| |
|
|
|
|
|
|
|
|
|
|
Dear Cyber Pulse Readers,
April marks the commencement of a new financial year, signifying a period of heightened activity for organizations globally. Amidst the busy strategic planning discussions, they must also prioritize the cybersecurity posture as it is the ideal time to review and reinforce the cyber security policies ensuring they are aligned with current cybersecurity standards and regulatory requirements. Clear vision on data protection, access controls, and incident response lay the groundwork for a secure digital environment.
With the increasing adoption of digital technologies across industry sectors, there's a rising demand for skilled professionals to safeguard data and systems, presenting women with ample opportunities to excel in this field, leading from the frontline in cybersecurity. Their contribution not only strengthens the foundation of a secure digital India but also inspires future generations of women to pursue careers in the field, driving innovation and progress in the country.
In this edition, we share valuable insights firsthand from a dynamic cyber security women leader at ReBIT who has been at the helm of the banking industry for more than a decade as a CISO. In our special article, we look at the various roles that have emerged in cyber security for women to explore as careers options in their professional journey.
As we delve into the month of April and engage in our goal-setting endeavors, I'm excited to share significant strides planned at ReBIT towards capability building and aligning our practices with global standards across the organization. It encapsulates our commitment to excellence in every facet of our product and service offerings including software development, IT services, operations, and delivery elevating our performance to meet and exceed international benchmarks.
I look forward to our continued support through editions of Cyber Pulse as we embark on this journey together with latest news updates and trends in cyber security. Thank you for being an integral part of our cybersecurity community.
Sincerely,
Santhosh George
CEO, ReBIT
|
|
|
|
|
|
|
|
|
|
With the increasing frequency and sophistication of cyber-attacks, the demand for skilled cybersecurity professionals continues to rise. A fast-growing field, it encompasses a wide range of disciplines such as IT governance, vulnerability assessment, penetration testing, threat analysis, red teaming etc. Women can look forward to building their career in these areas making a significant impact by playing the role of a cyber defender and safeguarding the digital ecosystem of our nation. They bring in unique skill sets, perspectives, and problem-solving approaches thereby enhancing the collective ability to address complex challenges and situations.
The field requires continuous learning both on the business requirements side and an updated knowledge on new technologies to take up challenges and wisely act in complex situations. In a one-one interview, Babitha BP, Vice President – Systems Audit, ReBIT shares her journey and insights into the exciting career journey. A dynamic cyber security leader, she has been at the helm of the banking industry for more than two decades in IT and CISO roles and is currently part of the core team at ReBIT driving systems audits and compliances for banks and related entities. She has won many awards in the and the latest was being named among the top 100 women in cyber security 2024 edition of Cyber Express.
|
|
|
|
How is a cyber security career different from an IT career?
As part of the IT team the major tasks required includes planning, designing, development, implementation, and deployment of solutions as per the business requirement of the organization. It is imperative to ensure that each phase is approached in a manner that incorporates cyber security. The primary objective is to deliver each phase securely, with a strong emphasis on safeguarding against potential threats. In terms of banking, it implies how securely the solution can be used by the customer trusting on the technology. Therefore, cyber security should be part of every IT process right from the planning phase and an inherent component of the organizational culture. This approach promotes a proactive stance towards cybersecurity.
Why is there a growing demand for cyber security professionals?
In today's digital age, data has become the new oil for organizations worldwide. It is crucial for every organization to have a robust system in place for storing, processing, and utilizing data securely. Now, with growing technology advances, the sophistication of cyber-attacks is also being seen. To combat these increasing risks of cyber-attacks, it is essential to have the necessary skills and resources that protect the organization. Fast transition of operations from hybrid to complete digitization has also led to a higher demand for cybersecurity professionals. These cyber security professionals primarily focus on the principles of CIA (confidentiality, integrity, and availability). Confidentiality ensures that sensitive information is protected from unauthorized access or disclosure. Integrity ensures that data remains accurate, complete, and unaltered, safeguarding against unauthorized modifications. Availability ensures that systems and data are accessible when needed, preventing disruptions to operations. As technology advancements continue, the need for cyber security talent remains paramount, making their very important in safeguarding digital ecosystems.
What are the key attributes of a successful career in cyber security?
In the rapidly evolving landscape of cybersecurity, possessing the right attributes is essential for a successful career. From technical expertise to problem-solving skills, cybersecurity professionals must embody a diverse set of qualities to thrive in the dynamic field of cybersecurity. In addition to technical expertise and soft skills, maintaining a healthy work-life balance is crucial for long-term success in cybersecurity careers. You must stay abreast of emerging technologies and their vulnerabilities, including sophisticated technologies like AI, ML, blockchain, and many more that are quickly finding applications as technology develops and advances on a constant basis.
What has been the most exciting phase in your career?
