Deciding when to give your child a phone is not an easy task. Should you wait until they start high school or until they catch public transport home alone from school? Or, should 10 be the magic age when they become official phone owners? Or do hold off as long as you can until you can no longer bear their moaning that everyone else has one except for them!! 

How I Made The Decision 

When my boys were younger (and I knew a little less), we had a family ‘understanding’ that when the boys started Year 5, they would receive a (very cheap and likely second hand) phone. Up until Year 5, my boys would go to after-school care. Somehow, turning 10 and entering Middle School meant after-school care wasn’t really that ‘cool’ anymore, so instead they required a phone so they could safely catch the train home by themselves. The fact that they could also use these devices to play games and talk to their friends was of course, only a secondary consideration for them!  

That was how we managed the phone situation but let me assure you, almost every other family we knew had a different approach. Some gifted their offspring the latest iPhones as soon as they were requested, others provided a phone but with no ‘credit’ so the devices could only be used to receive calls. Others chose to wait till Year 7 and beyond and made their kids pay for the phone plan out of their pocket money.  

Now, I’m a big fan of parents choosing what works best – no one knows a child quite like a parent does, right? But the problem is, deciding what’s right can be really overwhelming. So, I’ve put together a list of things to consider when making this all important decision. Once you’ve worked through these points, I am sure you’ll feel more confident to make a decision that works for both you and your child. 

How Responsible and Savvy Is Your Child? 

Having parented 4 very different boys, I am the first to confirm that every child grasps personal responsibility at different stages. Some kids just have a knack for losing things while others have the same lunchbox their entire school career! Some kids just get the consequence of spending money while others spend up big whilst gaming online, blissfully unaware of their bill.  

You child’s digital reputation should also be worth considering when making your decision. Some kids understand that their online behaviour forms a key part of their reputation while others will charge forth in a heated online exchange without thinking.  

I really believe there is a direct link between social smarts and a positive online experience. When a child can read a situation and instinctively know when to shut it down or withdraw, their online experience will be far more rewarding. If your child is slow to catch on to social cues, they may struggle with posting and communicating online.   

Will A Phone Really Help With Safety? 

When I was deliberating about giving my eldest son a phone, he really went hard with the safety argument – knowing it would appeal to my parental anxiety. So, I relented but he had to promise to answer when I called. And he did – usually!! But it’s worth pointing out that a device itself doesn’t guarantee safety. If your kids are travelling home from school, they still need to know how to cross the road, not to talk to strangers and to always lock the front door once home. A phone doesn’t teach this. But I personally did find it handy (and anxiety reducing) to be able to give them a quick call to give them a few reminders and ensure all was well. 

When my younger boys received their phones, tracking apps like Life 360 were available. I know, they are controversial but, personally I found these super helpful. Being able to see where they were after school and to ensure they were heading in the right direction on the train, brought me great comfort to me when I was beating away on my keyboard at work.  

Could A ‘Dumb Phone’ Or Parental Controls Help? 

If, after reading this, you’re thinking that your child really isn’t ready but still love the idea of being able to contact them, why not consider parental controls or a phone with limited features?  

Putting age-appropriate boundaries around what your child does on their device is what parental controls will do. If you decide that you don’t want them to download TikTok, play particular games or view certain categories of websites, then this maybe your answer. You can also choose to set limits on their daily screen time and block out times when their phone can’t be used. Check out McAfee’s SafeFamily parental controls for peace of mind. 

Or, instead, why not make a ‘dumb’ phone their only option? A basic dumb phone lacks the advanced functionality of most smartphones – think phones before the internet. This means you’ll be able to call and text them but will probably be more relaxed knowing they’re not researching the latest fads on TikTok!  

Some companies have designed dumb phones for kids that even have built in parental controls. Open Mobile has a SmartKids Phone with a built-in GPS tracker and SOS button and comes without a camera. It does have internet connectivity but parents can see which apps have been downloaded, restrict specific apps and nominate what days and times apps can be used. A perfect option for a tween or young teenager! 

Connection 

Now, before making your final decision, I think it’s essential to think about your child’s sense of connectedness. As adults, we all know that being part of a community and ‘belonging’ is critical to mental health and self-worth. And I would not be doing my job if I didn’t remind you of just how fabulous a phone can be for staying in touch with your people. Just take a moment to remember how essential devices were for survival during Covid lockdowns.  

So, over to you mums and dads. This is definitely one of the trickiest decisions you’ll make in your parenting journey but don’t forget that you know your child best. You’ve got this! 

The post When Does My Child Really Need A Phone? appeared first on McAfee Blog.

Read More

AI-focused cybersecurity vendor Darktrace has announced the release of Newsroom, a new detection and warning system for critical vulnerabilities that uses open-source intelligence (OSINT) sources to identify threats posed to businesses. Newsroom leverages deep and AI-assisted knowledge of a customer’s external attack surface to gauge its exposure to detected vulnerabilities and provides a summary of exploits, affected software and assets within the organization, Darktrace stated. It also provides vulnerability mitigation guidance specific to businesses, while early adoption has revealed insight on remote code injection flaws in Citrix Gateway/Citrix ADC, CentOS Web Panel 7 Servers, and Zoho ManageEngine products, according to the vendor. Darktrace Newsroom is now available as part of the Darktrace PREVENT product range.

To read this article in full, please click here

Read More

The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “The Cyber Defense Assistance Imperative ­ Lessons from Ukraine.”

