The economic impact from cybercrime continues to increase and as we enter 2025 we thought it well worth reviewing the key cybersecurity observations and lessons from 2024. This series of articles will wrap up with an opinion about what we believe is the trend leading us into 2025. Be more Proactive with Cyber Security   Observation 1: Surging Zero-Day Exploits 2024 has been a landmark year for cybersecurity, with a significant increase in the discovery and exploitation of zero-day vulnerabilities. These unpatched security flaws have become a primary tool for cybercriminals, posing serious challenges for cybersecurity teams. The volume of reported CVE’s in 2024 should act as a reminder that no system is ever totally secure, and with some of the most impactful affecting FortiManager, Google Chrome and Windows, a large percentage of businesses globally were in the direct firing line. The evolving tactics and strategies of attackers suggest this line of attack is not going away.   Observation 2: Nation-State and Cybercrime Collaboration Observation of several high-profile attacks has suggested that the level of collaboration between nation-state actors and cybercriminals, increasingly blurring the line between these actors. Nation-state sponsored attackers initially used zero-days in targeted attacks, which were then escalated to widespread exploitation to cover their tracks.   Lesson 1: You must have a proactive defence strategy The best defence against cyber threats is awareness and preparation. Organisations must stay informed of emerging threats, maintain staff awareness training and prioritise the patching of weaponised CVE’s. These actions, however, won't help much if the adversary is using valid stolen or created credentials.  Therefore, the foundation of proactive defence strategy must be to deploy the latest and strongest identity management system as your first priority.   Why is identity important ? Implementing strong identity verification can prevent unauthorised access even if a zero-day exploit is used. Implementing a phish-resistant MFA solution can significantly enhance security by ensuring that even if credentials are compromised, unauthorised access is prevented.   Resilience in the face of Ransomware  Observation 3: Ransomware attacks surge A significant increase in ransomware attacks affecting various sectors including healthcare, finance, and critical infrastructure occurred in 2024. The top 5 confirmed attacks include Change Healthcare (US), LoanDepot (US), MediSecure (Aus), Izumi Co (Japan), Evolve Bank & Trust (US) in which an estimated 140 million records were stolen. Aside from data theft, these attacks led to substantial service disruptions and financial losses.   Observation 4: Ransomware targeting service providers and supply chain networks Ransomware attacks in 2024 highlighted the fragility of supply chains and business continuity. A cyberattack on the parent company of major US supermarket chains disrupted services across its entire network impacting more than 2,000 stores for several days.   Observatio n 5: Cybercriminal “Whack-a-Mole” While law enforcement efforts to combat ransomware gangs were able to disrupt the LockBit gang, which saw 34 servers seized, cryptocurrency accounts frozen, 1,000 decryption keys obtained and that two individuals arrested, they were reportedly ‘back on line’ within 2 weeks. Furthermore, new ransomware groups like RansomHub have become prominent.   Lesson 2: Resilience in the Face of Ransomware Limiting the spread is a critical factor in network resilience when faced with a ransomware attack. Backups, patching, antivirus/antimalware and EDR tools are all important, but as ransomware gangs target business disruption through attacking supply chains and service providers, network resilience is key . Implementing network segmentation can help limit the spread of ransomware, by blocking common pathways and protecting the most valuable assets which can significantly reduce the impact of a ransomware attack. More importantly, identity-based segmentation can help isolate compromised accounts and prevent lateral movement within the network.   Why is identity important? Implementing strong identity verification can help ensure that only authorised personnel can access critical systems, reducing the risk of ransomware attacks. A phish-resistant MFA solution can help protect against ransomware by ensuring that only authorised personnel can access critical systems, reducing the risk of attacks spreading and building resiliency. Critical Infrastructure needs an IT security focus Observation 6: Attacks on Critical Infrastructure (CI) rise as IT system defences become stronger. Attacks on critical infrastructure reached new levels in 2024, so much so that the US Cybersecurity and Infrastructure Security Agency (CISA) issued a notice warning that US government-run water systems were at risk. Attackers shifted their focus to more the vulnerable systems like water processing plants and power grids as they represent a much easier target. This is because there is often a lack of visibility into connected Operational Technology (OT) devices, making threat detection extremely difficult.   Observation 7: OT teams need to take more precautions when connecting devices online One of the key issues is the fact that many CI operators continue to connect industrial tools to the internet to remotely manage them. Different from IT (which has a relatively shorter life cycle), much of the industrial systems operate using legacy equipment that was never designed with cybersecurity in mind, leaving devices exposed to relatively unsophisticated methods such as the use of default passwords or conducting brute force attacks.   