Encryptix Cybersecurity

The International Motorsport Federation (FIA), the main body responsible for coordinating motor racing, has acknowledged a data breach following a phishing email attack. The incident highlights the vulnerability of organizations to cyber threats and has caused significant concern within the motorsport community. In a statement, the FIA confirmed that illegal access to data was immediately halted after the incident came to light. The organization also notified the relevant data protection regulators in France and Switzerland. "We take our commitment to data protection and information security very seriously," the FIA stated, adding that additional measures have been implemented to prevent future attacks.This incident serves as a reminder of the importance of a comprehensive approach to cybersecurity and the need to protect data through modern encryption and access control measures. Javwad Malik, from KnowBe4, emphasized that no organization is immune to cyber threats and attention must be given to both technical and human aspects of security. Cybersecurity expert Erfan Shadabi emphasized the significance of data protection in today's digital age, where organizations are exposed to the risk of cyberattacks. He recommended the use of advanced security techniques like encryption and tokenization to safeguard confidential information. In a world where digital data is increasingly targeted by cybercriminals, it is more important than ever to enhance cybersecurity measures. The FIA and other organizations call for action, urging for stronger security measures to protect data and maintain security in the digital space. #cybersecurity #phishing #securityawareness #securitychampion

Hiw DNS Works | Via: Ethical Hackers Academy ®

Common Cybersecurity Roles

Asian organizations are leading in cybersecurity awareness, ahead of the global average: KnowBe4 The annual KnowBe4 report shows that without security training, almost one in three employees in Asia (28.4%) can click on a suspicious link or make a fraudulent request. The new KnowBe4 report measures the percentage of organizations exposed to phishing (Phishing-Prone Percentage, PPP), which demonstrates how many employees are likely to fall victim to phishing or social engineering. The report shows that without security training in various industries, almost one in three employees in Asia (28.4%) can click on a suspicious link or make a fraudulent request. This figure is significantly lower than the global average of 34.3%, which indicates that employees in Asia are more vigilant in detecting malicious links and other forms of phishing. There is also a decrease compared to last year's figure of 30%, which indicates an improvement in the cybersecurity situation. KnowBe4 analyzed more than 54 million simulated phishing tests from more than 11.9 million users from 55,675 organizations in 211 countries in the Americas, Europe, Africa, Australia and New Zealand. The final PPP baseline measures the percentage of employees in organizations who have not received security training and who clicked on a simulated phishing link or opened an infected attachment during testing. The findings of the report clearly demonstrate the effectiveness of combining security tests with simulated phishing and security awareness training. In Asian organizations that conducted consistent training and testing, the average PPP decreased from 28.4% to 17% during the first 90 days and decreased further to 5.5% after a year of continuous training and testing. Overall, employee performance in Asia is higher than the global average: 18.9% after 90 days and slightly higher after a year of consistent training and testing (5.5% vs. 4.6%). This indicates that employees in this region are better informed and familiar with the tactics of cybercriminals.  "With the Asia-Pacific region experiencing a significant surge in cyber attacks, this report highlights the importance of the human factor in cybersecurity. Although technology plays a key role in preventing and recovering from cyber attacks, the human factor remains a significant source of data leaks. It is encouraging to see an improvement in phishing rates in Asia compared to last year, but the number of threats controlled by artificial intelligence will continue to grow. Therefore, it is imperative that organizations continue to strengthen the human firewall through regular and targeted security awareness training," said Dr. Martin Kremer, Security awareness Specialist at KnowBe4. #cybersecurity #phishing #securityawareness #securitychampion The information is taken from the ETCIOSEA article

Attacks and Exploits in the OSI Model! . . . . . #CyberSecurity #InfoSec #CyberSecurityAwareness #DataProtection #CyberThreats #NetworkSecurity #EthicalHacking #ThreatIntelligence #CyberSecurityTips #RiskManagement #CyberDefense #InformationSecurity #DataPrivacy #CyberResilience #PenetrationTesting #SecurityAwareness #DigitalSecurity #CyberSecurityTraining #ITSecurity #MalwareAnalysis

In industrial control system #ICS, communication between distributed control system #DCS and safety instrument system #SIS , is vital to ensure #safe and #reliable operation of the plant .  #Modbus TCP/IP is the common used communication protocol between #DCS and #SIS, to secure operation and safety of plant it is important to secure #SIS against unauthorized communication .  Industrial firewall is the best solution to secure the communication and prevent unauthorized communication, but installing firewall impose delay in communication which could lead to communication loss if delay increased upon certain limit so configuring Modbus communication from Modbus master (DCS) by :  1️⃣ Increasing time-out values: Extending the time the DCS waits for a response from the PLC before considering it a communication error. 2️⃣ Increasing the number of retries: Allowing more attempts from the DCS to re-establish communication before declaring a failure.  by implementing this , functionality and performance will be maintained while securing communication to achieve  main objective of operational technology cybersecurity to maintain availability of ICS as per system security requirement : ISA/IEC 62443-3-3 SR7.1 "Denial of service protection" #iec62443  #otcybersecurity  #icscybersecurity  #icssecurity  #iacsecurity  #oilandgas  #industrialautomation  #cyber  #oilandgas  #ics  #ot   #instrumentation  #instrumentationandcontrol  #cyberawareness  #automation  #cyberriskmanagement  #cisa  #TahseenSaber

🤔 Am I right if I say the following? You don’t need complex risk assessments and vast policy suites to know that you have: 1️⃣ An externally facing perimeter. 2️⃣ Email. 3️⃣ Endpoints. 4️⃣ Privileged identities. 💥 Perfect is the enemy of good. There are a tonne of sensible things we can do to secure these commonly targeted assets before we dive into the complex risk management world. 👉 That said, to build a high-performing and sustainable security function you definitely need risk assessments, policies, and governance. Awesome if you can progress both concurrently, but if you have to prioritise, I would always fix the commonly targeted stuff first.