Search
Close this search box.
Categories
Data Protection

Cyber Attacks on Your Business: The Critical Role of CISOs

Today, cybersecurity and the protection through handling of personal data are increasingly strategic issues and protection against cyberattacks in your company should be the focus, especially for CISOs.

Cyber-attacks are becoming frequent and, in practice, can seriously damage a company’s reputation or cause financial losses.

The Global Study “
Cybersecurity Solutions for a World with More Risks
” conducted by Thought Lab and co-sponsored by Elastic, found that Brazil was the country whose companies suffered the highest number of security incidents, with associated damage, in the last two years.

And it is not only large companies that are at risk. Small businesses are equally vulnerable and may be even more susceptible to attacks because they do not have the same resources to invest in security measures.

So what can you do to protect your business? Here are four key areas that CISOs in Brazilian companies should focus on.

CISOs are strategic against cyber attacks in your company

CISOs are responsible for the security of an organization’s information. In the past, their role was mainly reactive, focused on responding to attacks after they had already occurred.

However, as awareness of the importance of data security has grown, the role of CISOs has become critical.

Today, faced with the challenge against cyber attacks in their company, CISOs are responsible for developing and implementing security plans that proactively protect against threats.

They work closely with other executive leaders to ensure that data security is integrated into all aspects of the business.

As a result, CISOs play a key role in protecting an organization’s most valuable asset: its data.

Priorities for CISOs to protect against cyber attacks in their enterprise

1. Adopt state-of-the-art SIEM

Any business that depends on technology to stay competitive needs to adopt a state-of-the-art SIEM solution. That is the only way to keep up with the changing landscape of cyber threats.

The most common way for attackers to gain access to corporate networks is through compromised user credentials.

In Brazil, 35% of organizations want to improve or replace their SIEM, according to research done by Thought Lab. The survey points out that SIEM will be one of the main areas of investment in cybersecurity in the coming years.

Associated with security policy, with a state-of-the-art SIEM solution, companies can detect and prevent attacks that exploit vulnerabilities in software or devices. They can also monitor employee activity to prevent data breaches.

In addition, SIEM solutions can provide valuable information about network performance and help companies comply with regulations.

2. Plan the transition to the cloud prioritizing security

The cloud offers a number of advantages for organizations, such as agility, economy, and flexibility. However, migrating systems to the cloud can also bring security risks.

And, therefore, an important point to consider in your company’s initiatives against cyber attacks, along with privacy and security policy initiatives

Also according to a study done by Thought Lab the main root causes of cyber attacks on your company are:

  • Wrong settings (57%);
  • Poor maintenance (37%);
  • Human errors (35%) ;
  • Unknown assets (27%).

Clear risks in a context in which companies adopt cloud solutions and services aimed at business growth.

Therefore, it is critical that CISOs plan the transition to the cloud carefully, prioritizing data security. One way to ensure data protection is to use the services of a reliable infrastructure company.

With a well-designed and executed plan, enterprises can have peace of mind to take full advantage of the cloud.

3. Develop an IT architecture integrated with the latest technologies

As anyone in business knows, information technology is essential for companies of all sizes. IT helps companies operate more efficiently and connect with customers and partners.

However, Technology can also be a complex and ever-changing scenario. To keep up with the latest technology trends, companies need to develop an integrated IT architecture.

This means, in the challenge of fighting cyber attacks in your company, having a system that can easily adapt to new technologies as they arise.

By doing this, enterprise CISOs can ensure that they are always using the most up-to-date IT tools and applications.

In today’s competitive business environment, an integrated IT architecture is essential for success.

4. Prioritize security with a focus on data protection

Security should be a priority for all business owners, especially those who deal with sensitive data. Customer data is valuable and must be protected at all costs against possible cyber attacks on your company.

Unfortunately, many companies do not pay enough attention to security and end up falling victim to cybercriminals through different types of attacks.

Only 24% of Brazilian organizations use advanced techniques to detect threats, and 47% of them claim not to have detection processes properly implemented.

This can lead to the loss of important data as well as diminished customer confidence. Therefore, it is crucial that company CISOs invest in security and always be on the lookout for possible threats.

The protection of customer data is a responsibility that cannot be ignored.

5. Promote an information security culture in the company

Promoting a culture of information security within a company is essential to protect data and minimize the risk of a breach.

