Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Companies need CASBs now more than ever — to help secure ‘digital transformation’

By Byron V. Acohido

When I first wrote about Cloud Access Security Brokers in 2015, so-called CASBs were attracting venture capital by the truckloads — and winning stunning customer testimonials.

CASBs (pronounced caz-bees) originally sought to resolve a fast rising security nightmare: Shadow IT.

Related podcast: Web gateways emerge as crucial defense layer

Striving to be productive, well-intentioned employees raced out to subscribe to cloud-enabled storage services, collaboration suites and project management tools. These hustlers were unwilling to slog through lugubrious IT onboarding processes in order to get their hands on the latest, greatest software-as-a-service tools.

But these early-adopter employees were also blissfully ignorant about how Shadow IT exposed sensitive business data in new and novel ways.

Thus, CASBs arrived on the scene to help companies monitor and manage Shadow IT. And they were so successful at, so quickly, that six of nine CASBs got gobbled up in a spectacular feeding frenzy.

CASBs new role

Ever see the video of dolphins gorging on a bait ball? In about a two year span, Microsoft acquired Adallom; Oracle purchased Palerra; Proofpoint grabbed FireLayers; McAfee nabbed Skyhigh Networks; Forcepoint acquired Skyfence from Imperva, which had bought that CASB earlier; and Blue Coat Systems bought Perspecsys, just before Blue Coat itself was swallowed up by Symantec.

I recently had a chance to speak at length with Anthony James, chief marketing officer for CipherCloud, one of the three CASBs still operating as a standalone independent. The other two are Netskope and Bitglass.

(more…)

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

How ‘digital transformation’ gave birth to a new breed of criminal: ‘machine-identity thieves’

By Byron V. Acohido

There’s a new breed of identity thief at work plundering consumers and companies.

However, these fraudsters don’t really care about snatching up your credentials or mine. By now, your personal information and mine has been hacked multiple times and is readily on sale in the Dark Web. This has long been true of the vast majority of Americans.

Related article: 7 hacks signaling a coming global cyber war

The identities most sought after by cyber criminals today are those associated with machines. This is because the digital wizardry driving modern society relies heavily on machine-to-machine communications. And guess what? No one is really watching those machines very closely.

It’s my belief that every consumer and every company will very soon come to realize that a new breed of criminal – machine-identity thieves – will soon become all-powerful, and not in a good way. Here’s why:

Fresh attack surface

 If you haven’t heard, we are undergoing “digital transformation.” Digital advances are coming at us fast and furious. Consumers have begun accustomed to conveniently accessing clever services delivered by  a sprawling matrix of machines, and not just traditional computer servers.

The machines enabling digital transformation include virtual instances of computers created and maintained in the Internet cloud, as well as myriad instances of software “microservices” and “containers” that come and go as part of the dynamic processes that make all of this happen.

Each machine must continually communicate with countless other machines. And as the number of machines has skyrocketed, so has the volume of machine identities. From a criminal’s perspective, each machine represents an opportunity to slip into the mix and take control. And each machine identity represents a key to get in the door.

 Machine-identity capers

The creation of this vast new attack surface isn’t just theoretical. It’s tangible and threat actors are on the move. “Hackers are stealing machine identities, and using them in attacks, and it’s happening more and more,” says Jeff Hudson, CEO of security supplier Venafi. …more

MY TAKE: These 7 nation-state backed hacks have put us on the brink of a global cyber war

By Byron V. Acohido

Nation-state backed hacking collectives have been around at least as long as the Internet.

However, evidence that the ‘golden age’ of cyber espionage is upon us continues to accumulate as the first half of 2018 comes to a close.

Related podcast: Obsolescence is creeping into legacy security systems

What’s changed is that cyber spies are no longer content with digital intelligence gathering. Military operatives and intelligence units today routinely hack to knock down critical infrastructure, interfere with elections, and even to exact revenge on Hollywood studios.

Recently, one of the most powerful and notorious cyber spies on the planet, North Korean General Kim Yong Chol, stepped from obscurity into global celebrity status.

