In the current age where information technology has penetrated in almost every area of our lives, both personal and professional has huge impact of Information technology, in other words our live has been completely dependent on technology. Be it organizational or personal, the amount of data collected and processed by big-companies and start -ups is alarming. Human beings have become so much dependent on technology, be it hardware or software, holdable to wearables to insertable, technology is all but inseparable.

Be it office or daily household tasks, technology has invaded in every sector and make the work easier and more efficient to perform., however, all the technology gadgets and services have one thing in common, that is data processing. In order to process the data like PII(Personally Identifiable Information),PHI Protected health information about individuals, and critical financial, scientific, confidential  data of organizations and countries is  extremely lucrative  to competitors and cybercriminals, ranging  hackers to , script kiddies, the wannabes, elites, activists, crackers, and phreakers to punks ciphers

For an example you are start-up organization providing information technology services to any government or any other big organization which is processing critical data, then a vulnerability in your system can be a potential risk which could lead to data breach of your client. As per recent trends, at least one new zero-day vulnerability was found each week. As zero-day vulnerabilities are discovered, they just serve as a tool for cybercriminals/hackers to intensify attacks. Hence by enabling proactive measures such as incident management or cyber crisis management plan can be an effective way to limit or even prevent the propagation of a cyber security attack.

IMPACTS OF CYBER SECURITY BREACHES IN START-UPS

Cybersecurity breaches impacts   organizations and companies in different ways. Many of which cause serious damage to the organizations and start-ups, if not permanent. Some effects of cyber breaches are:

• Organizations leads to financial losses: An intense cyber security breach can damage critical servers and hardware which could lead to financial loss. In addition to it an organisation which is not capable to secure its information assets and prone to frequent cyber security attacks is liable for penalties imposed by client or government.
• Organizations do experience loss of confidential data. This is often the major consequence of a cybersecurity attack. Confidential Data, which could range from credit card numbers, Aadhar number, PAN number, phone numbers, social security numbers, health records, right up to software design, code, military confidential or classified information, medical formulas could be stolen.
• Loss in Reputation and value degradation in the business market have often been cited as a significant concern. Trust and value built from customers (service providers) to companies(clients) after a mishandled cybersecurity attack starts discrediting and is brought into question, especially when the company fails to respond promptly to a cybersecurity attack.
• Competitiveness between firms and organizations becomes compromised. This can cause disaster, from which small to medium organizations or start-ups might never recover.

 Cyber security breaches or incidents can sustain by opting different kind of strategies. Few of them is setting up preventive measures to avoid a potential attack, and the other being how to respond when a breach or attack occurs as a corrective measure in case of any Zero-day attack. However, both the methodologies require intense monitoring of the information systems.

STEPS TO AVOID A POTENTIAL CYBERSECURITY ATTACK

Cyber security attacks are of various kinds and natures, and there is an enormous number of resources out there stating how to prepare for the inevitability of a cyber-attack. Cyber risk can come from various points like open ports, unattended laptops, desktops, improper patch management etc and this activity requires involvement of top to lowest level of employees the organisation. There is no perfect methodology or solution available to handle cyber security incidents or attacks in any organisation, however the impact can be minimised if handled properly. Below are the points to strengthen cyber security:

• Perform Cyber Security Risk Assessment: Perform an intensive risk assessment for your business and identify all the possible weak points which could lead to cyber security attack and find out a risk mitigation plan for each risk, don’t leave any risk unattended
• Employees Training. In any organisation aware employees can be helpful to handle cyber security incidents. Any organisation or start-up should provide adequate training those handling sensitive data.
• Regularly backup sensitive data. Data is the core of every company. Unavailability of data can destabilize, disrupt, and even lead to shut down of start-ups, or organizations. Having data backup at an alternate location online/offline is the key of surviving a cybersecurity breach or incident. Remember, data availability is one of the key components of cybersecurity.
• Employee Screening prior to employment. A proper policy and SOP for employee screening shall be developed and followed with due diligence. Since employees are often the weakest link in a cyber-security plan, all the future employees should be screened to validate their cyber-security skill sets desired for their respective positions in the organisation or start-ups.
• Keep systems updated by regular patch updates. Most of the start -ups and small companies don’t have proper patch management programs for systems and software which could lead to a serious cyber threat because these vulnerabilities can be exploited by cybercriminals to access your systems. Applying timely security patches to software and hardware systems routinely can reduce cyber security threats, as most of the threats exploit known vulnerabilities(weaknesses).
• Adapt Security culture and take cyber threat seriously. As part of the organisation’s culture, cyber-security must be priority by the management. Negligence can lead to unrecoverable cyber-attacks. Management should provide adequate budget for enhancement of cyber-security in the organisation.
• Develop Cyber Crisis Management Plan. Since Cyber incidents comes unannounced organizations and start-ups should identify and classify different cyber -security attack scenarios and generate mitigation plan for it. Table top exercises are helpful to understand the readiness. A contingency plan shall be developed

