Connect with us

Opinion/White Papers

Inside the Mind of a Cyber Criminal

Published

on

, SiliconNigeria

By Anna Collard, SVP Content Strategy and Evangelist at KnowBe4 Africa

Cyber criminals come in many different flavours, but the majority of them are in it for one thing: financial pay-off. They want the money that comes with offering their tools or services, selling stolen data, extortion like ransomware or plain fraud. And they all have one thing in common – your organisation is on their radar.

Which is why, says Anna Collard, SVP Content Strategy and Evangelist at KnowBe4 Africa (www.KnowBe4.com) it is critical to understand how cyber criminals operate, the tools they use and the approaches they take to embed robust security within the organisation.

“With ransomware going rampant and victim organisations paying up to millions of U.S. dollars to the extortionists, this problem is just going to get worse. The U.S. government recently announced that ransomware is a national cybersecurity challenge and that there will be serious implications for anyone attacking the United States or their critical infrastructure.

This may lead more criminals to shift their attention towards the emerging economies like Africa, where we do not have the government’s support or capacities to stop and prosecute cyber criminals, making it a safer place to operate,” says Collard.  

Social engineering or people hacking is a popular way to distribute ransomware – predominately by tricking people into falling for their phishing scams.

“Another technique to be aware of is password spraying,” she explains. “This is when the bad actor selects a common password, like the organisation’s name, followed by the year, and tries it against every user in the organisation. They scrape names of employees from LinkedIn and then using this information, try the possible password against the list of names. Then it keeps on cycling until it hits a winning entry. This is a solid case for ensuring that every single employee uses proper passwords or a password manager and multi-factor authentication where possible.  

“This level of attack really underscores how important it is to undertake consistent employee training and security skills development,” says Collard. “No matter how secure your perimeter, no matter how much money is spent on high-end security systems, one poor password can open the doors to the threat actors.”

Multi-factor authentication and robust training are not just invaluable for employees in the office, they are even more critical today as people work from home and multiple locations – particularly as employees migrate to coffee shops for power and Wi-Fi during load-shedding. Public Wi-Fi is wide open and home networks with poor passwords or out of date software are open doors.

“It is also really important to make sure that employees use a VPN, although that is also not a guaranteed protection” says Collard as a recent report by the Orange Cyber Defense (https://bit.ly/2UmjTqQ) team explained.  “With home routers being vulnerable due to people not configuring them correctly or updating them, it might be worthwhile sending pre-configured routers and firewalls to employees’ homes, especially for those who access highly confidential information.”

Another challenge for the organisation is keeping up with vulnerabilities and patch management, which is a complicated task in bigger environments.

“Leading hackers and experts like Kevin Mitnick are drawing lines under the importance of putting people’s understanding of these threats at the forefront,” says Collard. “Make sure that passwords are secure, that they are not stored in diaries or on open platforms like Slack or Google Hangouts, that they understand how to identify social engineering attacks and keep security hygiene at the forefront of all communication. People need to know what is out there, and that they have the skills to play an important role in protecting themselves and the organisation.”

Today, the threat actors are organised and well paid. They benefit immensely from their pursuit of vulnerabilities, simple mistakes and human error. Organisations have to sit on the sharp end of the security stick with robust monitoring and detection systems, clear policies, consistent training and security boundaries.

Continue Reading
Advertisement Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Opinion/White Papers

How Digital Marketing is Embracing the Ever-changing World of Work 

Published

on

, SiliconNigeria

By Gaston Taratuta, Founder and CEO of Aleph Group, Inc

The world of work has always changed and evolved in line with technological advances and major consumer shifts. Did you know, for example, that in Victorian Britain people were paid to wake factory workers up by tapping on their windows? Called knocker-uppers, they were a common sight until alarm clocks rendered them obsolete.. 

In recent months you may have seen articles predicting that, thanks to the rise of artificial intelligence (AI) tools such as ChatGPT, prompt engineering will become an important and necessary career skill in the near future. Some experts even suggest that the field, which boils down to giving AI tools the best possible inputs, is so critical that it may even become a career path in itself.   

But that’s just one example of where the world of work is headed. If you really want to future-proof yourself, it’s worth having a much broader view. And on that front, you could do a lot worse than keeping a close eye on the digital marketing sector. 

An industry unafraid of change 

Digital marketing has a long history of adapting and embracing big technological and societal shifts. From the early days of website banner ads through to innovative products on social media and streaming platforms, each advancement has required people in the sector to build up new skills to ensure that they’re providing the best possible service to their clients. 

That’s unlikely to change in the near future either. According to LinkedIn, the “Digital Marketing Specialist” role is among the top 10 most in-demand jobs, with 860 000 job openings. The fact that the most requested experience in digital marketing includes social media, content strategy, SEO, analytics, also shows how broad the field has become. 

Even those specific areas of experience are changing all the time. Take online communities, for example, before 2016, when the likes of Facebook and Twitter were well established, no one had any expertise in marketing on TikTok. Today, the platform has more than a billion users and is an increasingly important part of any organisation’s digital marketing strategy. As a result, people in digital marketing have had to build up the skills necessary to market on the platform. 

