Contact us at info@uzado.com

Trump Administration’s Cyber Security Strategy

Alix Postan

Donald-trump-pc-hacking-warning-emails-750618.jpg

On May 11th, President Trump finally signed an executive order for cybersecurity protocols. This new executive order updates the existing cyber security protocols and outlines the framework that will be enforced. The National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity, has always been preached by the Department of Homeland Security (DHS), and is now mandated that the DHS follow it as well.

Some highlights from the executive order:

  • Vulnerabilities that are not remediated, are considered to be the highest threat to the country’s cyber security;
  • Programs will have to be maintained with the most current software patches available and can only be used if the software provider continues to offer remediation tactics for that version.
  • Heads of executive departments and agencies (agency heads) will be held accountable for any and all risk management decisions. The agency heads are required to submit a risk management report to the DHS within 90 days of the order being published. In the report, the agency heads are required to explicitly outline: which risks they will be prioritizing for remediation, the necessary budget required, the remediation tactics they will use, and an explanation as to why they chose to prioritize those specific risks over others. The DHS and the Office of Management and Budget (OMB) will be reviewing each of these reports.
  • There will be a greater emphasis on cybersecurity education through specific curricula, training and apprenticeship programs from primary through higher education. This order recognizes the changing cyber environment and the United States’ need to maintain a long-term cybersecurity advantage

What does this mean for you?

As stated in Section 3(a) of the executive order, the purpose is to:

“ensure that the internet remains valuable for future generations, … to promote an open, interoperable, reliable, and secure internet that fosters efficiency, innovation, communication, and economic prosperity, while respecting privacy and guarding against disruption, fraud, and theft. Further, the United States seeks to support the growth and sustainment of a workforce that is skilled in cybersecurity and related fields as the foundation for achieving our objectives in cyberspace.”

This means that the government of the United States is finally taking the same action that is required for commercial businesses; since commercial businesses are required to follow specific frameworks and compliance standard, the government is now holding its agencies to the same level of accountability.

Moreover, the education section of the executive order shows the country’s investment in cyber security, and the prioritization of this field in the economy. Also, it demonstrates the country’s progressive laws and the need to stay current in this industry.

For more information about Remediation Management, download
our free guide on A Risk-Based Approach to Vulnerability RemediationA Risk-Based Approach  to Vulnerability Remediation

If you’re a commercial business owner and are looking for Remediation Management tools, click here.

Read More
Topics: Vulnerability Management, Compliance Management, Compliance, Remediating Risks

3 Ways to Improve Remediation Management

David Millier

What-Is-Remediation-Management-and-Why-Is-It-Important.jpg

It doesn’t matter how big or small your company is, you will never be completely safe from cybersecurity threats. This idea shouldn’t scare you. Total safety is a myth. No single method can protect you from all of the perils that every network faces. Still, you need to take the right steps to minimize the likelihood of a potentially catastrophic breach. 

Unfortunately, many companies fail to take these measures, and they suffer the consequences as a result. Cybercriminals usually attempt to exploit a system to access a proprietor’s valuable information. Once they find this data, they usually steal and/or delete it before ransoming it back to the victim for an inflated cost. This puts organizations’ clients at risk, and lest you think this is a rare occurrence, it happens all the time. Major brands like T-Mobile and VTech have faced data theft on a large scale. If the director of the CIA can be compromised, how safe do you think you are? 

Thankfully, you can still take steps to fortify your networks and preserve your data. Remediation management represents one of the most effective strategies in this regard. It helps you compensate for the weaknesses in basic cybersecurity practices and gives you greater control over your system’s maintenance. These three tips will help your organization defend itself against outside hazards.

  1. Follow up Thoroughly When You Scan

Imagine this: Your home security company calls you at work to tell you that your alarm is going off. They ask you whether they should investigate the problem. You tell them even though you believe the break in is a real threat, the alarm system itself should be enough to scare the intruders away, so an investigation isn’t necessary. Does this seem logical to you? 

If not, you’d probably be surprised to see how many companies fail to follow up on their scans. Many organizations will perform basic remediation efforts, but they only do so to live up to international security standards. Unfortunately, these regulations represent the bare minimum that an agency must do to protect itself. Their recommendations are often woefully inadequate for a standard network, so a company may still end up compromising its system if it only performs these actions. 

Your remediation management strategy should do more than the bare minimum. You need to perform scans more often than security standards suggest, and you must act on your results when you receive them. A scan means nothing if it leads to no new actions.

  1. Consider Your Context before You Remediate

Do you find it difficult to parse your vulnerability reports? You’re hardly the only person to face this problem. A scan will usually return thousands of results, all of which fall into overly broad categories. Still, you need to understand these results if you want to tangibly secure your network.

Remediation management uses a risk-based approach to organize these outcomes. It prioritizes assets based on information such as location, confidentiality, integrity, and more. When you consider these factors, you’ll be able to find your network’s most critical assets and give them the protection they need.

  1. Watch High-Risk Vulnerabilities Closely

Say you had a valuable Ming vase in your home. Would you rather set up a surveillance system to protect it or leave it unprotected? 

Your information may be as valuable as the Ming vase in this scenario, so you should protect it accordingly. If your scans reveal your assets to be particularly vulnerable, you need to start monitoring them. Even if you take steps to stabilize them, they may become insecure again later. So constant monitoring and vigilance is essential.