Employees should be trained on proper data handling procedures and informed of the potentially serious consequences of a breach.

Robust security policies and procedures should be implemented and reviewed regularly. By taking these steps, enterprise CISOs can help create a culture of information security and reduce the risk of a costly data breach.

With the growing number of threats to information security, Brazilian companies can no longer ignore the problem of Information Security.

It’s time to act now to protect against cyber attacks in your company

CISOs: Cybersecurity with real-time data protection and secure encryption

In response to cyber attacks on your company, CipherTrust emerges as an effective and robust solution to ensure cyber security.

With an approach that integrates real-time data protection and secure encryption, CipherTrust provides a reliable line of defense against threats such as ransomware attacks.

A distinctive feature of the CipherTrust solution is its ability to secure and control access to a variety of data assets, including databases, files, and containers.

In addition, no matter where your data assets are located – whether they are in cloud, virtual, big data, or physical environments – CipherTrust can provide consistent and reliable protection against cyber attacks across your enterprise

Additionally, CipherTrust offers the ability to anonymize your sensitive assets.

This is critical for the protection of your company’s data, as it ensures that even in the event of a data breach, sensitive assets remain secure and inaccessible.

This helps prevent future problems with data leaks and strengthens your company’s overall security posture.

In summary, CipherTrust is a comprehensive and effective security solution, providing peace of mind for businesses facing the growing threat of cyber attacks.

The solution serves as a crucial layer of defense, allowing companies to focus on their core operations, knowing that their information is secure.

Professional Services has a team of specialized professionals with the best practices in the market

Benefit from our many years of experience and expertise in information security and LGPD compliance.

With Professional Services we will be your partner for carrying out digitization projects in compliance with security regulations and personal information protection.

We share our expertise across all business flows to help you minimize risk, maximize performance, and ensure the data protection your customers expect.

About Eval

With a track record of leadership and innovation dating back to 2004, Eval not only keeps up with technological trends, but we are also in an incessant quest to bring news by offering solutions and services that make a difference to people’s lives.

With market recognized value, Eval’s solutions and services meet the highest regulatory standards for public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Written by Arnaldo Miranda, Evaldo. Ai, reviewed by Marcelo Tiziano and designed by Caio.

Categories
Data Protection

How to prevent cyber attacks: Key ways to protect yourself

While cyber attacks and threats are an ongoing struggle and a major challenge for businesses , they can be avoided by knowing the various types of protocols, exploits, tools, and resources used by cybercriminals. In addition, knowing where and how to expect attacks ensures that you create preventive measures to protect your systems.

Basically, cyber attacks are executed with malicious intent, when a cybercriminal tries to exploit a vulnerability in an organization’s system or individuals. These attacks threaten to steal, alter, destroy, disable, gain access to, or make use of an unauthorized asset.

In practice, cyber attacks, threats, and vandalism are a dangerous and growing problem for companies.

Almost every modern organization requires at least one computer network and the assets that make up its connectivity structure, such as switches, access points, and routers, to operate in its IT infrastructure. Besides this, we have as computational structure servers, desktops, laptops, printers, and other mobile devices that complete a technological architecture.

Unfortunately, while these devices and applications offer a great benefit to the enterprise, they can also pose a risk. All it takes is inefficient asset management or an employee clicking on a malicious link, and then cybercriminals gain access to your network and infect your systems.

But this risk can be reduced.

How to prevent cyber attacks?

Preventing a breach of your network and systems requires protection against a variety of cyber attacks. For each attack, the appropriate countermeasure must be deployed/used to prevent it from exploiting a vulnerability or weakness.

The first line of defense for any organization is to assess and implement security controls.

1. Break the pattern of cyberattack

Preventing, detecting or stopping the cyber attack at the earliest opportunity limits the impact on business and the potential for reputational damage.

Even though it is usually the more motivated attackers who have the persistence to carry out multi-stage attacks, they often do this using common, cheaper, and easier-to-use tools and techniques.

Therefore, implement security controls and processes that can mitigate attacks, making your company a difficult target.

Likewise, take a defense-in-depth approach to mitigate risk across the full range of potential cyber attacks, giving your company more resilience to deal with attacks that use more customized tools and techniques.