Lesson 3: Critical Infrastructure needs an IT security focus The time to invest in an “IT style” cybersecurity strategy for operational technology (OT) systems is now. This strategy needs to cover the systems in use, how they can be managed in a critical operations environment as well as upskilling personnel who are generally not IT professionals who are more familiar with cyberattacks and the required defences. Collaboration between IT and OT teams will be crucial for securing these systems, using the lessons learned in traditional cybersecurity practice – especially around strong identity and access controls.   Why is identity important? Implementing strong identity verification can help ensure that only authorised personnel can access critical systems. A phish-resistant MFA solution can help protect against unauthorised access, and strong managed hardware based VPN connectivity can be used to prevent exposing devices themselves to the internet.   Phish-resistant MFA should be employed on every system and device.   Observation 8: Phishing techniques will continue to grow in sophistication Phishing was the leading attack vector in 2024, reportedly up 58% on 2023. Cybercriminals are employing increasingly sophisticated methods to deceive individuals, with AI now able to create more convincing and tailored messages to individual targets, increasing the likelihood of success. Expecting humans to be able to effectively discern the difference between an advanced AI crafted email, online chat, phone or video deepfake call will soon become an inappropriate defensive tactic.   Observation 9: Proliferation of online tools The number of phishing kits available on the dark web has apparently increased by 50% in 2024. These tools are now so advanced, even novice cybercriminals can effortlessly launch sophisticated campaigns, and impersonate brands, governments, banks and service organisations. With success rates rising from 14% to 18% attackers are clearly becoming adept at manipulating victims to bypass poor security.   Lesson 4: Phish Resistant MFA should be employed on every system and device. Humans will always be able to be manipulated, and therefore identity and authentication mechanisms must be phish-resistant. Second factor authentication systems should now be considered as providing no added security, and only phish-resistant MFA should be utilised (where ever possible using separate purpose-built hardware authenticator).    Why is identity important? Phishing   has a single goal in mind – credential theft. Implementing a phish-resistant MFA solution will prevent your organisation from becoming another statistic and will significantly enhance your security posture by ensuring that even if credentials are compromised, unauthorised access is prevented. Trends to expect in 2025   In the part of this article, we look ahead to the cybersecurity trends and challenges expected in 2025.   Continued Rise of Zero-Days:  We predict the ongoing increase in zero-day vulnerabilities and exploits. Why? Simply put software is complex (more than ever) and adversaries are now very focused on finding and exploiting software flaws. Phish-resistant MFA will become the minimum standard:  More organisations will deploy phish-resistant MFA, phone-based authentication apps will be widely breached. Passkeys will be more widely adopted:  however, enterprise and government will be slower to adopt due to legacy equipment and systems which are not passkey ready. Account recovery processes will be targeted: Especially for passkey-protected accounts, attackers are now more likely to focus on finding weaknesses in account recovery and reset requests and pivot to phishing for recovery keys. AI will be widely adopted by adversaries to be more targeted and efficient with their attacks: Emails, SMS, chats, phone calls, deep fake videos will be almost impossible for humans to decern as fakes. Evolving Ransomware Tactics:  Ransomware operators will target new sectors, such as service and supply chain organisations, seeking to disrupt operations as much as steal personal data. Focus on Critical Infrastructure: Attackers see CI as a strategic and much softer target and will seek out any unprotected operational and edge devices. More executive prosecution for cyber incidents:  Litigation for cyber incidents will increase as tightened laws around liability of senior management take hold. The Rise of Identity-Based Security: Traditional security measures like firewalls and VPNs are no longer sufficient. The focus of security for organisations will change to be on verifying and securing the identities of users and devices accessing systems.   Who is VeroGuard Systems? VeroGuard is a leading digital identity technology company that understands the importance of a secure, verified and reusable identity in today’s hybrid IT environments.  The VeroGuard Platform provides our customers with a bank-to-bank level identity verification system and when combined with our VeroCard offers Next Generation Authentication solutions, where authentication is linked to identity verification with every authentication request. VeroGuard NFA can secure legacy authentication protocols and support the latest Cloud systems with passkeys - all with a phish-resistant and identity aware overlay.   One more Trend for 2025 1.       Next Generation Authentication will be the security foundation for all digital transformation.