The Indian regulatory environment is one of the strongest pillars and promoters of cyber security in the country, ensuring safeguards are provided to the citizens of India. I am fortunate to have got the opportunity to work in the three lines of defense in my career i.e. through the IT role that checks during the development phase and the CISO role that looks at the risk aspects of implementation, and now I am in the third line of defense, which checks that the first and second lines of defense are working correctly. All the phases have been exciting and kept me going on the learning curve to tackle challenges old, new, and upcoming in the financial sector.
|
|
|
|
|
|
|
|
Governance
RBI celebrates its 90th year in service for the nation
The Reserve Bank of India (RBI), set up under the RBI Act, 1934, commenced its operations on April 1, 1935. This year marks the 90th year from its establishment. The Hon’ble Prime Minister, in his address, recognised the pivotal role of RBI in shaping India’s economic landscape and highlighted contributions to financial inclusion and digital payments, which have empowered millions of Indians.
Read more
NPCI partners with IISc Bangalore for Joint Research on Blockchain and AI Technology
The partnership will focus on scalable blockchain platforms and multi-modal analytics over fintech data. Faculty members from five departments at IISc will work with NPCI researchers on practical challenges related to these areas. The joint research envisioned includes working on distributed systems, cryptography and machine learning, it also provides a unique opportunity for translational research that can enhance the scalability and effectiveness of the billion-scale platforms managed by NPCI.
Read more
Cyber Crime
India launches 'Chakshu' platform for reporting fraudulent messages and phone calls
A cyber fraud prevention platform launched by Department of Communications, GoI, Chakshu aims to help Indian residents easily report fraudulent communications, whether they come by phone, SMS, or social media platforms like WhatApp. An app that is similar to Truecaller is also in the works and will aid in reducing the frequency of fraud.
Read more
Department of Telecom launches Digital Intelligence Platform (DIP)
Digital Intelligence Platform (DIP) developed by the Department of Telecommunications is a secure and integrated platform for real time intelligence sharing, information exchange and coordination among the stakeholders i.e. Telecom Service Providers (TSPs), law enforcement agencies (LEAs), banks and financial institutions (FIs), social media platforms, identity document issuing authorities etc.
Read more
|
|
Cyber Security
Telangana opens special cybercrime police stations to tackle growing cases
The state government has established special cybercrime police stations under 6 police commissionerates limits to register and investigate cybercrimes involving losses of Rs 1 lakh or more. If the victim's loss is less than Rs 1 lakh, they should file the case at their local police station only.
Read more
Online trading scams in Pune defraud more than 100 victims of 18 crore
Referred as an "epidemic" of online trade scams have occurred over the past two months, costing 110 victims an astounding Rs 18 crore. Investigations have shown that, in order to lure victims, cybercriminals have fabricated the names of a number of wealth management companies and foreign and Indian portfolio investors.
Read more
Malware / Ransomware
100+ US and EU firms come under phishing attack by StrelaStaler malware
A large number of high-tech organizations across the US and the European Union have fallen victim to a wave of high-profile phishing campaigns that distribute the information-stealing malware called StrelaStaler. The attacks work by sending spam emails with malicious attachments that contain a payload called a Dynamic Link Library (DLL). The spam messages were tailored to local languages and targeted high-tech organizations in the finance, professional, and legal services sectors, as well as manufacturing, government and utilities, as well as insurance and construction. and selectively decode strings.
Read more
AT&T confirms data breach exposing 73 million customers details on dark web
A recent data breach at AT&T, one of the biggest telecom companies in the US, affected millions of consumers, both past and present. Addresses, social security numbers, and passcodes are among the 73 million current or past AT&T customers whose data was exposed on the dark web, according to the company's disclosure. With the help of cybersecurity specialists, AT&T has launched an investigation into the matter.
Read more
|
|
|
|
|
|
|
|
|
|
|
|
A Quick Guide to Careers in Cyber Security
In the dynamic world of cybersecurity, teams work collaboratively to defend against cyber threats, protect sensitive information, and ensure the resilience of digital infrastructure. Just like the colors of a wheel blend together to form a spectrum, various cybersecurity teams combine their expertise to create a robust defense strategy. Let's delve into the color wheel of cybersecurity, highlighting the different teams, their skill sets, and the corresponding job roles.
By understanding the roles and responsibilities of each cybersecurity team, organizations can build a comprehensive defense strategy to protect against cyber threats effectively. In the context of careers for women in cybersecurity, the color wheel analogy can serve to highlight the diverse opportunities and roles available within the field, emphasizing the importance of inclusivity and collaboration across different teams. By aligning career opportunities in cybersecurity within the different teams, organizations can emphasize the importance of diversity and inclusion in building resilient cybersecurity teams, where women play integral roles across the spectrum of defensive, offensive, collaborative, and governance-focused functions.
1. Red Team: The Red Team is often referred to as the "attacker" team. Their primary objective is to simulate real-world cyber-attacks on an organization's systems, networks, and infrastructure. Red Team members use advanced tactics, techniques, and procedures (TTPs) to identify vulnerabilities and weaknesses in the organization's defenses. They employ a variety of methodologies, including penetration testing, social engineering, and vulnerability assessments, to mimic the tactics of malicious actors.