Como o Ransomware utiliza Protocolos de Acesso Remoto (RDP) Desprotegidos

2. Reduce your exposure by using critical security controls against cyber attack

Fortunately, there are effective and affordable ways to reduce your organization’s exposure to the most common types of cyber attack on Internet-exposed systems.

  • Boundary firewalls and Internet gateways – establish network perimeter defenses, particularly Web proxying, Web filtering, content scanning, and firewall policies to detect and block executable downloads, block access to known malicious domains, and prevent users’ computers from communicating directly with the Internet;
  • Malware protection – establish and maintain malware defenses to detect and respond to known cyber attack code;
  • Patch management – fixes known vulnerabilities with the latest software version to prevent attacks that exploit software bugs;
  • Allow list and run control – prevents unknown software from being run or installed, including AutoRun on USB and CD drives;
  • Secure configuration – restrict the functionality of each device, operating system, and application to the minimum necessary for business operation;
  • Password policy – make sure that an appropriate password policy is in place and followed;
  • User access control – includes limiting the execution permissions of normal users and enforcing the principle of least privilege.

3. Attenuate the ‘research’ stage

Any information published for open consumption should be systematically filtered before being released to ensure that anything of value to an attacker (such as software and configuration details, names/jobs/titles of individuals, and any hidden data) is removed.

Training, education, and user awareness are important. All your users must understand how published information about your systems and operation can reveal potential vulnerabilities.

They need to be aware of the risks of discussing work-related topics on social media and the potential to be targeted by cyber attack and phishing attacks. They must also understand the risks to the business of releasing confidential information in general conversations, unsolicited phone calls, and e-mail recipients.

4. Reduce the ‘delivery’ stage

The delivery options available to an attacker can be significantly reduced by applying and maintaining a small number of security controls, which are even more effective when applied in combination:

  • Up-to-date malware protection can block malicious e-mails and prevent malware from being downloaded from websites;
  • Firewalls and proxy servers can block unsafe or unnecessary services and can also keep a list of known bad sites. Similarly, subscribing to a site reputation service to generate a list of denied sites can also provide additional protection;
  • A technically enforced password policy will prevent users from selecting easily guessed passwords and lock accounts after a specified number of unsuccessful attempts. Additional authentication measures for access to particularly confidential corporate or personal information should also be in place;
  • Secure configuration limits system functionality to the minimum necessary for business operation and should be applied systematically to all devices used to conduct business.

5. Minimize the ‘breach’ stage of the cyber attack

As with the delivery stage, the ability to successfully exploit known vulnerabilities can be effectively mitigated with just a few controls, which are best deployed together.

  • All malware depends on known and predominantly patched software flaws. Effective vulnerability patch management ensures that patches are applied at the earliest opportunity, limiting the time your organization is exposed to known software vulnerabilities;

  • Malware protection at the Internet gateway can detect known malicious code in an imported item, such as an e-mail. These measures should be complemented by malware protection at key points in the internal network and on users’ computers, where available;
  • Well implemented and maintained user access controls will restrict the applications, privileges, and data that users can access. The secure setup can remove unnecessary software and default user accounts. It can also ensure that default passwords are changed and that all automatic features that can activate malware immediately (such as AutoRun for media drives) are disabled;

  • Training, education and user awareness are extremely valuable in reducing the likelihood of successful ‘social engineering’. However, with the pressures of work and the sheer volume of communications, you cannot rely on this as a control to mitigate even a cyber attack;
  • Finally, the key to detecting a breach is the ability to monitor all network activity and analyze it to identify any malicious or unusual activity.

If all measures for the research, delivery and breach stages are consistently in place, most cyber attacks can be prevented.

However, if the cybercriminal is able to use tailored features, you should assume that they will bypass them and get into your systems. Ideally, companies should have a good understanding of what constitutes ‘normal’ activity on their network, and effective security monitoring should be able to identify any unusual activity.

Once a technically capable and motivated attacker has full access to your systems, it can be much more difficult to detect their actions and eradicate their presence. This is where a complete defense-in-depth strategy can be beneficial.

The CipherTrust Data Security Platform solution allows companies to protect their structure against cyber attacks

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious cyber attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection against cyber attacks

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance against cyber attack

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication, and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Law (LGPD)among other compliance requirements.

