Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Best Practices

 

MY TAKE: Deploying ‘machine learning’ at router level helps companies prepare for rise of 5G

By Byron V. Acohido

Machine learning (ML) and digital transformation (DX) go hand in glove.

We’ve mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated.

Related: Defending networks with no perimeter

Machine learning already is deeply embedded in the online shopping, banking, entertainment and social media systems we’ve come to rely on. Meanwhile, criminal hacking groups increasingly leverage ML  to pillage those very same online systems.

At RSA 2020, I was encouraged by strong evidence that the cybersecurity industry has now jumped fully on board the ML bandwagon. Juniper Networks, known for its high-performance routers, is in the vanguard of established technology and cybersecurity vendors applying ML and automation to defend company networks.

I had the chance to sit down with Laurence Pitt, Juniper’s global security strategy director. We had a lively discussion about the surge of fresh data about to hit as 5G interconnectedness gains traction — and how this will surely result in a spike in fresh vulnerabilities. For a full drill down please give the accompanying podcast a listen. A few key takeaways:

Trust factor

This is an exciting time in the world of network security, with the growth of 5G pushing industries into a world where virtually anything can be connected. The proliferation of connected devices means that anything with a vulnerability can become an attack vector for the network, however, and it requires massive resources to manage all these systems and identify possible threats.

NEW TECH: WhiteHat Security tackles ‘dangling buckets,’ other new web app exposures

By Byron V. Acohido

WhiteHat Security got its start some 17 years ago in Silicon Valley to help companies defend their public-facing websites from SQL injection and cross-site scripting hacks.

Related: Mobile apps are full of vulnerabilites

Both hacking methods remain a problem today. Yet organizations have many more application security headaches to resolve these days. As companies integrate digital technology into every aspect of their daily business operation, WhiteHat has seen strong demand for its innovative cloud-based application security platform.

I caught up with Bryan Becker, WhiteHat Security product manager, at the RSA 2020 Conference in San Francisco recently. In a wide-ranging discussion, we examined how local governments have become prime targets of ransomware purveyors, and why APIs translate into a vast new attack surface. For a full drill down please give the accompanying podcast a listen. A few key takeaways:

Targeting local government

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information. Russia’s multiple take downs of Ukraine’s power grid and Chinese plundering of the U.S. Office of Personnel Management are two prime examples.

In the past several years however, state governments and municipalities that have come under withering ransomware attacks. What’s more, election tampering at the local level has become an established component of national elections.

MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

By Byron V. Acohido

Speed is what digital transformation is all about. Organizations are increasingly outsourcing IT workloads to cloud service providers and looking to leverage IoT systems.

Related: The API attack vector expands

Speed translates into innovation agility. But it also results in endless ripe attack vectors which threat actors swiftly seek out and exploit. A big challenge security executives face is balancing speed vs. security.

I spoke with Greg Young, Cybersecurity Vice President at Trend Micro about this. We met at RSA 2020 in San Francisco. Trend Micro has evolved from one of the earliest suppliers of antivirus suites to a provider of a broad platform of systems to help individuals and organizations reduce cyber exposures.

For a full drill down of our discussion, please give the accompanying podcast a listen. Here are a few key takeaways.

Teeming threat landscape

Security leaders’ key priority is reducing exposures to the cyber risks they know are multiplying. Compliance penalties, lawsuits, loss of intellectual property, theft of customer personal data, and reputational damage caused by poor cyber defenses are now top operational concerns. Yet many organizations continue to practice poor cyber hygiene.

Cyber hygiene basics revolve around aligning people, processes and technologies to adopt a security-first mindset. In the current environment, it is vitally important for companies to secure vulnerabilities in their mission-critical systems, while at the same time remaining vigilant about detecting intruders and recovering quickly from inevitable breaches.

SHARED INTEL: Survey shows some CEOs have quit Tweeting, here’s why they were smart to do so

By Byron V. Acohido

Cyber threats now command the corporate sector’s full attention. It’s reached the point where some CEOs have even begun adjusting their personal online habits to help protect themselves, and by extension, the organizations they lead. Corporate consultancy PwC’s recent poll of 1,600 CEOs worldwide found that cyber attacks are now considered the top hinderance to corporate performance, followed by the shortage of skilled workers and the inability to keep up with rapid tech advances.

Related: How ‘credential stuffing’ enables online fraud

As a result, some CEOs admit they’ve stopped Tweeting and deleted their LinkedIn and other social media accounts – anything to help reduce their organization’s exposure to cyber criminals. “Senior C-level executives and board members are paying more attention now to cybersecurity than two years ago, by far,” observes Jeff Pollard, vice president and principal analyst at tech research firm Forrester.

