Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Best Practices

 

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

By Byron V. Acohido

Endpoints are where all are the connectivity action is.

Related: Ransomware bombardments

And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital.

I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management. We discussed how companies of all sizes and across all industries today rely on a dramatically scaled-up and increasingly interconnected digital ecosystem.

The attack surface of company networks has expanded exponentially, and fresh security gaps are popping up everywhere.

Guest expert: Peter Constantine, SVP Product Management, Tanium

One fundamental security tenant that must take wider hold is this: companies simply must attain and sustain granular visibility of all of their cyber assets. This is the only way to dial in security in the right measure, to the right assets and at the optimum time.

The technology and data analytics are readily available to accomplish this; and endpoints – specifically servers and user devices – represent a logical starting point.

“We have to make sure that we truly know what and where everything is and take a proactive approach to hardening security controls and reducing the attack surface,” Constantine observes. “And then there is also the need to be able to investigate and respond to the complexities that come up in this world.”

For a full drill down on Tanium’s approach to network security that incorporates granular visibility and real-time management of endpoints please give the accompanying podcast a listen.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

 

 

GUEST ESSAY — Security practices companies must embrace to stop AI-infused cyber attacks

By Erland Wittkotter

Consider what might transpire if malicious hackers began to intensively leverage Artificial Intelligence (AI) to discover and exploit software vulnerabilities systematically?

Related: Bio digital twin can eradicate heart failure

Cyber-attacks would become much more dangerous and much harder to detect. Currently, human hackers often discover security holes by chance; AI could make their hacking tools faster and the success of their tactics and techniques much more systematic.

Our cybersecurity tools at present are not prepared to handle AI-infused hacking, should targeted network attacks advance in this way. AI can help attackers make their attack code even stealthier than it is today.

Attackers, for obvious reasons, typically seek system access control. One fundamental way they attain access control is by stealthily stealing crypto-keys. Hackers could increasingly leverage AI to make their attack code even more  undetectable on computers – and this will advance their capacity to attain deep, permanent access control of critical systems.

If AI-infused hacking gains traction, breaches will happen ever more quickly and automatically; the attack code will be designed to adapt to any version of an OS, CPU or computing device. And this would be a huge game-changer – tilting the advantage to the adversaries in command of such an AI hacking tool.

GUEST ESSAY: A roadmap to achieve a better balance of network security and performance

By Sashi Jeyaretnam

Here’s a frustrating reality about securing an enterprise network: the more closely you inspect network traffic, the more it deteriorates the user experience.

Related: Taking a risk-assessment approach to vulnerabilities

Slow down application performance a little, and you’ve got frustrated users. Slow it down a lot, and most likely, whichever knob you just turned gets quickly turned back again—potentially leaving your business exposed.

It’s a delicate balance. But there’s something you can do to get better at striking it: build that balance into your network testing and policy management.

Navigating threats

Why do so many businesses struggle to balance network security and user experience? Because recent trends create new challenges on both sides of the equation. Trends like:

•More distributed users and applications. Even before COVID, enterprises saw huge increases in people working outside the traditional corporate firewall. Today, users could be working anywhere, accessing applications and data from any number of potential vulnerable public and private clouds. It adds up to a much larger potential attack surface.

FIRESIDE CHAT: Timely employee training, targeted testing needed to quell non-stop phishing

By Byron V. Acohido

Humans are rather easily duped. And this is the fundamental reason phishing persists as a predominant cybercriminal activity.

Related: How MSSPs help secure business networks

Tricking someone into clicking to a faked landing page and typing in their personal information has become an ingrained pitfall of digital commerce.

The deleterious impact on large enterprises and small businesses alike has been – and continues to be — profound. A recent survey of 250 IT and security professionals conducted by Osterman Research for Ironscales bears this out.

The poll found that security teams are spending one-third of their time handling phishing threats every week. The battle has sprawled out beyond email; phishing ruses are increasingly getting seeded via messaging apps, cloud-based file sharing platforms and text messaging services.

Guest expert: Ian Thomas, VP of Product Marketing, Ironscales

Some 80 percent of organizations reported that phishing attacks have  worsened or remained the same over the past 12 months, with detection avoidance mechanisms getting ever more sophisticated.

I had the chance to visit with Ian Thomas, vice president of product marketing at  Ironscales, an Atlanta-based email security company.

We discussed advances in cybersecurity training that combine timely content and targeted training to combat the latest phishing campaigns. For a full drill down, please give the accompanying podcast a listen.

Timely, effective security training of all employees clearly must continue to be part of the regimen of defending modern business networks, even more so as cloud migration accelerates. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

By Idrees Shafiq

Employee security awareness is the most important defense against data breaches.

Related: Leveraging security standards to protect your company

It involves regularly changing passwords and inventorying sensitive data. Cybercriminals view employees as a path of least resistance. As such, you should limit the amount of information that employees have access to.

There are several ways you can protect your business from data breaches.

•Create security awareness for employees. One of the most important ways to protect against data breaches is to increase employee security awareness. Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. With proper training, employees can prevent these attacks before they happen.

While the protection of the company’s assets can never be completely guaranteed, security awareness training should be a top priority for business owners. Without it, a business is vulnerable to a variety of risks, including financial loss, damage to intellectual property, and brand reputation.

SHARED INTEL: Poll highlights the urgency to balance digital resiliency, cybersecurity

By Paul Nicholson

The pace and extent of digital transformation that global enterprise organizations have undergone cannot be overstated.

Related: The criticality of ‘attack surface management’

Massive global macro-economic shifts have fundamentally changed the way companies operate. Remote work already had an impact on IT strategy and the shift to cloud, including hybrid cloud, well before the onset of Covid 19.

Over the past two years, this trend has greatly accelerated, and working practices have been transformed for many workers and organizations.

Yet, with all these changes, the specter of security breaches remains high. This explains the rise and popularity of Zero Trust as a framework for securing networks in these new realities as an effective tool to drive cybersecurity initiatives within the entire enterprise.

Fundamentally, Zero Trust is based on not trusting anyone or anything on your network by default and using least required privilege concepts. Every access attempt by any entity must be validated throughout the network to ensure no unauthorized entity is moving vertically into or laterally within the network undetected.

SHARED INTEL: The cybersecurity sea change coming with the implementation of ‘CMMC’

By Byron V. Acohido

Finally, Uncle Sam is compelling companies to take cybersecurity seriously.

Related: How the Middle East paved the way to CMMC

Cybersecurity Maturity Model Certification version 2.0 could  take effect as early as May 2023 mandating detailed audits of the cybersecurity practices of any company that hopes to do business with the Department of Defense.

Make no mistake, CMMC 2.0, which has been under development since 2017, represents a sea change. The DoD is going to require contractors up and down its supply chain to meet the cybersecurity best practices called out in the National Institute of Standards and Technology’s SP 800-171 framework.

I sat down with Elizabeth Jimenez, executive director of market development at NeoSystems, a Washington D.C.-based supplier of back-office management services, to discuss the prominent role managed security services providers (MSSPs) are sure to play as CMMC 2.0 rolls out. For a full drill down, please give the accompanying podcast a listen. Here are my takeaways: