Tag Archives: cybersecurity

Nurturing Data Governance for Cybersecurity and AI

By | | , , , , , , , , , , , ,
2 Comments

Towards the middle of the 2000s, I started getting my exposure in Data Governance. This began as I was studying and practising to be certified as an Oracle Certified Professional (OCP) circa 2002-2003. My understanding of the value of data and databases in the storage world, now better known as data infrastructure, grew and expanded quickly. I never gotten my OCP certification because I ran out of money investing in the 5 required classes that included PL/SQL, DBA Admin I and II, and Performance Tuning. My son, Jeffrey was born in 2002, and money was tight.

The sentiment of data governance of most organizations I have engaged with at that time, and over the next course of almost 18 years or so, pre-Covid, the practice of data governance was to comply to some regulatory requirements. 

All that is changing. Early 2024, NIST released the second version of their Cybersecurity Framework (CSF). CSF 2.0 placed Data Governance in the center of the previous 5 pillars of CSF 1.1. The diagram below shows the difference between the versions.

High level change of Cybersecurity Framework 1.1 to 2.0.

Ripples like this in my data management radar are significant, noticeable and important to me. I blogged about it in my April 2024 blog “NIST CSF 2.0 brings Data Governance into the Light“.

Continue reading

A Data Management culture to combat Ransomware

By | | , , , , , , , , , , , , , , , , , , , , , ,
1 Comment

On the road, seat belt saves lives. So does the motorcycle helmet. But these 2 technologies alone are probably not well received and well applied daily unless there is a strong ecosystem and culture about road safety. For decades, there have been constant and unrelenting efforts to enforce the habits of putting on the seat belt or the helmet. Statistics have shown they reduce road fatalities, but like I said, it is the safety culture that made all this happen.

On the digital front, the ransomware threats are unabated. In fact, despite organizations (and individuals), both large and small, being more aware of cyber-hygiene practices more than ever, the magnitude of ransomware attacks has multiplied. Threat actors still see weaknesses and gaps, and vulnerabilities in the digital realms, and thus, these are lucrative ventures that compliment the endeavours.

Time to look at Data Management

The Cost-Benefits-Risks Conundrum of Data Management

And I have said this before in the past. At a recent speaking engagement, I brought it up again. I said that ransomware is not a cybersecurity problem. Ransomware is a data management problem. I got blank stares from the crowd.

I get it. It is hard to convince people and companies to embrace a better data management culture. I think about the Cost-Benefits-Risk triangle while I was analyzing the lack of data management culture used in many organizations when combating ransomware.

I get it that Cybersecurity is big business. Even many of the storage guys I know wanted to jump into the cybersecurity bandwagon. Many of the data protection vendors are already mashing their solutions with a cybersecurity twist. That is where the opportunities are, and where the cool kids hang out. I get it.

Cybersecurity technologies are more tangible than data management. I get it when the C-suites like to show off shiny new cybersecurity “toys” because they are allowed to brag. Oh, my company has just implemented security brand XXX, and it’s so cool! They can’t be telling their golf buddies that they have a new data management culture, can they? What’s that?

Continue reading

Understanding security practices in File Synchronization

By | | , , , , , , , , , , , , , , , , , , , , , , , , ,
1 Comment

Ho hum. Another day, and another data leak. What else is new?

The latest hullabaloo in my radar was from one of Malaysia’s reverent universities, UiTM, which reported a data leak of 11,891 student applicants’ private details including MyKad (national identity card) numbers of each individual. Reading from the news article, one can deduced that the unsecured link mentioned was probably from a cloud storage service, i.e. file synchronization software such as OneDrive, Google Drive, Dropbox, etc. Those files that can be easily shared via an HTTP/S URL link. Ah, convenience over the data security best practices. 

Cloud File Sync software

It irks me when data security practices are poorly practised. And it is likely that there is ignorance of data security practices in the first place.

It also irks me when many end users everywhere I have encountered tell me their file synchronization software is backup. That is just a very poor excuse of a data protection strategy, if any, especially in enterprise and cloud environments. Convenience, set-and-forget mentality. Out of sight. Out of mind. Right? 

Convenience is not data security. File Sync is NOT Backup

Many users are used to the convenience of file synchronization. The proliferation of cloud storage services with free Gigabytes here and there have created an IT segment based on BYOD, which transformed into EFSS, and now CCP. The buzzword salad involves the Bring-Your-Own-Device, which evolved into Enterprise-File-Sync-&-Share, and in these later years, Content-Collaboration-Platform.

All these are fine and good. The data industry is growing up, and many are leveraging the power of file synchronization technologies, be it on on-premises and from cloud storage services. Organizations, large and small, are able to use these file synchronization platforms to enhance their businesses and digitally transforming their operational efficiencies and practices. But what is sorely missing in embracing the convenience and simplicity is the much ignored cybersecurity housekeeping practices that should be keeping our files and data safe.

