The Wolf Howl November 2023 Edition – Guarding Against Black Friday Scams: Essential Tips for a Secure Shopping Season / Incident Management Webinar
Wolfpack Information Risk provides specialist information and cyber threat consulting, training, awareness and incident support services to African governments and organisations. Mission: We are passionate defenders of communities, companies, and countries against cyber threats. Vision: Wolfpack will be the catalyst that drives the greatest positive cybersecurity impact on the African continent. Greetings Cyberwolves As the excitement of the holiday season draws near, so does the Black Friday shopping frenzy when shopping deals are plentiful. Amidst the rush for bargains, cybercriminals seize the opportunity to prey on unsuspecting shoppers through elaborate scams and fraudulent schemes. At Wolfpack, we believe that staying informed and vigilant is key to enjoying a secure shopping experience during these bustling few months. Black Friday is a magnet for cyber scams, ranging from phishing emails and fake websites to counterfeit products and malicious software. Our mission is to provide cutting-edge cybersecurity solutions and empower you with knowledge that safeguards your online presence. In this newsletter, we aim to equip you with essential tips to fortify your defences and navigate the Black Friday shopping spree and upcoming Christmas shopping safely: Assess and Evaluate Websites: Stick to reputable and well-known online retailers. Verify website URLs for authenticity, check for HTTPS encryption, and look out for misspellings or suspicious domains. Beware of Phishing: Exercise caution with unsolicited emails, messages, or pop-ups offering unbelievable deals. Avoid clicking on suspicious links or providing personal information. Secure Payments: Opt for secure payment methods. Avoid using public Wi-Fi for transactions, and consider using payment platforms that offer buyer protection. Update Security Software: Ensure your devices have the latest security updates and antivirus software installed to prevent malware attacks. Stay Informed: Keep abreast of the latest scams and cyber threats. Follow reputable cybersecurity sources for updates and tips on staying safe online. With these tips, you can confidently navigate the Black Friday and upcoming Christmas shopping landscape, minimising risks and maximising your joy in finding great deals. Stay tuned for more tips and insights from Wolfpack to make this silly season rewarding and secure. Yours Securely #protectioninthepack Research We would like to invite you to register for the Incident Management Webinar on the 7th of December 2023 from 09:00 to 10:00. Register here! The final webinar in the series will focus on Incident Management, cybercrime incident trends, cybercrime attempts and the impact of cybercrime in South Africa. Experts from Synack will join our host, Craig Rosewarne, as they deep dive into Incident Management and discuss – Enabling a Resilient Security Posture with Strategic Security Testing! By registering for this final webinar in the 2023 series, you will be granted access to the full 2023 SA Information Security Thermometer report. Once you sign into the platform go to the report section. ADVISORY AND CYBERSECURITY The pending Joint Standard on Cybersecurity and Cyber Resilience Requirements released by the Financial Sector Conduct Authority (FSCA) and the South African Reserve Bank (SARB) / Prudential Authority requires compliance by December 2024. Some customers need assistance to comply with these requirements, as using manual systems and Excel templates is time-consuming and diverts cybersecurity staff from other duties. This is a new requirement, in addition to other auditing and compliance requirements increasing staff workloads. To ensure that their institutions comply with the Cybersecurity and Cyber Resilience Requirements Joint Standard, governing bodies must act in accordance with their risk appetite, nature, size, and complexity: Security and Risk Managers have the following challenges: Wolfpack has assessed the standard and created a new service offering to help customers fully address the Joint Standard requirements in time. Our solution comprises a platform and consulting services, including best-of-breed tooling and remediation assistance. Wolfpack is well-positioned to assist as we have proven Industry experience in the banking and financial services sectors. We have extensive breadth and depth of cybersecurity expertise experience for the cyber risk management domain: GRC: ISO27 x Assessment & Implementation Experience, Cyber Risk Assessments (ISO 27005 & custom frameworks). Technical Cyber Defence: NIST CSF, CIS v8 Assessments, Threat Modelling, Incident Readiness Reviews, Incident Response Support. Cloud Security Architecture and Operations: Cloud Security Reviews, Cloud Incident Response. Vulnerability Management: Continuous Vulnerability Management, Vulnerability Prioritisation Tooling and Process Design. Cyber Risk Quantification. Incident Response Competencies. The pending Joint Standard on Cybersecurity and Cyber Resilience Requirements released by FSCA and SARB (Prudential Authority) seeks to achieve the following: The Joint Standard has the following features: The analysis will focus on the core disciplines, business context, technology context, governance, risk, and compliance. The Joint Standard applies to the following types of Financial Institutions: The Joint Standard has the following objectives: Governance: Explicit responsibility assignment for cyber risk governance/oversight and ‘separation of concerns’ with operational management teams. Cybersecurity Strategy and Framework: Formally defined and approved by the governing body and with requirements to facilitate tracking and reporting cyber risk metrics. Cybersecurity and Resilience Fundamentals: Core controls covering, IAM, Data Security, AppSec and other control domains. Cybersecurity Hygiene: More ‘prescriptive’ guidance for some core controls. Contact us to discuss the details of our approach, costing model and important features of our service to assist with compliance to the Joint Standard. Please email info@wolfpackrisk.com for further information. Cape Talk’s Lester Kiewit examines how WhatsApp accounts are being hijacked for ransom. Wolfpack’s Leon Hannibal shares his tips and insights. Two of the country’s largest consumer credit reporting agencies, TransUnion and Experian, may have been hit by a fresh data hack, potentially exposing South Africans’ financial and personal data. The Industrial and Commercial Bank of China’s (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year. The Adventures of CISO Ed & Co attempts to highlight the everyday frustrations, heroism, and insights of CISOs and infosec teams while bringing some fun to the serious business of cybersecurity. We hope CISO Ed & Co. brings a grin as you go about your day. Compliments of Balbix TRAINING, AWARENESS AND RESOURCING Let us help you understand online store scams #protectioninthepack #onlinestorescams #blackfriday OUR PARTNERS The cyber