Its conclusion:

Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and achieved higher levels of resiliency due to the efforts of CDAC and many others. But this is not the end of the road—the ability to provide cyber defense assistance will be important in the future. As a result, it is timely to assess how to provide organized, effective cyber defense assistance to safeguard the post-war order from potential aggressors.

The conflict in Ukraine is resetting the table across the globe for geopolitics and international security. The US and its allies have an imperative to strengthen the capabilities necessary to deter and respond to aggression that is ever more present in cyberspace. Lessons learned from the ad hoc conduct of cyber defense assistance in Ukraine can be institutionalized and scaled to provide new approaches and tools for preventing and managing cyber conflicts going forward.

I am often asked why where weren’t more successful cyberattacks by Russia against Ukraine. I generally give four reasons: (1) Cyberattacks are more effective in the “grey zone” between peace and war, and there are better alternatives once the shooting and bombing starts. (2) Setting these attacks up takes time, and Putin was secretive about his plans. (3) Putin was concerned about attacks spilling outside the war zone, and affecting other countries. (4) Ukrainian defenses were good, aided by other countries and companies. This paper gives a fifth reasons: they were technically successful, but keeping them out of the news made them operationally unsuccessful.

Read More

Nearly half of CISOs will change jobs by 2025 due to stress caused by the risk of being breached while trying to retain staff, according to the Gartner report, Predicts 2023: Cybersecurity Industry Focuses on the Human Deal. The research firm found that the stressors of the cybersecurity world make the job of a cybersecurity professional unsustainable. This includes the knowledge that there are only two possible outcomes: get hacked or don’t. “The psychological impact of this is profound, directly affecting decision quality and performance of cybersecurity leaders and their teams,” found Gartner.

Although burnout is nothing new, it did become more visible and common during and after COVID-19. For CISOs it is worse as more than 50% are challenged with work demands that lead to a poor work-life balance at least once a month. A leader recovering from the stress of a data breach could last less than five years on the job — the average tenure of a cybersecurity leader according to a 2020 Gartner research report.

To read this article in full, please click here

Read More

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Extended Detection and Response customers.

Executive summary

As we move towards more automation, we should remember the risk of over-automating, or at least make a conscious decision to accept the risks. This is especially important in automating response actions, which left unchecked could wreak havoc with day-to-day business operations.

The alarm

One evening after normal business hours, an alarm came in indicating a software package attempting to execute on a server was auto-mitigated by SentinelOne. The software package was behaving in a way that was taken as attempting to evade detection by the SentinelOne agent and therefore rated as “Malicious” by the SentinelOne Artificial Intelligence logic. Since the server on which the software package was attempting to execute had a “Protect” policy applied, the auto-mitigation steps for a dynamically detected “Malicious” rating included killing and quarantining the process.

A “policy” setting in SentinelOne is the defined level of automated response activity the endpoint detection and response tool (EDR) has permission to perform for each grouping of assets. Whereas a “Detect” policy will create an alert that can be managed for post-investigation response actions, a policy setting of “Protect” will take automated response actions. The intrusion level of those automated response actions can be customized, but they all perform an automated action without a person looking at the situation first.

The below image is for an alarm for malware which ended up being process automation software

but nonetheless was automitigated (process killed) by SentinelOne as shown in the log excerpt below.

The business impact

The next morning, with business hours back in full swing, the customer reached out to us concerned about the result of the automated response action. The customer stated that the software package is a critical part of their business infrastructure and should never be stopped from executing. The software had been running on that same server the prior several months, since entering SOC monitoring.

The customer questioned why after several months with the SentinelOne agent running on the server did the agent suddenly believe the software package was malicious. We were not able the answer the question specifically since the decision-making behind identifying and rating a process as “Malicious” versus “Suspicious” or benign is a proprietary logic.

What we could state is that any EDR solution worth its price will continually update indicator of compromise (IOC) signatures. Any worthwhile EDR solution will also include not only static detection but also behavior-based dynamic detection. In the case of SentinelOne, there is the pre-execution behavior analysis that allows for process termination pre-execution as well. And of course, any software package run on a server is subject to updates for security, efficiency, or product feature upgrades.

Taken as a whole, it means any endpoint being protected is a very dynamic battleground with the potential for an updated software package that did not trigger IOC rules yesterday triggering tehm today. Or a non-updated software package may suddenly be identified as potently malicious due to updated machine learning IOC behavior analysis. Remember when JNDI calls were considered benign?

Lessons learned

Just as we learn the CIA security triad is a balancing act between confidentiality, integrity and availability, there is a balance to be struck between the use of immediate automated response actions and the slower reasoning of human evaluation prior to response actions. An EDR solution will immediately and infallibly carry out the policy which it has been programmed to implement, but in a ruthless fashion. A human evaluation will take longer, but it can consider prior history, the validity of the triggering IOCs in context, and the nuances of how selecting one response action over another might impact your overall business.

Automation, machine learning, artificial intelligence, and the like have their place. Their benefits will no doubt increase as technology develops. But the human component will always be necessary. The MXDR SOC and our customers (being the humans that we are) must work together to define the critical assets and business processes that should never be touched by automated intrusion. We must also work together to find the space in your environment where those swift and ruthless automated response actions are an advantage. And it is a very human decision to conclude how much risk we can tolerate in each implementation.

Read More

A fifth of firms use accountants to help with compliance

Read More

Fortinet detected a 50% increase in destructive attacks in H2 2022

Read More

Campaigns designed to steal card information and install malware

Read More