Continue reading

Is there no end to the threat of ransomware?

By | | , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Leave a comment

I find it blasphemous that with all the rhetoric of data protection and cybersecurity technologies and solutions in the market today, the ransomware threats and damages have grown proportionately larger each year. In a recent report by Kaspersky on Anti-Ransomware Day May 12th, 9 out of 10 of organizations previously attacked by ransomware are willing to pay again if attacked again. A day before my scheduled talk in Surabaya East Java 2 weeks’ back, the chatter through the grapevine was one bank in Indonesia was attacked by ransomware on that day. These news proved how virulent and dangerous the ransomware scourge is and has become.

And the question that everyone wants an answer to is … why are ransomware threats getting bigger and more harmful and there are no solutions to it? 

Digital transformation and its data are very attractive targets

Today, all we hear from the data protection and storage vendors are recovery, restore that data blah, blah, blah and more blah, blah, blahs. The end point EDR (endpoint detection and response) solutions say they can stop it; the cybersecurity experts preach depth in defense; and the network security guys say use perimeter fencing. And the anti-phishing chaps say more awareness and education required. One or all have not worked effectively these few years. Ransomware’s threats and damages are getting worse. Why?

Continue reading

Please cultivate 3-2-1 and A-B-C of Data Management

By | | , , , , , , , , , , , , , , , , , , , , , ,
Leave a comment

My Sunday morning was muddled 2 weeks ago. There was a frenetic call from someone whom I knew a while back and he needed some advice. Turned out that his company’s files were encrypted and the “backups” (more on this later) were gone. With some detective work, I found that their files were stored in a Synology® NAS, often accessed via QuickConnect remotely, and “backed up” to Microsoft® Azure. I put “Backup” in inverted commas because their definition of “backup” was using Synology®’s Cloud Sync to Azure. It is not a true backup but a file synchronization service that often mislabeled as a data protection backup service.

All of his company’s projects files were encrypted and there were no backups to recover from. It was a typical ransomware cluster F crime scene.

I would have gloated because many of small medium businesses like his take a very poor and lackadaisical attitude towards good data management practices. No use crying over spilled milk when prevention is better than cure. But instead of investing early in the prevention, the cure would likely be 3x more expensive. And in this case, he wanted to use Deloitte® recovery services, which I did not know existed. Good luck with the recovery was all I said to him after my Sunday morning was made topsy turvy of sorts.

NAS is the ransomware goldmine

I have said it before and I am saying it again. NAS devices, especially the consumer and prosumer brands, are easy pickings because there was little attention paid to implement a good data management practice either by the respective vendor or the end users themselves. 2 years ago I was already seeing a consistent pattern of the heightened ransomware attacks on NAS devices, especially the NAS devices that proliferated the small medium businesses market segment.

The WFH (work from home) practice trigged by the Covid-19 pandemic has made NAS devices essential for businesses. NAS are the workhorses of many businesses after all.  The ease of connecting from anywhere with features similar to the Synology® QuickConnect I mentioned earlier, or through VPNs (virtual private networks), or a self created port forwarding (for those who wants to save a quick buck [ sarcasm ]), opened the doors to bad actors and easy ransomware incursions. Good data management practices are often sidestepped or ignored in exchange for simplicity, convenience, and trying to save foolish dollars. Until ….

Continue reading

Sassy Cato

By | | , , , , , , , , , , , , ,
Leave a comment

I am not cybersecurity guy at all. Cybersecurity, to me, is a hodgepodge of many things. It is complex and it is confusing. But to every organization that has to deal with cloud SaaS (software-as-a-service) applications, mobile devices, work from home, and the proliferation of network connections from everywhere to the edge and back, strong cybersecurity without the burden of sluggish performance and without the complexity of stitching the cybersecurity point solutions would be a god send.

About 3 1/2 years ago, when I was an independent consultant, I was asked by a friend to help him (I was also looking for a gig) sell a product. It was Aryaka Networks, an SD-WAN solution. It was new to me, although I had some MPLS (multi protocol label switching) knowledge from some point in my career. But the experience with Aryaka at the people level was not too encouraging, with several people I was dealing with, switching positions or leaving Aryaka, including their CEO at the time, John Peters. After about 4 months or so, my friend lost confidence and decided to switch to Cato Networks.

Cato Networks opened up my eyes to what I believe cybersecurity should be. Simple, performant, and with many of the previous point requirements like firewall, VPN, zero trust networks, identity management, intrusion prevention, application gateways, threat detection and response, remote access, WAN acceleration and several more, all beautifully crafted into a single cloud-based service. There was an enlightenment moment for a greenhorn like me as I learned more about the Cato solution. That singularity of distributed global networking and cybersecurity blew me away.

