the threat of pranks if they are not given a small gift. In cyber world, this happens every now and then. You get an email saying you are being selected for award (free air ticket, free miles, lottery, an estate etc.) but you need to register or pay admin fee to claim. If you trust such too good to be true, you are phished leading to various consequence ranging Leakage of you PII (Personal Identifiable Information) Leakage of access credential of email, ebanking or any registered web portal Financial loss Collateral damage to those you know as using your identity will increase the trust level at the 2nd degree phishing attack against your friends Criminal act as activities are executed under your identity Therefore, it's treat AND trick in cyber world. Strengthening human awareness cannot be overlooked....

Assumption #2 (2nd topic)

11th October 2019 By cliangNo Comments

No matter individual or enterprise, there are information stored in the cloud. The pre-requisite to use cloud is the communication line from your end point to the hosting location. Most rely the as-built cyber protections like TLS, 2-step authentication offered by the provider. No doubt, these are deemed secure. But if your information is of high value, you need to consider the appropriate level of extra layers, e.g. single tenancy, dedicated hosting location with physical access control, further end-to-end communication encryption, database level encryption or tokenization, periodic security assessment, regular situation awareness to keep your people from being victim of spear phishing attack. All these don't mean 100% security but to demonstrate your due diligence to secure your data....

Cyber Footprint

12th September 2019 By cliangNo Comments

We are living both in the physical and cyber worlds and these worlds are closely coupled. We have left lots of cyber footprints - posts in social media, emails to others, auto-toll road, facial recognition via video analytics by surveillance camera, RFiD cards in the pocket, cell phone IMEI with location service, electronic identity of many, purchase preference, web browsing habit, medical & education history ... not to mention those event logging. All these can be traced back to an individual, if intended. An individual might also locate the peers from cyber world to reach out physically. Common example is proposed contact by social network via your connected friends. Machines are also controlled by automation where these controls are "living" in the cyber world. Performance of machines are feeding back to machine learning to improve physical operational efficiency. Unless you stay in the wild completely off the grid, hunting and farming for food, using natural fuel, living in a closed & trusted community without electronic...

Supporting System

28th August 2019 By cliangNo Comments

Mostly, people put focus cybersecurity on critical infrastructure. We must not forget the cybersecurity for supporting systems are equally important as they are also network connected for information exchange or control from the control center. These systems automate protection for the core system. Examples are those commonly known like facility management (or FM such as fire fighting, CRAC, access control, UPS), SIS (Safety Instrumented Systems). If these systems fail, it will impact to the core systems. There is recent incident for cyber attack on SIS. Imagine, if the FM fails, the information processing facility will fail too. More severe impact is the SIS failure, it will affect environment or human safety....

Spam

16th July 2019 By cliangNo Comments

Everything in the world is relative. For some, spam mails are annoying and try to filter them off the mailbox as spams usually associate with unsolicited sales or phishing attack. But for others, spam are considered as valuable resources. Honeypots are setup to collect spams, analyze and understand the trend, the TTP (Tactics, Techniques, and Procedures) of phishers in order to bring up awareness and counter-measures....

Stepping Stone

20th June 2019 By cliangNo Comments

Systems and components are connected in the cyber space. Some have misconception that my setup are for development, or its failure does impose significant impacts, why do I bother to secure it? Because if these systems or components are insecure, they could be deployed as gateway for hacker to penetrate into other internal infrastructure. This lateral network movement contributes to many high profile data breach incidents. Other infrastructure/facilitiy elements are often mostly neglected, e.g. UPS, CRAC (Computer Room Air Conditioner), BMS, IP-camera, IP-KVM etc. As long as they are connected in your network, you should care....

ROI

28th May 2019 By cliangNo Comments

Return On Investment (ROI) is the typical approach to justify the spending to acquire asset. For the sample solar renewable energy illustrated, this is simple: One-off cost like equipment purchase & installation Recurring cost like maintenance, insurance, administrative (if trading to grid is involved) In a 5 or 10 years total cost model, how much energy charges could be saved, or how much revenue is generated if energy is sold back to the grid vs how much expense to paid. However, there are risks that might affect the net gain: Sufficiency of sun light intensity Weather condition at the location Physical security of equipment against theft or sabotage In cyber protection technology, stake holders normally expect cyber-security is the baseline and integrated with the asset. Adding extra cost won't be seen as ROI. A slightly adjusted model is to calculate the avoidance cost of a single cyber-security incident vs investment. Therefore, the justification is to be: If we invest $X, then we could avoid spending...

Network

18th May 2019 By cliangNo Comments

Network exists in both physical and cyber worlds. Both have physical portion and content portion. Even in cyber perspective, both the physical media and the info exchange are required to protect but most focus is on the content part. If the adversary is able to access network equipment physically, then all those secured configuration will become insecure. Therefore, in any security assessment, physical aspect must not be forgotten....

Born or Made

1st May 2019 By cliangNo Comments

Cybersecurity vulnerabilities are broadly categorized into 2 types: [a] Inherent weakness in the component, protocol (e.g. PLC, ftp) that is insecure by design [b] Improper deployment causes a secure component (e.g. FIPS-140-2 Level-4 certified crypto module) into insecure due to lack the required surrounding elements (likely broken business process or human negligence) Type [a] can be overcome at time of procurement to specify requirement. Type [b] can be identified via vulnerability assessment of the deployed solution in people, process and technology perspectives...

Big or Small

5th April 20195th April 2019 By cliangNo Comments

Cyber assets, no matter big or small, must be managed via the same practice and same maintenance regarding cybersecurity as long as they are hosted in the same ecosystem. Zoning might make certain difference but things could be broken due to many reasons. Defense-in-depth must be adopted. ...