Optimizes team and resource efficiency against cyber attacks

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Cyber security threats: risks that businesses must be prepared for

Cyber security threats continue to be a major challenge for individuals and businesses around the world. Cybercrime, costs globally more than $6 trillion annually, according to
Annual Cybercrime Report 2020
.

To put this in perspective, if cybercrime were a country, it would be the third largest global economy after the US and China.

Since the pandemic in early 2020, many cybercriminals have changed the way they operate. This is because the change in working practices, such as the home office, presented many security vulnerabilities that these criminals quickly exploited.

In 2022, the cybersecurity threat landscape will continue to evolve as many companies return to pre-pandemic working practices, while still maintaining some of the flexible working arrangements they adopted in 2020.

This highlights the importance of understanding what the main cybersecurity risks of 2022 will be and what your company can do to mitigate these risks.

Cyber security threats will continue to increase in 2022 if robust measures are not taken

According to Gartner, organizations that adopt a cybersecurity architecture can reduce the financial impact of security incidents by an average of 90%.

The top 5 types of cybersecurity threats that everyone should consider and be aware of in 2022 are listed below:

1. Ransomware

According to Cybersecurity Ventures, the cost of cybercrime from ransomware attacks is expected to reach $265 billion by 2031.

The report predicts that there will be a new attack every 2 seconds as cybercriminals progressively refine their malware payloads and related extortion activities.

In this type of cybercrime, the victim’s computer is locked, usually by encryption, preventing them from using the device and everything stored on it.

To regain access to the device, the victim needs to pay a ransom, usually in the form of virtual currency.

There are different types of transmission of such threats. However, most of the time, ransomware spreads via malicious email attachments, infected software applications, compromised websites or infected external storage.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

2. Internal threats

This is one of the most common types of cybersecurity threats. It usually occurs when employees, intentionally or unintentionally, misuse authorized access in a way that negatively affects the organization’s system.

In most of these cybercrime cases, it is due to non-compliance with the organization’s policies and procedures. As such, they are prone to emailing customer data to third parties or sharing their login information with others.

These types of attacks would bypass cybersecurity protocols to delete, sell or steal data. This can disrupt operations and cause major damage to data.

3. Phishing attacks

Phishing attacks are one of the most prevalent cybersecurity threats in today’s business environment.

According to Verizon’s 2021 Data Breach Investigations Report (DBIR), phishing is the top “variety of action” seen in breaches in 2020, with 43% of breaches involving phishing and/or pretexting.

Phishing aims to trick users into compromising important and confidential information. Typically, attackers use fake emails that look trustworthy or from legitimate sources.

The main idea is to make users perform some actions (e.g. clicking on a link or opening email attachments) that allow attackers to install malware on their devices.

4. Attacks in the cloud

The cloud has become a critical part of our everyday life. However, we should be aware that not all cloud services provide secure authentication and encryption.

Incorrect configuration can cause cybercrime, including intrusions, network vulnerabilities and data leaks.

According to IBM, more than half of the breaches threats to cybersecurity in the cloud are caused by simple issues. While, two-thirds of cloud security incidents can be prevented by checking configurations.

5. Malvertising attacks

Malicious advertising, also known as malvertising, is an emerging new form of cybercrime.

Through this technique, cybercriminals inject malicious code into digital ads that redirect users to malicious websites or install malware on their devices.

It is very difficult to be identified by internet users and editors. Thus, they are usually served to consumers through legitimate advertising networks. Any advertisement displayed on websites may present a risk of infection.

Even some world-renowned companies have inadvertently displayed malicious ads on their websites.

More cyber attacks related to COVID-19

Cybercriminals quickly exploited the pandemic, using it as a pretext for phishing emails, fake apps and interesting links to malicious websites.

As 2022 progresses, there are likely to be more COVID-19 related developments around the world, new variants, vaccine news and booster dose offers for example.

Cybercriminals are eager to exploit these developments to continue tricking company employees into downloading malicious software or providing sensitive information that can be used for cybercrime.

CipherTrust enables businesses to protect their structure against cybersecurity threats

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases, so that compliance and cybersecurity issues are alleviated when sharing a database of information with a third party for analysis, testing or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data cybersecurity, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen cybersecurity and compliance

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Law (LGPD), among other compliance requirements.

Optimizes team and resource efficiency

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval safety is value.

Categories
Data Protection

Fighting cyber attacks: the importance of prevention

Throughout 2021, individuals, businesses and governments have all been concerned about combating cyber attacks.

