Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Put a SOC in it

April 2018 Security Services & Risk Management, Information Security

The past two years have seen a veritable explosion of new cybersecurity vulnerabilities, including a steep increase in hacktivism, which Wikipedia describes as ‘the subversive use of computers and computer networks to promote a political agenda or a social change. With roots in hacker culture and hacker ethics, its ends are often related to the free speech, human rights or freedom of information movements.’

Hacktivism came to a head in 2016 around the US elections, with numerous reported malicious cyber assaults being carried out against candidates (including Donald Trump, Hillary Clinton and Bernie Sanders), political parties and governmental IT networks.

Continuing into 2017, we saw WikiLeaks publish thousands of documents claiming the exposure of hacking secrets of the Central Intelligence Agency (CIA), which included the agency’s (and presumably other hackers’) abilities to break into mobile phones, smart TVs, and Microsoft, Mac and Linux operating systems.

A Wired.com article from August 2017 stated that: ‘Yesterday’s WikiLeaks dump reiterated something we already knew: our devices are fundamentally unsafe. No matter what kind of encryption we use, no matter which secure messaging apps we take care to run, no matter how careful we are to sign up for two-factor authentication, the CIA can infiltrate our operating systems, take control of our cameras and microphones, and bend our phones to their will. The same can be said of smart TVs, which could be made to surreptitiously record our living-room conversations, and Internet-connected cars, which could potentially be commandeered and even crashed.’

This year, a mere few weeks ago, a number of global technology companies began to roll out patches addressing design flaws in processors that were named ‘Meltdown’ and ‘Spectre’. The chip vulnerabilities leave devices such as desktops, laptops and smartphones exposed to unauthorised access and information theft, as well as cloud and virtual environments.

Wayne Olsen.
Wayne Olsen.

“Looking at the course of events over the past two years alone, it is clear that organisations across the globe are grappling with a very real, ever growing data security issue – whether it be held on premise or within the cloud,” states Wayne Olsen, security business unit manager at Datacentrix. “Businesses are under immense pressure to protect increasing volumes of data, prevent a myriad of attacks, and do it all faster and more effectively than ever before.”

In order to support local companies looking to boost cybersecurity measures, Datacentrix is launching two new services within its Security Operations Centre (SOC).

“Firstly, we have created the Datacentrix Cyber Threat Intelligence offering, which will allow local firms to monitor malware, phishing and hacking attacks, identify when information has been stolen, as well as check for malicious mobile attacks. We’ve increasingly found that applications are being launched using an organisation’s name, without its knowledge or permission.

“A recent example of this was a fake version of the WhatsApp app that was downloaded a million times from the Google Play Store before it was discovered to be fraudulent. The Cyber Threat Intelligence offering will help to protect against all of these vulnerabilities, as well as other brand abuse, such as bogus social media accounts created using companies’ names.”

The new service allows Datacentrix to find existing and potential attackers – even on the dark web – minute by minute in real time, and ‘take them’,” Olsen explains.

“Secondly, Datacentrix is also introducing a Contextualised Vulnerability Management service, which will identify potential weak spots within a business’ network topology, and put them at the top of the risk and vulnerability list,” he says. “This allows organisations to then remediate any problem areas.

“As a trusted security solution provider, it is Datacentrix’ intention to monitor and defend customer ICT environments in real time against any potential security threats, but to do this in such a way that our clients are also able to reduce costs and leverage existing technology for improved insight. We believe that the new services added to our SOC offering will be a game-changer in the local market,” he concludes.

For more information, go to www.datacentrix.co.za





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Understanding the Shared Responsibility Model
Infrastructure Security Services & Risk Management
While the cloud can certainly be a growth enabler in many ways, it can also introduce new security risks. Companies want to have a clear understanding of where their security duties end and where their cloud service provider’s begin.

Read more...
NEC XON secures mobile provider’s hybrid identities
NEC XON Access Control & Identity Management Information Security Commercial (Industry)
For a leading South African telecommunications operator, identity protection has become a strategic priority as identity-centric attacks proliferate across the industry. The company faced mounting pressure to secure both human and non-human identities across complex hybrid environments.

Read more...
Rise in malicious insider threat reports
News & Events Information Security
Mimecast Study finds 46% of SA organisations report a rise in malicious insider threat reports over the past year: reveals disconnect between security awareness and technical controls as AI-powered attacks accelerate.

Read more...
New campaign exploiting Google Tasks notifications
News & Events Information Security
New phishing scheme abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials, which can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.

Read more...
“This Is Theft!” SASA slams Mafoko Security
News & Events Security Services & Risk Management Associations
The Security Association of South Africa (SASA) has issued a stark warning that the long-running Mafoko Security Patrols scandal is no longer an isolated case of employer misconduct, but evidence of a systemic failure in South Africa’s regulatory and governance structures.

Read more...
Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...
The challenges of cybersecurity in access control
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security
SMART Security Solutions summarises the key points dealing with modern cyber risks facing access control systems, from Mercury Security’s white paper “Meeting the Challenges of Cybersecurity in Access Control: A Future-Ready Approach.”

Read more...
Securing your access hardware and software
SMART Security Solutions Technews Publishing RBH Access Technologies Access Control & Identity Management Information Security
Securing access control technology is critical for physical and digital security. Every interaction between readers, controllers, and host systems creates a potential attack point for those with nefarious intent.

Read more...
Privacy by design or by accident
Security Services & Risk Management Infrastructure
Africa’s data future depends on getting it right at the start. If privacy controls do not withstand real-world conditions, such as unstable power, fragile last-mile connectivity, shared devices, and decentralised branch environments, then privacy exists only on paper.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.