Catch A Phish: Go big on ‘big data’ security

With the increase in big data that is produced from several sources, it is with no doubt that its value has increased, especially in knowledge-based countries. If big data is managed properly, this will greatly affect the development in terms of economic, social, and political change around the world. On the other hand, big data is a threat for individuals and organizations in regard to their privacy and security. 

This might represent additional pressure on cybersecurity through various processes used to collect and store information illegally, such as phishing crimes, theft, and the use of virus programs to access the cloud computing and big data technologies. The challenge of securing big data also increases with the increasing speed and diversity of data transfer patterns, size, and diversity of sources. All of these reasons make the traditional security mechanisms used, such as encryption and others, which may become insufficient to secure big data. The nature of big data environments requires continuous use and constant expansion and increase in its size, for security solutions to expand and include any increase in size without affecting the performance.

Also, the continuity of performance is due to the availability of artificial intelligence and machine learning solutions. Therefore, data analysis systems must be smart and accurate enough without the need for any human intervention. In addition, availability and adaptation must not overlook security solutions. To achieve the greatest value and protection, these solutions must be able to have restricted access to data in regards to the individual’s role in the organization or the concerned party.

To conclude, big data and associated tools enhance the boldness of organizations in detailing different useful aspects and having the clear analysis when implementing it correctly. As big data technologies gather individuals’ private data, people should be aware of the risks associated with big data and related technologies, and they should know how to use them with caution.

Noufil A. Awami among first to identify phishing email

The urgent message of “New letter received – Transfer Notice” may have tricked some employees to click on a link to view the information concerning their transfer notice, but not Noufil A. Awami. The Aramcon, working in the EXPEC Upstream Database Services Division of the EXPEC Computer Operations Department, was among the first in the company to identify the recent email as a potential phish.

The email offered several enticing elements looking to lure its recipients into responding inappropriately and clicking on one of its links. Tipoffs that the email might be nefarious included:

• A suspicious domain (ITLetter <itletter@aranco.cor>)
• An attractive subject line (New letter received – Transfer Notice)
• An external tag indicating it had been sent from an outside source
• A general greeting and a generic signature
• An embedded link (Click Here)
• Use of poor grammar (you can check and have a quick view over here).

The top 5 positive performing organizations

1. Corporate Compliance Department

2. Finance, Strategy and Development 

3. SMEs PMO

4. Upstream

Thank you

The Information Security Department would like to extend its gratitude and appreciation to the top four positive performance organizations for their noticeable efforts in scoring 0% negative behavior; along with the highest positive behavior for the March test. Such efforts reflect positively on Aramco cybersecurity user behavior and elevates the resilience of Aramco’s core business.