Vumetric https://www.vumetric.com Penetration Testing, Security Audit & Cybersecurity Thu, 05 Dec 2019 17:18:36 -0500 en-US hourly 1 What is Ethical Hacking? https://www.vumetric.com/blog/what-is-ethical-hacking/ Thu, 05 Dec 2019 15:35:05 +0000 https://www.vumetric.com/?p=24846 According to a report recently published by Accenture, the total cost of criminal hacking is estimated at $11.7 million dollars yearly cost per organization. Because of the threat constantly posed by these malicious actors, the term “hacking” has long held a negative connotation tied to the criminal nature of their actions. But the truth is, …

What is Ethical Hacking? Read More »

The post What is Ethical Hacking? appeared first on Vumetric.

]]>
According to a report recently published by Accenture, the total cost of criminal hacking is estimated at $11.7 million dollars yearly cost per organization. Because of the threat constantly posed by these malicious actors, the term “hacking” has long held a negative connotation tied to the criminal nature of their actions.

But the truth is, hacking can be performed in a variety of contexts, with a wide range of intentions. The most commonly known types of hacking are: “Black Hat Hacking”, “White Hat Hacking” and “Grey Hat Hacking”. Here are some definitions for each type of hacking and where they fit in today’s modern world:

White hat hacking

White hat hacking, also known as “ethical hacking” or “penetration testing”, is an authorized attempt to hack a technology according to a pre-determined scope. This type of hacking attempts to identify opportunities that a hacker could exploit a given technology for malicious purposes. Ethical hacking is a service offered to companies that provide technical solutions to fix their cybersecurity vulnerabilities that could be leveraged by attackers while prioritizing these security gaps by likeliness that they are exploited and their level of severity.

Black hat hacking

This type of hacking attempts to exploit technical vulnerabilities within your technologies with malicious intentions such as encrypting your files with ransomware to demand a ransom, stealing sensitive data to sell it on the Dark Web or simply disrupting business operations. Another type of black hat hacking, commonly known as “Hacktivism”, has been growing a lot as of late. “Hacktivism” is a targeted, politically motivated attack that often aims to deny access to a service, a website, an application […] in order to send a political message or to disclose sensitive information publicly.

Grey hat hacking

Grey hat hacking is a less known type that consolidates both ethical and criminal hacking. A grey hat hacker attempts to identify and exploit vulnerabilities within technology to see what they could find without any prior authorization. This type of hacking, while still criminal, is not performed with any malicious intent other than curiosity.

 

The importance of Ethical Hacking

No computer, software, network, device, infrastructure, or application can be developed with built-in security that is permanently proof against hackers. The reason is that new technologies are built faster than vulnerabilities can be secured and hackers are constantly evolving to circumvent these new security measures. Today’s state of the art security is not tomorrow’s state of the art security.

Ethical hacking is still the best defense to counter criminal hacking, as they will systematically identify vulnerabilities that attackers could potentially leverage while providing technical solutions to prevent these attacks. The best white hats professionals represent the state of the art now, today, and expose where yesterday’s hardware, software, or network has become vulnerable.

Not a single algorithm or scanner can test computer security with the comprehensiveness and thoroughness that an ethical hacker can, which is why they are crucial today for the cybersecurity of modern organizations. (Learn more about the main differences between penetration testing and vulnerability scanners)

The tools known and used by the ethical hacker are the same as those used by the criminal hacker, which means they will reveal every opportunity that a hacker would have to perform an attack within your technologies, thus making them essential to protect your organization from black hat hackers.

 

Types of Ethical Hacking

Another consideration for any company, IT staff, or ethical hacker is the range of types of computer networks, systems, and applications that might be targeted by criminal hackers. Ethical hacking can be performed in various technological contexts to identify vulnerabilities, such as:

Network Ethical Hacking

Network ethical hacking seeks vulnerabilities in the components, configurations and devices within a network that a black hat could discover and exploit. These assessments can be performed externally, targeting networks that connect to the public internet (Such as the network used by your public website) to validate that a hacker cannot, for instance, gain access to administrative features. It can also be performed on internal networks (such as the wireless network on which your workstations connect) to validate that your sensitive data cannot be accessed by malicious employees or business partners who connect to your network internally.

