Category: Symmetry Systems

[By Claude Mandy, Chief Evangelist for Data Security at Symmetry Systems] 

The 15th of April, commonly referred to as Tax Day (15 April) in the US, is rapidly approaching. Tax Day brings with it the hope of refunds and the stress of deadlines for the unprepared. There is also unfortunately the cyber risk that taints tax season. It is well known as a prime time for cybercriminals’ to hunt for victims. In this crucial period, sensitive personal and financial data gets exchanged en masse. According to the IRS, over 213 million returns and other forms were filed electronically in 2022. This treasure trove attacks a range of  attackers, employing sophisticated scams aiming at individuals and tax professionals alike. Claude Mandy, chief evangelist at Symmetry Systems, delves into the heightened risk of tax-related cyberattacks, outlining actionable defenses to ensure a cyber-secure tax season.

The Bullseye on Tax Season

While individuals scramble to compile their financial records, and tax consultants crunch numbers and collect evidence, cybercriminals see a golden opportunity. The abundance of personal information and financial data being exchanged is irresistible bait. From phishing scams mimicking legitimate tax correspondence to sophisticated malware designed to compromise credentials, exfiltrate data or wreck havoc, the arsenal used by these criminals is both varied and dangerous.

Decoding the Threat: The How and Why

Individuals filing tax returns, tax software and tax preparation firms, find themselves under a form of siege. Cybercriminals exploit the hectic nature of tax season, with phishing attacks being particularly prevalent throughout the year, claiming 300 497 victims according to the FBI’s 2022 Internet Crime Report.  These methods aim to steal personal information, or gain unauthorized access to networks, and ultimately exfiltrate data or wreck ransomware havoc More sophisticated scams involving the offer of fraudulent tax preparation services will undoubtedly appear, seeking to swindle unsuspecting victims by promising to aid in their tax filings.

For Individuals: Protecting Your Personal Information

For individuals, a successful cyber attack could lead to identity theft, financial fraud, and a long-lasting impact on victims’ lives. Individuals should focus on protection of their own information and credentials, and in particular stay vigilant against phishing, take active steps to keep their computer and networks updated, and take steps to verify the legitimacy of communication with legitimate tax preparers. The IRS offers some great suggestions themselves.

Recognize Phishing Attempts

Phishing scams, particularly during tax season, can come in many forms. The IRS publishes an annual overview of the “dirty dozen” tax scams they have witnessed. Whether it’s a cybercriminal pretending to be from the IRS, tax companies, or other official entities, phishing can unfortunately be difficult to spot when you’re under stress. You can easily overlook the  generic greetings, typos, and suspicious links because it’s from the dreaded IRS. These communications might urge you to click on malicious links or provide personal information, purportedly to check the status of your refund or rectify an issue with your tax filing. Remember, the IRS does not initiate contact with taxpayers by email, text, or social media to request personal or financial information.

Secure Personal Computers and Networks

Individuals should ensure their computer is protected with up-to-date antivirus software, firewalls, and anti-spyware programs. Regular updating the software, including your network routers, that you use is crucial as they often include patches for newly discovered security vulnerabilities. It goes without saying that you should use strong, unique passwords for different accounts and consider a reputable password manager to keep track of them, and monitor for potential compromise.

Verify the Legitimacy of Tax Preparers

Before entrusting personal and financial information to a tax preparer, Individuals should conduct thorough research on the legitimacy of the preparers. You can verify their credentials (such as a Preparer Tax Identification Number), check reviews, and seek recommendations from trusted sources. Ideally you should ensure they have robust security measures in place to protect your data, including secure portals for document exchange rather than email. This helps verify ongoing communication with them is legitimate, and the data is secured.

For Tax Consultants and Organizations: Data Protection at Scale

For organizations, a successful cyber attack could lead to identity theft, financial fraud, and a long-lasting impact on their customers and employees’ lives.

Secure Access to W-2 Forms and Other Sensitive Documents

Organization’s should always limit access to sensitive tax information to only those who need it. The IRS is particularly concerned with the ongoing scams to obtain all the W-2’s of an organizations through a business email compromise scam.  You can simplify the management of access by employing role-based access controls, but still need to regularly audit who has access to what information. Although it is increasingly becomed outdated, physical documents are still printed for tax, and organizations should ensure physical documents are stored and transported securely and disposed of properly, using shredders for documents containing sensitive information.

Protect Tax information using securely configured Cloud Data Storage

Use strong encryption for storing and transmitting any personal information, especially Social Security numbers. For cloud storage solutions, organizations must select and configure providers that offer industry standard encryption of the data in transit and at rest. At a minimum, organizations must ensure that multi-factor authentication (MFA) is implemented for any users accessing the information. MFA provides an additional, but necessary layer of security, drastically reducing the chance of unauthorized access.

The Role of Technology in Protecting Tax Information

The battle against tax-season cyberthreats is not just about vigilance; it’s about leveraging cutting-edge technologies to secure data.

Data Security and Privacy Management (DSPM) Tools

DSPM solutions, like Symmetry Systems, offer a comprehensive approach to identifying, managing, and securing data across various environments. These tools can help tax professionals and organizations keep track of where sensitive tax information like Social Security Numbers resides, monitor access, and ensure compliance with privacy regulations.