Keeping our data safe in a world where everything is on the Internet, from travel diaries to credit card information, data protection has become one of the most pressing challenges of cybersecurity.

Ransomware, phishing attacks, malware attacks, and other cybersecurity threats are some examples. No wonder that one of the fastest growing areas in IT is combating cyber attacks.

The need for data protection is increasingly recognized by organizations.

Companies, in particular, are paying more attention, as data breaches cause great damage every year and expose large amounts of personal information.

The fight against cyber attacks is increasing as society is increasingly connected

Although many of the attacks that occurred in 2021 were caused by the increased use of the Internet as a result of the pandemic of coronaviruses and blockades, the threat to businesses remains significant.

With the cost of combating global cyberattacks estimated to reach $10.5 trillion by 2025, according to
Cybersecurity Ventures
a specialist cybercrime magazine, the threats posed by cybercriminals will only increase as organizations become more reliant on the internet and technology.

Ransomware cases increased in 2021 by about 62% from 2019, and it is considered the top threat this year. In fact, cyber threats are becoming more sophisticated during these times and are much more difficult to detect.

The nature of all attacks are much more dangerous than a simple theft. So let’s dig a little deeper into this discussion by showing the top cyber attack cases occurring in 2021.

The Colonial Pipeline

If we are going to talk about cyber attacks occurring in 2021, then Colonial Pipeline should be on the list.

Considered the largest fuel pipeline in the United States, it experienced a cyber attack in May 2021, disrupting fuel distribution in 12 states for a few days. The company had to pay $4.5 million as ransom to resolve the situation.

Florida’s supply system

A cybercriminal tried to poison the water supply in Florida and managed to increase the amount of sodium hydroxide to a potentially dangerous level.

The cyber attacks occurred by hacking into the IT systems of the Oldsmar city water treatment plant, briefly increasing the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. This scenario is an example of how an invasion of critical infrastructure at any level puts residents’ lives at risk.

Microsoft Exchange

A massive cyber attack has affected millions of Microsoft customers worldwide, in which cybercriminals actively exploited four Zero Day vulnerabilities in Microsoft’s Exchange Server solution.

At least nine government agencies, as well as more than 60,000 private companies in the United States alone, are believed to have been affected by the attack.

Aircraft Manufacturer Bombardier

A popular Canadian aircraft manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of confidential data of suppliers, customers, and about 130 employees located in Costa Rica.

The investigation revealed that an unauthorized party gained access to the data by exploiting a vulnerability in a third-party file transfer application.

Acer Computers

World-renowned computer giant Acer suffered a ransomware attack, being asked to pay a ransom of $50 million, which made the record for the largest ransom known to date.

A cybercriminal group called Revil is believed to be responsible for the attack. The digital criminals also announced the breach on their website and leaked some images of the stolen data.

In Brazil it was no different in terms of the intensity of attacks and cybercrime

In a survey conducted by digital security company Avast, cybercriminals continue to take advantage of the Covide-19 pandemic by exploiting people’s habits created during the lockdown period to spread scams.

Following the global trend, ransomware attacks, cryptocurrency malware, and other scams were prevalent in Brazil.

For mobile devices, adware and fleeceware are among the top threats. According to Avast, the growth of ransomware attacks in Brazil was stronger than the global average.

Combating cyber attacks is already a major concern for most Brazilian companies today, as many of these attacks occurred only in 2021, such as the one that occurred at Lojas Renner, which completely paralyzed the system.

We still had the case of the Fleury group, which was unable to perform tests for several days, and JBS, which was forced to pay US$ 11 million in ransom for the hacker attack on its operation in the United States, all these situations put the issue even more in evidence in Brazil.

Organs and companies linked to the Brazilian government have also been targeted by cybercriminals. Social Security, the Ministry of Labor, the Federal Public Ministry, Petrobras, among other organizations have also suffered attacks.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

Already in 2021, the LGPD offered an opportunity for companies to rethink how they fight cybercrime.

The General Data Protection Law (LGPD) went into effect in September 2020. The overall goal of the new legislation is to establish a regulatory framework for the protection of personal data, making it easier for all Brazilian citizens to understand how their data is used and, if necessary, to file a complaint about its processing.

