About Us

Flosum Trust Center by Flosum for Secured Salesforce Environments

Flosum Trust Center by Flosum is an integrated security solution that monitors, alerts, and scans for potential threats in a Salesforce environment. It enables businesses to follow SecOps and DevSecOps best practices while focusing on securing Salesforce environments from cybersecurity threats and data breaches. Flosum is an Enterprise Continuous Integration Delivery and Release Management Solution for Salesforce.

According to a report, by 2022, ninety percent of software development projects will claim to use DevSecOps practices, up from forty percent in 2019.

Girish Jashnani, CEO of Flosum commented, “Taking ownership of security within a third-party platform helps to manage risk, which is why we like to say that customers have a shared sense of responsibility for ensuring the security and trust of their Salesforce environment. Flosum’s new security automation solution assists customers in staying secure without requiring advanced security teams for implementation.”

Flosum Trust Center adds an adaptive security framework, existing customers can easily incorporate Trust Center into their solution, and new customers can implement Trust Center with or without Flosum’s Release Management platform. The Trust Center enables close collaboration between corporate security and Salesforce teams.

Flosum Trust Center will provide a full Security Event and Information Management (SEIM) solution that will enhance data masking, code security, and detailed audit trails to reduce audit costs, complementing existing Salesforce Privacy Center, Trust, and Shield solutions.

Flosum Trust Center features and benefits for Salesforce customers include Org monitoring, a consolidated view of all org settings, and best practices enforcement. Templates for security, users can create templates and apply them to multiple organizations. Salesforce teams will save time while collaborating with InfoSec to ensure that hardening rules are followed. Users can create security policies within these templates, and those policies will always be enforced.

Remediation allows clients to address changes or issues raised by their templates. These can be completed by moving the item to a solution branch. Security violations in DevOps allow the use of templates to indicate violations to the developer as they work, saving the company from any potential conflicts or issues. Audit trails, allow users to track all changes in detail, allowing them to prioritize their designated risk levels and keep the audit record for any length of time.  Data masking provides sample data to sandbox environments to ensure realistic tests without jeopardizing confidential data. Masking can be used on both data at rest and data in transit between organizations.

Read more articles:

API Security Should Be Your Priority in 2022

Fortinet Launched FortiNDR to Help Identify Cyberattacks

Fortinet FortiNDR is a new network detection and response offering that uses artificial intelligence and pragmatic analytics to enable faster incident detection and threat response. Advanced, persistent cybercrime is more vicious and volatile than ever before, with an attack surface that continues to grow with hybrid IT architectures and ongoing staff shortages due to the cybersecurity skills gap.

Legacy security solutions also face a daunting and time-consuming manual alert triage process that diverts valuable resources away from higher-priority tasks like threat mitigation. As cybercriminals improve their abilities, so should an organization’s security tool.

John Maddison, EVP of Products and CMO at Fortinet commented, “With the introduction of FortiNDR, we’re adding robust network detection and response to the Fortinet Security Fabric. Powered by purpose-built machine learning, deep learning, pragmatic analytics, and advanced AI capabilities, FortiNDR automatically detects and responds to abnormal network activity to thwart security incidents. Fortinet’s full suite of detection and response offerings feature native integration for a coordinated response to empower security teams to move from a reactive to a proactive security posture.”

FortiNDR also includes native integrations with the Fortinet Security Fabric as well as API integrations with third-party solutions for a coordinated response to discovered threats to reduce their impact. Quarantining devices generating anomalous traffic, enforcing with third-party devices via an API framework, initiating an orchestrated process guided by SOAR, and other common automation to speed response.

Robust Portfolio of Detection and Response Solutions from Fortinet’s existing detection and response portfolio includes managed detection and response (MDR), endpoint detection and response (EDR), and extended detection and response (XDR) solutions.

John Grady, Senior Analyst, Cybersecurity at ESG stated, “As enterprises struggle to coordinate threat detection and response across individual point products, the ability for them to leverage a complete set of integrated SOC capabilities as part of a cybersecurity platform promises significant improvement in the effectiveness and efficiency of discovering and mitigating threats. Fortinet’s portfolio of detection and response products such as FortiNDR, FortiEDR, FortiXDR, and more, which are all integrated as part of a platform, should be considered for any organization looking to improve their security operations function.”

