Tuesday, November 24, 2020

Five Key Questions About Cybersecurity that Every CEO Must Ask



A renowned authority on the subject of cybersecurity, Sai Huda is probably best known as the author of the best-selling book, Next Level Cybersecurity: Detect the Signals, Stop the Hack. Sai Huda has also written a range of thought-leadership articles including “Cybersecurity: Five Key Questions the CEO Must Ask.”

As part of its mission to serve a global readership of business leaders and individuals of high-net-worth, CEOWORLD magazine published “Cybersecurity: Five Key Questions the CEO Must Ask” authored by Sai Huda. This article begins by stressing the frequency of cyber attacks and the importance of guarding against them.

The article reveals the five cybersecurity questions that CEOs must ask and places a profound emphasis on securing the most valuable company information. Dubbing this information the company’s “Crown Jewels,” the article guides the CEO readers to first identify all Crown Jewels and then precisely where each is located. Then, the CEO must lead efforts to recognize all the methods that cyber attackers might employ to access each Crown Jewel and map the high probability signals that these cyber attackers will likely reveal. Lastly, the CEO must ensure that these cybersecurity measures result in timely detection, reporting and oversight in order to mitigate cyber risk effectively. 

Wednesday, October 14, 2020

The Dangers of Ransomware Attacks

Sai Huda is a globally recognized risk and cybersecurity expert and author of the best-selling book, “Next Level Cybersecurity: Detect the Signals, Stop the Hack.” Recently, Sai Huda was featured in a Cyber Insiders podcast by the Cyber Center of Excellence (CCOE), where he spoke about the dangers posed by ransomware.

Sai highlighted that every single type of organization located anywhere in the world is susceptible to ransomware, and now extortionware.

Ransomware is a type of malware that encrypts critical files and systems, so that operations slow down or are completely shut down, until a ransom is paid to the cyber attackers. The attackers will leave instructions on how to pay the ransom to get a decryption key that will restore access. The ransom payment is demanded to be made in bitcoin, making them hard to track. Now, it has evolved to extortionware, since the attackers have enhanced the malware to first copy the data, exfiltrate it, then encrypt, so that if the victim refuses to pay the ransom, the attacker can then threaten to sell or disclose publicly the stolen data and compel the victim to pay the ransom.

The ransomware has also evolved to scan for key words and search for backup files to encrypt, and there are many variants of the malware being produced by attackers. The attackers are frequently criminal gangs financed by nation-states.

Ransomware can enter through various vectors including phishing emails. An attacker sends emails with infected attachments to employees masquerading as from someone familiar or with authority, such as CEO or manager. If an employee opens the attachment, the ransomware infiltrates the system, leveraging administrative tools to take over and encrypt files.

The adverse impact to an organization can be devastating. Some organizations have shut down permanently from ransomware, unable to recover since operations were shut down for weeks and months. Recently, even a hospital patient died from a ransomware attack because the hospital was unable to provide the patient in critical condition with healthcare and re-routed to another hospital and by the time the patient received service, it was too late.

Huda advises organizations to improve the quality of security awareness training provided to employees so they can better identify phishing emails and to implement more sophisticated scanning of emails, and a more intelligent anomalous activity detection system to detect ransomware signals. In his book, Next Level Cybersecurity, Huda reveals the ransomware signals. Also, to have backups offsite, so the ransomware cannot encrypt the backup files and recovery can be quick. Finally, Huda advises ongoing scanning for vulnerabilities and prompt patching and configurations to avoid providing the attackers an easy opening.

Monday, October 5, 2020

How Cloud Service Misconfigurations Become Cyber Risk to Organizations

Bestselling cybersecurity author Sai Huda is alerting businesses to misconfigurations in the cloud. Huda is the author of the best-seller, Next Level Cybersecurity: Detect the Signals, Stop the Hack, and former GM, Risk Information Security and Compliance Solutions at FIS, a Fortune 500 company. Under his leadership, FIS attained number 1 ranking in RiskTech100.


