VPN PEERING DEMO

STEP 1:

Sign into your console and search hybrid connectivity

STEP 2:

Create VPN connection.

STEP 3:

STEP 4:

Click on Interconnect.

STEP 5:

Referencing:Google cloud

PCI DSS is a legal requirement in the digital age; it's a key company strategy to prevent expensive and reputation damages of data breaches. However, companies have to deal with complex infrastructures and continually evolving threats and risk in order to achieve compliance. This article analyses these challenges and provides solutions for strong PCI DSS compliance that are suited to business executives' and IT professionals' real-world requirements.

Maintaining Operational Efficiency while Ensuring Security.

Challenge:

Finding the ideal balance between strict security protocols and preserving operational effectiveness is something that businesses frequently find difficult. While too lax of controls might expose the system to vulnerabilities, too stringent ones can impair system agility and user experience.

Strategy: 

Take a risk-based stance when it comes to security. 

Determine which assets are most important and rank them according to the possible consequences of a breach. Put in place layered security mechanisms that provide scalability and flexibility without jeopardizing vital security.

Integrating Legacy Systems.

Challenge: 

A lot of businesses continue to operate with aged legacy systems that are not complaint with contemporary security standards. These system replacements or upgrades are big projects that take a lot of time and money to complete.

Strategy: 

Create a long-term modernization roadmap that is in line with your security needs and business goals. 

To reduce risks during the transition, use robust access controls and monitoring around legacy systems in the short term.

Dealing with Complex Compliance Landscapes

Challenge: 

PCI DSS is just one of many regulations that businesses operating in various jurisdictions must navigate, and it is a real challenge to maintain continual compliance.

Strategy:

Create a centralized compliance department to keep an eye on all applicable regulations.

 Implement compliance management tools that can automate reporting and monitoring tasks and can adjust to different frameworks.

Managing Third-Party Risks

Challenge: 

There are many vendors and service providers in the current enterprise ecosystem, and every single one could be a risk to data security.

Approach:

 Perform extensive due diligence on the third parties / vendors that collaborate with the environment where your cardholder data is stored.

Define security expectations in a clear legal agreements, and carry out routine audits to verify compliance.

Addressing Resource Constraints

Challenge:

The resources, time, and staff needed for continuous PCI DSS compliance can be costly, particularly for smaller businesses.

Strategy: 

Take into account contracting with specialized companies that can provide economies of scale to handle some security functions.

Over time, invest in training and development to increase internal expertise.

When feasible, employ automation to cut down on the amount of manual operations. 

Referencing: 

https://www.linkedin.com/in/ocynthia/

Cybersecurity Performance Goals

The United States Critical Infrastructure Security Agency has established several key cybersecurity objectives aimed at safeguarding the nation's essential infrastructure. These guidelines are incredibly significant, and gaining a thorough understanding of their implementation can significantly enhance your value.

In 2023, CISA has formulated a set of cybersecurity performance goals intended to methodically guide you through various stages for minimizing the likelihood and impact of cyber threats.

These Cybersecurity Performance Goals (CPG) are organized considering factors like cost, complexity, and impact. This prioritization is especially beneficial for small and medium-sized organizations, enabling them to understand where to begin, and how to strategically allocate resources and plan their cybersecurity measures.

Referencing:

CISA

https://lnkd.in/ekgzA53r

BREACHES AND INCIDENTS

 

November 24th 2023. A ransomware attack on London & Zurich, a major direct debit provider based in Solihull, UK, has resulted in significant operational disruptions, causing customers to face six-figure backlogs.

The attack led to system outages, compelling at least one customer to secure a short-term loan due to cash flow difficulties. During the crisis, customers struggled to access support services, often encountering unresponsive phone lines. London & Zurich has not provided specific details to The Register regarding potential data breaches, the identity of the attackers, the breach method, or the attack's inception.

The incident affected only one system environment, which is now reconstructed in a new, secure setting. The company's API service is fully operational, with final tests being conducted on two remaining service areas. 

My Thought Process:

                                          Situation

London & Zurich experienced a ransomware attack starting November 10, leading to prolonged service outages and significant operational disruptions. This has resulted in substantial financial backlogs for its customers, with one managed service provider (MSP) reporting a backlog of over $124,000.

                                          Background

The company confirmed the ransomware attack on its website four days after the outage began. Communication from London & Zurich has been infrequent and unclear, causing confusion and additional difficulties for customers. The inability to process direct debit payments has severely impacted customers, including the MSP, which is facing challenges in making payroll and covering operational expenses.

