Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

For technologists

 

SHARED INTEL: FireMon survey shows security lags behind fast pace of hybrid cloud deployments

By Byron V. Acohido

Corporate America’s love affair with cloud computing has hit a feverish pitch. Yet ignorance persists when it comes to a momentous challenge at hand: how to go about tapping the benefits of digital transformation while also keeping cyber exposures to a minimum level.

Related: Why some CEOs have quit tweeting

That’s the upshot of FireMon’s second annual State of Hybrid Cloud Security Report of 522 IT and security professionals, some 14 percent of whom occupy C-suite positions.

Nearly 60 percent of the respondents indicated the pace of their cloud deployments have surpassed their ability to secure them in a timely manner. Notably, that’s essentially the same response FireMon got when it posed this same question in its inaugural hybrid cloud survey some 14 months ago.

That’s not a good thing, given migration to cloud-based business systems, reliance on mobile devices and onboarding of IoT systems are all on an upward sweep. “It doesn’t seem like we’ve moved the needle on security at all,” says Tim Woods, vice president of technology alliances at FireMon, the leading provider of automated network security policy management systems.

I had the chance to visit with Woods at RSAC 2020 in San Francisco recently. For a full drill down on our discussion, please give a listen to the accompanying podcast. Here’s a summary of key takeaways:

Shared burden confusion

Hybrid cloud refers to the mixing and matching of on-premise IT systems, aka private clouds, with processing power, data storage, and collaboration tools leased from public cloud services, such as Amazon Web Services, Microsoft Azure and Google Cloud. Hybrid clouds are being leveraged to refresh legacy networks, boost productivity and innovate new software services at breakneck speed, to keep pace with rivals.

Comment | Read | March 18th, 2020 | For technologists | My Take | Podcasts | Privacy | RSA Podcasts | Top Stories

NEW TECH: Can MPC — Multi Party Computation — disrupt encryption, boost cloud commerce?

By Byron V. Acohido

Encryption is a cornerstone of digital commerce. But it has also proven to be a profound constraint on the full blossoming of cloud computing and the Internet of Things.

Related: A ‘homomorphic-like’ encryption solution

We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it.

Math geniuses and data scientists have been trying to solve this problem for more than half a century. It has only been in the past 10 years or so that commercial versions of homomorphic encryption, which I’ve written about, have slowly gained traction. Another solution is something called Multi Party Computation, or MPC, which I was unfamiliar with when heading to RSA 2020 recently.

I had the chance to visit with Nigel Smart, co-founder of Unbound Tech, a company which uses MPC technology to solve the problem of private key protection and key management. The company, based in Petach Tikvah, Israel, addresses the problem via a “virtual Hardware Security Module” as opposed to the traditional method of using physical infrastructure. Smart told me about how MPC has attracted the attention of the cryptocurrency community, in particular the purveyors of crypto currency exchanges and the suppliers of digital wallets.

And he explained how advanced encryption technologies, like MPC and homomorphic encryption, are on the cusp of enabling much higher use of the mountains of data hoarded in cloud storage by companies and governments. For a full drill down on our discussion, give the accompanying podcast a listen. My big takeaways:

Comment | Read | March 17th, 2020 | For technologists | New Tech | Podcasts | Privacy | RSA Podcasts | Top Stories

NEW TECH: Byos pushes ‘micro segmentation’ approach to cybersecurity down to device level

By Byron V. Acohido

Many companies take an old-school approach to bringing up the rear guard, if you will, when it comes to protecting IT assets.

It’s called network segmentation. The idea is to divide the network up into segments, called subnetworks, to both optimize performance as well as strengthen security.

Related: A use case for endpoint encryption

At RSA 2020 in San Francisco recently, I learned about how something called  “micro segmentation” is rapidly emerging as a viable security strategy. Micro segmentation takes the fundamental principle of network segmentation and drives it down to smaller and smaller subnetworks.

One security vendor pushing micro segmentation just about as low as you can go — all the way to the individual device level —  is a Nova Scotia-based startup called Byos. I had the chance to visit with Matias Katz, founder and CEO, and Ryan Bunker, business development director, at RSA 2020. For a full drill down on our conversation, give the accompanying podcast a listen. Here are key takeaways:

Micro gateways

A network gateway is like a submarine’s bulkhead passageways, which can be sealed off in emergencies. It’s where traffic passes from one subnetwork to the next. It’s also where you can put a hard stop on the movement of anything dangerous.

Comment | Read | March 16th, 2020 | For technologists | New Tech | Podcasts | RSA Podcasts | Steps forward | Top Stories

SHARED INTEL: Bogus Coronavirus email alerts underscore risk posed by weaponized email

By Byron V. Acohido

It comes as no surprise that top cyber crime rings immediately pounced on the Coronavirus outbreak to spread a potent strain of malware via malicious email and web links.

Related: Credential stuffing fuels cyber fraud

IBM X-Force researchers shared details about how emails aimed at Japanese-speaking individuals have been widely dispersed purporting to share advice on infection-prevention measures for the disease. One of the waves of weaponized emails actually is designed to spread a digital virus: the notorious Emotet banking Trojan designed to steal sensitive information.

One cybersecurity company, Tel Aviv-based Votiro, is taking a different approach to strengthen protection against such weaponized documents, using technology that disarms files before they are delivered to the recipient’s inbox.   I had the chance to visit with Votiro CEO and founder Aviv Grafi at RSA 2020. For a full drill down give a listen to the accompanying podcast. Here are a few key takeaways:

Filtering falls short

As a former penetration tester who specialized in testing employees aptitude for resisting email lures, Grafi saw time-and-again how – and why – attackers leverage timely events, such as celebrity deaths, holidays or tax deadlines to lure email recipients to click on corrupted Word docs or PDF attachments.

Votiro introduced their ‘Disarmer’ technology, called CDR, for “content, disarm and reconstruction” to the U.S. market in 2019. CDR takes a prevention, instead of detection, approach to disarming weaponized email and deterring document-delivered malware.

Comment | Read | March 12th, 2020 | For consumers | For technologists | My Take | Podcasts | RSA Podcasts | Top Stories

MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security

By Byron V. Acohido

Speed is what digital transformation is all about. Organizations are increasingly outsourcing IT workloads to cloud service providers and looking to leverage IoT systems.

Related: The API attack vector expands

Speed translates into innovation agility. But it also results in endless ripe attack vectors which threat actors swiftly seek out and exploit. A big challenge security executives face is balancing speed vs. security.

I spoke with Greg Young, Cybersecurity Vice President at Trend Micro about this. We met at RSA 2020 in San Francisco. Trend Micro has evolved from one of the earliest suppliers of antivirus suites to a provider of a broad platform of systems to help individuals and organizations reduce cyber exposures.

For a full drill down of our discussion, please give the accompanying podcast a listen. Here are a few key takeaways.

Teeming threat landscape

Security leaders’ key priority is reducing exposures to the cyber risks they know are multiplying. Compliance penalties, lawsuits, loss of intellectual property, theft of customer personal data, and reputational damage caused by poor cyber defenses are now top operational concerns. Yet many organizations continue to practice poor cyber hygiene.

Cyber hygiene basics revolve around aligning people, processes and technologies to adopt a security-first mindset. In the current environment, it is vitally important for companies to secure vulnerabilities in their mission-critical systems, while at the same time remaining vigilant about detecting intruders and recovering quickly from inevitable breaches.

Comment | Read | March 11th, 2020 | Best Practices | For technologists | My Take | Podcasts | Steps forward | Top Stories

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

By Byron V. Acohido

The cybersecurity needs of small- and mid-sized businesses (SMBs) differ from those of large enterprises, but few solutions cater to them. A 2018 Cisco Cybersecurity Special Report found that 54 % of all cyber attacks cost the target company more than $0.5 million — damages that would crush most SMBs. However, smaller companies rarely have the IT talent, tools, or budget to prevent such attacks.

Related: SMBs are ill-equipped to deal with cyber threats

Without a cohesive cybersecurity framework, SMBs are falling further behind as digital transformation, or DX, ramps up.  Embracing digital transformation becomes even more of a challenge without a dedicated platform to address vulnerabilities.

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO,  of Devolutions, at the RSA 2020 Conference in San Francisco recently. Devolutions is a Montreal, Canada-based company that provides remote connection in addition to password and privileged access management (PAM) solutions to SMBs. You can get a full drill down on our discussion in the accompanying podcast. Here are some of the key takeaways:

PAM 101

PAM is crucial to all companies because it reduces opportunities for malicious users to penetrate networks and obtain privileged account access, while providing greater visibility of the environment. Current PAM solutions cater almost exclusively for large organizations.

Suppliers simply strip down their enterprise versions to sell to SMBs, with their solutions being prohibitively expensive for SMBs. Poorly implemented authentication can also lead to network breaches and compliance headaches.

Comment | Read | March 10th, 2020 | For technologists | Podcasts | Privacy | RSA Podcasts | Top Stories

NEW TECH: Exabeam positions SIEM technology to help protect IoT, OT systems

By Byron V. Acohido

Security information and event management systems — SIEMs — have been around since 2005, but their time may have come at last.

Related: Digital Transformation gives SIEMs a second wind

After an initial failure to live up to their overhyped potential, SIEMs are perfectly placed to play a much bigger role today. Their capacity to ingest threat feeds is becoming more relevant with the rise of IoT (Internet of Things) systems and the vulnerabilities of old and new OT (operational technology).

I spoke with Trevor Daughney, vice president of product marketing at Exabeam, at the RSA 2020 Conference in San Francisco recently. Exabeam is a successful security vendor in the SIEM space. You can get a full drill down on our discussion in the accompanying podcast. Here are a few key takeaways:

Tuning SIEMs for IoT, OT

SIEMs are designed to gather event log data from Internet traffic, corporate hardware, and software assets, and then generate meaningful security intelligence from masses of potential security events. With CIOs and CISOs now facing increased responsibilities, SIEMs have huge untapped potential for supporting new use cases.

Digital transformation is leading to more intensive use of the cloud, faster development of software to support it, and the growth of the IoT. This means that huge amounts of customer information are now digitized and require protection.

Comment | Read | March 9th, 2020 | For technologists | New Tech | Steps forward | Top Stories

« Newer Articles
Older Articles »