The same is true for every new product a social media platform launches. Twitter, Snapchat, Instagram, and Spotify, are all unique in its form. It’s also worth remembering that a user’s experience on TikTok has nothing to do with their experience on Twitter. You seldom meet someone who understands all the platforms very well. Additionally, there are changes all the time, so to be successful in digital marketing you have to be able to learn new things and be flexible all the time. 

These are also the qualities that you need to succeed in the rapidly changing world of work. 

Acquiring the right skills 

So, how should you go about acquiring the skills necessary to thrive in the world of digital marketing and beyond? 

There is no doubt that formal certification can be incredibly helpful, especially when you’re starting out on your journey. It’s part of why we launched our free Digital Ad Expert community. The 12 week course covers the basics of strategy and analytics, as well as platform specific advertising methodologies for all the major social media platforms. 

Once you have those basics in place though, self-exploration becomes critical. You have to be curious. You have to want to learn. You have to commit. By certifying yourself on all the platforms you can (this can usually be done for free). Learn things like Google Adwords, how to do marketing on Instagram, and as many other products as you can. 

Getting to that point won’t take long, for some people it can take as little as six months. From there, practice and keep practising. If you don’t have a client to practise on, market yourself. Soon enough you’ll learn that, in such a fast-changing world, years of experience matter less than your ability to deliver results. 

Powered by the present, ready for the future 

It’s something that’s been true of digital marketing for a while now. It’s also something that’s becoming increasingly true of the world of work in general. So, if you want to be ready to face the future, look to an industry that already has a strong track record of adapting to epoch-shifting changes. 

Continue Reading

Opinion/White Papers

Bridging the Gaps to Safeguard the Future of Hybrid Work

Published

on

, SiliconNigeria

By Emmanuel Asika, Country Head, HP Nigeria  

The emergence of cultures within adaptable working models that facilitate improved flexibility and therefore well-being whilst generating new range of opportunities to innovate and increase productivity shows that hybrid work is here to stay. A report by
Gartner shows a sizeable 51% of US knowledge workers are projected to work ‘hybrid’ and 20% to work fully remotely in 2023. Just as a Phillips Consulting (PCL) study reveals how Nigerian executives considered culture as one of the top factors to consider in their business strategy, moving from a 17% focus pre-COVID to a 44% focus in some cases to align with the future of work.  

Notably, these new dynamics signal new trajectories for security teams, as business protection is now more demanding because the path has become doubtful. To mitigate this, emphasis must be on protecting endpoints – PCs and printers; the ‘focal point’ of most attacks. Thus, to detect, prevent, and control cyber threats, new cybersecurity strategies are required; to dispel the threats associated with lost or stolen devices by boosting remote PC management.  

Mitigating security slips  

It’s clear that 82% of security experts adopting a hybrid work model have slip-ups in their organization’s security architecture, a new research and a hybrid security report from HP Wolf Security reveals. The epicenter of the hybrid worker’s world is the endpoint.  

In fact, 84% of security experts agree that endpoint is where the most enterprise-damaging cyber-threats occur, and it’s the root of most security threats – be it a PC, smartphone, laptop, tablet, or complementary peripherals like printers. For malicious attackers, these devices can be a target entry point.  

Nonetheless, local networks may be compromised and misconfigured. But truly, endpoints are the link bridging unprotected technologies and imperfect users. When devices are not provided with requisite routine enterprise protection, hybrid work models suffer and negatively affect productivity. Significantly, machines and employees working remotely are likely to be without appreciable protection and left vulnerable.  

Furthermore, some employees who are confined to their comfort zone without assistance of knowledgeable coworkers makes them more prone to either opening an attachment containing malware or clicking on a risky link. Employees likewise work in cafes, restaurants, and airports, and perhaps even living the digital nomad lifestyle abroad; they aren’t just working from home (WFH). Actually, two-thirds (66%i) of security leaders and IT experts consequently concluded that the most pronounced cybersecurity weakness in their organization is the possibility for hybrid employees to be compromised – phishing, ransomware, and attacks via unsafe home networks are also cited as top enterprise risks.  

Forward-thinking organizations now seem focused on fine investment in securing hybrid work, with a commendable four-fifths i.e., 82% of security leaders increasing budgets threshold specifically for hybrid workers, and 71%of these leaders expect this focus to increase further in 2023. Yet, the impact of their budget must be targeted at the appropriate tools with a concentration on positioning the endpoint front and center of any hybrid security strategy.  


Leaving no stone unturned  

An improved remote management of devices, despite its attendant complexities, is most necessary as most major considerations for the IT and security teams, in this hybrid age. Also, 70%i of security experts conclude that the risk of lost or stolen devices is prevalent in hybrid work. This triggers the question – when remote machines are powered down or offline, what happens? Locating or safeguarding data on these devices could be tasking, and substantially risky if they either contain confidential trade secrets, personally identifiable information (PII), or intellectual property (IP). The reality here is that Cloud Technologies have helped to reduce the workload here, but they’re not 100% effective.  

