Breaking Down RISK

Dr Eric Cole

22 Aug 202434:13

Summary

The video is abnormal, and we are working hard to fix it.
Please replace the link and try again.

Takeaways

😀 Encrypting all data with the same key and storing the key in plaintext on servers is a common cybersecurity mistake that leaves systems vulnerable to attacks.
😀 Servers accessible from the internet must be fully patched to reduce the risk of cyber attacks due to unpatched vulnerabilities.
😀 Critical data should never be accessible from the internet and must always be encrypted using different keys.
😀 Encryption keys should be stored on separate servers to ensure better security and reduce the chances of key exposure.
😀 Direct access from third-party vendors to internal networks poses a high risk, and such connections should be segmented and isolated.
😀 External connections from third parties must be quarantined before gaining direct access to internal systems to minimize exposure.
😀 Phishing attacks have become more sophisticated, especially with the use of AI, and individuals are often unable to distinguish between legitimate and malicious communications.
😀 The number one attack vector for cyber criminals is embedded links and attachments in emails, which can lead to ransomware and other attacks.
😀 Email should not be used as a repository for exchanging documents or links; blocking unsolicited emails with attachments and links significantly reduces the risk of attacks.
😀 Data-driven decisions, not emotional resistance, should drive cybersecurity policies, as evidenced by the effectiveness of blocking risky attachments and links without any significant business impact.

Q & A

What is the most common mistake made by companies in cyber security?
-The most common mistake is encrypting all data with the same key and storing the key in plain text on the server. This creates a vulnerability that attackers can exploit to decrypt sensitive data.
Why is it dangerous to store encryption keys on the server?
-Storing encryption keys on the server in plain text makes it easier for attackers to retrieve the key once they break into the server, thus allowing them to decrypt the data.
What are the three basic non-negotiable rules for cyber security that the speaker emphasizes?
-The three non-negotiable rules are: 1) Any server accessible from the internet must be fully patched, 2) Critical data should never be accessible from the internet, 3) Critical data must be encrypted with different keys, and those keys should be stored on separate servers.
What is the risk of third-party vendors having direct access to a company's internal network?
-If a third-party vendor gets compromised, it can lead to a breach of the internal network, putting the company's sensitive data and systems at risk.
How can companies protect themselves from third-party vendor risks?
-Companies should ensure that external connections to their network are segmented, isolated, and quarantined before direct access is granted to minimize the risk of third-party compromises.
What is the most common vector for cyberattacks today?
-The most common vector for cyberattacks today is phishing, particularly through emails with embedded links and attachments. Attackers use increasingly sophisticated methods to trick individuals into compromising their information.
Why are embedded links and attachments in emails a significant security risk?
-Embedded links and attachments in emails from untrusted sources can contain malware or phishing traps, allowing attackers to gain unauthorized access to a company's network and data.
What is the suggested solution to reduce the risk of phishing attacks via email?
-The solution is to block embedded links and attachments from untrusted emails, thus eliminating one of the most common methods used by attackers to compromise systems.
Why do executives often resist changes to cybersecurity practices, even when the data supports the change?
-Executives often resist change due to fear, emotional attachment to existing practices, or a lack of understanding of the risks involved. They may also fear the perceived disruption or cost of implementing new policies.
Can blocking embedded links and attachments have a negative impact on business operations?
-According to the speaker's experience, blocking embedded links and attachments had no noticeable negative impact on business operations. Instead, it significantly reduced the frequency of cyberattacks.