Resilience blueprint: Strategic steps to build operational resiliency
Globally cybersecurity is soaring to critical levels of concern for organizations. The Veeam 2023 Data Protection Report highlights that 85 percent of organizations have been hit by at least one cyber attack, illustrating the difficult journey towards recovery. The average recovery from an attack can drag on for a staggering three weeks, not only impacting operations but also carrying with it significant financial implications. Therefore, cyber resilience must adopt comprehensive strategies to ensure operational and cyber resilience. This means companies must not only take proactive cybersecurity measures to prevent disruptions but must also implement reactive measures to ensure a quick response and complete recovery in the event of a successful cyber attack.
To improve their cyber resilience and smoothly adapt to regulatory shifts, organizations must embark on a strategic journey, weaving together crucial strategies and best practices to ensure they not only survive a threat but thrive in the ever-evolving digital landscape.
The path of least resistance to Privileged Access Management
Privileged Access Management (PAM) has been around for more than 20 years taking critical accounts and putting them into a vault to ensure only select individuals could access them securely. Since then, PAM has evolved and now focuses on controlling the access itself which means preventing broad access to specific data and providing insight into who has access, and when an account has been accessed.
Privileged accounts have traditionally been given to administrators to access critical data and applications. However, changing business practices, agile software development, and digital transformation have meant that privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, an adequate PAM solution is essential.
What does cybersecurity tool sprawl look like today?
Cybersecurity has become an increasingly important concern in the business world. After all, reports have found that 41 percent of businesses fell victim to a cyberattack in 2023. As the technology cyber attackers use to conduct their nefarious activities becomes more complex, so is the technology that IT professionals use to protect organizations and their data. However, with this also comes a unique new challenge: tool sprawl.
Tool sprawl occurs when a company utilizes an unnecessary number of IT tools, usually because it implements separate solutions for each use case. Although it may seem most efficient to address needs as they arise or present themselves, adopting a comprehensive approach is often more efficient -- particularly in a case where proactivity is vital, such as cybersecurity.
Remembering the human factor in AI -- Why businesses should focus on workflows, not just applications
An Office for National Statistics (ONS) report shows that one in three UK workers now believe AI could take their job. This concern has been intensified by narratives that overlook AI’s success in collaborating with humans. In reality, the most effective AI applications have been those that serve as assistants to employees, enhancing their role and maximizing their productivity, rather than replacing them.
Businesses undoubtedly understand the potential AI has to boost the productivity of employees, with more than three in every four organizations either using or exploring the use of AI. However, employers are equally unaware of the complexity of their employees’ workflows. A recent WalkMe report shows that enterprise leaders believe their business is using an average of 21 applications each week. The true number is 211, with more than 20 percent of those being AI applications.
Protecting digital customer journeys from AI biases
Today, hundreds of millions of people use tools like ChatGPT to brainstorm ideas, or Midjourney to create new visuals. Artificial intelligence (AI) tools have become part-and-parcel of our daily lives and are propelling the arrival of a new digital era. We now work more efficiently, can better meet professional or creative challenges, and accelerate new innovation.
But AI now has much more intrinsic value than supporting our daily tasks. It is integral to powering our critical services and keeping society running, whether that’s facilitating loan agreements or providing key access to higher education, mobility platforms or medical care. Identity verification, fundamental to online access, was traditionally seen as a gateway to credit checks and opening a bank account, but thanks to AI it now supports services from healthcare to travel and eCommerce.
EU Directive Network and Information Security (NIS2): Modernizing security compliance
Often perceived as a necessary evil in the past, organizations are taking an increasingly proactive and committed approach to the regulation of technology and cybersecurity. Many are even going a step further by embracing independent standards to fill any gaps legislation may not address or, while waiting for laws to catch up with new developments.
Given today’s searing pace of change, characterized by the rapid rise of technologies like GenAI, this marks a positive way forward for businesses that care about their customers as well as their profits.
How reliable networks are shaping the future of digital transformation
In just four years, the landscape of UK business operations has undergone a seismic shift. The Covid-19 pandemic catalyzed a rapid adoption of remote work, while advancements in AI have revolutionized industry practices. These transformations are not only reshaping day-to-day operations but are also setting the stage for an increasingly digital future.
This process of change is far from over. As the rapid evolution of new technologies continues to transform business capabilities and change the goalposts of efficient work practice, there remains a need for senior leaders across industries to stay on top of emerging trends and ideas.
The power of knowledge automation in modern workplaces
Today’s corporate world requires significantly more from its employees than in the past. Staying competitive requires more than just keeping pace with industry trends -- it demands a proactive approach to innovation and efficiency.
As employees and organizations navigate this strive-for-efficiency backdrop, one solution has become abundantly clear: knowledge automation. This approach revolutionizes how businesses manage internal processes, particularly in corporate training and employee development.
