Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Guest Blog Post

 

GUEST ESSAY: Who do you think impacts privacy, free markets more: Big Government or Big Tech?

By Scott Cleland

Proposed bipartisan legislation to modernize U.S. antitrust law and enforcement standards for the 21st century digital marketplace calls for a fact-driven comparison of Big-Tech’s unchecked power relative to Big Government’s Constitutionally limited power.

Related: Apple vs. Facebook privacy war

Big-Tech has proven its monopoly and cartel power can be more powerful than Big Government.

Big Government’s Constitutional limits denied two impeachment attempts to remove President Trump from office and to prevent his ability to run again. In mid-January, Big Tech collusively cancelled President Trump, his eighty million online followers, and his right-of-center, competitive social media alternatives – with impunity.

When unchecked by antitrust law, Big-Tech monopoly gatekeepers together are dominant enough to determine what Americans see and say online. This means in 21st century America, there no longer is a real competitive marketplace for ideas, and no longer are public squares open to all political voices.

The political reality of Big-Tech monopoly intermediaries is that the public and politicians must go through, and trust, Big-Tech to not interfere with them, and to not dictate political discourse or outcomes. The most respected research on this problem, Dr. Robert Epstein’s seminal research on Big-Tech manipulation, shows how unmonitored Big-Tech has the power to manipulate elections.

GUEST ESSAY: Why online supply chains remain at risk — and what companies can do about it

By Aanand Krishnan

The Solarwinds hack has brought vendor supply chain attacks — and the lack of readiness from enterprises to tackle such attacks — to the forefront.

Related: Equipping Security Operations Centers (SOCs) for the long haul

Enterprises have long operated in an implicit trust model with their partners. This simply means that they trust, but don’t often verify, that their partners are reputable and stay compliant over time. Given the dynamic nature of websites today and the constantly changing integrations to a site, this implicit trust model no longer suffices.

So what does the average modern website look like? More than 70 percent of the content that loads on an end user’s browser does not come from the website’s server at all. Enterprises are designing client heavy applications that are executed through JavaScript at runtime, and these browsers are acting as modern day OSes.

Let’s discuss how the SolarWinds hack relates to a regular website supply chain. Web architecture from the past decade followed a trend where most web applications were server heavy, and enterprises’ data centers handled the bulk of the processing. The web browser was more of a graphical interface or a rendering engine.

Due to optimized speeds and improved computing capacity on client devices, the architecture has evolved over the last few years.

GUEST ESSAY: Data poverty is driving the growth of cybercrime – here’s how to reverse the trend

By Robert Panasiuk

Data poverty is real and it’s coming for your user accounts.

Related: Credential stuffing soars due to Covid-19

The current state of data in cybersecurity is a tale of The Haves and The Have-WAY-mores. All tech companies have data, of course, but the only data that’s truly valuable and provides insights—actionable data—isn’t as universal as it should be.

This “data poverty,” or dearth of actionable insights, is a problem for companies across many verticals. Cybersecurity should not be one of them. The sentinels working to prevent the next SolarWinds breach need all the Grade-A data they can get, and fast. Data democratization, on a privacy-compliant basis, is the only way they’ll get it.

The simple truth is that no cybersecurity company can compete with the data stacks of the FAAMG behemoths, which is why cybercrime is seeing a 63 percent boost over the past year.

It’s time to take steps to democratize data and fortunately there are examples of what this looks like in other industries that show how competing security outfits can link arms and still remain competitive.

Why can’t we be friends?

“Coopetition”—competing companies working together and sharing information—is not uncommon across other industries. Casinos trade intel on card counters. E-tailers partner with physical stores to increase their brick-and-mortar presence. Rival software companies exchanging data can involve more red tape, but fundamentally the information they share achieves the same goals: making more money and ensuring their customers receive the best possible service.

GUEST ESSAY: A full checklist on how to spot pharming attacks — and avoid becoming a victim

By Peter Baltazar

Cybercriminals use various techniques for conducting cyberattacks. One such popular way to infiltrate a system is Pharming. It is an online scam attack quite similar to Phishing.

Related: Credential stuffing explained

The term Pharming is a combination of two words Phishing and Farming. It is a type of social engineering cyberattack in which the website’s traffic is manipulated to steal confidential credentials from the users. Cybercriminals design a fake website, basically the clone of an official one, and use various means to redirect users to the phony webpage when visiting any other legit site.

Primarily the Pharming attack is planned to gain sensitive data like login credentials, personally identifiable information (PII), social security numbers, bank details, and more. The attackers can also use it for installing malware programs on the victim’s system.