Read more articles:

cyber threat intelligence!

QuSecure Introduced Post-Quantum Cybersecurity

QuSecure launched QuProtect an end-to-end PQC software-based solution tailored to protect encrypted communications and data with quantum resilience utilizing quantum secure channels. In an industry-first innovation, QuProtect enables organizations to use quantum resilient technology to prevent current cyberattacks alongside shielding networks from future post-quantum cyberthreats.

QuProtect provides quantum-resistant cryptography in real-time, on any device. It addresses the most vulnerable aspects of the digital ecosystem by adding zero-trust, next-generation post-quantum cryptography, and active defense into an all-around cybersecurity suite. QuProtect offers end-to-end quantum security as a service (QSaaS) architecture, the whole approach is built around the entire data lifecycle, including data storage, communication, and use.

Skip Sanzeri, QuSecure Founder and COO commented, “Enterprises are charged with providing high levels of data security. We are facing the largest computer upgrade cycle in history as all public-key cryptography globally needs to be upgraded to PQC. Our QuProtect solution provides organizations with a first-mover advantage as the industry accelerates toward a quantum future. QuProtect allows organizations and their clients to maintain the highest level of quantum-resilient security to address cyber threats with minimal disruption to existing systems.”

QuProtect secures quantum communications channels for any node on the network by utilizing National Institute of Standards and Technology (NIST) approved quantum algorithms. Its technology supports backward compatibility and can translate from PQC to standard Transport Layer Security (TLS), ensuring network interoperability. No other company combines QuSecure’s broad-based quantum and post-quantum technologies to provide secure, interoperable cybersecurity to organizations’ networks against quantum threats.

Laura Thomas, former CIA Chief of Base and currently VP of Corporate Strategy at ColdQuanta stated, “Quantum technologies have the potential to represent a platform shift, and platform shifts don’t come around that often. When they do, they bring enormous opportunity coupled with the power for intense disruption, in all areas, including national security and economic security. Organizations should be evaluating post-quantum encryption solutions now and mapping out the resources and timelines needed to deploy them on their networks. QuSecure is playing a key role in future-proofing our networks from current classical and future quantum attacks.”

Read more articles:

C2A Security and Stefanini to Bring Cybersecurity Solutions

AT&T and Meraki Launched SASE

AT&T SASE with Cisco Meraki is a new managed service designed to help businesses improve network performance, enable resilient access, and protect sensitive data. The service also aids in the prevention of unauthorized use and loss. It accomplishes this while providing customers with flexibility as their networking environments change due to business growth, location expansion, and strategy changes.

AT&T has introduced AT&T SASE with Cisco Meraki to provide powerful networking and security offering to businesses of virtually any size and industry.

Danessa Lambdin, Vice President of AT&T Cybersecurity stated, “In-network connectivity and security, there is often little margin for error. For many businesses, the expertise to get it right is hard to come by. AT&T SASE with Cisco Meraki is a completely managed service that puts our experts in the driver’s seat giving growth-oriented businesses an integrated solution that can address their needs today and scale up right alongside them going forward.”

The need for dependable, high-performance connectivity is imminent. Because of the rise of hybrid work environments, organizations are connecting people, places, and devices, allowing users to connect and collaborate at nearly any time and from nearly any location.

Organizations also rely on a variety of Internet of Things (IoT) devices to increase efficiency, ranging from security cameras to medical devices and manufacturing equipment. Because of the explosion of connectivity, preparing for and responding to cybersecurity threats has become a critical challenge, particularly for sophisticated enterprises.

The managed security service enables almost any business to connect, protect, manage, and scale its network without the in-house expertise typically required. The solution’s scalability is critical for growing businesses that need to rapidly expand to new data centers and branch locations or add more devices to their network. This solution also assists businesses in protecting sensitive data from unauthorized use and theft. Customers also get access to AT&T Managed Services and specialists who can help with deployment, policy design, configuration, and 24/7 monitoring and support.

Lawrence Huang, Vice President of Product Management at Cisco Meraki commented, “Businesses looking to deploy cloud security across distributed locations must be able to do so in a simple, scalable, and reliable way. The AT&T SASE with Cisco Meraki service offers customers a seamless onramp to their SASE journey with a fully integrated networking and security offering, ultimately protecting users against internet-based threats both on and off the network.”

Read more articles:

Cyber Threat Intelligence!

