Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Best Practices

 

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

By Byron V. Acohido

Deploying the latest, greatest detection technology to deter stealthy network intruders will take companies only so far.

Related: What we’ve learned from the massive breach of Capitol One

At RSA 2020, I learned about how one of the routine daily chores all large organizations perform — data governance — has started to emerge as something of a cybersecurity multiplier.

It turns out there are some housekeeping things companies can do while ingesting, leveraging and storing all of the data churning through their complex hybrid cloud networks. And by doing this housekeeping – i.e. by improving their data governance practices — companies can reap higher efficiencies, while also tightening data security.

This nascent trend derives from a cottage industry of tech vendors in the “content collaboration platform” (CCP) space, which evolved from the earlier “enterprise file sync and share”  (EFSS) space. I had the chance to sit down with Kris Lahiri, CSO and co-founder of Egnyte, one of the original EFSS market leaders. For a drill down on our discussion about how data governance has come to intersect with cybersecurity, give a listen to the accompanying podcast. Here are key takeaways:

Storage efficiencies

With so much data coursing through business networks, companies would be wise to take into consideration the value vs. risk proposition of each piece of data, Lahiri says. The value of data connected to a live project is obvious. What many organizations fail to do is fully assess – and set policies for — data they hang on to after the fact.

One reason for this is storage is dirt cheap. It has become common practice for companies to store a lot of data without really thinking too hard about it. In fact, there’s a strong case to be made for meticulously archiving all stored data, as well as getting on a routine of purging unneeded data on a regular basis.

MY TAKE: Deploying ‘machine learning’ at router level helps companies prepare for rise of 5G

By Byron V. Acohido

Machine learning (ML) and digital transformation (DX) go hand in glove.

We’ve mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated.

Related: Defending networks with no perimeter

Machine learning already is deeply embedded in the online shopping, banking, entertainment and social media systems we’ve come to rely on. Meanwhile, criminal hacking groups increasingly leverage ML  to pillage those very same online systems.

At RSA 2020, I was encouraged by strong evidence that the cybersecurity industry has now jumped fully on board the ML bandwagon. Juniper Networks, known for its high-performance routers, is in the vanguard of established technology and cybersecurity vendors applying ML and automation to defend company networks.

I had the chance to sit down with Laurence Pitt, Juniper’s global security strategy director. We had a lively discussion about the surge of fresh data about to hit as 5G interconnectedness gains traction — and how this will surely result in a spike in fresh vulnerabilities. For a full drill down please give the accompanying podcast a listen. A few key takeaways:

Trust factor

This is an exciting time in the world of network security, with the growth of 5G pushing industries into a world where virtually anything can be connected. The proliferation of connected devices means that anything with a vulnerability can become an attack vector for the network, however, and it requires massive resources to manage all these systems and identify possible threats.

NEW TECH: WhiteHat Security tackles ‘dangling buckets,’ other new web app exposures

By Byron V. Acohido

WhiteHat Security got its start some 17 years ago in Silicon Valley to help companies defend their public-facing websites from SQL injection and cross-site scripting hacks.

Related: Mobile apps are full of vulnerabilites

Both hacking methods remain a problem today. Yet organizations have many more application security headaches to resolve these days. As companies integrate digital technology into every aspect of their daily business operation, WhiteHat has seen strong demand for its innovative cloud-based application security platform.

I caught up with Bryan Becker, WhiteHat Security product manager, at the RSA 2020 Conference in San Francisco recently. In a wide-ranging discussion, we examined how local governments have become prime targets of ransomware purveyors, and why APIs translate into a vast new attack surface. For a full drill down please give the accompanying podcast a listen. A few key takeaways:

Targeting local government

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information. Russia’s multiple take downs of Ukraine’s power grid and Chinese plundering of the U.S. Office of Personnel Management are two prime examples.

In the past several years however, state governments and municipalities that have come under withering ransomware attacks. What’s more, election tampering at the local level has become an established component of national elections.

MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

By Byron V. Acohido

Speed is what digital transformation is all about. Organizations are increasingly outsourcing IT workloads to cloud service providers and looking to leverage IoT systems.

Related: The API attack vector expands

Speed translates into innovation agility. But it also results in endless ripe attack vectors which threat actors swiftly seek out and exploit. A big challenge security executives face is balancing speed vs. security.

I spoke with Greg Young, Cybersecurity Vice President at Trend Micro about this. We met at RSA 2020 in San Francisco. Trend Micro has evolved from one of the earliest suppliers of antivirus suites to a provider of a broad platform of systems to help individuals and organizations reduce cyber exposures.

For a full drill down of our discussion, please give the accompanying podcast a listen. Here are a few key takeaways.

