For technologists

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

By Alicia Townsend and Ariel Zommer

Merger and acquisition (M&A) activity hit record highs in 2021, and isn’t expected to slow down anytime soon.

Many attribute this steady growth to the increase in work-from-home models and adoption of cloud services since the beginning of the COVID-19 pandemic. Such consolidation across markets is good news for customers and vendors alike in terms of market growth and maximizing security investments.

Underlying all of this optimism, however, is the ever-present threat of cyberattack. The FBI recently issued a warning that ransomware gangs are targeting companies during “time-sensitive financial events”, such as mergers and acquisitions.

With ransomware attacks increasing year-over-year, we will continue to see this as a common attack vector. Going through an M&A is highly risky business due in large part to the potential impact on the market, valuation, shareholders, business partners, etc.

GUEST ESSAY: A primer on why AI could be your company’s cybersecurity secret weapon in 2022

By Anurag Gurtu

Artificial intelligence (AI) is woven into the fabric of today’s business world.

However, business model integration of AI is in its infancy and smaller companies often lack the resources to leverage AI.

Even so, AI is useful across a wide spectrum of industries. There already are many human work models augmented by AI. Understanding the established models before integrating AI is critical. For instance, here are a few common algorithm models that use data sets to detect patterns and make conclusions.

•Linear regression. Using supervised learning, this finds relationships between input and output variables; for example a person’s weight based on known height.

•Logistic regression. This is a statistical model for predicting the class of dependent variables from a set of given independent variables.

•Linear discriminant analysis. LDA commonly gets used when two or more classes have to be differentiated; it is especially useful in the field of medicine and computer vision.

GUEST ESSAY: Here’s why EDR and XDR systems failed to curtail the ransomware wave of 2021

By Eddy Bobritsky

Looking back, 2021 was a breakout year for ransomware around the globe, with ransoms spiking to unprecedented multi-million dollar amounts.

All this while Endpoint Detection and Response system (EDR) installations are at an all-time high. EDR systems are supposed to protect IT system endpoints against these very malware, ransomware, and other types of malicious code

Despite investing in some of the best detection and response technologies, companies with EDRs are still experiencing ransomware attacks. Surprisingly, during the same timeframe in which EDRs became more popular, not only have malware and ransomware attacks become more frequent, it now takes an average of 287 days to detect and contain a data breach, according to IBM’s 2021 Cost of a Data Breach Report 2021.

Infection required

So, why is this happening if so many companies are adopting EDR and XDR solutions, which are supposed to neutralize these threats?

In short, it’s just about the way EDRs and XDRs work. EDRs, by design, aren’t really equipped to prevent 100 percent of malware and ransomware attacks.

When most EDRs detect malicious behavior, they develop a response in order to stop the attack from causing more damage.

SHARED INTEL: Data breaches across the globe slowed significantly in Q4 2021 versus Q1-Q3

By Vytautas Kaziukonis

After a gloomy start with its first three breach intensive quarters, 2021 has finally ended, and on a positive note.

This conclusion is derived from an analysis of data taken from our data breach detection tool, Surfshark Alert, which comprises publicly available breached data sets to inform our users of potential threats.

Our analysis looked into data breaches that occurred from October to December 2021 (Q4) and compared them with the numbers from July through August 2021 (Q3). Breached accounts were analyzed according to the country’s origin, and the actual time the breach was recorded.

All information either stolen or taken from a system without the authorization of the platform’s owner (in other words, proactively hacked or scrapped) is considered a data breach. Data associations to specific breach instances are only stipulated. Full study data is available here.

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

By Rohit Sethi

A key CEO responsibility is reporting results that deliver on a company’s mission to shareholders. This reporting often requires a host of metrics that define success, like Annual Recurring Revenue and sales for software as a service (SaaS) companies. These are lagging indicators where the results follow behind the work required to achieve them.

Related: Automating SecOps

Lagging indicators are separate from leading indicators that could include marketing leads, pipeline generation and demos. When it comes to sales targets there is a correlation between increased sales to shareholder value creation, but closing sales in B2B transactions can be time consuming. Ideally, companies should know that their work will lead to the appropriate future lagging indicators, and not the other way around.

Leading indicators provide a shorter feedback loop. This enables employees to drive improvement, and are more motivating because employees know what they have to do to succeed. In cybersecurity we often face a bias towards lagging indicators, unfortunately.

Cybersecurity nuances

One could argue that the true lagging indicator in cybersecurity is a breach, and that anything that helps prevent a breach, like adopting a “shift left” philosophy as part of a DevSecOps initiative, is a leading indicator.

However, “vulnerabilities” are lagging indicators because you don’t know how many vulnerabilities you have until you test for them. If targets such as defect density or compliance to scanner policy (i.e. having only a certain number of “allowable” vulnerabilities before releasing software) are the only targets, there are few ways of predicting success.

GUEST ESSAY: JPMorgan’s $200 million in fines stems from all-too-common compliance failures

By Dima Gutzeit

Last month’s $125 million Security and Exchange Commission (SEC) fine combined with the $75 million U.S. Commodity Futures Trading Commission (CFTC) fine against JPMorgan sent shockwaves through financial and other regulated customer-facing industries.

According to a SEC release, hefty fines brought against JPMorgan, and its subsidiaries were based on “widespread and longstanding failures by the firm and its employees to maintain and preserve written communications”. These views were echoed in a CFTC release as well.

While the price tag of these violations was shocking, the compliance failure was not. The ever-changing landscape of rapid communication via instant messaging apps, such as WhatsApp, Signal, WeChat, Telegram, and others, has left regulated industries to find a balance between compliance and efficient client communication.

Insecure platforms

Approved forms of communication such as phone calls, emails, and fax are viewed by some consumers as obsolete. So, as teams work to remain relevant, team leaders and employees carry the burden of ensuring a better and more intuitive customer experience.

Many of these instant messaging platforms are secure, even offering end-to-end encryption, so the lack of security is not necessarily in the apps themselves. Without a responsible business communication platform for these conversations to flow through, customer requests and discussions live only on employees’ personal devices.

Byron Acohido · The genesis of NTT's Health & Wellbeing initiative

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

By Byron V. Acohido

Might it be possible to direct cool digital services at holistically improving the wellbeing of each citizen of planet Earth?

A movement aspiring to do just that is underway — and it’s not being led by a covey of tech-savvy Tibetan monks. This push is coming from the corporate sector.

Last August, NTT, the Tokyo-based technology giant, unveiled its Health and Wellbeing initiative – an ambitious effort to guide corporate, political and community leaders onto a more enlightened path. NTT, in short, has set out to usher in a new era of human wellness.

Towards this end it has begun sharing videos, whitepapers and reports designed to rally decision makers from all quarters to a common cause. The blue-sky mission is to bring modern data mining and machine learning technologies to bear delivering personalized services that ameliorate not just physical ailments, but also mental and even emotional ones.

That’s a sizable fish to fry. I had a lively discussion with Craig Hinkley, CEO of NTT Application Security, about the thinking behind this crusade. I came away encouraged that some smart folks are striving to pull us in a well-considered direction. For a full drill down, please give the accompanying podcast a listen. Here are a few key takeaways:

A new starting point

Modern medicine has advanced leaps and bounds in my lifetime when it comes to diagnosing and treating severe illnesses. Even so, for a variety of reasons, healthcare sectors in the U.S. and other jurisdictions have abjectly failed over the past 20 years leveraging Big Data to innovate personalized healthcare services.

Older Articles »

The Last Watchdog