Cloud Ethical Hacking

Cloud ethical hacking, also known as a cloud security assessment, aims to validate the security of cloud infrastructure configurations, as well as applications hosted on the cloud. Are its security controls (for instance, user privileges) configured optimally, or can a user escalate its own privilege to become an administrator? Can a user access a supposedly secure database without appropriate privileges?

Application Ethical Hacking

This type of ethical hacking is used to assess the security of Web applications, mobile applications and websites. It is slightly more complex and time-consuming, as it also attempts to identify complicated logic flaws in the way that an application handles data and processes a given action. This type of hacking aims to answer the following questions and much more: Can the app’s features be manipulated by a malicious user? Can a feature used on a website or application be bypassed? How is sensitive payment data, once submitted, treated? Can the payment system be bypassed?

SCADA / ICS & Industrial Ethical Hacking 

Seeks to validate the security of industrial networks and connected equipment within an automated production line. This type of hacking is performed internally, since it generally cannot be accessed by the public internet and tries to ensure that industrial networks have been segmented properly to contain any possible cyberattack, which otherwise might infect an entire factory and disrupt entire productions lines. It also attempts to validate that administrative features cannot be hijacked by malicious actors internally to cause any harm.

 

Final thoughts

Although the term “hacking” is often used in a negative light, there are various types of hacking to be aware of, some of which can be critical to help your company identify its most prominent risks and to fix them before malicious actors take advantage of them.

Need the help of a Certified Ethical Hacker to assess your cybersecurity risks? Reach out to a specialist to find out how we can help you fix your vulnerabilities. We are here to answer your questions, concerns and discuss the next steps appropriate for your company, needs, and objectives.

The post What is Ethical Hacking? appeared first on Vumetric.

]]>
Cybersecurity Internal Sales Representative https://www.vumetric.com/careers/cybersecurity-internal-sales-representative/ Wed, 04 Dec 2019 20:47:54 +0000 https://www.vumetric.com/?p=24819 Job Description: We have an exciting career opportunity for a motivated Internal Sales Development Representative. Vumetric is a leading provider of cybersecurity services that protect business-critical information and systems. Our customers include leading enterprises, government organizations and SMBs. You will be joining an exciting and rapidly growing company. This is an outstanding position offering an …

Cybersecurity Internal Sales Representative Read More »

The post Cybersecurity Internal Sales Representative appeared first on Vumetric.

]]>
Job Description:

We have an exciting career opportunity for a motivated Internal Sales Development Representative.

Vumetric is a leading provider of cybersecurity services that protect business-critical information and systems. Our customers include leading enterprises, government organizations and SMBs.

You will be joining an exciting and rapidly growing company. This is an outstanding position offering an attractive salary, defined career path, and excellent support from existing team members. This is a permanent, full time position to start immediately. Pay will be base salary plus incentives.

You will be following up on inbound sales leads, up-selling existing customers, and developing new business opportunities. To succeed in this role, you must have excellent communications skills, be fully bilingual (English & French), have a strong desire to succeed in the workplace, and at least 2 year of experience in sales.

 

Duties and Responsibilities:

• Qualify leads and close potential business opportunities

• Interact with potential customers through phone and email

• Determine the needs and project scope of potential customers

• Proactively prospect and nurture existing customers

• Assist in strategic sales planning

• Identify upselling opportunities

• Learn about the cybersecurity industry and penetration testing across various technological contexts

 

Skills:

• Fully bilingual, written and spoken (English & French)

• Great written and verbal communication skills

• Adept at understanding and articulating new technologies, and mapping the respective value propositions to customer needs

• Ability to meet deadlines with a high degree of motivation

• Ability to work independently as well as collaboratively

• Initiative and resourcefulness

• 2 years of experience in sales / business development

• Extroverted and outgoing personality

• Strong work ethic

• Strong problem-solving abilities

 

Assets:

• Sales experience in a B2B setting

• Strong technical knowledge and skills

• Experience working in IT

• Experience with CRM software

The post Cybersecurity Internal Sales Representative appeared first on Vumetric.

]]>
4 Benefits of SOC Compliance https://www.vumetric.com/blog/4-benefits-soc-compliance/ Mon, 02 Dec 2019 18:50:20 +0000 https://www.vumetric.com/?p=24547 SOC compliance is a very important framework for the management of cybersecurity threats in any organization. It is a requirement in nearly all sectors of activity that are faced with cybersecurity threats. Its implementation is not simple and straightforward, but rather a complex process with stringent requirements that need careful review and addressing. The goal of SOC is …

4 Benefits of SOC Compliance Read More »

The post 4 Benefits of SOC Compliance appeared first on Vumetric.

]]>
SOC compliance is a very important framework for the management of cybersecurity threats in any organization. It is a requirement in nearly all sectors of activity that are faced with cybersecurity threats. Its implementation is not simple and straightforward, but rather a complex process with stringent requirements that need careful review and addressing.

The goal of SOC is to ensure that your systems are secure, reliable and properly managed so that the customer and company data is safe from cybercriminals and hackers. The process may seem overwhelming but once implemented, it can generate a lot of value for your company.

Here are 4 benefits of SOC compliance:

1. Builds credibility with Banks, Business Partners, and Potential Investors

It is not uncommon for banks to have high standards when it comes to financing requirements, which is where SOC compliance comes into play. When your business is SOC compliant, it demonstrates that you have an adequate management of your cybersecurity risks and provides evidence that your company is committed to mitigating any potential threats. This means that you are much more likely to be approved for financing, as meeting the SOC requirements is often a prerequisite for most banks.

But it is not only about banks. Many providers such as insurance companies or technology providers may also require your business to be SOC compliant before they are willing to work with you. Many companies may also require that you comply with the framework as a condition for your business partnership.

Being SOC compliant allows you to establish trust with potential partners, banks, and potential investors. Once they realize that you are SOC compliant, they will know that your company is credible, and they may not even require any additional information regarding your security. They will be willing to work with you with little to no hassle.

Simply put, being SOC compliant means you open the gates to more business opportunities, ensuring a direct return on your investment.

 

2. Helps you focus on innovation rather than security

Security is not a core function of your organization. Having to worry about security issues can distract you from the core functions of your business and you may end up spending a large amount of your resources inefficiently to mitigate your risks.

The SOC framework ensures that you’ve implemented strong cybersecurity management practices, protecting your critical data and infrastructure from any potential incidents. Being SOC compliant means you’ve secured your data from those who might want to steal and sell it to malicious actors on the dark web. It also protects your intellectual property and trade secrets from being spread publicly.

This means that once your company is SOC compliant, you’ll be sure that you’ve mitigated most of your cybersecurity risks so you can get the peace of mind to focus your resources on innovation rather than on security.

 

3. Gives you an edge over your competitors

In today’s technological world, no company is safe from security breaches, and this applies to companies all over the world regardless of their sizes. However, having strong security measures in place demonstrates to your customers and business partners that you’ve taken the necessary precautions to protect their sensitive data from being leaked or sold to malicious actors. This means that the SOC framework gives you a competitive edge over your competitors who might not be SOC compliant.

This also puts your company on a pedestal against competitors who might have faced a cybersecurity incident in the past. You will be able to establish trust with their customers and business partners right away and reassure their concerns where your competitors might have failed.

These strong security measure put in place also will also protect your intellectual property and commercial trade secrets from being sold on the dark web, ensuring that your assets are protected from industrial espionage. This way, you will always remain a few steps ahead of your competitors.

 

4. Helps prevent financial losses

One of the remarkable benefits of SOC compliance is that it will enable your company to come up with clearly defined procedures and policies that govern key controls and processes surrounding your business operations. Such policies and procedures will help to avoid unnecessary fines that may result from privacy law breaches and non-compliance following a cybersecurity incident.

A strong management of your security will also limit the financial impact that a cyberattack could have on your company, by restricting its potential impact on your assets and operations. This will help you limit the resources spent on technical restoration, incident response and to recover any lost data or damaged infrastructure following any incident.

Limiting any potential impact of these incidents will also play a great part in keeping your reputation intact following an attack, this limiting any financial impact caused by customer turnovers. The reputational damage that result from a data breach cost American companies $4.13 million USD on average per breach in 2017, which is infinitely more expensive than complying with the SOC requirements.

