The vital role of multi-factor authentication in your security stack
Stop me if you have heard this story before. A threat actor sends a crafty phishing email. An unsuspecting end user clicks a hyperlink in the email and enters their username and password, unknowingly providing those credentials to the threat actor. The threat actor then uses these credentials to gain access to all sorts of personal or company sensitive information. While this may be a "tale as old as time", it’s still happening today. Literally every day. According to the latest Verizon Data Breach Report, stolen credentials is still the primary way attackers gain access to organizations.
The fact is passwords continue to be a target for threat actors and are becoming increasingly vulnerable to attack. Threat actors leverage techniques like phishing campaigns, brute force attacks, information-stealing malware, and social engineering to gain access to user credentials. End users often contribute to the problem by using easily guessed passwords or reusing the same passwords across multiple accounts making a threat actor’s job easier. The bottom line is putting your data protection hopes into a single username and password is a foolish endeavor when the need for more robust authentication controls is evident.
Navigating 20 years of cybersecurity: The evolution of patch management
As we approach the 20th anniversary of Cybersecurity Awareness Month, it's crucial to reflect on the progress made in patch management, a fundamental cybersecurity practice aimed at helping organizations mitigate the risk of unpatched vulnerabilities -- the primary gateway for attackers to breach organizational systems and deploy ransomware and other malware.
In 2003, patch management awareness was low, but it wasn't as critical to global cybersecurity as today because cybercrime was less developed. Automated exploits for known vulnerabilities and ransomware, which now monetizes attacks, hadn't emerged yet.
To mitigate insider risk, focus on people and not technology
Insider risk poses the most serious threat to data and operations, yet most organizations still lack a security strategy designed to confront it.
The Ponemon Institute’s 2023 Cost of Insider Risks: Global Report found that insider risk -- whether unintentional or intentional -- has continued to rise over the past two years while the costs of breaches have risen as well. The 309 organizations benchmarked over a 12-month period averaged 24 incidents each, with a total average cost of $16.2 million.
It's time to safeguard the financial sector: Navigate employee turnover to defend against escalating cyberattacks
It’s no secret that cybersecurity has a significant skills shortage. According to ISC2 research, the worldwide shortage is as high as 3.4 million cybersecurity workers. As a result, security professionals’ skills are in very high demand, making finding and retaining talent challenging. Swimlane’s own research shows that 82 percent of organizations report it takes three months or longer to fill a cybersecurity role, with 34 percent reporting it takes seven months or more.
The situation isn’t improving either. Some 70 percent of companies also report that it takes longer to fill a cybersecurity role now than it did two years ago. The challenge has led one-third (33 percent) of organizations to believe they will never have a fully-staffed security team with the proper skills, according to Swimlane’s survey
Staying safe online by bringing nonstandard applications into the identify lifecycle
This year marks the 20th Cybersecurity Awareness Month, and today, the prevailing theme, "It’s easy to stay safe online," remains a timely reminder. The message is clear: online safety can be achieved with the proper knowledge and tools. This comes with a bit of a caveat, however, as many of our current security processes are manual and rely on the end user's discretion and action, such as turning on MFA. Adding further complexity is the ever-growing challenges posed by nonstandard applications, which do not work with established security standards like single sign-on.
A report by Netskope paints a grim picture with its concerning findings. For instance, the report found that 97 percent of apps used within enterprises operate outside the traditional identity perimeter. While the ubiquity of these nonstandard applications is undeniable, the lack of oversight in their security is alarming. The Ponemon Institute's research reveals that only 34 percent of organizations are proactive in prioritizing the security of nonstandard applications. When educated on the risks, this figure jumps dramatically to 82 percent. People care once they understand the impact on the business.
Email: Adapting to the riskiest business tool
Almost every organization freely admits that people are the biggest risk to their security and are most vulnerable when using email. While the 'outbound' risk of an employee accidentally or intentionally leaking data is very clearly categorized as an insider risk, even a phishing attack that originates from outside the organization requires an insider to, essentially, open the door.
And it’s a valuable vulnerability for threat actors to be aware of; the FBI reported that Business Email Compromise (BEC) scams accounted for $50 billion in losses between June 2016 to December 2022.
Improving remediation in practice -- five ways get ahead on fixes
Remediating security issues and potential software vulnerabilities is one of the fastest ways to improve security and prevent attacks. It’s a standard process for security teams, and it should make the job easier for everyone involved. Yet many of the security issues that we see exploited remain known software vulnerabilities -- in Qualys' Top 20 Security Vulnerability Research this year, the top five most common exploits include a privilege escalation issue in the Zerologon protocol, remote code execution (RCE) problems in Microsoft Office and Wordpad from 2017 and even an RCE with Microsoft Windows Common Controls from 2012. These issues still exist, and have been targeted by threat actors this year.
So why are these old problems still present in production systems years after patches have been released, and why have they not been fixed? What is holding IT teams back around this backlog of vulnerabilities, and how can teams improve their processes to get ahead of these problems in future?
Countering the rise of AI criminals
As generative AI tools continue to expand, new doors are being opened for fraudsters to exploit weaknesses. Have you experimented with generative AI tools like ChatGPT yet? From beating writer’s block to composing ad copy, creating travel itineraries, and kickstarting code snippets, there’s something for everyone. Unfortunately, "everyone" includes criminals.
Cybercriminals are early adopters. If there’s a shiny new technology to try, you can bet that crooks will explore how to use it to commit crimes. The earlier they can exploit this technology, the better -- this will give them a head start on defenses being put in place to block their nefarious activities. If tech helps boost the scale or sophistication of criminal attacks, it’s extra attractive. It’s no wonder cybercriminals have been loving tools like ChatGPT.
Advances in predictive analytics expand organizational data intelligence
When it comes to data analytics, most organizations have historically focused primarily on descriptive and diagnostic capabilities. Descriptive analytics explains what is happening in an IT system and uses analysis levers including analyzing trends, mining patterns, and detecting changes and anomalies. Diagnostic analysis encompasses functions including critical path analysis, bottleneck analysis, fault propagation models, and root-cause analysis to explain why something is happening in the system.
With an increased focus on instrumentation and observability, allied to significant advances in AI, enterprises are now looking beyond simply what happened and why, and seeking to apply advanced intelligence to draw valuable predictive insights from data. IT leaders are looking for insights that can inform them about what is likely to happen in the future and how to prepare for it, for example:
Enterprise networks are evolving; your security architecture needs to evolve, too
The cybersecurity landscape is no stranger to change. Security strategies must adapt to the onslaught of new threats and the increasing sophistication of cyber-attacks. The emergence of 5G as a primary WAN technology creates new opportunities and corresponding security challenges for businesses. As 5G technology delivers faster and more flexible connectivity capabilities, enterprises can expand their networks and provide additional connectivity in more places and for a broader range of devices. With this comes a need for comprehensive, customizable security to handle this growth.
A major area that 5G technology will affect is the expansion of IoT devices, as many will be added to 5G networks. Ericsson predicts the number of IoT-connected devices will reach 34.7 billion by 2028, up from 13.2 billion in 2022. As the number of IoT devices continues to grow, the attack surface also grows, increasing the risk of attack from bad actors. This is why we have seen a rise in cyber-attacks targeting IoT devices, with Techmonitor identifying a 98 percent spike in cyber-attacks on IoT devices within the last quarter of 2022.
Aligning DevOps and change management
Companies are committing to DevOps; in fact, according to a recent survey, three-quarters of leaders have adopted DevOps into their operations. DevOps delivers speed and agility to the development process. By cross-training operations and engineering, development teams can move faster through better collaboration, making continuous integration and continuous delivery (CI/CD) a reality for organizations.
The challenge some companies face, however, is change management, the process used to control any change related to a product in production. The process is there to ensure things don’t move too fast, and that production isn’t rushed. Companies that can align DevOps with their change management process see the greatest gains in getting products to market.
When ignorance isn't bliss: Accidental insider threats
Insider threats are far more commonplace than one would expect -- accounting for about 20 percent of all data breaches.
Though the term ‘insider threat’ conjures up images of disgruntled employees with malicious intentions or moles within an organization, the reality is that the majority of vulnerabilities of this nature are attributable to accidental, negligent insiders. As Okey Obudulu, CISO at Skillsoft, explains: "More often than not, insider threats are unintentional. Innocent acts -- such as sending an email to the wrong person or accidentally clicking on a phishing link -- can have devastating security consequences." Of course, what cybercriminals love more than anything is an unsuspecting and improperly trained employee to take advantage of…
The race to regulate AI: The next frontier for law and society
Artificial intelligence (AI) is set to be the next major technological advancement to dramatically impact modern society. From transforming the way we work, to increasing efficiency in outdated systems, the changes promised by AI have the potential to be utterly transformational. While this brings a huge range of opportunities, there are also some enormous challenges to overcome if humanity is to strike an effective balance between progress and risk.
History shows that society and the law do not always handle rapid innovation well. Take technologies such as the steam engine and automated loom, for instance, where progress was met with varying degrees of resistance and fear before the benefits were fully realized. In the case of AI, harnessing its potential while safeguarding against misuse means legislators must take a measured, risk-based approach to regulation that embraces change alongside effective safeguards.
You can't win: Learning to live with security pessimism
Cybersecurity can, at times, feel like a thankless and invisible task. The punishment for a mistake is immediate and ruthless, the reward for success next to non-existent, because how do you recognize the absence of a breach? But this isn’t a new scenario; the IT industry has dealt with this outlook for decades. The job of an IT department is to be invisible, but when something does go wrong all eyes are inevitably on them to fix it.
In a threat landscape where there exists a constant push to innovate, adapt and breach, there are only three possible outcomes for the IT industry: defeat, indefinite struggle, or complete structural collapse.
Making IT sustainability a part of the digital employee experience
Sustainable IT is no longer merely a good practice driven by customer demands; it has evolved into an imperative in response to shifting employee expectations and corporate responsibility around ecological consciousness. In today's digital workplace landscape, more than 80 percent of leaders are placing a heightened emphasis on environmental sustainability. Cloud providers, executives, software engineers, IT teams and even corporate boards of directors are increasingly thinking green because of the impact that adhering to environmental, social and governance (ESG) standards will have on our future and the next generation of leaders. And on top of that, the business landscape is incentivizing green behavior. A recent survey by CloudBolt found that two-thirds of IT leaders say cloud provider’ sustainability initiatives are a key factor in determining with whom they do business.
Companies who drive sustainability transformation also enhance corporate reputation and performance, appealing to environmentally conscious customers. Firms adopting sustainable practices, like energy optimization, realize significant cost reductions. Integrating Sustainable IT into the digital employee experience is also a pivotal element of this transition, fostering a gratifying workplace for employees.
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.