 Want to learn more about Remediation management?  Follow the link below:

 Learn More

Read More
Topics: Vulnerability Management, Remediating Risks

Around the World with WannaCry

Alix Postan

wannacry.png

Ransomware viruses have been on the rise since 2005, with the most recent virus called WannaCry – which hit 150 countries in a matter of hours on May 12th (Friday). Over 10,000 businesses and 200,000 individuals were affected by the virus and had their files held ransom for $300 in Bitcoin*.

So what happened?

There are two kinds of ransomware: crypto and locker based. Both forms of ransomware are released through emails, either in the form of contagious attachments or hyperlinks to fraudulent websites. Crypto-ransomware will encrypt files on the computer and will only be decrypted once the ransom is paid out; whereas locker-based ransomware will block access to the files until the ransom is paid.

Canada was fortunate enough to not be infected by this specific malware; however, that doesn’t mean that Canadians are out of the woods. According to Bennett Jones, out of 125 anonymous Canadian organizations, 72% had reported being the victim of a cyberattack within the previous year – where 35% were identified as ransomware attacks.

What now?                                    

While some of the ransomware attacks in Europe were able to be circumvented, several other forms of WannaCry have since been coded and released that supersede the flaws of the previous version. We strongly recommend that companies and individuals take a proactive approach to protecting their information. It’s critical to continuously run software updates (even if the software gets updates as often as Java sends updates), the newer versions of software have patches to existing vulnerabilities – making it more secure for you to use. On top of that, it’s important to routinely scan your systems to see what vulnerabilities might be exposing you to these types of malware and to fix them.

Check out our blog post on “Why Vulnerability Assessments Are Insufficient” for more information on securing your servers.

If you have any questions or are looking for cybersecurity solutions, contact Uzado and we will be happy to assist you in protecting your information.

A Risk-Based Approach  to Vulnerability Remediation

*Bitcoin is an electronic currency, as of March 15th, 2017, 1 Bitcoin was valued around CDN$2,380.00.

 

Read More
Topics: Vulnerability Management, Security, Remediating Risks, ransomware, viruses

What is HIPAA Compliance?

David Millier

HIPAA Compliance Healthcare Survey.jpgWith revisions to federal legislation around the security and storage of health information in the US, many businesses are aware that they need to ensure compliance with standards mandated in the Health Insurance Portability and Accountability Act (HIPAA). But that's left many with a big question: how do you become HIPAA compliant?

What Is HIPAA?

HIPAA is a federal legislation from 1996 that governs the security and storage of medical information in the United States. Health information is important, in some cases doctors need to share information with hospitals or other practitioners. This kind of information is also very sensitive, and the act is designed to keep patients and their medical records safe in the digital age.

What Does It Take to Be Compliant?

Businesses become HIPAA compliant when they follow the standards of practice set out in the law. With the passage of the Patient Protection and Affordable Care Act of 2010 and the subsequent rollout of changes to the US medical care program, there has been a renewed focus on HIPAA and its standards.

Any company that deals with protected health information must comply with HIPAA. To do so, the business must ensure that all required physical, network, and process security measures are in place and being followed.

Physical Security Measures

Perhaps the simplest part of being HIPAA compliant is ensuring that physical security measures are in place and followed. These requirements focus on physical access to information and the workstations they're accessible from. To be compliant, you'll need to implement workstation security. This includes policies and procedures for workstation use that identify the work to be done and how it is to be done at that station, as well as protocols around the disposal of media and equipment that may have stored health information on it. Procedures addressing how to remove information from reusable media are also required.

Network Security Measures

There are 5 requirements in HIPAA that address network and network access in order to provide more security for sensitive health information. To be HIPAA compliant, you must implement unique user identification to facilitate tracking, create an emergency access procedure, and implement audit controls to record and monitor systems and workstations that collect and store electronic health information. You must also have authentication processes in place to ensure that someone requesting access to health information is the person they claim to be.

Process Security Measures

These administrative measures are probably the most difficult to implement—and the most important. To be compliant with HIPAA, your organization must perform risk analysis and risk management to ensure it has the proper procedures in place. You must also designate HIPAA officers to monitor compliance. You must regularly audit and review use of workstations. Sanctions also need to be in place to discipline employees in breach of policy. If multiple organizations will have access to files or workstations, you need to ensure that only those who are authorized will have access to health information. You are also required to develop a contingency plan to protect sensitive health information in an emergency. You are required to evaluate your compliance and update it when necessary, and when you enter into an agreement with another business, you are responsible for ensuring that they will operate in compliance with HIPAA.

Addressable Measures

In addition to the required measures, there are also a number of items that HIPAA considers "addressable." While businesses aren't required to implement these measures to be HIPAA compliant, these additional measures provide added security for sensitive health information. These measures range from having a facility security plan to protecting your systems against malware. These items should be addressed by businesses dealing with health information—not just to be compliant with the law—but to provide more security for patients and clients.

Want to know how Uzado can help with HIPAA Compliance? Click below to request a demo:

 Request A Demo

Read More
Topics: Compliance Management, HIPAA Compliance, Security, Remediating Risks