Teeming threat landscape

Security leaders’ key priority is reducing exposures to the cyber risks they know are multiplying. Compliance penalties, lawsuits, loss of intellectual property, theft of customer personal data, and reputational damage caused by poor cyber defenses are now top operational concerns. Yet many organizations continue to practice poor cyber hygiene.

Cyber hygiene basics revolve around aligning people, processes and technologies to adopt a security-first mindset. In the current environment, it is vitally important for companies to secure vulnerabilities in their mission-critical systems, while at the same time remaining vigilant about detecting intruders and recovering quickly from inevitable breaches.

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

By Byron V. Acohido

Cyber threats now command the corporate sector’s full attention. It’s reached the point where some CEOs have even begun adjusting their personal online habits to help protect themselves, and by extension, the organizations they lead. Corporate consultancy PwC’s recent poll of 1,600 CEOs worldwide found that cyber attacks are now considered the top hinderance to corporate performance, followed by the shortage of skilled workers and the inability to keep up with rapid tech advances.

Related: How ‘credential stuffing’ enables online fraud

As a result, some CEOs admit they’ve stopped Tweeting and deleted their LinkedIn and other social media accounts – anything to help reduce their organization’s exposure to cyber criminals. “Senior C-level executives and board members are paying more attention now to cybersecurity than two years ago, by far,” observes Jeff Pollard, vice president and principal analyst at tech research firm Forrester.

Awareness is a vital step forward, no doubt. But it’s only a baby step. Corporate inertia still looms large. For many Chief Information Security Officers, having the CEO’s ear, at the moment, is proving to be a double-edged sword, Pollard told me. “We find many CISOs spend their time explaining what threats matter and why, as opposed to why cybersecurity matters in the first place,” he says. “Security leaders must also find ways to explain why budgets that have steadily increased, year after year, have not solved the security problems”.

MY TAKE: PKI, digital certificates now ready to take on the task of securing digital transformation

By Byron V. Acohido

Just five years ago, the Public Key Infrastructure, or PKI, was seriously fraying at the edges and appeared to be tilting toward obsolescence. Things have since taken a turn for the better.

Related: Why PKI is well-suited to secure the Internet of Things

PKI is the authentication and encryption framework on which the Internet is built. The buckling of PKI a few years back was a very serious matter, especially since there was nothing waiting in the wings to replace PKI. Lacking a reliable way to authenticate identities during the data transfer process, and also keep data encrypted as it moves between endpoints, the Internet would surely atrophy – and digital transformation would grind to a halt.

The retooling of PKI may not be sexy to anyone, outside of tech geeks. Nonetheless, it is a pivotal chapter in the evolution of digital commerce. One of several notable contributors was DigiCert, the world’s leading provider of digital certificates and certificate management solutions.

I had a chance to interview Brian Trzupek, DigiCert’s senior vice president of emerging markets products, at the company’s Security Summit 2020 in San Diego recently. For a full drill down on our discussion, please give the accompanying podcast a listen. Here are a few key takeaways:

PKI’s expanding role

PKI revolves around the creation, distribution and management of digital certificates issued by companies known as certificate authorities, or CAs. In the classic case of a human user clicking to a website, CAs, like DigiCert, verify the authenticity of the website and encrypt the data at both ends.

Today, a much larger and rapidly expanding role for PKI and digital certificates is to authenticate devices and encrypt all sensitive data transfers inside highly dynamic company networks. We’re not just talking about website clicks; PKI comes into play with respect to each of the millions of computing instances and devices continually connecting to each other – the … more

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

By Byron V. Acohido

It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol.

Related: Why Google’s HTTPS push is a good thing

At the time, just 50 % of Internet traffic used encryption. Today the volume of encrypted network traffic is well over 80% , trending strongly toward 100%, according to Google.

There is no question that TLS is essential, going forward. TLS is the glue that holds together not just routine website data exchanges, but also each of the billions of machine-to-machine handshakes occurring daily to enable DevOps, cloud computing and IoT systems. Without TLS, digital transformation would come apart at the seams.

However, the sudden, super-saturation of TLS, especially over the past two years, has had an unintended security consequence. Threat actors are manipulating TLS to obscure their attack footprints from enterprise network defenses. The bad guys know full well that legacy security systems were designed mainly to filter unencrypted traffic. So cyber criminals, too, have begun regularly using TLS to encrypt their attacks.

TLS functions as the confidentiality and authenticity cornerstone of digital commerce. It authenticates connections that take place between a smartphone and a mobile app, for instance, as well as between an IoT device and a control server, and even between a microservice and a software container. It does this by verifying that the server involved is who it claims to be, based on the digital certificate issued to the server. It then also encrypts the data transferred between the two digital assets.