Cybersecurity Awareness Month 2024

What is Cybersecurity Awareness Month 2024?

National Cybersecurity Awareness Month is an international initiative led by the U.S. Department of Homeland Security (DHS). This initiative educates everyone about online safety and empowers individuals and organizations to protect their data from cybercrime.

National Cybersecurity Awareness Month provides information, resources, and support to help prevent cyber threats and promote a secure online environment. Every year since 2003 October has been recognized as Cybersecurity Awareness Month (CAM).

Why is Cybersecurity Awareness Month being important?

Here are some of the major reasons why Cybersecurity Month is important to observe.

Increase in cyberattacks

The number of cyberattacks has increased in recent years, and the cost of these attacks is also increasing. IBM said the average cost of a data breach was $4.45 million in 2021.

Ensure your cybersecurity processes are up to date

Cybersecurity Awareness Month helps organisations to review their current cybersecurity processes and ensures that their business stays up to date. Businesses are responsible for handling the data and preventing it from being attacked by cybercriminals.

There are many ways the data can be protected from cyber threats including backing up data, securing devices and networks, encrypting, and using multi-factor authentication (MFA).

Review incident response and other procedures with stakeholders

An incident response plan consists of a written set of instructions that shows how an organisations should respond to cyber-attacks, data breaches, and other security incidents.

The detailed response plan is designed to minimise the damage, reduce recovery time, and reduce the cost and impact of the incident on business operations. As per the National Cyber Security Centre (NCSC), a basic incident response process should include critical elements such as key contacts, a basic flowchart or process, escalation criteria, and basic guidance on legal and regulatory requirements.

THEME OF NATIONAL CYBERSECURITY AWARNESS 2024

The theme of National Cybersecurity Awareness Month in 2024 is “Secure Our World“. The theme emphasizes the significance of incorporating cybersecurity into daily life and business operations. We are increasingly connected through digital tools, and since more of our sensitive information is online, this convenience comes with risks. Everyone has a part to play in keeping ourselves and others safe.

Cybersecurity Awareness Month focusses on the top four ways to stay safe online.

• Use strong passwords consider a password manager.
• Multifactor Authentication.
• Learn to recognise and report phishing.

Software update – Install updates on a regular basis and turn on automated updates.

Open Web Application Security Project

The Open Worldwide Application Security Project is a non-profit organization founded in 2001, aimed to help website owners and security experts protect web applications from cyber-attacks. OWASP Top 10 threats enables global security experts to rank risks based on defect frequency, vulnerability severity, and potential impact. The aim of the OWASP Top 10 is to empower developers and security professionals with insights to minimize known risks in their applications.

As new threats emerge, the OWASP updates the list to stay relevant and highly effective as a preventive tool against any new security challenges. Incorporating the OWASP Top 10 into your SDLC, not only empowers the developers and security professionals but also emerges as an industry-leading practice in secure development.

OWASP Top 10

At Infotel India, our consultant Tahir Hussain led a session on OWASP and explained the Top 10 security risks associated with it. Below are the Top 10 major threats of OWASP.

Broken Access Control

Broken Access Control previously known as Sensitive Data Exposure, occurs when access to the resources is provided to users when they shouldn’t be able to reach them.

This occurs due to improper enforcement of access restrictions. One quick way to fix it is to implement strong access control mechanisms such as Role-Based Access Control (RBAC), also it would be a good way to opt for an automated application security tool that performs scans in the background without interrupting build flow. 

Injection

Injection attacks occurs when unreliable data is sent to a code interpreter through a form input or through data submission to a web application. For instance, an attacker could enter SQL database code into a form which might expect a plaintext username. If that form input is not properly secured, this would result in SQL code being executed which is known as SQL injection attack.

For example, an attacker could enter SQL database code into a form that expects a plaintext username. If that form input is not properly secured, this would result in that SQL code being executed. This is known as an SQL injection attack. Using parameterized queries and prepared statements prevents direct injection of malicious data into commands. Also, the automated scanning tools like Cyber Chief easily identify SQL injection attacks in applications and provide detailed resolutions on how to fix them quickly.

Identification and Authentication Failures 

Vulnerabilities in authentication may arise when attackers try to access the user accounts. If an attacker takes a list of thousands of known username or password combinations obtained during a data breach and uses a script to try those combinations, there’s a high chance of one of the combinations working. To mitigate authentication vulnerabilities, we require two-factor authentication (2FA), and another method of limiting or deleting repeated login attempts can be used through rate limiting.

Cryptographic Failures

This vulnerability enables hackers to bypass encryptions implemented over sensitive information such as passwords, financial records, credit card numbers, health records, personal information, and even business-related information. Some of the impacts of cryptographic failures include sensitive data breach, hefty fines from legal authorities due to lack of data privacy compliance.

How to prevent Cryptographic failures

• Encrypt sensitive data in transit and storage with secure protocols and standards
• Delete sensitive data that is stored unnecessarily
• Store passwords with strong and adaptive hashing functions
• Avoid outdated cryptographic mechanisms

Insecure Design

Insecure design flaws are introduced during the initial stages of software development. This can be due to poor architectural design which makes the applications vulnerable to attacks such as injections, cross-site scripting (XSS), and broken authentication. Implement the key security best practices into the design phase, such as the principle of least privilege and security by design principles. The design patterns must be updated on a frequent basis to address emerging threats. Also, employ security testing tools to validate the design’s effectiveness.

Security Misconfigurations 

Security misconfigurations occur when systems or applications are not securely configured. This involves leaving the unnecessary services enabled, using default credentials, or misconfiguring security features like HTTP headers – CSP header, X-Frame-Options security header, and HTTP Strict Transport Security header. Ensure that all systems are configured according to security best practices right from the beginning. Unnecessary features and services must be disabled, implemented using strong passwords, and secure configuration baselines. Regularly review and update configurations to address new vulnerabilities.

Vulnerable and Outdated Components 

Using vulnerable or outdated components in your software stack may lead to security risks. The components include libraries, frameworks, and other dependencies that are no longer supported.

The outdated components must be replaced with supported versions and consider using tools that automate the monitoring process and update dependencies to ensure that we always use the most secure versions.

Software and Data Integrity Failures 

Software and data integrity failures occur when software is tampered with, either maliciously or accidentally. Using cryptographic techniques including digital signatures can verify the software’s integrity. 

Security Logging and Monitoring Failures

Security incidents can go undetected without proper logging and monitoring thus allowing attackers to remain in the system for longer periods. This can lead to damage before the breach is identified and addressed. Using centralized logging solutions and reviewing logs for signs of suspicious activity can fix the issue of security incidents.

Server-Side Request Forgery

A new category of vulnerability in 2024, a server-side request forgery (SSRF) occurs when an attacker tricks a server into making unauthorized requests to fetch remote resources, leading to data exfiltration or unauthorized access to internal systems. Implement input validation and output sanitization to prevent hackers from taking control of the server’s request destinations.

At Infotel India, we’re committed to promoting cybersecurity awareness and helping individuals and organisations stay safe in an increasingly digital world. This month, take the time to educate yourself and those around you on the importance of cybersecurity.