 

Final thoughts

In the light of the four benefits raised above, it is quite evident that your company should consider SOC compliance. If you are a start-up, you may be tempted to delay its implementation, but you need to remember that cybercriminals are not sleeping. They are always looking for ways to exploit your company for their malicious purposes.

Starting early is good because it is easier to meet the requirements when your company still has few employees and few departments. If you wait until your company grows, the process will get much more complicated and expensive. Another advantage of starting early is that your company will grow in an environment with strengthened controls that will help make compliance assessments faster and easier to perform in future, no matter how big the company shall have grown.

Need help with SOC Compliance? Need to assess your security controls to meet the SOC requirements? Reach out to a specialist to learn how we can help.

The post 4 Benefits of SOC Compliance appeared first on Vumetric.

]]>
4 Tips to Prevent Ransomware Attacks https://www.vumetric.com/blog/tips-to-prevent-ransomware/ Tue, 19 Nov 2019 18:30:39 +0000 https://www.vumetric.com/?p=23370 Ransomware is a threat that has been growing significantly as of late, partly because many organizations end up paying up to recover their files, which incentivizes the criminals to attempt these kinds of attacks. Ransomware is a form of malware that encrypts your data, locks your access to any infected computer and demands a ransom, …

4 Tips to Prevent Ransomware Attacks Read More »

The post 4 Tips to Prevent Ransomware Attacks appeared first on Vumetric.

]]>
Ransomware is a threat that has been growing significantly as of late, partly because many organizations end up paying up to recover their files, which incentivizes the criminals to attempt these kinds of attacks.

Ransomware is a form of malware that encrypts your data, locks your access to any infected computer and demands a ransom, usually paid in bitcoin currency, which makes it hard for law enforcement to trace the attacker.

The majority of cybersecurity experts recommend not paying, but some companies and even local governments have found it to be the only way to recover from the attack. Smaller organizations face the most difficulties recovering from these incidents, with one example being the Wood Ranch Medical Clinic, who was forced to close permanently after a ransomware attack deleted all of their medical records and patient files. The best alternative is to protect yourself from these attacks and to take all the necessary measures to respond efficiently following a ransomware attack.

Here are four tips to prevent ransomware attacks:

1. Educate your employees

The easiest way for a hacker to infect your systems with ransomware is generally through social engineering attacks, which aims to take advantage of your employees with less technical abilities or knowledge. A recent study revealed that 93% of phishing emails conceals ransomware. While ransomware attacks are still performed through an exploitation of your technological vulnerabilities, phishing emails are usually the first vector of attack used by hackers to exploit these technical vulnerabilities. In most cases, these malicious emails contain infected attachments or links to malicious websites that will automatically download the ransomware to the user’s workstation. The malware will then look for any technical vulnerabilities to gain administrative privilege within your infrastructure, allowing it to spread across your network to encrypt your other devices.

Employees who routinely process external emails should be thoroughly trained to detect phishing emails and their level of awareness should be regularly assessed so they can be educated on the risks. This includes checking headers and email addresses for typos, checking for typos in the URLs of websites they visit, avoiding suspicious attachments, etc. Bear in mind that social engineering emails often look very sophisticated and may not be immediately distinguishable.

2. Segment network access

Furthermore, it is essential that you grant network access granularly to prevent the ransomware’s spread throughout your organization. Segmented networks restrict an employee’s access to the files, systems and functionalities they need for their everyday operations, limiting the potential impact of a ransomware attack and the time needed to recover from it. For instance, a user who occasionally requires administrative privilege to one of your systems could be granted temporary access when needed, rather than providing him with constant access. Remote access and external devices brought by your employees should also be segmented to prevent them from accessing your internal network. For example, providing your employees with a wireless network to connect their mobile devices that is segmented from the network used by your internal devices and workstations.

With properly segmented access, an attacker might only be able to encrypt a small percentage of your files and infrastructure, allowing you to carry on with your usual business operations with little to no impact. Your IT team will only have to restore the backups to that specific instance, requiring fewer resources and preventing interruptions of service for your company.

3. Keep systems up to date

In most cases, this type of malware will look for outdated software, operating systems and devices in search of known vulnerabilities within those obsolete versions. This means that a critical vulnerability previously fixed in a software’s security patch will become part of an attacker’s toolset, one of the vectors of attack they will look for to infect your system. These critical vulnerabilities are often used by hackers to gain administrative privilege within your system and infect any data and workstations they can access.