The goal of the LGPD can be summarized in three key points:

  • Strengthening the rights of individuals;
  • Train the actors involved in data processing;
  • Increase the credibility of regulation through cooperation between data protection authorities.

If there is one thing that the LGPD achieved during the year 2021, it was to raise awareness about data protection and privacy issues. In practice, companies cannot sweep incidents under the rug because of the risk of revenue-based fines.

The data protection law has also given companies more visibility into the data they are collecting. The basic principle of the LGPD is that companies know what data they have and ensure that they are processing it correctly and securely.

LGPD compliant companies now have the basic elements they need to build a good information security program because if you don’t know what you have, you don’t know what to protect.

The Data Protection and Privacy Act has also changed the financial equation for organizations when it comes to privacy risk. This has encouraged companies to think holistically about risks and invest in improving privacy controls and governance.

Invest in 2022 and beyond. CipherTrust solution enables the fight against digital crime

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

CipherTrust’s solution designs data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security against cyber attacks, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform offers a wide range of proven, market-leading products and solutions to ensure the fight against cyber attacks.

These products can be deployed in data centers or at cloud service providers (CSPs) or managed service providers (MSPs). In addition, you can also count on the cloud-based service managed by Thales, a leading company in the security industry.

Portfolio of tool to ensure cybercrime is tackled

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance

CipherTrust designs its data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

In addition, these products are also compliant with the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency against security incidents

CipherTrust Data Security Platform is the industry leader and provides extensive support for data security use cases.

With products designed to work together, a single thread for global support, and a proven track record of protecting against evolving threats, this platform also boasts the industry’s largest ecosystem of data security partnerships.

The CipherTrust Data Security Platform solution was developed with a focus on ease of use, with APIs for automation and responsive management.

With this solution, your teams can quickly implement, secure, and monitor the protection of your business against cyber attacks.

In addition, professional services and partners are available to assist in implementation and staff training, ensuring fast and reliable implementations.

In this way, it is possible to reduce the time required from your staff for these activities.

Reduces total cost of ownership

The CipherTrust Data Security Platform offers a broad set of data security products and solutions for protection against cyber attacks.

This portfolio can be easily scaled, expanded for new use cases, and has a proven track record of protecting both new and traditional technologies.

With the CipherTrust Data Security Platform, companies can prepare their investments to combat cyberattacks while reducing operational costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Cyberattack on financial institutions, a real risk

Banks, fintechs and other companies in the financial sector have been one of the main targets of cyber attacks on financial institutions due to the abundance of confidential information contained in customer files.

Especially as more and more people transition to online banking and seek alternative, contactless ways to pay during the pandemic.

Now, a new wave of financial solutions, such as Pix and Open Banking, is emerging to make real-time transactions easier for customers, but further expanding the threat landscape.

Along with growing threats, financial institutions must also meet regulatory compliance requirements, such as the General Data Protection Act (LGPD), or regulatory fines and sanctions will apply, further amplifying the risks of major losses to businesses connected to the segment.

According to a study by the Boston Consulting Group, financial services firms are 300 times more likely than other companies to be targets of cyber attacks, including phishing, ransomware and other malware attacks, and even insider threats.

Financial institutions must take a more proactive approach to cyber attacks or risk devastating data breaches

Cybercriminals have different motives when carrying out cyberattack on financial institutions, but in the case of cybercriminals, their goal is financial gain.

Financial institutions have a wealth of personal and financial information, ready for monetization if breached, including cryptocurrency wallets and the transfer of money via Pix.

Like other attack methods, cybercriminals work to compromise account credentials through phishing. All it takes is for an employee to reuse account credentials, such as passwords, and attackers have everything they need to cyberattack financial institutions and wreak havoc.

Ransomware is a type of malware that encrypts confidential files or locks companies out of their systems. The only way to unlock it is with a mathematical key that only the attacker knows, which you will receive after paying a ransom.

In the financial segment, ransomware is one of the most common cyber attacks. In 2017 alone, 90% of financial institutions were hit by a ransomware attack. In 2020, the world’s third largest Fintech company, Finastra, was targeted.

So why is ransomware so effective for cybercriminals? Because, most of the time, it is much faster and cheaper to pay the ransom than to suffer downtime.