Nethone raises $6.7M Series A Funding to combat online fraud

Nethone’s passive behavioural biometrics enables online businesses to stop over 95.3 percent of account takeovers (ATO), which have been spreading at an alarming rate around the world. Aside from ATO, the Polish fraud fighter has been prospering in its payment and financial application use cases, consistently demonstrating a fraud detection precision of over 10 p.p. greater than traditional methods.

Along with Innovation Nest, Plug and Play Ventures, Firlej Kastory, and numerous business angel investors, Atmos Ventures and ARIA are headlining Nethone’s most recent fundraising round. Nethone will use the Series A funding to accelerate its go-to-market activities and strengthen its exclusive Know Your User (KYUTM) profile technology, giving global leaders the tools, they need to fight fraudsters.

Given the pandemic-induced surge in demand for direct-to-customer online commerce (both web and mobile) and the associated next-generation financial services, COVID-19 elevated the importance of cybersecurity. Nethone has been able to more than double its customer base in the last year, as well as increase the volume of onboarded clients across the eCommerce, digital products and services, and financial services verticals.

Hubert Rachwalski von Rejchwald – Nethone’s CEO said, “The last year has seen an unprecedented spike in fraudsters’ activities. COVID-19 has fueled a ‘professionalization of fraud’ trend that Nethone has been observing systematically escalate since the company’s inception in 2016. “Barriers to entry for fraudster-wannabes have been steadily decreasing. More and more sophisticated SaaS-based tools became available for anyone with some financial resources at their disposal. Today, these are advanced technical solutions built by well-organized, highly experienced groups of rogue IT experts. Wrapped in a user-friendly interface and excellent customer support they allow for complex anonymisation and automation functionalities as well spoofing of historically trusted digital identities that most of the incumbent fraud detection solutions stand no chance of spotting.”

“The forward-looking answer to anyone who wishes to effectively transact online is to deeply understand every single user, as they browse the website or use a mobile app. Our KYU profiling technology gives access to first-hand real-time insights about what is really happening with the device, how this device interacts with the servers of the platform and, last but not least, what is the raw behavior – keystrokes, mouse movements, gyro or accelerometer readings, touches on mobile). These are currently over 5000 attributes that we are extracting passively in the background about every single user thanks to years of targeted research and engineering, Importantly our goal is never to affect the customer journey by staying invisible in the background nor invade end-user privacy thanks to the low-level nature of the attributes we collect” – adds Aleksander Kijek, Nethone’s CPO.

Apart from extending its go-to-market operations, the business intends to use the funds to accelerate roadmap advancement, with a focus on features that will optimise perceived value among the company’s target categories.

“With the post-COVID critical significance of fraud prevention and the fierce competition in creating the frictionless user experience, Nethone has a novel approach to profiling technology fueled by machine learning. And since Atmos is focusing on developing deep technologies in ML-driven commercial solutions, Nethone Profiler combined with the explainability of the machine learning models was an obvious choice for us. We are elated to join the team to arm online merchants with deep tech tools against fraudsters,” said Hadi Solh, Managing Partner at Atmos.

Dariusz Lewandowski, CEO of ARIA said, “The accelerated growth of eCommerce in the pandemic era – up 30% in value by 2020, naturally increases the scale of fraud in the digital space. Nethone solves the problem of online payment and identity fraud, with annual losses worth around $50 billion. Their technology provides maximum protection without affecting the end-user experience. I see huge potential for the application of this technology, including other companies in our portfolio – wherever payments are involved. I am impressed with Nethone’s highly motivated team, as well as the organizational maturity for an early-stage company. Nethone has proven successful in onboarding clients ranging from traditional banks to fast-growing start-ups across the globe.”

BOTS subsidiary, Cyber Security Group LLC, announced Web Application Firewall (WAF) solution to target global cybersecurity market

BOTS, Inc., a global tech firm that specialises in Blockchain-based solutions such as decentralized finance applications for the financial industry, consulting, mining equipment repair, cybersecurity solutions, crypto mining and insurance, announced that its subsidiary, Cyber Security Group LLC, has launched Web Application Firewall (WAF), a proprietary software solution to protect web applications.