Continue reading

Malaysia data privacy is still shambolic

By | | , , ,
Leave a comment

2 years ago, I wrote an article on LinkedIn titled “Malaysia, when will you take data privacy seriously?“. What has changed? Very little. 

Last Friday I received an SMS and a WhatsApp message from an ex-bank employee who was terminated from a complaint I made (not about him) about the bank violating my data privacy. The bank and/or their agents have been calling my number for several years (more than 5), and I have made numerous (many, many) requests not to be called or have my name deleted from their calling database. This has fallen into deaf ears until I decided to take matters into my own hands.

Red means NO!

In May of this year, I decided to use Twitter to tweet my unpleasant experiences and my displeasure to the bank’s Twitter handle. They responded with canned replies and made promises that really did not amount to anything. Right after my 2nd last complaint to date, the following day I got another telemarketer from the bank calling me (again) trying to sell me their insurance package. By now, I already got their head of customer advocacy center’s contact and I called him to complain again. This complaint got this telemarketer from the bank fired. Friday, this ex-employee sent me a WhatsApp and an SMS message telling his side of the story, asked me to withdraw my complaint and have him reinstated.

Continue reading

Rethinking File Security Fundamentals

By | | , , , , , , , , , , , , , , , , , , , ,
Leave a comment

I took a week off blogging last week but the lazy days were inundated by bad news. A few more devastating ransomware attacks. This time, Colonial Pipeline in the US was hacked and its networks were shutdown by ransomware. These ransomware threats are never ending, and they are getting more damaging than ever. It is like trying to plug a leaking boat with your hands, and more leaks appear as you plug them.

More ransomware news hitting healthcare around the world last week:

We are forever chasing for a solution, forever losing because almost all technology defenses to protect the data against ransomware are reactive. Why is ransomware still such a big threat then?  Time to rethink file security fundamentals.

Data everywhere

Continue reading

Relinquishing Freedom in our Digital Future

By | | , , , , , , , , ,
Leave a comment

There was a TV cartoon show I loved when I was a kid called “Wait till your Father gets home“. I was probably 5 or 6 then, but I can still remember the mother was practically nagging all the time of having the father to come back to deal with the problems and issues caused by the kids, and sometimes the dog.

This patriarchal mentality of having the male manning (yeah, it is not a gender neutral word) the household is also, unfortunately, mimicked in our societies, in general, being obedient and subservient to the government of the day. This is especially true in East Asian societies, .

While dissent of this mindset is sprouting in the younger generation of these societies, you can see the dichotomy of the older generation and the younger one in the recent protests in Thailand and the on-going one in Myanmar. The older generation is likely fearful of the consequences and there are strong inclinations to accept and subject their freedom to be ruled by the rulers of the day. It is almost like part of their psyche and DNA.

So when I read the article published by Data Storage Asean titled “Malaysians Optimistic on Giving the Government Increased Access to Personal Data for Better Services“, I was in two minds. Why are we giving away our Personal Data when we do not get a guarantee that the our privacy is protected?

Data Privacy should be in our own hands

Why are we giving away our freedom in new digital Malaysia when in history, we have not been truly protected of that freedom? 

Continue reading

Ransomware recovery with TrueNAS ZFS snapshots

By | | , , , , , , , , , , , , , , , , ,
3 Comments

This is really an excuse to install and play around with TrueNAS® CORE 12.0.

I had a few “self assigned homework exercises” I have to do this weekend. I was planning to do a video webcast with an EFSS vendor soon, and the theme should be around ransomware. Then one of the iXsystems™ resellers, unrelated to the first exercise, was talking about this ransomware messaging yesterday after we did a technical training with them. And this weekend is coming on a bit light as well. So I thought I could bring all these things, including checking out the TrueNAS® CORE 12.0, together in a video (using Free Cam), of which I would do for the first time as well. WOW! I can kill 4 birds with one stone! All together in one blog!

It could be Adam Brown 89 or worse

Trust me. You do not want AdamBrown89 as your friend. Or his thousands of ransomware friends.

When (not if) you are infected by ransomware, you get a friendly message like this in the screenshot below. I got this from a local company who asked for my help a few months ago.

AdamBrown89 ransomware message

AdamBrown89 ransomware message

I have written about this before. NAS (Network Attached Storage) has become a gold mine for ransomware attackers, and many entry level NAS products are heavily inflicted with security flaws and vulnerabilities. Here are a few notable articles in year 2020 alone. [ Note: This has been my journal of the security flaws of NAS devices from 2020 onwards ]

Continue reading