When organizations shift their operations wholly or partly to the cloud, they receive out-of-the-box configurations to various systems that cloud service providers give their clients. However, businesses have responsibility to review these out-of-the-box configurations, and make proper adjustments, not the cloud service provider, and once in the cloud, they have to complete all necessary configurations to adequately safeguard their data.

If there is a misconfiguration, a malicious attacker can exploit it to access valuable customer data. Common cloud misconfigurations include unrestricted inbound and outbound access, unrestricted metadata service requests, and passive monitoring of keys and tokens.

Recently, for example, an organization reported the theft of data belonging to over 100 million customers. A past employee of the cloud service provider that the company used identified a misconfiguration in the client company’s web application firewall and used it to break into its cloud system. Once inside, the attacker queried a metadata system to obtain access keys and tokens and used these to collect the data of millions of customers.

Businesses operating through the cloud should make cloud configurations and regular testing of configurations a top priority to avoid creating a back door for cyber attackers to exploit.

Monday, September 14, 2020

Sai Huda on Cyber Center of Excellence (CCOE) Cyber Insiders Podcast

 

Friday, September 4, 2020

Cyber Center of Excellence Article: Top Three Cybersecurity Threats

The Cyber Center of Excellence (CCOE) thought leadership article titled "Top Three Cybersecurity Threats You Should Mitigate Before It Is Too Late" warns organizations of all sizes and types of the significant risks posed from ransomware, cloud mis-configurations and supply chain backdoors.

The article was authored by Sai Huda, advisory board member at the CCOE. Huda is a globally recognized risk and cybersecurity expert, and author of the best-selling book, Next Level Cybersecurity: Detect the Signals, Stop the Hack.

In this timely article, Huda explains why these are the top three cybersecurity threats and provides examples of the threats and the impact to organizations. He also reveals a five step method to mitigate the threats that organizations of any size or type can implement to manage the risks.

Founded in 2014, the CCOE is a non-profit organization comprised of member organizations of all sizes and types in the cyber industry. The COOE is an advocate for cybersecurity best practices and growth of jobs in the cyber industry. The group provides opportunities for collaboration among industry stakeholders and performs research for the cyber community, such as economic impact studies. It also recently hosted Cyber Insiders, a thought leadership podcast on iHeart Radio on emerging cyber risks, featuring industry-leading cybersecurity experts. 

Monday, August 17, 2020

Reasons Cyber Attacks Are Difficult to Prevent Completely

Cybersecurity expert and author of the best-seller, Next Level Cybersecurity: Detect the Signals, Stop the Hack, Sai Huda, advises leading companies to bolster their cyber-attack preparedness, ensuring they can positively identify attack signals and take measures to stop the attack before any damage is done. Sai Huda did a book-signing at the 2020 RSA conference and spoke on the seven step-method to detect the attackers as revealed in his book. He also spoke in an interview with the Editor-in-Chief of Big Data-Made Simple where he shared his insights on cybersecurity best practices.


One question he answered was why companies still faced cyberattacks despite investing millions to stop them. According to him, the reason was three-fold: the difficulty of locking out bad actors, the allure of valuable data, and hackers’ growing level of sophistication.

Companies continue to face cyber-attacks because prevention is almost impossible. In the digital world, there are too many doors, windows, and potential entry points for attackers to exploit. Locking all these doors is virtually impossible and as long as these companies hold valuable data, attackers will always figure out a way to gain entry.

In addition, the attackers themselves have become sophisticated and are capable of creating and deploying malicious applications designed to evade cybersecurity systems. Today, they do not have to steal the data. Attackers can simply hijack companies’ internal systems, hold sensitive data hostage, and demand ransom payments. With this in mind, companies should equally invest and focus in cyberattack detection. Huda reveals in his book the top 15 signals of the attacker and a seven step method to detect them early and stop the attack before any damage is done.

Tuesday, June 16, 2020

Sai Huda's Cybersecurity Article for Cyber Center of Excellence (CCOE)