How to Protect Against Ransomware


protect against ransomware


Ransomware, a part of fast emerging Advanced Persistent Threats family, is a fearsome set of viruses attacking computing systems. The biggest concern is they target almost any industry-ports, power grids, healthcare, finance, law, advertising etc. and information can be lost forever.
Continue reading

Ransomware Attacks – Understanding the Modus Operandi


Ransomware attacks


Just a couple of days back, media around the world exploded with news of another ransomware attack. Petya, a ransomware wormed its way into information systems in ports, law firms, ad agencies, and supermarkets, besides its favorite victims – firms in the financial and healthcare domains. Its intention, as reported, is to destroy and cause mayhem in the information world bringing businesses to a halt. With systems compromised and data loss, revenue will take a big hit.

It is appropriate to ask now– how did this ransomware attacks computer, and worse, how did it spread? Continue reading

Improving Cloud Visibility through IT Security


Improving cloud visibility through IT security

Security concerns form the main reasons for the reluctance among businesses to move to public cloud applications. However, paradoxically, the advanced technologies and protocols that modern cloud service providers offer improved security for the applications. Cloud computing and IT security are often seen as divergent concepts but from a wider perspective, cloud computing technologies actually help propel IT security.

With better encryption, better tools and processes the shortcomings and concerns of cloud computing from a security perspective are being addressed. With cloud architectures that are virtualized and automated, infrastructure administrators now have a greater degree of control over the design and deployment of an infrastructure, with little scope for human error. In addition, the wide availability of security tools with very low upfront costs and the distributed nature and fault-tolerant architecture allows the cloud to offer the best security tools and services. Continue reading

Security-as-a-Service—Poised for Take-off


Security-as- a-Service—Poised for Take-off

Security-as-a-service (SECaaS) or Internet-based security or cloud security products is an outsourcing model for security management. Here a third-party vendor delivers applications such as anti-virus software over the Internet. It can also refer to security management software provided in-house by an external organization.

Such systems are the next step in the evolution of Managed Security Services (MSS) and Gartner indicates that the demand for SECaaS will grow significantly and might substantially change existing IT security infrastructure environments aided by the fact that new forms of threats are also emerging with Cloud Computing’s growth. Continue reading

Security Automation – The Future of Cyber Security


Security Automation – The Future of Cyber Security

With an increasing number of cyber security breaches affecting notable names, no company would confidently say they are fully protected or prepared to handle a sophisticated cyber-attack. Traditional methods, like anti-malware software, are no longer sufficient to keep sensitive data safe and it is time for automation to beef up cyber security for greater defense.

Recent attacks have been driven by automated bots and such intensive, sustained attacks make it a tough fight to handle the sheer volume and make quick and high-impact decisions to handle these threats efficiently. In these circumstances, security automation has become a powerful and effective component of cyber security incident response in combating the onslaught of incoming threats. Moreover, automation now goes beyond protecting just the technologies, but expanding into applications for IT infrastructure and the enterprise IT environment. From real time monitoring to alerts and incident response planning and investigation, security automation contributes to establishing a comprehensive security envelope for the enterprise. Continue reading

Building New Data Protection Capabilities in 2016


Building new data protection capabilities in 2016

Where businesses need to focus?

ITRC’s latest data breach reports revealed some serious findings: Continue reading

The Emergence of the CSO and the future of Data Security


future of data security

Data is the essence of all businesses across the world. Protecting it from theft, exploitation, and misuse is now top priority for the organization. Client data that has been hacked can wipe out crores  in revenues, and stolen intellectual property can impact competitive advantage. This can lead to needless privacy abuses that bring scrutiny and penalties from regulators, causing damage to the organization’s reputation.

Managing data is no longer confined to the multifaceted ecosystem of privacy-conscious consumers, digital staff and suppliers; data today is fuelled by mobility and the cloud. Perimeter-based security is no longer applicable. Data-centric security, where security is positioned closer to the data itself, is now the new reality.

The future of data security

Continue reading

Internet of Everything – Security Concerns In a Connected Era


securing IoT

Imagine a world where every aspect of your life is connected. What you do is recorded by a growing number of connected devices you touch, interact and encounter every day. And then the collected data is shared over a network. Our world is becoming a central nervous system running on a network of connected devices.

By 2020, the number of internet-connected devices will reach 50 billion. Mathematically, that’s around 8 connected devices per person. And this indeed creates a simple but a dangerous dilemma. While our ability to collect data will grow via connected devices, there is hardly any adequate security system in place to protect and secure this data. Continue reading

Mobile & Cloud – The Top Security Concerns of 2016


top security concerns of 2016Mobile security challenges:

The mobile has taken center stage in all aspects of life, but its influence is perhaps most noticeable in the corporate sector where the influx of mobile technologies has brought a sea change in the way enterprises operate. The proliferation of mobile has naturally led to concerns regarding security.

Today, 2 out of 3 employees use their mobiles for work-related activities. More and more companies are adopting BYOD’s at their workplace. Mobiles have become a mine of sensitive corporate information and a probable entry point in the IT. In the event of a mobile getting lost or stolen, there is a high chance of sensitive data falling into the wrong hands. For example, according to OCR, there were 253 breaches affecting more than 500 individuals, and running into a combined loss of over 112 million records in healthcare sector. And in Japan, at least 2.07 million sets of personal data were stolen or feared leaked from 140 organizations in 2015, according to a Kyodo News survey. In automobile sector, Mercedes has filed a lawsuit against Benjamin Hoyle (the company’s former employee) for stealing confidential information before leaving to join a rival company. These are perilous security incidents that corporates and companies cannot overlook.
Continue reading

Alert! Hackers are Watching Your Organization [40 sec read]


Enterprises encounter serious security breaches despite investing heavily in Information security infrastructure. Hackers are always devising new ways to breach the Information security of an organization, either from within the company or from outside.

Research suggests that 90% of enterprise breaches could be prevented through proper monitoring.

Alert! Hackers are Watching Your Organization. Enhance your Information Security.

However, setting up a 24X7 Security Operations Centre (SOC) to monitor is an enormous challenge because:

  • The high set-up costs can run into lakhs and crores of rupees
  • Demands significant time and effort
  • Growing shortage of skilled in-house security experts

CMS IT is delighted to announce the “Security Eye”; Service that provides a round-the-clock monitoring of your IT landscape.

As a new-age Information security service provider, CMS IT Services is pleased to bring forward this unique proposition to help clients adopt a best-in-class SOC at minimal investment. Continue reading