Securin Inc.

📲 Are you helping your employees stay safe from social engineering attacks? Regular, in-depth training on detecting and preventing phishing and social engineering is essential. Along with robust technical safeguards like remote wiping, ad blockers, and endpoint protection, your active participation in maintaining these practices is crucial. Read our latest blog to learn more about social engineering attacks and how to protect your privacy effectively. https://lnkd.in/gA7TVX6w #CyberSecurity #SocialEngineering #PrivacyProtection #SecurityTips  #CyberSecurity #PhishingPrevention #SocialEngineering #EndpointProtection #CyberAwareness #SecurityTraining #TechSafeguards #StayVigilant #CyberSecurityAwarenessMonth #SecureOurWorld #ThinkBeforeYouClick

☣️ Did you know that 80% of healthcare institutions rely on legacy systems?  Or that COBOL supports more than 40% of all online banking systems - including 95% of ATM transactions? 🚰 Legacy systems and code continue to support many critical sectors, from healthcare and finance to transportation and utilities. While they’re often appreciated for their reliability, stability and low resource consumption, these outdated systems have become prime targets for cyber attackers - making them a serious threat to national security and public safety. With more than 80% of the USA’s energy infrastructure alone privately owned, how can we ensure that organizations modernize and take the necessary steps to protect their systems? Check out our latest blog and learn more about which sectors are most at risk, and what can be done to protect them. Link in comments 👇 #CriticalInfrastructure #ProactiveSecurity #Cybersecurity

🎙 Securin's Ram Movva joined Ivanti’s Chris Goettl on the Security Insights podcast to talk all things vulnerability intelligence, from risk-based prioritization to attack surface management and emerging trends in ransomware. If you’ve ever wondered… 🔥 How machine learning algorithms adapted from war zones help predict which software vulnerabilities will be weaponized - and when. 🔥What the top five attack surfaces are. 🔥Why external attack surface management matters.    Have a listen and find out 👇 #ProactiveSecurity #AttackSurfaceManagement #Cybersecurity https://lnkd.in/epbWDHWg

🔒✨ October is Cybersecurity Awareness Month! ✨🔒At Securin, we are dedicated to keeping organizations protected against cyber threats all year round. Now, more than ever, it is crucial to stay vigilant and proactive in safeguarding our digital assets. Join us in spreading awareness and promoting a safer online environment. Together, we can build a stronger cybersecurity culture and protect what matters most. Stay tuned for more updates and tips throughout Cybersecurity Awareness Month! #Securin #CybersecurityAwarenessMonth #StaySecure

Securin is excited to be hosting the AI Vulnerability Hunt at this year's Response Con! Who will win the grand prize?! Sign up and it might be you! #pentesting #penetrationtesting #cybersecurityevent #cybersecurity

Vulnerability Intelligence with Securin Inc. Ram Movva joins the show to talk about all things vulnerability intelligence: how to prioritize according to risk, manage your external attack surface and emerging trends in ransomware and security. https://lnkd.in/dmidrid5

🚨Arkansas City’s rapid switch to manual operations no doubt played a significant role in averting a more serious outcome, but cyberattacks on water facilities and other critical infrastructure remain a significant threat – and the best strategy for mitigation is risk-based, proactive cybersecurity. ⚠️ Critical infrastructure and municipal systems often operate in environments where poorly configured remote access/default password use and unpatched/outdated software are widespread. ⚠️ While the specific details around this attack are still emerging (unconfirmed reports suggest ransomware was involved), CISA recently issued an advisory on Iran-based attackers targeting US operational technology through what it called “unsophisticated means” – mainly internet-exposed Industrial Control Systems (ICS) and operational technology (OT). With more than 150,000 public water systems in the US, there is growing concern and awareness around what’s at stake. 💡 What can critical infrastructure organizations do to protect their systems? Proactive cybersecurity is a long-term strategy, but some very quick wins include: 1️⃣ Vet and secure all remote access services *now* - LogMeIn, VNC cloud connection etc. 2️⃣ Vet and secure all systems exposed to the business internet. 3️⃣ Eliminate the use of default credentials.  4️⃣ Prioritize and patch outdated systems *before* they become an issue. Effective incident response is crucial, but it’s only one aspect of a best practice strategy underpinned by a proactive approach to cybersecurity. #proactivecybersecurity #criticalinfrastructure https://lnkd.in/gqMti6ks

🤖 Both the USA and EU have mandated a risk-based approach to AI development. What does that mean for software and application developers? Securin's Ram Movva and Aviral Verma share their thoughts in this InfoWorld opinion piece. 🔺 For many organizations, the risk will vary, depending on the data they use. But however you slice it, proactive security will be at the heart of driving security by design, as regulations increasingly require the ability to find weaknesses *before* they become vulnerabilities. Get the full story 👇 https://lnkd.in/guDDqvPV #AI #SecureByDesign #ProactiveSecurity

Now that the dust has settled on the summer cybersecurity conferences, what are some of the top priorities security leaders should continue to consider in 2024?  Securin’s Aviral Verma gave us his top 3: 💡 Finding the signal in the noise - adopting a proactive approach to security. Building the capacity not just to identify but to prioritize risk. 💡 Understanding the nature of weakness in code as it applies to your organization. If you focus your priorities exclusively on the MITRE Top 25, there’s a good chance you’ll miss the highly weaponized, less known weakness that is highly relevant to your specific systems. Until it finds you. 💡 Software supply chain risk: supply chain and third-party risks accounted for 15% of breaches last year. It’s a harsh reality that organizations need to confront this trend and evaluate their partners’ cybersecurity practices. It’s time we asked more of them, starting with areas such as completing a standardized security questionnaire based on frameworks, like the NIST Cybersecurity Framework (CSF) or ISO 27001. These could cover topics like network segmentation and access controls, patch management and vulnerabilities management, among others. We’re still seeing vulnerabilities like XSS (CWE-79) being coded into modern applications - there is really no need for this to be happening in 2024. 🎯 Remember: if we want secure coding practices, and a focus on eliminating repeatedly exploited software bugs and weaknesses, we have to equip developers with the knowledge and insights they need. As a security leader, what will your top priorities for the coming months be? #cybersecurity #vulnerabilitymanagement #proactivesecurity

🚨 Ransomware is hitting harder than ever in 2024 – payments in H1 2024 totaled almost $460m. Unfortunately, that’s likely to be the tip of a very large iceberg… Research from Chainalysis found that over $1bn in cryptocurrency was paid out to ransomware groups by victims in 2023. With median ransomware payments increasing from $200,000 in 2023 to $1.5m by June this year, something clearly has to give. 🛑 At the heart of the problem: Weakness in software continues to provide attackers with a rich vein of access to big payouts. And because they’re often designed by non-security-focused engineers and are publicly accessible, web applications have become a primary target. Research by Securin analysts earlier this year showed 109 weaknesses linked to vulnerabilities known to be exploited by ransomware and threat actor groups. With an average of 55 days to remediate 50% of critical vulnerabilities, ransomware groups are having a field day. 💡 What can you do? We can start by making software more secure. Our blog gives you some of the key actions developers and DevSecOps can take, including: input validation and sanitization, memory safety practices, and privilege management. Link in the comments 👇 https://lnkd.in/gwa6WRvR #proactivesecurity #ransomware #cybersecurity