Visa Europe revealed important stats about the usage of Contactless Cards. Poland, Spain and the UK use this payment methd the most, with UK usage growing by 300% year over year.
Francesco Consiglio March 3, 2022
Cybersecurity professionals are probably going through a challenging time in their careers. As a result of the Russian invasion of Ukrainian soil, hacking activities have skyrocketed. The cyberwar has begun. It is our responsibility to ensure our and our customers' assets are managed, monitored, and equipped with the necessary tools to protect their endpoints against potential threats.
It is our goal at Advantio to ensure our assets are protected from new threats that emerge every day. Our previous blog (9 Step Action-Plan to Reduce Cybersecurity Risks Arising From the Russian War Against Ukraine) outlined our initiatives to support other organizations and how we are conducting numerous risk assessments and implementing new initiatives every day.
As a multinational with a strong presence in Ukraine, we want to make sure our Ukrainian colleagues are also provided with adequate, and often bespoke, security controls. Below is a summary of all the recent measures we’ve taken.
Endpoints Protection
We are adding new IOCs to our regular EDR function, which is used by our SOC and security professionals to provide the MDR service internally at Advantio. This ensures specific malware and tools are identified even faster than our malware protection technology. Threats like 'HermeticWiper' and its variants, or the newer Daxin tool, require special attention.
Additionally, we have strengthened our web filtering policies to block traffic to and from all Russian DNS tracked sites. It might seem extreme, but the purpose of this is only to remove uncertainties from our risk assessment, even temporarily.
Each of our installed endpoints has been manually validated for integrity, and the operating system policies have also been restricted for specific critical endpoints, such as disabling USB ports.
Company Content Management and Monitoring
We have requested a "cloud-only" approach from several individuals, thus prohibiting operations on company and customers' content on local disks. We do this to limit the presence of potentially compromised content on local storage devices.
Dedicated alerts have been implemented to monitor this initiative so our SOC can be informed of any violations and assist our colleagues in implementing these best and temporary practices.
Continuous Education
Our security specialists keep an eye on intelligence feeds and additional resources to make sure our security controls are adequate to protect our organization and our customers. Take a look at the NSA's newly adopted best practices regarding Network Infrastructure.
We are offering the Advantio MDR (Managed Detection and Response) service FREE* until the end of May 2022. Reach out to us now and start protecting your business.
* While we strive to help everyone, our capacity is limited. We will work on a first-come-first-served basis, and our existing clients will be given priority.
I am the CTO, Senior Security Consultant, and PCI QSA since 2010 at Advantio.
Having executed close to a hundred (and counting) assessments across Europe, Asia, South Africa, and North America, I was able to observe many different implementations of all classic security controls and much more.
Now I spend much of my time with cloud technologies. Being passionate about cloud security and cloud resources management, my research focuses on the implementation of streamlined and scalable processes in the field of Threat Management for cloud-based ecosystems.
At Advantio, I am also part of the ZeroRisk team. Our vision is to make security and compliance simpler for our users.
Comments