Human-error risk tendency is rife with itinerant workers always on the move; same way there will always be unethical hackers lurking around for susceptible devices they can attack. This trend raises risks, exclusively in highly regulated sectors like government – where a lost or stolen laptop could mean a
national security risk.  

Connecting with a fresh approach  

In Nigeria, an emerging economy, institutions are gradually deepening hybrid work models via infrastructure investments despite challenges of electricity, network coverage, low bandwidth, and affordability. HP has also been working on designing a model of
IT management connectivity solution hence, the new HP Wolf Connect service now enables IT to manage devices even when powered down or offline.  

So, for IT managers, what can they do to mitigate these concerns? Step one is to find a fresh approach to link remote computers over cellular networks. This implies that devices can be controlled even when turned off or offline. Fundamentally, such functionality could be deployed to connect with lost or stolen devices and then lock and wipe them. This approach will not only lower the risk of data leaks and violations, but it can also moderate IT expenses by cutting cases of PC replacement or remediation. A stronger and secure connection to remote computers also reduces the time and effort required to resolve support tickets. Teams can precisely report where and when devices went missing, and how long it took to lock or erase them. Now, that’s a fresh approach to security.  

About 80% of institutions laid claims to have deployed numerous tools and policies to protect hybrid working staff. However, what’s vital now is that these tools and policies require a paradigm shift from old perimeter-focused thinking. Once again, endpoint must become the focus for applying protection in the hybrid age. Accepting hardware-enforced security features and protection above, in, and below the OS – such as application isolation – will be strategic for protecting end-users without impacting on the freedoms that hybrid work admits.  

This model should be part of an approach to hybrid workplace security that takes into consideration the distinct threats and contextual challenges that are more common with flexible working.  

Incidentally, about two-thirds, representing 61% of corporations and leaders, are saying that protection of their hybrid workforce will be harder moving forward. This doesn’t necessarily have to be the case. Enhanced remote management and the adoption of hardware-enforced security, can help businesses unleash end-user productivity without alluring extra cyber risks.  

Consequently, businesses should upgrade to a hybrid work model, at a time when sustainable growth is strategically significant to all organizations, bearing a fine blend of tech tools and motivated people to optimize lasting productivity. This is the future of work.

Continue Reading

Opinion/White Papers

Ericsson Consumer & IndustryLab: Flexibility is the New Work Life Currency

Published

on

, SiliconNigeria

A new report, Future of Work Life, from Ericsson Consumer & IndustryLab examines how employees and employers navigate the current work environment and their views on the future of work shaped by the pandemic, digitalization and the fluctuating labor market.

The way people spend their work hours has been the same for a long time, but the pandemic was a major disruptor of this. Work has changed and will continue to change going forward.

Almost half (48 percent) of the employees in the study say that they enjoy increased flexibility at work. 52 percent consider flexible work hours or locations as key requirements, and 25 percent say that flexibility is the top priority if they would start to look for a new job. Doing work rather than going to work is seen as central in this new way of thinking about work life.

Employers need to embrace digitalization and flexible workforce management, and this can be done by creating a workplace of the future that supports human collaboration, simplifies work and values employee input in decision making.

Key findings:

  • Flexibility is the new work life currency. Employees predict flexibility as a future employment need as hybrid work continues to be the norm as 25% of the global working population say they will prioritize flexibility above all else.
  • Digital technologies renew employee confidence. Using the right digital technologies boost twice as much positive feelings for employees without increasing stress.
  • Decision-makers and employees are increasingly at odds over technology. Only 33% of employers consider employee preferences when investing in new technology as 4 out 10 employees struggle with non-relevant tools for their tasks.
  • Flexible workplaces may come at the cost of increased surveillance. Balancing visibility and privacy is a challenge and concern for hybrid work. 65% of employees who are optimistic about technologically-enabled flexibility also believe it will be tied to an increase in monitoring.
  • Globalized labor markets bring talent and concerns to employers. Decision makers in emerging markets agree loyalty is declining with the rise of remote jobs.
  • Five employee paths shape the future of work. Employees prioritize flexibility (24 %) digitalization (20 %), project-based work (12 %), or career (19 %) and financial stability (25%).

“Based on our research, it is quite clear that the future of work is going to be increasingly dependent on ICT solutions such as high-speed, globally available mobile connectivity. We felt the pandemic could finally be seen in the rear-view mirror, and therefore wanted to take a closer look at what changes in peoples worklife had stuck, and what was only a temporary adjustment! My own favourite take-away is that remote work is clearly here to stay – maybe not exactly at the level as was measured during the pandemic, but still at significantly higher levels than before the pandemic!” – Anders Erlandsson, Head of Ericsson IndustryLab

“Amidst the rapid digitalization brought on by the pandemic, our research highlights a concerning gap between the technology available in the workplace and the needs of employees for flexible working. With 6 in 10 companies lacking relevant technology for their staff, and just 2 in 10 employees feeling they have relevant tools at workplace there is a pressing need for organizations to invest in digital tools and robust connectivity that enable remote collaboration and flexibility, not only to attract and retain top talent, but also to stay competitive in the post-pandemic world.” – Jasmeet Singh Sethi, Head of Ericsson ConsumerLab

Continue Reading

Popular News