hacked. 10 Million users affected. What should you do?, one of the  popular music streaming service got hacked. It is reported that 10 million username, email addresses, MD5-encrypted password, date of births, and other personal information has been stolen. 

It is reported by their CEO that they have taken the adequate measures to safeguard post incident. Here are a few things which you should do as a user or any other organization.

If you are a user...What should you do?

  • Handling Passwords: Are you using the same password as in other sites? In that case, create different password for the other sites.
  • Dealing with personal information: Do not give away your actual sensitive personal information (like date of birth) to different websites if possible. You need to check if you are violating the terms but for your own security it is a good idea to have "fake data" where ever possible without making any legal violation.
  • Beware of Social Engineering Attempts: If anybody gets your personal information they may use it to conduct social engineering attacks. Beware of any social engineering attempt on you. If somebody calls you posing as a credit card company/bank who provides credible personal information of yours, Do not trust. Do not give away any financial information like your credit card details over phone.

>> Share with your friendsClick here to tweet!

How secure are the Indian companies?

At CISO Platform we have conducted study of more than 400 Indian Companies and here are some of the findings. The report is to be published next week. The statistical numbers shall be released during the launch of the report but here are some quick observations.

  • More than 70% of Indian companies are under prepared when it comes to security. 
  • More than 80% of the companies lack in awareness among thesenior management. (For example we observed that a lot of companies believe that they have implemented DDOS security by having firewalls with very limited DOS protection)

How prepared is your organization?

If you are an organization ask yourself the following:

  • When is the last time when you conducted a high quality Penetration Testing not just to have tick in the box?
  • How long is your remediation cycle?
  • Do you have an incident management program in place which is tested? (Just like your fire drill)
  • Do you have a security dashboard for the management? Does it make sense?
  • Is your Security team (both junior and senior members) spending adequate time in learning about the latest technological changes? Security is a fast changing world. Hackers are continuously learning and evolving. Are you?

Few must read resources..

5 Lessons from Linkedin Breach: Click here

How to implement an automated incident response architecture: Click here

Check if your SIEM is actually detecting breaches: Click here

Why is it easier to hack than to defend: Click here

2 Day Training on "Cyber Forensics and Incident Response": Click here

>> Share with your friendsClick here to tweet!

Don't miss: Wargame on How to respond to a breach?

During CISO Platform Decision Summit (June 4 and 5, New Delhi) we will have a real life strategy simulation on how to respond to a security breach. We have a set of great panelists like

  • Brian Mizellle- VP Technology,Cigital
  • Steve Ledzian- Director Systems Engineering, Fireeye
  • Pawas Agarwal- CISO, Aircell
  • Siva Sivasubramanium- CISO, Airtel
  • Vibhore Sharma- CTO, Naukri
  • Burgess Cooper- Partner, Ernst & Young

>> To claim your pass: Click here

Views: 635

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service