Enhancing availability, even when high availability is not required
Providing high availability (HA) protection for critical applications is a standard IT best practice. However, broader downtime protection best practices -- and options for delivering this protection -- are not as clearly defined. As a result, applications that are not considered mission critical are often left with minimal protection. Yet downtime for these non-mission critical applications can be more than a nuisance. It can impose a costly and disruptive burden on IT teams that must devote time and resources to bringing those applications back online.
Downtime can also be frustrating to end users whose work may be interrupted and put on hold. It may have downstream consequences for customer satisfaction as well.
A technical overview of Cisco IoT part 4: Advancing IoT knowledge -- Cisco Meraki, training resources and certification pathways
This is the fourth piece in the ongoing Cisco IoT technical overview series, following a detailed analysis of security essentials and industrial applications. This installment of the series explores Cisco Meraki, essential IoT skill sets and additional resources to enhance knowledge and expertise in this rapidly evolving field.
The Internet of Things (IoT) is an expanding area of networking with an ever-growing array of use cases. It is significantly impacting organizations across industries, particularly in healthcare and retail. IoT technology enhances operations by providing valuable security, cost-saving benefits, and new capabilities, such as improved inventory management and product innovation.
How radical transparency paves the way to more effective vulnerability management
Vulnerability management is one of the most painful challenges of cybersecurity. The lack of transparency in our industry isn’t helping matters. Vendors often work behind the curtain to fix the identified security flaws without effective communication or -- if they do communicate -- with significant delays in reporting.
However, there are signs of positive steps toward this much-needed transparency. In July, for example, the Microsoft Security Response Center announced that it will start issuing Common Vulnerabilities and Exposures (CVEs) for critical cloud service vulnerabilities. There have also been moves from legislators to ensure greater rigor in reporting, such as the EU's Cyber Resilience Act, which mandates that manufacturers of all connected and IoT devices report serious cyber incidents and unpatched vulnerabilities. This is essential for building trust among vendors, businesses, and stakeholders alike. Greater resilience starts with a common understanding.
Tracing the destructive path of ransomware's evolution
The year is 1989. “Rain Man” wins the Academy Award for Best Picture. Motorola releases the world’s smallest and lightest phone. The Berlin Wall falls. Taylor Swift is born. It also begins the dawn of a new era of cyber extortion.
The AIDS Trojan arrived innocuously, distributed via floppy disk to public health professionals. But it harbored a nasty surprise. After the 90th PC reboot, it cryptographically locked victims’ hard drives, demanding a $189 payment to unlock files. While this attack was thwarted easily, it changed the game. Over the next 30 years, ransomware proliferated from curiosity to a catastrophic threat fueled by an unrelenting arms race between extortionists and security teams.
How the CrowdStrike outage can inform your customer service strategy
When a broken CrowdStrike update crashed Microsoft-run computers around the globe on July 19, affected leaders were faced with millions of blue screens, billions of dollars in losses and countless calls from unhappy customers. In addition to these tangible problems, leaders’ faith in the reliability of critical technological infrastructure was shaken. If a little bit of faulty code could result in a worldwide outage, was all this digital transformation worth it? Analog systems are rife with problems of their own. Still, those types of issues are typically from human error, not a catastrophic system failure. So is it time to accept digital defeat and course correct back to pen and paper basics? Quite the opposite.
The CrowdStrike incident affected almost every industry -- from airlines to banks to tiny tire stores attached to gas stations, business as usual was halted, and as a result, customer service requests skyrocketed across all affected sectors. But many organizations weren’t ready for an unexpected spike in customer service calls.
AI's rapid development is a security disaster waiting to happen
No matter how you look at it, AI is currently booming. The AI market is on track to reach $407 billion by 2027 (compared to $86.9 billion in 2024). Last year, ChatGPT became the fastest-growing consumer application in history when it reached 100 million monthly active users just two months post launch. McKinsey declared 2023 as Generative AI’s breakout year, and a follow-up 2024 survey found that the percentage of organizations using Generative AI jumped from approximately 50 percent to 72 percent from 2023 and 2024. Meanwhile, a culture shift within tech and business has accelerated AI adoption seemingly overnight.
Long before Generative AI entered the scene, tech C-suites were concerned about being left behind. AI’s disruptive potential has only exacerbated this. Companies with the bandwidth to do so are developing their own AI systems or converting existing ones over to AI. Such behavior is motivated primarily by reputation management. No major player wants to look like they were left behind as their competitors innovated to newer heights.
Why it's worth returning to Black Hat
I may not care for Las Vegas in the heat of August, yet I would come back as everything I need to learn and everyone I need to see face to face is at Black Hat.
Concentrated in one week, I meet customers, learn from their feedback, understand how they view the market, the security industry, what we are doing right and what we should change. With so much to talk about and so much to learn, you often leave the conference feeling like you have only just touched the surface. That being said, this year's discussions provided insights into the most critical sectors for the cybersecurity industry to remain resilient and continue to be ever evolving. If there are three things that were talked about, these are the most important to take away and bring back to your boardroom.
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.