Dealing with Cyber Attack Risks: Detecting and Managing Threats

In practice, banks, Fintechs, and other financial institutions can follow good security practices to ensure that their organization is protected while continuing to adhere to regulatory compliance.

Implementing continuous monitoring and threat detection capabilities is the first step in closing the glaring security gaps that many banks and financial institutions are facing.

In fact, ransomware attacks are usually not a one-time event. In fact, this can happen several times in the same company.

Regardless of whether an organization has experienced an incident or not, it is important to monitor the full range of networks and applications across the IT landscape on an ongoing basis, rather than periodic assessments.

With this kind of constant visibility, companies know whether they are compromised or secure.

It is increasingly important for banks and fintechs to build a solid foundation by adopting security technologies and processes that leverage their ability to detect cyberattack on financial institutions as early as possible.

There are a number of ways in which these technologies can help institutions protect themselves, including providing important context for anomalous behavior, flagging known indicators of compromise, and accelerating threat detection and response.

However, detection alone does not prevent cybercriminals from attacking.

After suspicious activities that may indicate early stages of an attack are detected, it is important that companies have controls in place to stop future activities and an incident response plan to mitigate the attack.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

Encryption and data integrity are also part of the protection strategy against cyber attacks

People will use any financial application based on the trust that their data is safe in their hands, which is why data breaches via Ransomware are so damaging to the reputation of banks and Fintechs.

Besides establishing trust, encryption is also one of the easiest ways to comply with most government regulations. In fact, many control agencies even require it.

For example, in addition to LGPD, the Payment Card Industry Data Security Standards (PCI DSS) require companies to encrypt credit card information before storing it in their database.

Encrypting data is crucial.

However, encrypting data only during storage is not enough. Unless you have no plans to move your data, encrypting it during transport is equally crucial.

This is because cybercriminals can spy on the application server connections and intercept any data sent.

Backup and disaster recovery as the most efficient way to decrease downtime for financial institutions

Planning for potential outages can reduce the impacts to banks, Fintechs, and other financial institutions not only valuable time, but also significant amounts of money in terms of lost revenue, credibility, and recovery services.

A recent report by Sophos, “
State of Ransomware 2021
“, showed that the average total cost of recovering from a ransomware attack could be as high as $2 million.

Creating a plan against cyberattack on financial institutions before disaster strikes also puts organizations in a better position to avoid paying ransoms due to the ability to resume operations.

A solid disaster recovery capability can limit the impact of cyber attacks to a minor disruption, rather than a company-ending event.

CipherTrust Data Security Platform Enables Protection Against Cyberattacks on Financial Institutions

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To address the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers from cyber attacks. Specific technologies include:

CipherTrust Transparent Encryption

Encrypts data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious cyber attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection against cybercrime

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance against cyber attacks

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Categories
Data Protection

Security Policies: Successful in only 41% of Companies

While cyber attacks and threats are an ongoing struggle, they can be avoided by being aware of security policies, the various types of protocols, exploits, tools and resources used by malicious people.

In addition, knowing where and how to expect attacks ensures that you are putting preventative measures in place to protect your systems.

Cyber attacks, threats and vandalism are a dangerous and growing problem for businesses. Almost every modern business requires a network of computers, servers, printers, switches, access points and routers to operate.

The primary objective of any IT security policy is to comply with all current legislation and other security requirements in order to protect the integrity of its members and the corporate data that resides in the company’s technology infrastructure.

But this challenge is still for the few. This is shown by the study carried out by the Ponto BR Information and Coordination Center (NIC.br), where 41% of Brazilian companies have security policies against cyber attacks that are well established.

Implementing these policies is considered a best practice when developing and maintaining a cybersecurity program. As more companies develop digital programs, effective security policies are needed to effectively combat cyber attacks.

What is a security policy and why is it important in combating cyber attacks?

Basically, a security policy is a set of standardized practices and procedures designed to protect a company’s network from threats.

Typically, the first part of the cybersecurity policy focuses on the overall security expectations, roles and responsibilities in the organization. The second part may include sections for various areas of cybersecurity, such as guidelines for antivirus software or the use of cloud applications.

By default, the CISO leads the development and updates of a security policy. However, CISOs must also work with executives from other departments to create updated policies collaboratively.

Teams should start with a cybersecurity risk assessment to identify the organization’s vulnerabilities and areas of concern that are susceptible against cyberattacks and data breaches.