A recent strain of ransomware known as “WannaCry” leveraged obsolete software to infect hundreds of thousands of computers across 150 countries. These attacks caused some of the largest ransomware incidents in history, such as the NHS ransomware attack that caused disruption across all medical centers in the UK, delaying surgeries and patient care for nearly a week. This attack resulted in financial losses of around £92m for the NHS. This attack was a prime example of why you should always keep your operating systems and software up to date. It’s also important to note that you should always use trustworthy and reputed software to prevent these types of infections.

4. Manage backups properly

Lastly, the most efficient way to prevent ransomware from having any impact on your company is with proper management of your backup copies. Although backups can get expensive, they will pay off in the long term should you be faced with a ransomware attack.

Backups should be hosted externally, using unlimited copies services. These services create a backup every time a file is modified, rather than following a set schedule. This allows you to revert the compromised system to the precise point where it was infected while keeping your backups safe from hackers. Hosting backups internally can have dramatic consequences, similar to VFEmail who had their entire infrastructure, data and backups wiped out, hence why you should always count on an external backup service.

You should also keep multiple iterations of backups, so you don’t restore from a backup which contains the ransomware. With proper backup management, you can simply restore the system rather than paying the ransom, thus limiting any potential impact of ransomware on your operations.

In conclusion

Worried about the consequences ransomware might have on your company? Reach out to a specialist to assess and mitigate your risks of an infection. Vumetric can help you develop a strategy to protect your business from ransomware attacks. Contact a specialist today to find out how we can help.

 

The post 4 Tips to Prevent Ransomware Attacks appeared first on Vumetric.

]]>
What the recent changes to IIROC mean for Canadian investors https://www.vumetric.com/blog/recent-changes-iiroc-canadian-investors/ Tue, 19 Nov 2019 15:33:42 +0000 https://www.vumetric.com/?p=23303 With the rise in cybercrime in Canada, it should come as no surprise that the Investment Industry Regulatory Organization of Candada (IIROC) has beefed up requirements for the financial sector, around cybercrime. Concern over the threat of cybercrime led to Canadian financial institutions asking for stronger regulations to stay on top of potentially devastating cyber …

What the recent changes to IIROC mean for Canadian investors Read More »

The post What the recent changes to IIROC mean for Canadian investors appeared first on Vumetric.

]]>
With the rise in cybercrime in Canada, it should come as no surprise that the Investment Industry Regulatory Organization of Candada (IIROC) has beefed up requirements for the financial sector, around cybercrime.

Concern over the threat of cybercrime led to Canadian financial institutions asking for stronger regulations to stay on top of potentially devastating cyber crimes, last year. The latest statistics available, reveal that baking institutions (excluding investment banks) reported the highest level of incidents (47%), and that these types of businesses were “impacted by incidents to steal money or demand ransom payments in 2017.”

Additionally, over half – 60 percent – of organizations that report that “manipulation and theft of data would have a detrimental impact on their business.”

Thankfully, the IIROC has implemented stronger regulations that will help the financial sector to defend stakeholders against cybercrime. The organization has written amendments to their Dealer Member Rules that:

  • Require Dealers to report to IIROC any cybersecurity incidents within three days of discovery of the cybersecurity incident
  • Require Dealers to provide IIROC with an incident investigation report within 30 days of discovery of the cybersecurity incident
  • List the information Dealers must report.

In simple terms, these amendments broaden protection wider than the scope of the Privacy Information Protection and Electronic Documents Act. The main objectives of developing these amendments, according to the IIROC, are to:

  • Provide immediate support to a Dealer responding to a cybersecurity incident.
  • Alert other Dealers of threats and share best practices for incident preparedness.
  • Evaluate trends and develop comprehensive insight regarding cybersecurity.
  • Promote confidence in the Dealer and the integrity of the market

With cybercrime actually becoming an industry of it’s own, with “suppliers, markets, service providers (“cybercrime as a service”), financing, trading systems, and a proliferation of business models,” today’s information-sensitive industries must be preemptive in developing security measures that protect them and their investors.

What is an “incident”?

Public feedback about the new rules included several mentions of the definition of an “incident,” when it comes to cyber crime but the IIROC intentionally crafted a broad definition of an incident because, they say, different incidents can impact different organizations in different ways.