The cybersecurity market is being driven by rising cybersecurity events and rules demanding their reporting. Cybercrime, which includes data damage and destruction, stolen money, lost property, intellectual property theft, and other sectors, costs the globe around USD 600 billion each year, according to the Center for Strategic and International Studies (CSIS) and McAfee.

WAF protects against application vulnerabilities and data breaches. The following are some important advantages:

  •     Protection from web attacks and DDoS
  •     Controls access and authentication
  •     Automates and orchestrates security
  •     Protects applications and APIs
  •     Protects against business logic attacks
  •     Protects ecosystem around Blockchain
  •     Blocks malicious bots and automated attacks
  •     Protects from XSS & SQL injections

BOTS’ Cyber Security Group LLC subsidiary is an ISO/IEC 27001:2013 certified Information Security Management System that seeks to capitalise on the fast-growing worldwide cyber security market with its exclusive range of SaaS products. WAF has been successfully battle-tested by financial services and e-commerce enterprises over a two-year pilot program and is now available to businesses all across the world.

Kaspersky Industry Analyst Summit 2021

Global cybersecurity solution provider, Kaspersky, recently hosted its industry analyst summit 2021. Research analyst Sachin Birajdar attended the virtual event on behalf of Quadrant Knowledge Solutions (QKS).
The summit was opened by Kaspersky CEO Eugene Kaspersky, who talked about ‘Cyberimmunity on CyberAge’. Next, Kaspersky CTO Andrey Efremov elaborated on Kaspersky’s product vision and strategy. Alexander Moiseev (Chief Business officer) explained Kaspersky 2020 performance/2021 Outlook, while Sergey Martsynkyan explained the Kaspersky stage-by-stage approach.

Following this, discussions concerning Kaspersky Optimum Security EPP EDR, MDR and Sandbox security awareness, Kaspersky Hybrid Cloud Security, Kaspersky Expert Security: xDR (EDR, KATA, MDR), Kaspersky Cybertrace and threat intelligence, Kaspersky MDR services, Kaspersky OS/transportation, Kaspersky industrial cybersecurity, and Kaspersky fraud prevention took place. Kaspersky also announced the launch of its Optimum Security solution, which integrates EPP, EDR, and MDR in a single platform to help users create critical incident response process and protect from evasive attacks. The Kaspersky analysts further informed that the company is focusing on providing comprehensive multi-layered protection to the hybrid environment, supporting advanced level security, robust, granular visibility and control, and seamless integration with Kaspersky Optimum Security and Kaspersky Expert Security.

On this occasion, Kaspersky analysts also explained about their new technology and service framework Kaspersky Expert Security. This solution helps users to detect and respond to threats in the network, including APTs and targeted attacks and helps to enhance their current security system. Kaspersky informed that it offers threat intelligence services to contextualize various aspects of security operations and helps minimize the detection and response time. The analysts added that the company’s MDR (Managed Detection and Response) service offers continuous machine learning-driven protection to analyze, investigate and respond to threats in real-time. Kaspersky also informed the attendees about their efforts to secure organizations’ operational technology layers and elements, including SCADA servers, HMIs, engineering workstations, PLCs, network connections with their product and service portfolio. The company informed that it also provides training programs and technical support to manage organizational endpoint security and control industrial networks centrally. Kaspersky explained how they are allowing and securing organizational global client interaction on the web or mobile channels and how they are using machine learning and risk-based authentication to secure access to the accounts and resources.

Kaspersky introduced a new Operating system (KasperskyOS) to protect web integrated systems in emerging digital transformation use cases such as wired and autonomous vehicles. the analysts also showcased customer stories and use cases as proof of customer satisfaction and efficiency of the Kaspersky’ products.

Quadrant Knowledge Solutions would like to thank the Kaspersky team for providing an opportunity to attend the event.

About the Author

Sachin Birajdar
Analyst – Data Analytics and Security Domain

Sachin is a part of Quadrant’s global research and consulting team. He is responsible for data analytics & security research.
Sachin is responsible for conducting global strategic market outlook, SPARK Matrix Analysis, and client consulting assignments. He has worked on strategic research and vendor evaluation projects for Data Preparation Tool, Application Security Testing, Bot Management, Deception Technology, Identity as a service, Mobile Threat Management, Privileged Access Management (PAM), and such others. Sachin is also a part of Quadrant’s best practice team in identifying the most promising companies in the data analytics & security domain space. He was part of the team for consulting assignments including detailed market mapping, custom market intelligence, analyst briefing, and such others.
Sachin holds an MBA in Marketing and BSC in Physics from Savitribai Phule Pune University, India.