                                                Findings

The incident reveals weaknesses in London & Zurich's cybersecurity defenses and crisis communication strategies. The financial strain on customers, especially smaller or debt-leveraged companies, is significant. There's a possibility that there might be a breach of PCI DSS compliance.

                                                   Impact

Immediate impacts include operational disruption, financial strain on clients, and reputational damage to London & Zurich. Long-term impacts could involve legal and regulatory repercussions, especially if there was a failure to protect customer data adequately.

                                                 Likelihood 

The likelihood of ransomware attacks is high in the current digital landscape, particularly for financial services providers.

                                                 Recommendation

Compliance Alignment: I would ensure that all measures comply with relevant data protection and financial regulations. This could include GDPR for data breach notifications and financial regulatory standards for operational resilience.

Enhance customer support capabilities to handle increased inquiries during crises.

Strengthen cybersecurity infrastructure to prevent similar attacks. Improve crisis communication plans to provide clear, frequent updates during outages.

Document training and awareness among employe

Referencing: https://cyware.com/cyber-security-news-articles

CLOUD SECURITY ANALYST

 

As a cloud security analyst, key points to always remember:

How to monitor API calls- AWS cloud trail.

Cloud Trail provides an audit trail of API calls and user activities for inspection. It shows precise events and changes initiated on AWS resources which is critical for security analysis and meeting compliance needs.

How to monitor applications and performance-AWS cloud watch. CloudWatch provides operational visibility through system and application performance monitoring, collecting metrics, logging, and triggering actions based on defined alerts. It gives insight into overall infrastructure health

Where are logs stored- AWS cloud watch. Tools like CloudTrail, Config, VPC Flow Logs, API logs, and custom app logs can feed into CloudWatch.

Logs can be analyzed in CloudWatch Insights or sent to services like Elasticsearch for retention, metrics, dashboards, and complex search.

RISK APPETITE

 

What defines a robust risk appetite? Firstly, it aligns closely with the business strategy. It incorporates both qualitative statements and quantitative metrics, along with exposure limits. Additionally, it adjusts to evolving circumstances, changes in business objectives, variations in skills, and resource availability. The more clearly defined your risk appetite and tolerances are, the more effectively you can optimize risk-reward outcomes and strategically leverage risks. 

                           Challenges in Real Workplace

Risk Appetite and Supply Chain

                                      Challenge 

Aligning Risk Appetite with Evolving Global Supply Chains

Example: An enterprise manufacturing smartphones sources components globally. Its risk appetite allows moderate risks in procurement to reduce costs. However, geopolitical tensions in a supplier country escalate, threatening supply chain stability.

                                   Likelihood Analysis

Moderate to High, as geopolitical tensions are unpredictable but not uncommon.

                                              Impact

High, as supply chain disruptions could lead to production delays, increased costs, and potential market share loss.

                                 Frameworks to Consider

ISO 31000 (Risk Management) and Regulatory Compliance: Controls from regulatory requirements GDPR for data protection, SOX for financial reporting.

                                          Gap Analysis

Conduct a gap analysis to identify areas where your current controls might not fully address the identified risks.

Cross-Functional Integration.

We continuously monitor. Regularly review and update the control mappings to reflect changes in the business environment and emerging risks.👌

The NIST CSF 2.0

 

The NIST Cybersecurity Framework, with its six pillars, is a dynamic document designed for continuous refinement and improvement. NIST is committed to integrating stakeholder feedback to adapt to the ever-changing cybersecurity landscape. Currently, NIST is actively developing CSF 2.0, a substantial update aimed at enhancing the framework for more effective cybersecurity risk management.

CSF 2.0's Governance domain addresses issues of accountability, confusion, and inefficiency in our environment. It emphasizes leadership and oversight, tied to finance, to establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy.

The six pillars of NIST 2.0 are:

GOVERN: Establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy.

IDENTIFY: Determine the current cybersecurity risk to the organization.

PROTECT: Use safeguards to prevent or reduce cybersecurity risk.

DETECT: Find and analyze possible cybersecurity attacks and compromises.

RESPOND: Take action regarding a detected cybersecurity incident.

RECOVER: Restore assets and operations impacted by a cybersecurity incident.

The release of the public draft is a significant milestone, providing organizations with the opportunity to contribute input before NIST finalizes the framework for anticipated publication in 2024.

Referencing : https://csrc.nist.gov/Projects/cybersecurity-framework/Filters#/csf/filters