A well skilled team for handling cyber security in any organisation is very important. Having the Data Privacy Officer (DPO), Chief Information Security Officer (CISO), and the Chief Information Officer (CIO), etc., with well-defined role are helpful for any organisation

HOW TO RESPOND TO SECURITY BREACHES?

1. Establish an Incident Response Team (IRT).

Create an IRT with skillsets and capable to handle Cyber security incidents. Define roles and responsibilities of each member which may in some cases, take precedence over normal duties. The IRT can be comprised of a variety of departments including Information Technology, Finance Compliance and Human Resources.

Your (IRT)Incident Response Team should include your Chief Information Security Officer (CISO), who will lead the team organisation’s security policy direction. In case of start-up Virtual CISO can be a guide.

2. Identify the type and extent of incident.

A impact matrix for incident should be clearly defined for damage assessment and determine the appropriate response. For example, an incident where a computer virus is easily detected and removed and which has not impacted any external or internal parties can be categorised as low and should not be escalated.

However, an incident which impacts clients and customers should be escalated to the IRT.

3. Escalate incidents as necessary.

Employees are the first one to observe the cyber security incidents, any kind of incidents including abnormal system behaviour, phishing mails, fraud mails etc shall be immediately escalated to IRT so that timely corrective action can be taken.to mitigate suspicious vulnerabilities and avoid unexpected downtime.

4. Notify affected parties, government bodies and outside organizations.

Identify and assign responsibility to one member of the IRT managing communication to affected parties (e.g.  government bodies, investors, third party vendors, etc.). Depending on the severity of the incident, the IRT member should inform the affected parties and law enforcement agencies

5. Gather and analyse evidence.

IRT is responsible for identifying, gathering and analysing both physical and electronic evidence as part of the investigation. These evidences shall be kept securely as a part of artefacts. Lesson learnt should be documented for future.

6. Mitigate risk and exposure.

Technical members of the IRT shall be responsible for monitoring the situation and ensuring any effects or damage created as a result of the incident are appropriately repaired and measures are taken to minimize future occurrences.

Since cyber security is the responsibility of everybody in the organisation the necessary disciplinary action shall be defined for the guilty. An adequate amount of penalty or action shall act as a deterrence and helpful in reducing the cyber-security incidents.

Keywords: Cyber-Security, Information Security, Cyber-Security incidents, CISO, Virtual-CISO, hacking, cybercriminal, start-ups,incident-response

]]> http://www.cyberlaws.org/how-ceh-certification-can-add-value-to-your-resume/ Sun, 22 Mar 2020 07:19:52 +0000 http://www.cyberlaws.org/?p=14

HOW CEH Certification can add VALUE to your RESUME

Certified Ethical Hacker (CEH) is a globally recognised qualification, which an individual obtains by proving his or her skillset of assessing the security of IT applications and networks by verifying the vulnerabilities or loopholes of the target systems, using the same methodologies, tools and techniques as a hacker, but in a lawful and legitimate manner with a due permission of IT system owners.

Information technology is an integral part of almost every business nowadays and so do Cyber Security. Using technology gives ease of access and fast processing of data, at the same time is also gives exposure to many risks which could harm the business and even lead to severe impacts sometimes. Information Technology and Cyber security going hand on hand now a days. Certified Ethical Hacker is one of the most popular certification which could help an individual to start or migrate their career in cyber security.