Integrated Risk Management Platforms – All You Need to Know

Defining risk

A risk is defined as “the potential for loss due to uncertainty” or “the possibility of something bad happening due to lack of security”.

From these definitions, we can safely incur, that to reduce risk, organizations should not only be extremely risk-aware, but also have impeccable security measures in place. In order to make organizations guarded from various types of risk, (Material/Physical Risks, Cyber Risks, Reputational Risks, Legal Risks, or Operational Risks) there are several measures that can be put in place – one of them being ERM or Enterprise Risk Management.

ERM is the practice of analyzing potential risk and creating a plan to control risk-eliminating activities. It helps view risks from a bird’s-eye view – at an organizational level – and create strategies that ensure mitigation of risk.

However, with the digital revolution unfolding, information/data dependency has drastically increased. This also means that the IT or Cyber-risks are rapidly evolving and call for a comprehensive methodology to deal with them.
Integrated Risk Management (IRM) specializes in handling the risks prevalent in an organization’s technological infrastructure. While it still includes multiple elements of Enterprise Risk Management, it takes a more polished, all-encompassing approach to risk management. It equips an organization to acknowledge, understand, and curb their distinct risk scenarios.

The correct implementation of IRM is highly dependent on an organizations’ risk-awareness and ability to –
  • Create and implement governance, risk assessment, and risk ownership framework.
  • Identify upcoming risks internally and externally.
  • Create and implement a response strategy.
  • Continuously monitor business objectives, update governance policies in accordance with goals, remain updated on new types of risks and threats, and comply with regulations.
  • Adopt the correct IRM solutions to build a strong and unified risk management architecture.
What are Integrated Risk Management Platforms?

Traditionally, GRC (Governance, Risk, and Compliance) Platforms took a siloed approach to risk management. This often led to negligence of important details and increased vulnerabilities.

GRC Platforms helped manage –

  • Governance – The framework of rules and guidelines that create a foundation for all business practices.
  • Risk – The possibility of an organization facing losses due to negligence, breach, non-compliance, or poor governance.
  • Compliance – Following the framework of rules established to ensure governance and reduction of risk.

As time has passed, GRC platforms have morphed into being more flexible, less siloed platforms. They now view risk management as a whole – with governance and compliance being an integral part of the risk management process. These evolved Governance, Risk and Compliance (GRC) Platforms are now known as Integrated Risk Management (IRM) / Centralized Risk Management (CRM) Platforms.

Integrated Risk Management Platforms help organizations cope with their ever-increasing risk management needs. The various functionalities of IRM Platforms are listed below –
  • Manage risks across data security, cyber security and compliance areas spanning across various locations or sources.
  • Standardize risk assessment methods and risk management frameworks across siloes to unify risk management practices across business functions.
  • Provide visibility into threat exposure, risk interconnections, vulnerabilities and their impact on overall security measures.
  • Create an internal audit process to provide specialized risk assessments and insights.
  • Create a tracking framework dependent on business policies to make compliance and data usage ethics stronger. This tracking also helps locate and remedy violations.
  • Store all the data required to monitor risks securely on a centralized database.
  • Create risk libraries that catalog the most critical risks and provide accurate and actionable data pertaining to the threat history for an organization.
  • Analyze risk-related data and present comprehensive reports with heat maps, risk summaries and risk-control dashboards.
  • Automate risk management tasks, deliver reminders and record events.
  • Highlight compliance related risks through continuous monitoring and real-time updates.

Apart from these, IRM systems can also manage end-to-end third-party risk assessments by reaching out to external databases and gathering information continuously to help organizations mitigate risks.
Integrated Risk Management Platforms are advantageous because they help organizations to reduce the manual labor that goes into ensuring information security for an enterprise. Additionally, there are multiple other advantages that automating risk management can bring.

  • Identify and analyze risks at the organizational level and create a strategic plan for risk management.
  • Execute risk management and compliance policies.
  • Speed up decision-making by providing a comprehensive list of the risks and pain points involved.
  • Create a bridge between the planning and execution of governance and compliance policies.
  • Become and remain risk-aware and proactive in risk management.

