Securing Your Cloud/Container Environment Against the Evolving Threat Landscape (Oct. 4th)
IT - Security

Why Proactive Cybersecurity Is A Business Essential
Security Boulevard, September 12th, 2022
Most organizations have no way to centrally track and manage their non-employee relationships and the access to enterprise assets their roles require.

The threat vectors for many organizations have increased in the last half-decade as the migration to a more robust digital environment advances, the realities of maintaining business operations in a pandemic persist and the dependence on third-party vendors heightens organizational risk. Jennifer Kraxner, the Vice President of Market Strategy at SecZetta recently discussed these issues with the editors of Security Technology Executive (STE) magazine.

8 Notable Open-Source Security Initiatives Of 2022
CSO Online, September 12th, 2022
Vendors, collectives and governments are contributing to improve the security of open-source code, software, and development amid organizations' increasing use of open-source resources.

Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development. Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations' increasing use of and reliance upon open-source resources, along with the complex security risks and challenges that come with it.

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts

Although the global economy faces troubled times, we can expect no pause in cyber threats and attacks, so CISOs must direct investment towards technologies to protect customer-facing and revenue-generating workloads, and should consider increasing or defending their investment in critical applications and cloud security, zero-trust technology and operations during 2023, according to analyst house Forrester's Planning guide 2023: security and risk.

Sixty-five percent of organizations consolidate to improve risk posture; Only 29% of organizations consolidate to reduce spending on licensing.

A recent survey by Gartner, Inc. found that 75% of organizations are pursuing security vendor consolidation in 2022, up from 29% in 2020.

'Security and risk management leaders are increasingly dissatisfied with the operational inefficiencies and the lack of integration of a heterogenous security stack,' said John Watts, VP Analyst at Gartner. 'As a result, they are consolidating the number of security vendors they use.'

Being able to recognize the differences between vulnerabilities, threats, and risks is a must when it comes to cloud security. Here's how cybersecurity teams should handle each.

In the context of cloud security, it's easy to treat the terms "vulnerability," "threat," and "risk" as more or less interchangeable. After all, all of these words signal a problem that cybersecurity teams need to respond to.

But in reality, there are important differences between the meaning of vulnerabilities, threats and risks. Each cybersecurity problem may require a different type of response, and the potential harm caused by each issue may also vary.

What is SOC2 Compliance?
Security Boulevard, September 13th, 2022
Cloud security is an ongoing requirement for all organizations born and built in the cloud.

As organizations build and develop new features and expand their presence in the cloud, they must not only contend with the ability to continually grow their security coverage, but likewise align with any changes to compliance and regulatory requirements. Additionally, and importantly to SaaS companies, security programs must also demonstrate verifiable proof of a robust security program. One way to probably demonstrate security controls is with a SOC 2 report.

5 Priorities For A Modern IT Security Team
Solutions Review, September 14th, 2022
As part of Solutions Review's Premium Content Series, Christopher Prewitt of Inversion6 takes us through the five pillars every IT security team should have to hold up their castle in the cloud.

Like a medieval castle, protecting our IT assets used to be about digging deeper and wider moats to keep away invaders. Today, there is no castle. Our people and information are as scattered as the attackers attempting to exploit them- and like an old moat with nothing to guard, traditional methods of protection are largely obsolete against modern forms of attack.

Over the last 12 years, we have seen an explosion of new security solutions springing up to combat these new types of threats.

With business and technology becoming increasingly intertwined, organizations are being forced to rethink how they look at digital security.

Once overlooked or viewed as a mere afterthought, today it has become a business-critical necessity. As a result, organizations across industry lines are racing to improve their security postures. Chief Information Security Officers (CISOs) are at the core of this transformation, spearheading a wave of proactive and future-forward cybersecurity change while enabling security-first innovation.

The entire security team should share in the responsibility to secure sensitive data.

Several recent high-profile instances of data loss serve as cautionary tales for organizations handling sensitive data - including a recent case where the personal data of nearly half a million Japanese citizens was put in a compromising position when the USB drive on which it was stored was mislaid.

How to Prepare for New PCI DSS 4.0 Requirements
InformatiionWeek, September 15th, 2022
With the new requirements set to start in March 2024, organizations should start preparing now -- a multi-step process that will be felt across the organization.

The upcoming changes to the Payment Card Industry Data Security Standard (PCI DSS) will affect every organization that stores, transmits, or processes cardholder data and/or sensitive authentication data.