An IT of any organisation comprises of Network and Application, companies need to monitor and  secure both of these in order to safeguard their critical data. CEH gives a comprehensive overview of a Hacker’s mind set and methodology. We can replicate the same steps in our environment and find out loopholes which could attract any malicious user and patch them before they can get exploited.

Security Assessments has following steps:

Reconnaissance: Generally known as Recce or information gathering, of the target network or application.  This phase you collect the targets information from various public and private domains.

Network Scanning: Here we scan the networks or applications to find out the vulnerabilities or weakness in it and remember you need to do this in stealth mode else the target can identify the scan and can block your connection.

Gaining Access. Once we get the vulnerabilities you are good to enter or penetrate into the system by exploiting it and you can have even the Administrator or root access.

Maintaining Access: Here we learn how we can hide ourselves into the system by migrating to system files and then can have access for a longer time.

Covering Tracks: Once all the necessary information is captured now you would like to remove all your footprints or logs from the system so that you cannot get traced back.

Skillset of a CEH certified candidate:

• A Certified Ethical Hacker knows multiple techniques of information gathering through different resources like publically available information, websites, social media and thus identifying the publically available weak link or the basic information of the tools and techniques used by the organisation.
• A CEH knows various techniques to scan the network using customised commands and thus can identify the unnecessary ports or exploitable version of services present on company’s server and network
• A CEH knows how a web application can be exploited for different kinds of vulnerabilities like SQL injection, privilege escalation, command injection, Cross site scripting (XSS), weak passwords, weak sessions etc.
• A CEH knows how to identify vulnerabilities in Wi-Fi network and how to exploit it
• A CEH is aware of different kinds of malwares and working methodologies of malware and also knows how to detect hidden malwares in files or software by performing reverse engineering
• A certified CEH have a good knowledge of Cloud Computing and Internet of Things (IoT) hacking. Since IoT and Cloud Computing both are most used technologies now a days, and a CEH having good knowledge of security assessment of these can identify loopholes in these systems prior to getting exploited by a malicious user.
• A CEH knows the security assessment techniques for mobile applications both android and is.
• A CEH knows how the network devices like firewall, IDS, Honeypots works and how it can be exploited.
• A CEH knows different techniques of sniffing a network and how to capture critical information travelling through networks. In this way he or she can help the organisation to find out vulnerabilities present in the network and the organisation can patch it before getting exploited.
• A Certified Ethical Hacker knows different techniques to identify vulnerabilities which could lead to session hijacking of any web application.
• In addition to all above skillsets a CEH also knows different tools like Nessus, Burp Suite, Wireshark, NMap, ZenMap, Metasploit , Acunetix and many tools which are commonly used in Security assessments

Scope after getting CEH

• You can work as a Security Tester or Security analyst who is performing Vulnerability Analysis and Penetration Testing (VAPT) on web application, mobile application and networks
• One can work as network security analyst in Security Operations Centre(SOC), where the organisations network is constantly being monitored and subsequent actions are taken against any kind of malicious traffic.
• If you have good knack in programming languages, you can work as secure code reviewer, which is again a very demanding job nowadays.
• If you have good knowledge of programming skills with a knowledge of ethical hacking you can work as an exploit writer. Many companies are working on this.
• Last but not the least one can work as a freelancer Bug Bounty Hunter and can get paid well.

Ethical Hackers or Security Testers are the professionals who has very good knowledge of networks and applications, at the same time they know how to maintain security of both so that it can be safeguarded from hackers. Ethical hackers constantly test organisations applications, network devices networks and find out vulnerabilities in it and ask the IT team to patch those vulnerabilities.

Attaining cyber security skillset of along CEH certification is definitely a very good credential for one which can help anyone to lend a good job in any organisation.

Now a days many renowned companies are developing their own Cyber Security team and they also get their Infrastructure tested by third parties just to ensure on their security. While hiring a Third Party organisations are very particular about the individual’s qualification and experience, CEH certification is answer for that because it provide assurance about the candidate’s skillsets. As a whole CEH certification holds a good reputation in the industry,

#Tags:   Jobs, Hacking, Career, CV,Certification

#Keywords: Cyber Security, CEH, Certified Ethical Hacker, Security Testing, information Security, IoTHacking,Mobile Application Hacking, Web Application Hacking