Introduction Passwordless authentication remains an appealing, yet elusive, long-term goal for many organisations. The numerous implementation challenges — from legacy system compatibility to user adoption — can make it a complex and potentially expensive endeavour. It is well recognised that password-related vulnerabilities remain the major threat to organisational security, and that human behaviour is a key underlying factor with weak, compromised and reused passwords often factor in root causes of data breaches. These factors have driven some IT teams to continue the ongoing – and somewhat fruitless – continuous cycle of enhancing password security policies in a belief that there remains no other viable option. A successful implementation of passwordless authentication offers several potential benefits including: Enhanced security:  By eliminating the need for users to create and remember complex credentials, passwordless authentication can significantly reduce the risk of breaches caused by human error. Improved end user experience:  Passwordless authentication is desirable from an end-user perspective. After all, who relishes the challenge of remembering multiple complex passwords across various accounts? Reduced IT burden:  Passwordless authentication promises to lighten IT teams' administrative load by: decreasing password reset requests and related support tickets. removing constant password policy management reduced expenditure on password hygiene tools and procedures   However, despite the ongoing efforts to establish an industry standard (FIDO2) and the release of a number of passwordless products many challenges remain.   The challenges of going passwordless Notwithstanding the significant benefits, the numerous challenges organisations face when considering a move to passwordless authentication can appear insurmountable and depending on the industry, compliance and regulatory considerations also come into the mix. Legacy system compatibility. User adoption and training. Backup authentication methods. Biometric data privacy concerns. Interoperability challenges. Regulatory considerations. Multiple Solution for different environments. Hardware Requirements.     Addressing the challenges. A complete passwordless authentication solution should: Utilise next generation and phish-resistant MFA Remove the burden of creating and remembering unique complex passwords Remove user friction from layers of weaker authentication methods Solve for every system and application Support IT teams by reducing workloads and systems maintenances / no of solutions supported Reduce CISO concerns over compliance with password hygiene and related policy Utilise a certified stand alone hardware based authenticator   VeroGuard Systems provides passwordless authentication experience without the risks and costs associated with other approaches. In fact the VeroGuard Platform can deliver significant savings to an organisation. Challenge VeroGuard Response 1.   Legacy system compatibility: Many businesses rely on a mix of modern and legacy systems — some of which may not support passwordless authentication methods. Updating or replacing these systems can be costly and time-consuming, often requiring significant changes to existing infrastructure.  The VeroGuard Platform works with legacy and modern systems providing a common passwordless experience for all environments. This supports a managed transition whilst providing all the benefits of going passwordless without the complexity and cost. 2.   User adoption and training: While passwordless methods may be intuitive to tech-savvy users, they can confuse others. Your organisation may need to invest in comprehensive training to ensure all employees can effectively use the new authentication system.  The VeroCard interface uses a familiar PIN prompt and entry with a simple and familiar Bluetooth or NFC connection to any device. The authentication experience remains the same irrelevant of the device, operating system or network. 3.   Backup authentication methods: Even with passwordless primary authentication, most systems still require a backup method — which tends to be a traditional password. This means passwords don't truly disappear; they just become less visible, potentially leading to weaker security practices around these "hidden" passwords.  With Active Directory VeroGuard takes over the password management to effectively nullify this vulnerability, with a feature to also roll a password on each login avoiding the threats of replay or similar attacks. VeroCard’s can contain password wallets, key management and other methods of secure access all protected by a personal certified hardware security module. A number of secure backup options are available to support access policies. 