Pharming vs phishing

Though Pharming and Phishing share almost similar goals, the approach to conduct Pharming is entirely different from Phishing. Unlike Phishing, Pharming is more focused on sabotaging the system rather than manipulating the victims. However, we will later know how Phishing plays a vital role in conducting Pharming.

The Pharming attacks are carried out by modifying the settings on the victim’s system or compromising the DNS server. Manipulating the Domain Name Service (DNS) protocol and rerouting the victim from its intended web address to the fake web address can be done in the following two ways:

•Changing the Local Host file. In this method of manipulating DNS, the attackers infiltrate the victim’s device and change the local host file. A local host file is a directory of IP addresses. The modified local host file would redirect users to the fake website whenever they try to open the legit site the next time. The phony website is designed similar to the one victims intended to visit so that the users are not alarmed.

To modify the local host file, the attacker primarily uses the Phishing technique so … more

GUEST ESSAY: 3 sure steps to replace legacy network security systems — in a measured way

By Jackson Shaw

Keeping up with the pace of technology, information, and the evolving threat landscape is a challenge for all enterprises.

Related: DHS launches 60-day cybersecurity sprints

To make matters more difficult, implementing new security software and processes to address these issues is another big hurdle, often causing disruption—and not the good kind. But with mounting pressure to replace legacy, perimeter-centric defenses with cloud- and hybrid-cloud protection, many organizations are stuck between a rock and a hard place.

It goes without saying that phasing out a legacy system and putting something modern in its place is a substantial undertaking. IT teams are stretched thin as they install the new system while supporting the old one.

Simultaneously, end-users with years of expertise on the old system must suddenly learn a new one. Between potential downtime and retraining an entire organization on new workflows, processes, and user interface, productivity is at risk, and with it, the bottom line.

Take identity management—arguably one of the most important defenses against cyber threats—for example. Companies make significant investments in identity governance and administration (IGA) or identity access management (IAM), only to realize that these siloed, on-premises systems can’t meet the needs of a modern, flexible, cloud-centric, and digital enterprise.

GUEST ESSAY: ‘Identity Management Day’ highlights the importance of securing digital IDs

By Jerome Becquart

The second Tuesday of April has been christened “Identity Management Day” by the Identity Defined Security Alliance, a trade group that provides free, vendor-neutral cybersecurity resources to businesses.

Related: The role of facial recognition

Today, indeed, is a good a time as any to raise awareness about cyber exposures that can result from casually or improperly managing and securing digital identities. Here are five tips for securely managing identities across the new, hybrid work environment:

•Think granularly. The first mistake a lot of organizations make when planning their identity management strategy is not considering every identity on their network. Sure, a lot think about their users and what types of credentials they’ll need for their various systems. But what about the numerous machines on a company’s network, like mobile devices, servers, applications, and IoT devices?

Machines are dramatically increasing, and require a solution that will identify these identities, authenticate them, and then secure their interactions across the network.  IT leaders need to consider PKI-based solutions for managing their machine identities, so their IT teams can issue certificates to their machines, track what is on their network, and encrypt the communication between the devices. This will prevent falsified entities from entering the network and putting data at risk.

•Verify email. In the face of phishing threats, many companies focus their investments on anti-malware software or new technology to prevent threats from getting through. Unfortunately, some of these emails will inevitably slip through the cracks.

GUEST ESSAY: The missing puzzle piece in DevSecOps — seamless source code protection

By Rui Ribeiro

We live in a time where technology is advancing rapidly, and digital acceleration is propelling development teams to create web applications at an increasingly faster rhythm. The DevOps workflow has been accompanying the market shift and becoming more efficient every day – but despite those efforts, there was still something being overlooked: application security.

Related: ‘Fileless’ attacks on the rise

The awareness that the typical approach to DevOps was downplaying the role of security led to an evolution of this workflow, which today has come to be known as DevSecOps. This new mindset puts application security at the foundation of DevOps, rather than it being an afterthought.

In the ideal DevSecOps implementation, security controls are fully integrated into the continuous integration (CI) and continuous delivery (CD) pipelines and development teams possess the necessary skills to handle and automate several security processes.

Plain sight gaps

As companies grew into the concept of DevSecOps, they typically focused on technologies like SAST or DAST to provide an extra layer of security at the earlier development stages. These technologies help check the source code for vulnerabilities that could be exploited by attackers in a production environment. However, finding and fixing those vulnerabilities is still not enough to guarantee end-to-end protection of the source code – there is still one key missing piece.