It is important to understand the organization’s tolerance for various security risks, highlighting concerns classified as low risk and those that threaten the survival of the organization. Staff should then consider the regulatory requirements they must meet to maintain compliance.

CISOs can then determine what level of security should be implemented for the identified security gaps and areas of concern. Remember that CISOs must match the level of protection required with the organization’s risk tolerance.

By doing so, the organization ensures that the areas with the lowest risk tolerance get the highest level of security.

Thales 2021 Data Threat Report

What are the information security issues that cyber security policies should address against cyber attacks?

If your organization does not have an information security policy for any area of concern, security in that area is probably at risk: disorganized, fragmented and ineffective.

The issues that security policies must address differ between organizations, but some of the most important include:

Physical security

How is security handled in data centers, server rooms and terminals in company offices and elsewhere?

Physical security policies serve a wide range of purposes, including access management, monitoring and identification of secure areas.

Data retention

What data does the company collect and process? Where, how and for how long should it be stored?

Data retention policies affect several areas, including security, privacy and compliance.

Data encryption

How does the organization handle secure storage and transmission of data?

In addition to encryption objectives, data encryption policies may also discuss objectives and rules around key management and authentication.

Access control

Who can access sensitive data and what systems should be in place to ensure that sensitive data is identified and protected from unauthorized access?

Safety training

Safety depends as much on people as on technology and systems.

Human error contributes to many security breaches that could have been prevented if employees and executives received sufficient training.

Risk management

Information security risk management policies focus on risk assessment methodologies, the organization’s tolerance for risks across various systems, and who is responsible for threat management.

Business continuity

How will your organization react during a security incident that threatens critical business processes and assets?

Security and business continuity interact in many ways: security threats can quickly become business continuity risks, the processes and infrastructure that companies use to maintain the course of business must be designed with protection in mind.

We have covered just a few key points of security policies relevant to companies in many different sectors.

But every organization differs, and the content of policies must be tailored to the unique circumstances of your business, and must evolve as circumstances change.

Commitment to key protection and compliance requirements

Eval and THALES can help you develop your company’s security policies, meeting key protection and compliance requirements.

Companies should prioritize data risks by creating a classification policy based on data sensitivity.

Policies should be developed and implemented that determine what types of information are confidential and what methods, such as encryption, should be used to protect that information.

In addition, companies should monitor the transmission of information to ensure that policies are complied with and effective.

Fortunately, new technology solutions can help companies gain full visibility of their sensitive data and strengthen their compliance with protection requirements, such as the General Data Protection Law (GDPR).

The CipherTrust data security platform enables organizations to discover their sensitive information, assess the risk associated with that data, and then define and enforce security policies.

As well as making it easier to comply with data protection law at any time, your business can save money while gaining the trust of your customers and partners.

Your business achieving compliance with help from Eval

A strong information security policy is the glue that binds all security controls and compliance requirements together and is the document that describes the protection and privacy strategy across the organization.

At the same time, it can be a great accountability tool when it comes to consumer trust. To be effective, a security policy must be accepted by the entire company to effectively manage and update the security controls needed in a world of ever-changing cyber risk.

If managed well and followed accordingly, policy management is the foundation for achieving compliance with the GDPR or any other future privacy regulation.

By applying frameworks like LGPD, greater control is given back to people/consumers. This extra control goes a long way to increasing the level of trust people feel towards companies. And in turn, it can increase revenues and profits.

The LGPD requirements are much more than a checklist and if your organization processes the personal data of data subjects here in Brazil, you should take the time to explore the security controls you have in place to support the requirements of the privacy law and ensure that personal information is protected and processed appropriately.

Organizations should be transparent with their customers about their legal bases for data collection and should offer them control over whether or not they want to share their data with others.

Then, organizations must follow through and ensure that they only use the data they collect for the purposes initially described, always within the limits of the consent provided by their customers, and make sure they respect all their rights granted to them under the new legislation.

To learn more about the CipherTrust Data Security Platform, contact Eval’s experts now.

Thales 2021 Data Threat Report

About Eval

Eval has been developing projects in the financial, health, education, and industry segments for over 18 years. Since 2004, we have offered solutions for Authentication, Electronic and Digital Signature, and Data Protection. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With market recognized value, Eval’s solutions and services meet the highest regulatory standards for public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.