4.   Biometric data privacy concerns: Many passwordless solutions rely on biometric data, such as fingerprints or facial recognition. This raises important questions about data privacy and storage. Your organisation must carefully consider the legal (and ethical) implications of collecting and managing this type of sensitive information  VeroGuard does not use or rely on biometrics. Biometrics not only create the concerns of privacy and ethics biometrics particularly when dependent on a smartphone for capture vary in reliability and security. Biometric solutions vary in quality across devices, and deployment consideration must accept that any biometric is probabilistic by design and not deterministic meaning that false positives are an accepted part of any biometric solution. 5.   Hardware requirements: Some passwordless solutions require specific hardware, such as fingerprint readers or security keys. Equipping your organisation with these devices can be expensive, especially if you have a large or distributed workforce.       VeroGuard provides a single hardware terminal for next generation phish-resistant authentication at a cost-effective price. With the added benefits provided by passwordless authentication and the broader VeroGuard platform 6.   Interoperability challenges: In environments where employees need to access multiple systems and applications, it can be tricky for your IT team to ensure seamless interoperability between different passwordless solutions.  Because VeroGuard is a Platform, interoperability and integration challenges can be solved for legacy systems either at the host, hardware or client level, and VeroGuard supports the modern passwordless standards such as OAuth and FIDO2. Integration at any point does not change the common authentication user experience. 7.   Regulatory considerations: Depending on your industry and location, your business may face regulatory requirements that impact your choice of authentication methods. Some regulations may mandate specific security measures or data protection practices that could influence your decision between passwordless and traditional password systems.  VeroGuard is suitable for any regulated industry.   Defence certified for use in sensitive high assurance environments, and equally suitable to business and enterprise alike.   VeroGuard Organisations wanting to go passwordless without the challenges can deploy VeroGuard Platform today and start enjoying the benefits of secure, unified and universal authentication across the enterprise.

On Friday (July 19, 2024), CrowdStrike’s 'Falcon' product was sent an automatic remote content update for Microsoft Windows hosts (which it does on a regular basis). Unfortunately, the update had a defect. When uploaded, the defect triggered widescale failures of computers and systems with Microsoft operating systems that were online. This is being described as the largest IT outage in history.  How has this affected VeroGuard? The VeroGuard Platform was  not  affected by the CrowdStrike-caused outage and has continued to operate normally. Our customers using the VeroGuard verification services continue to use our services without interruption. For any customer whose PCs or laptops were impacted during the period that their devices were compromised as they tried to find workarounds, customers could, nonetheless, continue to use VeroGuard without needing to worry about downstream attacks on their users’ credentials or ID's, because the VeroGuard Platform operates independently of other cloud services and remains vigilant even if a device is compromised. A shift to stronger identity protection rather than reliance on detection models CrowdStrike is embedded software detection that works with a computer’s operating system, essentially watching and assessing code to determine if a cyber threat is present.  As each new variant of a threat is developed by an adversary, CrowdStrike must identify the threat and update their application.  The VeroGuard Platform works 'out of band' as the guardian rather than the detector. As such, the VeroGuard Platform rarely needs updates, which typically are functional improvements and not a reaction to each new threat. Fundamentally, the VeroGuard Platform is designed and built to defend the primary attack surfaces (over 95% of all attacks), which are identity and credentials.  