For these amendments, an “incident” is defined as any security breaches that:

  • Involve personal information and may be reportable under the reporting obligations of the Privacy Information Protection and Electronic Documents Act (PIPEDA)
  • Affect a Dealer’s ability to meet its obligations to its clients and capital market counterparties
  • Affect both individuals and non-individuals.

The three-day report

The IIROC’s requirement for a three-day report will allow them to promptly investigate and determine any new cyber threats to other organizations in the financial sector before they become victimized. Cyber crime evolves quickly so having the information on data breaches as quickly as possible, allows them to keep the financial sector informed.

The minimum requirements for the three-day report are:

  • A description of the cybersecurity incident
  • The date it was discovered and the date/time period during it occurred
  • A preliminary assessment of the incident, including the risk of harm to any person or impact on a Dealer’s operations
  • A description of immediate response steps a Dealer has taken
  • Contact information for an individual who can answer follow-up questions

If the Dealer has additional information, this, too, can be included in the report. This information is used to perform a “preliminary assessment” of the incident.

The 30-day report

This is a more detailed report that includes:

  • A description of the cause of the incident
  • Assessment of the scope of the incident
  • The steps a Dealer has taken to mitigate the risk of harm to persons and impact on a Dealer’s operations
  • The steps a Dealer took to remediate any harm to any person
  • Actions a Dealer has taken to improve its cybersecurity incident preparedness

The IIROC then “anonymizes” the information collected, so they can share findings and potential new threats with the public and other Dealers as quickly and effectively as possible.

How this change helps investors

According to a recent study, financial institutions take in the highest cost in damages from cybercrime at an average of $18.3m per company surveyed. And while web-based attacks such as malware or phishing are issues, people-based attacks and ransomware are increasing, resulting in an average global cost of $5.5 million USD ($7,265,225.00 CAD) for these institutions.

By collecting information on cybersecurity incidents quickly, IIROC is able to consolidate and assemble data to provide preemptive information that can protect organizations from evolving cybercrimes.

As businesses increasingly incorporate new technologies such as machine learning, AI, and automation, regulations will need to evolve as quickly as cybercrime does. With IIROC collecting the latest cybersecurity breaches and sharing the information with the public and other organizations, financial organizations can stay ahead of cybercriminals and defend themselves against losing valuable data and experiencing detrimental business disruption. Today’s organizations need to invest heavily in security measures that protect individuals, due to the rise in phishing, ransomware, and malicious insider attacks.

However, even with the best IT departments, financial institutions have hidden vulnerabilities they are unaware of. This is why organizations should make it a priority to have regular assessments to determine if they need to change or reinforce their cybersecurity. As things become more connected through IoT devices, web and mobile applications, cybercriminals can now gain access to sensitive information using complex exploitation techniques that were not anticipated during the implementation of these smart devices and applications.

In fact, 81% of business leaders believe that the rising use of technologies “introduces vulnerabilities faster than they can be secured,” meaning today’s organizations benefit from regular screening to ensure they are secure.

With the help of a penetration test, you can assess your company’s risks of a cybersecurity incident and get solutions to prevent them. Reach out to a certified cybersecurity specialist today to learn more.

About the IIROC

The IIROC is a self-regulatory organization that focuses on protecting investors by setting high-quality investment rules and standards for Canada’s financial sector. They oversee all of the activity of investment dealers in Canada’s debt and equity market with the goal of ensuring a safe and robust market for Canada’s investors.

The post What the recent changes to IIROC mean for Canadian investors appeared first on Vumetric.

]]>
Businesses will be victim of a ransomware attack every 14 seconds in 2019 https://www.vumetric.com/statistics/businesses-will-be-victim-of-a-ransomware-attack-every-14-seconds-in-2019/ Fri, 08 Nov 2019 19:25:43 +0000 https://wwwe.vumetric.com/?p=21860 Reference: Cybersecurity Ventures

The post Businesses will be victim of a ransomware attack every 14 seconds in 2019 appeared first on Vumetric.

]]>
Reference: Cybersecurity Ventures

The post Businesses will be victim of a ransomware attack every 14 seconds in 2019 appeared first on Vumetric.

]]>