Evidence increasingly shows that aligning cybersecurity monitoring with known adversary TTP – tactics, techniques, and procedures enables more precise threat detection – https://attack.mitre.org. Embedding TTP-based telemetry into security operations not only enhances detection fidelity but also enables proactive threat hunting and risk-based control rationalization
ITGC form a vital cornerstone of any effective cybersecurity strategy, establishing the foundational safeguards necessary to protect an organization’s IT environment and serve as strategic enablers of enterprise cybersecurity and ensuring CIA
What is “Reasonable” Security?
If you are breached and your case goes to litigation, you will be asked to demonstrate “due care.” This is the language judges use to describe “reasonableness.” Enterprises must use safeguards to ensure that risk is reasonable to the enterprise and appropriate to other interested parties at the time of the breach. https://www.cisecurity.org/
Malaysia Risk Profile
- Not a nation state risk – Low geopolitical risk
- Malaysia experienced scam losses equivalent to an alarming 3% (USD12.8 billion) of its GDP in 2023 indicating a significant impact on the country’s economy from fraudulent activities. Malaysia tops Asia for scam- revictimization rate – Global Anti-Scam Alliance/GASA.
- This scam crisis REQUIRES the government & especially Financial institutions to take greater responsibility in mitigating risk to the elderly, vulnerable and the ECONOMY.
- Potential internal control measure are:
- Consider Dual & Secondary cell # setting for OTP’s, e.g., husband & wife, children, etc.
- Leverage AI to learn transaction usuality & apply alert blocking AI agents.
- Train rapid response teams on SCAM prevention!
- Potential internal control measure are:
- Critical Cybersecurity Hygiene – Patching for Vulnerability Management
- Despite widespread recognition that patching is effective, and with attackers regularly exploiting unpatched software, many organizations do not adequately patch. There are myriad reasons why, not the least of which are that it can be resource-intensive and that the act of patching can reduce system and service availability. Also, many organizations struggle to prioritize patches, test patches before deployment, and adhere to policies for how quickly patches are applied in different situations (NIST)
- Fortify Change Management – see SUCOP
- CyberSecurity Architecture basics, e.g.
- DID – Design in depth – build an obstacle course for the bad guy. No SPOF – single point of failure
- Apply principle of least privilege & SOD policy – Segregation of duties
- GRC – You can’t build a security program without Governance Risk & Compliance. It might be a controversial take, but I believe GRC is where most cyber security programs ultimately break and/or fail (Ref) – Fortify your basics – ITGC
- NIST CSF – https://www.nist.gov/cyberframework Master the five pillars of CyberSecurity <> IDENTIFY, PROTECT, DETECT, RESPOND & RECOVER.
- CyberMetrics – reach out to discuss per your digital footprint & 3rd party profile