Effective starting in March 2024, the new standard, known as PCI DSS 4.0, spans dozens of changes in areas including risk assessment, how keys and certificates are managed, and what can be accessed remotely.

The update will also impact identity and access management (IAM) and the technologies used for email filtering, anti-malware, multi-factor authentication (MFA), security information and event management (SIEM), as well as application development.

Consequences of low digital trust of an organization include customer loss, more cybersecurity incidents, and reputation deduction, among others.

47% say digital trust will be much more important in the next five years; however, 57% say their organizations do not provide staff training in digital trust.

Most significant obstacles to digital trust are lack of skills and training (56%), lack of leadership buy-in (49%), lack of alignment of digital trust and enterprise goals (49%), lack of technological resources (47%) and insufficient processes and/or governance practices (41%).

Current security solutions are no longer fit for purpose

Four in five companies have had at least one serious cloud security incident in the past 12 months, a new report from Snyk has found, with data breaches, data leaks, and perimeter breaches all sadly increasingly common.

The attacks occur for a number of reasons: either because a company's current security solutions don't work properly, or have limited functionality in the cloud(opens in new tab) (78%), or the organizations don't have an adequately educated and experienced workforce (93%).

Phishing Attacks: What You Need To Know Now - Arkose Labs
Security Boulevard, September 15th, 2022
According to the FBI Internet Crime Report 2021, phishing was the fastest growing type of internet crime from 2019 to 2021, and bad actors continue to evolve their phishing attack techniques.

The latest phishing attack, EvilProxy, allows even inexperienced criminals to use reverse proxy and cookie-injection methods to provide a way around two factor authenticated (2FA) sessions on a large scale.

What is a phishing attack?

Phishing is the practice of attackers sending malicious emails meant to lead users to fall for a scam. Phishing attacks attempt to trick users into clicking on web links that will download malware or redirect to a malicious website with the intent of gathering private information such as login credentials, multifactor authentication (MFA) tokens, and financial information.

Although a 'shift in attitude' is happening around securing the operational technology (OT) that underpins critical infrastructure like manufacturing plants or utilities, the federal government is still working through challenges in targeting efforts toward smaller operators grappling with limited resources, and ensuring that the OT investments being made today have security built into them.

The Biden administration over the past year has spearheaded several initiatives that aim to better secure industrial control systems (ICS), including a National Security Memorandum passed last July, which directed the Cybersecurity and Infrastructure Security Agency (CISA) to work with the National Institute of Standards and Technology (NIST) to develop a number of security performance goals for critical infrastructure sectors.

But at a Thursday hearing called 'Building on our Baseline: Securing Industrial Control Systems Against Cyberattacks,' government officials discussed further security improvements needed at the ground level to secure critical infrastructure environments and the particularly complex challenge of building security into the design of OT systems.

One struggle continues to rear its head with regard to cyberverse security: adopting a proactively vulnerable mindset.

Understanding the nature of vulnerabilities allows a company to address them in a proactive manner. Google understood phishing was a preventable problem, and famously implemented FIDO to good effect; they have not been successfully phished since. But their choice is an exception rather than the rule.

Thus far, market adoption of cybersecurity best practices has been an exercise in corrective maintenance, not preventative.

A new report from IBM said that elevated permissions and role identities in the cloud are present in nearly all successful compromises performed by the company's X-Force Red penetration testing team

Excess privilege granted to cloud identities is a key component in 99% of all security tests performed by IBM's X-Force Red penetration testing team, according to a report released Wednesday by the company.

Both human users and service accounts were consistently found to have more access rights and privileges than they generally need, which makes exploiting a successful breach in a cloud system much easier than it would otherwise be, the report said.

The Future Of Hybrid Work And Cybersecurity Risks
Security Boulevard, September 14th, 2022
As a larger percentage of the U.S. workforce continues to take advantage of remote or hybrid working styles, many companies now face new cybersecurity risks and challenges as the world returns, reimagines and retools for the new normal.

The tools companies put into place to engage with B2B and B2C customers during the pandemic are here to stay.

Consumers are increasingly wanting to engage with organizations using social media and SaaS tools. I love being able to order dinner for the family with a few taps using my nearby burger restaurant's mobile app. My city government is using a SaaS web application to manage permits. These tools should, and likely will, become the norm for doing business.

See all Archived IT - Security articles See all articles from this issue