2. Blue Team: The Blue Team represents the organization's defenders. Their role is to detect, respond to, and mitigate cyber threats and attacks. Blue Team members are responsible for monitoring the organization's systems and networks for suspicious activities, analyzing security logs and alerts, and implementing defensive measures to protect against threats. They work closely with the Red Team to understand and address vulnerabilities identified during simulated attacks.
3. Yellow Team: The Yellow Team serves as the architects and builders of a resilient cybersecurity infrastructure and their primary role is to design and implement robust security architectures and solutions. This involves developing secure coding practices, designing secure network infrastructures, and implementing encryption mechanisms to safeguard sensitive data. By proactively addressing potential vulnerabilities and threats during the development phase, the Yellow Team helps minimize security risks and ensures the resilience of the organization's digital assets.
4. White Team: The White Team is responsible for designing and implementing security policies, procedures, and governance frameworks. They establish guidelines and protocols for managing access controls, data protection, incident response, and compliance management. By ensuring alignment with industry standards and regulatory mandates, they help the organization mitigate legal and regulatory risks while promoting a culture of security and accountability.
5. Purple Team: The Purple Team serves as a bridge between the Red and Blue Teams. Their primary focus is on collaboration and knowledge sharing between offensive and defensive security teams. Its exercises involve joint simulations where Red Team tactics and techniques are used to test the effectiveness of Blue Team defenses. This approach enables both teams to gain insights into each other's methodologies, enhance detection and response capabilities, and improve overall security posture.
6.Green Team: The Green Team focuses on integrating security into the development and operations lifecycle. They work closely with the Red Team, which is responsible for identifying vulnerabilities and exploiting weaknesses in systems, and the Yellow Team, which focuses on proactive defense and building resilient security measures. leverages automation and orchestration tools to streamline security operations and incident response processes. They develop and maintain security automation scripts, playbooks, and workflows to expedite the detection, investigation, and remediation of security incidents. By reducing manual intervention and response times, they help enhance the efficiency and effectiveness of security operations.
7. Orange Team: Recognizing that human error is often a significant factor in security breaches, the Orange Team works to educate employees and stakeholders about cybersecurity best practices. By integrating awareness and education initiatives into their overall strategy, the Orange Team empowers individuals at all levels of the organization to become active participants in maintaining a secure environment. Through ongoing training and communication efforts, they help foster a culture of vigilance and accountability, ultimately enhancing the organization's resilience against cyber threats.
|
|
|
|
|
|
|
|
The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.
It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm.
Let’s dive in and explore the most significant cyber-attacks of the month.
Multiple vulnerabilities in Google Chrome OS Code
Impact: Software affected include Google Chrome versions prior to 122.0.6261.111/.112 for Windows and Mac Google Chrome versions prior to 122.0.6261.111 for Linux. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a Denial of Service (DoS) condition on the targeted system.
Recommended Actions
- Upgrade to latest software version as released by Google Chrome
SQL Injection vulnerability in WordPress plugin
Impact: A vulnerability exists in Ultimate Member, a WordPress plugin due to insecure implementation of the plugins users query functionality. The threat actor can exploit the vulnerability via the "sorting" parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Successful exploitation of this vulnerability could allow unauthenticated attacker to append additional SQL queries into already existing queries that can be used to extract sensitive information from the targeted system.
Recommended Actions
- Apply appropriate software/application updates of the software.
Information Disclosure Vulnerability in Mozilla Thunderbird
Impact: This vulnerability exists in Mozilla Thunderbird due to the encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbirds local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. Successful exploitation of this vulnerability could allow an attacker to trigger sensitive information disclosure on the targeted system.
Recommended Actions
- Apply appropriate software updates as mentioned by the vendor.
150,000 Unpatched Fortinet Devices Vulnerable
Impact: Public web scans reveal that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are susceptible to CVE-2024-21762, a critical security vulnerability enabling code execution without authentication. The vulnerability poses a significant risk to organizations, potentially leading to unauthorized code execution and exploitation of sensitive data. If exploited, it could result in severe disruptions to operations, financial losses, and reputational damage, highlighting the critical importance of immediate mitigation measures and security updates.
Recommended Actions
- Immediate Patching: Applying security patches provided by Fortinet to address CVE-2024-21762 and other vulnerabilities promptly.
- Regular Vulnerability Scans: Conduct routine vulnerability scans across all network devices.
- Implement Mitigations: If immediate patching isn't feasible, deploy interim mitigations recommended by Fortinet or industry experts to reduce the risk of exploitation.
- Enhanced Monitoring: Increase monitoring efforts for suspicious activities and network traffic patterns that could indicate exploitation attempts.
- Employee Training: Educate employees on security best practices.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706
|
|
|
|
You are receiving this email as you signed up for our newsletter.
Want to change how you receive these emails?
You can Unsubscribe here.
|
|
|
|
|
.jpg)