Last month President Trump invited the heretofore obscure General Kim into the White House for an impromptu state visit. For about two hours, Trump exchanged pleasantries with the man who orchestrated North Korea’s devastating hack of Sony Pictures in 2014, the aforementioned revenge caper. The tête-à-tête unfolded as Trump prepared for his summit in Singapore with General Kim’s boss, North Korean despot Kim Jong-un.

Rise of North Korea

It’s notable that, since the Sony Pictures hack, General Kim has steadily gotten more powerful and adept at the cyber spy game. Today he commands a cyber army, some 7,000 hackers and support staff strong, that has emerged as a potent and disruptive force. The Wall Street Journal recently reported that North Korea is cultivating elite hackers much like other countries train Olympic athletes.

Meanwhile, Iran-sponsored cyber operatives are making hay, as well. Trump’s decision …more

Will GDPR usher in a new paradigm for how companies treat consumers’ online privacy?

By Byron V. Acohido

Back in 2001, Eric Schmidt, then Google’s CEO, described the search giant’s privacy policy as “getting right up to the creepy line and not crossing it.

Well, Europe has now demarcated the creepy line – and it is well in favor of its individual citizens. The General Data Protection Regulation, or GDPR, elevates the privacy rights of individuals and imposes steep cash penalties for companies that cross the creepy line – now defined in specific detail.

Related article: Zuckerberg’s mea culpa reveals reprehensible privacy practices

Europe’s revised online privacy regulations took effect last Friday. European businesses are bracing for disruption – and U.S. companies won’t be immune to the blowback. There are more than 4,000 U.S. companies doing business in Europe, including many small and midsize businesses. All of them, from Google, Facebook and Microsoft, down to mom-and-pop wholesalers and service providers, now must comply with Europe’s new rules for respecting an individual’s online privacy.

The EU is expected to levy GDPR fines totaling more than $6 billion in the next 12 months, an estimate put out by insurance giant Marsh & McLennan. As these penalties get dished out, senior management will become very uncomfortable; they’ll be forced to assume greater responsibility for cybersecurity and privacy, and not just leave it up to the IT department.

This is all unfolding as companies globally are racing to embrace digital transformation – the leveraging of cloud services, mobile computing and the Internet of Things to boost innovation and profitability. In such a heady business environment, a regulatory hammer was necessary to give companies pause to consider the deeper implications of poorly defending their networks and taking a cavalier attitude toward sensitive personal data. …more

GUEST ESSAY: Theft of MQ-9 Reaper docs highlights need to better protect ‘high-value assets’

By Sherban Naum

The discovery of sensitive U.S. military information for sale on the Dark Web for a nominal sum, in and of itself, is unfortunate and unremarkable.

However, details of the underlying hack, ferreted out and shared by researchers of the Insikt Group, an arm of the security research firm Recorded Future, are most welcomed. They help frame wider questions, and pave the way for improved best practices.

Here is what is known thus far: Team members of the Insikt Group encountered an English-speaking hacker who jumped on a Dark Web forum to pitch the sale of MQ-9 Reaper UAV docs for $150 to $200. The hacker/salesman also had other unclassified military intelligence for sale: an M1 Abrams tank maintenance manual, a tank platoon training course, a crew survival course, documentation on improvised explosive device (IED) mitigation tactics; he even claimed to have access to footage from a MQ-1 Predator drone.

The Insikt Group determined that the hacker/seller must have accessed a Netgear router with misconfigured FTP login credentials. This raises wider questions about data security best practices, not to mention the wider contractor support community. …more

Q&A: Here’s why it has become vital for companies to deter ‘machine-identity thieves’

By Byron V. Acohido

We’re undergoing digital transformation, ladies and gentlemen. And we’re in a nascent phase where clever advances are blossoming even as unprecedented data breaches arise in parallel.

The latest example of this dichotomy comes from Timehop, a service that enables social media users to plug into their past. On Sunday, Timehop shared details about how a hacker got into their network, conducted several reconnaissance forays, and then moved swiftly on July 4th to pilfer personal information for 21 million Timehop users, including their social media “access tokens.”