Regardless of the source or type of attack, VeroGuard will stop the adversary from gaining control or executing actions in a system or network. In practical terms, the majority of cyber breaches over the past two years either started with a credential breach or had lateral movement using credentials acquired inside the network after the breach. An outage that raises many questions. CrowdStrike has said that the global outage was not caused by a cyber-attack, but the release of a defective update. The big questions by journalists and industry experts have included: the nature, robustness and effectiveness of testing procedures for updates and patches on cloud systems; the risk of concentration of internet services, and the impact when one of them has a major outage; and the potentially catastrophic impact of a mega cybersecurity breach to critical infrastructure and services. is a global defect-caused outage better than a global cyber breach? (i.e.: speed to deploy updates) The World Economic Forum has stated that, in 2023, the economic impact from cybercrime was over US$8 trillion and, by 2027, the impact is forecast to rise to over US$24 trillion. Time for a new approach Given the clear unprecedented impact of the CrowdStrike outage and the questions that it has raised around the design, robustness and assumptions underlying global IT infrastructure protection, it is clear that a new approach to cybersecurity is needed. The new approach needs to: improve an organisations' and individuals’ security online from credential and ID compromise; not be largely dependent on centralised detection software and services that are clearly under increasing pressures and can cause major global disruptions to systems and networks when that pressure leads to mistakes; be able to operate in a distributed way like bank switches, whereby a single failure does not bring down multiple industries and geographies; protect identity and credentials at all times, regardless of the choice of environment (cloud, on-premise or hybrid) and the status of the applications, network and systems; and not result in widespread scamming each time a new incident occurs by improving the verification of both parties in all high value transactions. The VeroGuard Platform addresses these issues. #VeroGuard #DigitalIdentity #DigitalID #identity #cybersecurity #cybercrime  Want to discuss how VeroGuard can change your organisations cyber-protection profile? Contact Us using the form below. Originally published on LinkedIn 22 July 2024

Ongoing savings - 3rd party expenses Ongoing savings - FTE Productivity One-off costs (set up) Ongoing costs Net saving per annum - 3rd party expenses Net savings cumulative % savings over 3 years Year 1 $0 $0 $0 $0 $0 $0 Year 2 $0 $0 $0 $0 $0 Year 3 $0 $0 $0 $0 $0 0% Per user/month equivalent $0 $0 $0 $0 $0 0% Employees 500 Logins/Day Apps/User Compare Cost Range Avg Hourly Cost SSO in Use? $$ 3rd Party Prod $0.00 FTE Prod $0.00 3rd Party $0.00 Category Activity Who Change Saving Occurrence Details Include? Info Access Management 2FA - Licences 3rd Party No longer required 0 1 Access Management 2FA - Productivity FTE Productivity No longer required 0 220 Access Management Adaptive MFA - Licences 3rd Party No longer required 0 12 Access Management Adaptive MFA - Productivity FTE Productivity No longer required 0 220 Access Management Hardware Authentication 3rd Party Enhanced 0 1 Access Management Single sign on 3rd Party Enhanced 0 12 Create a Security Centred Culture Culture program FTE Productivity Enhanced 0 1 Identity Create Accounts / Set user name FTE Productivity No change 0 1 Identity Identity enrolment / proofing 3rd Party Productivity Enhanced 0 1 Identity Identity monitoring/Password Manager 3rd Party No longer required 0 1 Identity Password Hygeine FTE Productivity No longer required 0 4 Network Security Maintenance Adaptive MFA Policy Management 3rd Party Productivity Substantially Reduced 1.5 220 Network Security Maintenance Intrusion detection / Monitoring / Reporting 3rd Party Productivity Reduced requirement 3.0 220 Network Security Maintenance Off Boarding 3rd Party Productivity Enhanced 2.0 220 Network Security Maintenance Patching/Vulnerability Management 3rd Party Productivity No change 0 1 Support services Help Desk 3rd Party Productivity Reduced requirement 13.0 220 Support services Password resets FTE Productivity Substantially Reduced 0 1.20 Training Best practice FTE Productivity Reduced requirement 0 1