Awareness is a vital step forward, no doubt. But it’s only a baby step. Corporate inertia still looms large. For many Chief Information Security Officers, having the CEO’s ear, at the moment, is proving to be a double-edged sword, Pollard told me. “We find many CISOs spend their time explaining what threats matter and why, as opposed to why cybersecurity matters in the first place,” he says. “Security leaders must also find ways to explain why budgets that have steadily increased, year after year, have not solved the security problems”.

MY TAKE: PKI, digital certificates now ready to take on the task of securing digital transformation

By Byron V. Acohido

Just five years ago, the Public Key Infrastructure, or PKI, was seriously fraying at the edges and appeared to be tilting toward obsolescence. Things have since taken a turn for the better.

Related: Why PKI is well-suited to secure the Internet of Things

PKI is the authentication and encryption framework on which the Internet is built. The buckling of PKI a few years back was a very serious matter, especially since there was nothing waiting in the wings to replace PKI. Lacking a reliable way to authenticate identities during the data transfer process, and also keep data encrypted as it moves between endpoints, the Internet would surely atrophy – and digital transformation would grind to a halt.

The retooling of PKI may not be sexy to anyone, outside of tech geeks. Nonetheless, it is a pivotal chapter in the evolution of digital commerce. One of several notable contributors was DigiCert, the world’s leading provider of digital certificates and certificate management solutions.

I had a chance to interview Brian Trzupek, DigiCert’s senior vice president of emerging markets products, at the company’s Security Summit 2020 in San Diego recently. For a full drill down on our discussion, please give the accompanying podcast a listen. Here are a few key takeaways:

PKI’s expanding role

PKI revolves around the creation, distribution and management of digital certificates issued by companies known as certificate authorities, or CAs. In the classic case of a human user clicking to a website, CAs, like DigiCert, verify the authenticity of the website and encrypt the data at both ends.

Today, a much larger and rapidly expanding role for PKI and digital certificates is to authenticate devices and encrypt all sensitive data transfers inside highly dynamic company networks. We’re not just talking about website clicks; PKI comes into play with respect to each of the millions of computing instances and devices continually connecting to each other – the … more

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

By Byron V. Acohido

It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol.

Related: Why Google’s HTTPS push is a good thing

At the time, just 50 % of Internet traffic used encryption. Today the volume of encrypted network traffic is well over 80% , trending strongly toward 100%, according to Google.

There is no question that TLS is essential, going forward. TLS is the glue that holds together not just routine website data exchanges, but also each of the billions of machine-to-machine handshakes occurring daily to enable DevOps, cloud computing and IoT systems. Without TLS, digital transformation would come apart at the seams.

However, the sudden, super-saturation of TLS, especially over the past two years, has had an unintended security consequence. Threat actors are manipulating TLS to obscure their attack footprints from enterprise network defenses. The bad guys know full well that legacy security systems were designed mainly to filter unencrypted traffic. So cyber criminals, too, have begun regularly using TLS to encrypt their attacks.

TLS functions as the confidentiality and authenticity cornerstone of digital commerce. It authenticates connections that take place between a smartphone and a mobile app, for instance, as well as between an IoT device and a control server, and even between a microservice and a software container. It does this by verifying that the server involved is who it claims to be, based on the digital certificate issued to the server. It then also encrypts the data transferred between the two digital assets.

GUEST ESSAY: Strategic tactics are key to a robust Cloud Security Posture Management regime

By Yuri Diogenes and Dr. Erdal Ozkaya

A cyber strategy is a documented approach to handling various aspects of cyberspace. It is mostly developed to address the cybersecurity needs of an entity by focusing on how data, networks, technical systems, and people are protected. An effective cyber strategy is normally on par with the cybersecurity risk exposure of an entity. It covers all possible attack landscapes that can be targeted by malicious parties.

Editor’s note: This is an excerpt from  Cybersecurity – Attack and Defense Strategies, Second Edition, a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape.

Cybersecurity is the focal point of most cyber strategies because cyber threats are continuously becoming more advanced as more sophisticated exploit tools and techniques become available to threat actors. Due to these threats, organizations are advised to develop cyber strategies that ensure the protection of their cyber infrastructure from these various threats.

In this article, we introduce how you can build effective cyber defense strategies. Please note, the steps given are meant to help you formulate your own cyber defense strategy and can be customized according to your need.

Understand the Business

The more you know about your business, the better you can secure it. It’s really important to know the Goals of your organization, Objectives, the People you work with, the Industry, the current Trends, your Business risks, how to Risk appetite and tolerance the risks, as well your Most valuable assets. Everything we do must be a reflection of the business requirements which is approved by the senior leadership, as it has been manded also in ISO 27001.