Related article: How DevOps contributed to the Uber hack

Much like the recent hacks of Uber and Tesla, the Timehop caper revolved around the attackers manipulating admin credentials and maneuvering extensively through Timehop’s cloud environment.

I recently had a fascinating conversation with Jeff Hudson, CEO of Venafi, about why we are currently in a situation where criminally motivated actors are proving to be every bit as innovative as legitimate businesses, when it comes to leveraging cloud services, and developing breakthrough uses of mobile computing and the Internet of things.

Venafi is a leading supplier of machine identity protection. As such, Hudson argues persuasively that the root of the matter comes down to the need for organizations to keep a much closer account of access logons and encryption keys. And they must do this, not just for human users, but especially for machine-to-machine communications.

For a drill down on our conversation, please listen to the accompanying podcast. Here are excerpts edited for clarity and length.

LW: Can you frame what’s going on with identities when it comes to digital transformation? …more

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

By Byron V. Acohido

The use of an additional form of authentication to protect the accessing of a sensitive digital system has come a long way over the past decade and a half.

Most individuals today are nonplussed when required, under certain circumstances, to retrieve a one-time passcode, pushed out in a text message to their smartphone, and then typing the passcode to gain access to a privileged account.

Related: Why data science is the key to securing networks

An Israeli start-up, Silverfort, is seeking to make a great leap forward in the state-of-the-art of authentication systems. Silverfort has introduced new technology that is designed to help corporations address unprecedented authentication exposures spinning out of ‘digital transformation.’

I recently visited with Silverfort CEO Hed Kovetz, who described how the idea for the company percolated when the co-founders were toiling in the encryption branch of Unit 8200, the elite cybersecurity arm of the Israeli military.

Kovetz recounted how he and two colleagues came up with the idea for a centralized authentication appliance that uses machine learning to recognize the logon patterns of all employees, and then makes strategic use of that analysis in real time.

Having visited with several cybersecurity companies marketing cutting-edge authentication technologies, it has become clear to me that advanced authentication technologies will play an important role, going forward, in helping enterprises build out ‘hybrid’ networks that tap deeper into cloud services and the Internet of Things. This is what digital transformation is all about.

For a drill down on Silverfort’s bold approach to the authentication part of the equation, please listen to the accompanying podcast. Here are excerpts edited for clarity and length:

LW: How did Silverfort get started?

Kovetz: All of us worked together very closely in Unit 8200, a cyber intelligence unit inside the Israeli army. The three of us worked a lot on these areas and really understood some of the challenges that we wanted to handle. …more

MY TAKE: Knowing these 5 concepts will protect you from illicit cryptocurrency mining

By Byron V. Acohido

The cryptocurrency craze rages on, and one unintended consequence is the dramatic rise of illicit cryptocurrency mining.

It takes computing power to transform digital calculations into crypto cash, whether it be Bitcoin or one of the many other forms of digital currency.

Related podcast: How cryptomining malware is beginning to disrupt cloud services

So, quite naturally, malicious hackers are busying themselves inventing clever ways to leech computing power from unwitting victims — and directing these stolen computing cycles towards lining their pockets with freshly mined crypto cash.

Individual consumers have been the prime victims for more than a year. And now small- and medium-sized businesses (SMBs) are being increasingly targeted — especially companies  rushing to tap into cloud services such as Amazon Web Services, Microsoft Azure and Google Cloud.

To help you unpack all of this, here are five fundamental concepts that will help you understand why you should reduce  your exposure to illicit cryptocurrency mining.

•Cryptocurrency basics. Bitcoin gets created by solving an increasingly difficult math problem; the difficulty factor has risen to the point where Bitcoin today can only be mined by special-purpose computers that consume massive amounts of electricity.

However, Monero, Ethereum, Bytecoin and other cryptocurrencies have come along that can still be mined by ordinary computing devices. So naturally, cryptocurrency mining services have cropped up. Coinhive is a notable example. …more