VeroVault. A new paradigm for secure cloud storage. For Government A unified, universal digital identity platform for Government departments accelerates the ability to bring services online for citizens, secures data and improves administrational procedure. Click below to discover how VeroGuard can help to streamline your Government department. Find Out More Find Out More For Corporate Industry leading ID management solutions, secure remote login options for staff and the ability to store your organisation’s data assets with confidence. A single, unified system to achieve all this and more. Get VeroGuard Other Solutions Machines People Data Protection VeroVault For the first time, experience the highest level of security possible for data on the internet or stored in the cloud. By utilising our non repudiable ID verification and also multi-server splitting of encrypted data packets, our proprietary solution directly addresses critical security concerns at all three stages of online communication. VeroGuard not only provides protection for data at the source, but also for data in transit and for data at rest. VeroGuard Systems has partnered with Data61 (CSIRO) in order to take cloud data protection to a level far beyond any existing standard. By leveraging multi-server splitting of data packets and the non-repudiable identity of the users, VeroGuard Systems delivers unprecedented security, privacy and control over data for integrated online systems. Once authenticated, ultra-secure storage spread across multiple distinct servers is provided. For the first time, create an ultra-secure ecosystem of trusted members for sharing, transacting, communicating and using data. SOLUTIONS Product: VeroVault VeroVault VeroGuard Systems is proud to deliver the most sophisticated data protection for cloud ever conceived, with Hardware Security Module (HSM) encrypted protection for all data transmissions whether at the source, in transit or at rest. VeroVault is our secure cloud and email service - which can be connected to a range of cloud providers. This is HSM to HSM level secure access for data secured in the cloud, made possible for the first time by VeroGuard systems. Data is protected at the source of the transmission via indisputable, non-repudiable verification of the sender. The data continues to be protected while in transit thanks to proprietary hardware security module technology to enable HSM to HSM encryption from point-to-point. Finally, VeroGuard introduces superior protection for data at rest in the cloud by splitting the data in multiple packets, each of which is then stored on separate servers. Together, these strategies represent the only solution for absolute protection for data online and in the cloud.

Vero Machine Identity is a Hardware Security Module (HSM) based solution that provides unparalleled security for IoT devices and applications. For Government A unified, universal digital identity platform for Government departments accelerates the ability to bring services online for citizens, secures data and improves administrational procedure. Click below to discover how VeroGuard can help to streamline your Government department. Find Out More Find Out More For Corporate Industry leading ID management solutions, secure remote login options for staff and the ability to store your organisation’s data assets with confidence. A single, unified system to achieve all this and more. Banking Grade Security for Devices VeroMod utilises a unique key for every transaction and operates with no known source of encryption. The module features AS 2805/ISO 8583 messaging in order to provide true banking grade security, ensuring that no user authentication data can ever be exposed during transmissions. The data can never be retrieved from the hardware itself either, as VeroMod is completely tamper resistant, featuring multiple hardware fail-safes. These ensure that all data is erased if any attempt is made to physically manipulate the module. Absolute Online Device Protection VeroCard is your personal digital identity. A universal, unified card that enables non-repudiable authentication online for the very first time. It connects to the VeroGuard network to provide absolute protection of your identity in online transactions, communications or when accessing almost any system, as well as enabling superior privacy control. VeroCard is also the perfect tool for convenient management of digital identity access. It acts as a secure point of entry to provide non-repudiable access to websites, applications, cloud storage, physical access, scada, payment and many other systems through our secure platform, with real-time authentication utilising hardware encryption to make it the best protection for guaranteeing online identity ever created. Get VeroGuard Other Products VeroCard VeroMod VeroVault VeroMod VeroMod is a non-repudiable digital identity for any internet connected device that utilises Hardware Security Module (HSM) embedded Digital ID and encryption. It enables indisputable verification of the device for online communications, providing black box grade security for any IoT application. Products Solution: Machines