Encryption and Advanced Cybersecurity Strategies

Encryption, both for data in transit and at rest, is a critical defense mechanism. Advanced encryption methods, like end-to-end encryption, ensure that data intercepted during transmission remains unreadable. Organizations should also consider employing comprehensive cybersecurity strategies, including regular security assessments, phishing simulation training for employees, and the adoption of secure communication platforms.

The Path Forward

As we navigate the complexities of tax season, the importance of cybersecurity cannot be overstated. By adopting a proactive stance, equipped with the right knowledge and tools, individuals and organizations can protect themselves against the lurking threats of cybercriminals. Protecting sensitive tax information not only safeguards personal and financial well-being but also contributes to the integrity of the tax system at large.

Bio: Claude Mandy is Chief Evangelist for Data Security at Symmetry Systems, where he focuses on innovation, industry engagement and leads efforts to evolve how modern data security is viewed and used in the industry. Prior to Symmetry, he spent 3 years at Gartner as a senior director, analyst covering a variety of topics across security, risk management and privacy, focusing primarily on what are the building blocks of successful programs, including strategy, governance, staffing/talent management and organizational design and communication. He brings firsthand experience of building information security, risk management and privacy advisory programs with global scope. Prior to joining Gartner, Mr. Mandy was the global Chief Information Security Officer at QBE Insurance – one of the world’s top 20 general insurance and reinsurance companies with operations in all the key insurance markets, where he was responsible for building and transforming QBE’s information security function globally. Prior to QBE, Claude held a number of senior risk and security leadership roles at the Commonwealth Bank of Australia, Australia’s leading provider of integrated financial services which is widely recognized for its technology leadership and banking innovation. He also spent five years at KPMG in Namibia and South Africa.

The post Safeguard Your Data and Financial Future This Tax Season appeared first on Cybersecurity Insiders.

Claude Mandy, Chief Evangelist at Symmetry Systems

The Halloween season is filled with fear of ghosts and goblins, but it’s not only these spooky creatures that should cause concern. The digital world can feel like it has a few monsters of its own – malicious actors and sinister threats lurking in the shadow data. As more organizations adopt cloud and other on-demand computing services, the fear surrounding these threats continue to increase. To keep these threats at bay and their data safe, organizations need to know where their data is, who has access to it, how it is being used and whether it’s safe.

Rather than fill this holiday with more dread and foreboding, we want to use it to bring attention to these ever-evolving threats and empower organizations to better protect their personal data. Here, we will unveil some of the monsters and myths of the cyber world that may be haunting organizations, and will offer practical guidance and best practices on how to unmask them and keep data safe.

Zombie Accounts Linger with Access

There are often cases across organizations where long-forgotten user accounts, once granted legitimate access to their data, lie dormant like the undead. These “zombie” accounts can pose a significant threat to their data security – if left to linger. In many organizations, permissions are granted but subsequently forgotten, which often create security vulnerabilities.

To protect against these lingering zombie accounts, it is important to enforce the principle of least privilege, removing permissions if they are no longer used or needed – users should only have the permissions necessary for their tasks. Once a specific permission is no longer needed, it should be immediately revoked. By proactively managing permissions and continuously monitoring who has access to what, organizations can protect their data and ward off these undead zombie accounts.

Mummified Data Lying Dormant Waiting to be Unleashed

“Mummified” data, more commonly referred to as dormant or unused data, is another concern to take action on before too late. Mummified data lies quietly, waiting to unleash a data breach as soon as it is discovered. It is oftentimes unstructured and is not managed or secured by an organization. And while it may no longer serve an immediate business purpose, it still poses serious risk – dormant data widens an organization’s security perimeter, making it susceptible to potential data breaches if discovered by malicious actors.

To mitigate this danger, organizations should establish robust data lifecycle management processes that restrict access to dormant data, securely archive data, and eventually securely dispose of data when it is no longer useful or required to be kept. Defined data lifecycle management processes and proper disposal of “mummified” data is necessary to prevent a data breach “curse” from being unleashed upon your organization.

Ghost Accounts Haunting your Systems

Inactive “ghost” accounts may not be supernatural beings, but they can still haunt your systems and data. These accounts typically belong to former employees who have left the organization but still retain access. They accumulate in every environment due to organizations failing to remove access privileges to these inactive “ghostly” identities. This is incredibly dangerous because if left with access, cyber threat actors can take advantage of these “ghost” accounts, oftentimes without security teams noticing because the account was once authorized.

To eliminate this danger, organizations should have an ongoing termination process. However, ghost accounts should also be continuously monitored, constantly checking account usage, to ensure they are removed as soon as possible if the organization’s account termination process fails. It is important to prioritize the removal of these haunting ghost accounts to keep data secure.

This Halloween season, organizations should not fear these data security monsters. By incorporating these strategies to improve their data security posture, organizations can remain safe and secure, even during the spookiest of seasons.

Author Bio:

Claude Mandy is Chief Evangelist for Data Security at Symmetry, where he focuses on innovation, industry engagement and leads efforts to evolve how modern data security is viewed and used in the industry. Prior to Symmetry, he spent 3 years at Gartner as a senior director, analyst covering a variety of topics across security, risk management and privacy. Prior to Gartner, Mr. Mandy was the global Chief Information Security Officer at QBE Insurance – one of the world’s top 20 general insurance and reinsurance companies. Prior to QBE, Claude held a number of senior risk and security leadership roles at the Commonwealth Bank of Australia and KPMG Namibia and South Africa.

The post Beware of Data Security Monsters Lurking in the Shadows this Halloween appeared first on Cybersecurity Insiders.