How can Banks Combat & Mitigate the COVID-19 Fraud Attacks

Coronavirus is continuing to impact several lives of people and the economy worldwide; fraudsters are busily engaged in phishing and scamming mayhem. Both coronavirus and coronavirus scams can affect your health and finance. While the world is trying to deal with the threat of COVID19, cyber-criminals are coming with innovative ways to perform sophisticated frauds based on the continuing COVID – 19. Across the globe, people are working remotely with limited security features as opposed to working in the office. Everyone is in quarantine and following the social distance protocol. Owing to which everyone is shopping online for their daily needs. It is quite evident now customer shopping behaviors worldwide have changed and will persist in doing so in the times ahead. Doubtlessly, cybercriminals will keep following the trends of consumers and adapt their plans appropriately.

In most companies, fraud is identified post it happens; it’s imperative for financial organizations with the rise in technology, fraud detection, and mitigation takes place in real-time. They should adopt a real-time fraud management solution that can be tailored in accordance with their requirements. As online shopping continues to grow, even the security of online channels should become stronger and more advanced. Detecting frauds at a very early stage at the same time optimizing the customer experience should be the motto for banks. Various enterprises are plunging into a multifaceted method to combat and alleviate frauds. Acting recklessly with a haste plan can cause more damage than any good in the current COVID-19 situation.

Several types of fraud are hitting both the merchants and the consumers in these difficult times. Banks should conduct further authentication steps to access data, also adapt the limit for any fraud ranking models, enabling more false positives which support in preventing frauds. Banks or financial organizations should comply with regulatory compliance to alleviate risks. With a swift system in place, banks can be agile and smoothly alter algorithms or update models to safeguard their customers’ security.

Presently frauds are majorly attacking Business Email Compromise (BEC), Phishing, Gift Card Fraud, fake and fraudulent sites, eCommerce Fraud, Account Fraud, and such others. As It is easier to get distracted at home or be under different stress; hence such an audience becomes a soft target, and most people are falling prey to such fraudulent activities

COVID-19 phishing attacks – It started to rise in January 2020 and by the end of March 2020 it had a sudden surge. Most of the phishing attacks comprised of brand spoofing, scams, fraud emails, and business email compromise (BEC).

How can Banks Combat & Mitigate the COVID-19 Fraud Attacks

Disclaimer: Actual Numbers in the graph may vary as these are approximate figures.

Preventive measures to avoid frauds

Incorporate ML and AI-powered fraud detection solution

With the support of ML and AI, the fraud solution can consolidate data from all internal and external channels and analyze historical data, enabling the risk model to detect anomalies and abnormal behavioral patterns. Hence one of the best practices recommended is to integrate fraud management software coupled with intelligent automation, and advanced AI and ML.

Secondly, some fraud solution experts use risk scoring, device fingerprinting along ML and AI approach for detecting anomalies in payments and combating fraud attacks. The ML models can spot the probability of HTTP referrer is a phishing site and how to react to the phishing scams scenario. Sophisticated risk engine incorporated with AI and ML continuously monitors transactions and detects various fraud patterns along with the actual series of user behavior and continuously monitors and scrutinizes data. Whenever anomalies or fraud attacks happen, frauds can be detected by the fraud management solution in real-time, suggesting enhanced fraud protection layers.

In this rapidly evolving dynamics, the financial domain is facing a radical metamorphosis and customers expect banks to deliver a seamless experience. Smart banks advise today a comprehensive fraud approach demanding the intervention of human touch with sophisticated technology. Hence banks are embracing new technologies which help in flagging suspicious transactions and reducing false positives thereby minimizing losses and optimizing the customer experience.

Embracing multi-faceted and multi-layered security approach 

A lot of sensitive information of entities and companies exists with banks. If hackers get access to such sensitive information, then the probability is higher to initiate a breach or fraud attacks. To combat such situations with stronger performance and response, it is becoming crucial for banks to embrace a multi-layered approach to cyber-safety.

Financial organizations must spend in data-ingestion from multiple channels enabling them to make a sound decision on fraud attacks and fraudulent activities. Integrating a series of valid tools like multi-layered approach, biometrics, behavioral analysis supports in minimizing frauds to a greater extent. It also helps in offering the right security level in accordance with the fraud levels.

Enhanced Protection for mobile payments

Many of us use mobile phones to shop online and pay through various channels and gateways. This is the reason cybercriminals are aiming the mobile platform in parallel with others. Whenever any person clicks on any unknown links or downloads any attachments, malware, trojans or virus can get downloaded which could steal sensitive and personal data, which may further lead to the malfunction of websites.

Hence banks should implement multifactor authentication, additional account verification, end-to-end cryptography, fingerprinting device, providing real-time messages, alerts, and emails, proper banking mobile application, investigating behavior analysis, and using secure access with safe online documentation. This can help in monitoring financial transactions continuously, ensuring safety, and blocking fraud threats.

How can banks combat and mitigate the COVID 19 Fraud attacks1

Fraud Risk Management Solution

The fraud management solutions should help banks to safeguard from fraud attacks, detect and mitigate frauds and anomalies.

For an effective fraud management solution, you should bear the below pointers in mind –

  1. Can the fraud management software be integrated with the prevailing software model to enhance the fraud mitigation layer?
  2. Does the fraud management platform support multiple payment channels across different geographical locations?
  3. Is your fraud management solution, providing a deep insight into model analytics or it is just merely a Black Box?
  4. Does your fraud management program meet your expectations and appetite?
  5. Is it possible for your fraud management solution to ingest data from any channel during the customer lifecycle?
  6. Is your fraud management software coupled with intelligent automation, advanced ML, and AI?
  7. Is the fraud management solution able to detect frauds, trigger the right alerts, provide the right investigation, offer recovery or backup plans with appropriate communications?
    Is it improving the overall operational efficiency?

In difficult and uncertain times like this, we all are going through a tough phase. We are compelled to stay in isolation and work from home for our safety and protection. We must move slowly, watch out for minute details and refrain from taking hasty decisions. Banks should monitor coronavirus linked scams and implement a good fraud management solution to stay ahead of frauds. Stay vigilant and Be wise.

Decoding Zero Trust Security | Concept and various Models (Part-2)

The previous part of the blog talked about the concept of Zero Trust security, its relevance, and how it is catching traction in today’s time. This part talks about the different models to implement Zero Trust security in organizations. There are three different ways in which organizations can choose to implement Zero Trust security.

1. Software Defined Perimeter (SDP)

Software Defined Perimeter is an approach in network security that safeguards user access to applications and information irrespective of the location, time, and nature of the device used. Software Defined Perimeter follows a zero trust approach, wherein the network security posture is that of default deny. Access is granted upon authenticating and authorizing both user and device.

By making the applications and resources invisible and preauthorizing users and devices, SDP protects enterprise applications from a range of attacks like- denial of service, credential theft, server exploitation, connection hijacking, and APT/Lateral movement. Unlike the previous security models that worked till the network layer, SDP works right up to the application layer. It provides granular control on applications as users are allowed access only on authorized applications and not others.

2. Network Micro-Segmentation

Micro-segmentation or network Micro-segmentation is slicing the network into small logical segments and controlling access to applications and data on those segments. Diving the network into smaller segments reduces the attack surface for malicious attackers. Micro-segmentation policies are based on logical attributes or resource identity versus the user’s identity or IP addresses. Micro-segmentation creates an intelligent grouping of workloads based on their characteristics. It provides centralized dynamic policy management across networks, independent of the infrastructure.

3. Identity Aware Proxy (IAP)

IAP architecture offers access to applications through a cloud-based proxy. It follows the principle of least privileged access like SDP, but applications are accessed through standard HTTPS protocols at the application layer. Unlike SDP, which uses a direct tunnel for data transfer, IAP architecture provides authenticated and authorized secured access to particular applications using a proxy layer.

Google was the first one to implement zero-trust security architecture in their business using BeyondCorp, through an Identity Aware Proxy model. BeyondCorp is their internal network and access security platform designed for employees to access internal resources. BeyondCorp is a web proxy-based solution that supports HTTP, HTTPS, and SSH protocols. Following BeyondCorp, Google also launched Cloud Identity Aware Proxy for access control and protecting data in the cloud. Cloud IAP shifts access controls from the network perimeter to individual users.

Irrespective of whichever zero trust model companies choose to implement; it should be able to integrate with the company’s existing security infrastructure seamlessly.

(This is Part 2 of the blog and it explains the various models to implement Zero Trust security in organizations. To read on the concept of Zero Trust security refer HERE)