Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Guest Blog Post

 

GUEST ESSAY: Here’s how ‘WFM’ tools can boost productivity — and security — of remote workers

By April Miller

Workforce management software (WFM) is an essential tool companies across industries can  use to organize their workforce, track employee work and performance, forecast labor demand, and create schedules for employees.

Related: Turning workers into security security sensors

Most, if not all, WFM software is chock full of features that makes managing a workforce more efficient and effortless for top management. What’s more, WFM tools can help reinforce best security practices needed as companies increase their reliance on a remote workforce and using cloud-based software.

One of the primary benefits of using WFM software is the reduced labor costs. Research shows that 75% of organizations using WFM software report ROI in less than a year. This is one of the main reasons why more and more companies are leveraging this digital technology — it’s the ultimate goal for any company to improve ROI and meet its bottom line.

WFM tools can and should be deployed in a way the supports and enhances cybersecurity. Protecting employee data from unauthorized users is paramount, especially during a time where threats towards cybersecurity organizations are imminent.

GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

By Bharat Bhushan

Cloud hosted email services have come into wide use as the go-to communication and collaboration work tools for businesses far and wide.

Related: Weaponized email endures as top threat

Digital native companies start from day one relying entirely on Microsoft Office 365 or Google’s G Suite and most established companies are in some stage of migrating to, or adjusting for, Office 365 or G Suite.

That said, Microsoft Exchange on-premises email servers – technology that once, not too long ago, dominated this space – remain in pervasive business use today.

In 2021, on-premises Microsoft Exchange Server mailboxes commanded a 43 percent global market share as compared to 57 percent for cloud Exchange mailboxes, according to this report from Statista. Some 11,800 computer software companies, 10,000 IT services vendors, 5,500 health care organizations and 3,200 financial services firms continue to maintain on-premises Exchange email servers, according to this report from Enlyft

What’s more, many of the organizations migrating to cloud IT infrastructure services are patching together hybrid email systems, part on-premises and part cloud-hosted.

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

By Jack Chapman

Within the past year, we have seen a glut of ransomware attacks that made global news as they stymied the operations of many. In May, the infamous Colonial Pipeline ransomware attack disrupted nationwide fuel supply to most of the U.S. East Coast for six days.

Related: Using mobile apps to radicalize youth

But the danger has moved up a notch with a new, grave threat: killware.

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Earlier in the year, there was an attempted hack of a water treatment facility in Oldsmar, Florida. This attack, however, was not for financial gain; it was intended to inflict harm.

Alejandro Nicholas Mayorkas, the U.S. Secretary of Homeland Security, told USA Today that the attack “was intended to distribute contaminated water to residents, and that should have gripped our entire country.”

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

By Wade Lance

In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments.

Related: The targeting of supply chains

While some of these efforts have been successful, and may prevent more damage from being done, it is important to realize that headline news is a lightning rod for more attacks. Successful attacks breed copycats, and their arrests make room for replacements. Malicious actors are opportunistic.

Of course they don’t want to get busted and they don’t want authorities taking down their infrastructure, but these arrests are an incentive to get into the ransomware market and a learning experience on how to adapt their tactics.

I expect a new wave of ransomware operators that use cryptocurrency to avoid tracking, remotely-located operations to avoid extradition and arrest, and the hardening of operational security to avoid infrastructure take down.

GUEST ESSAY: Lessons learned in 2021 as cloud services, mobility and cybersecurity collided

By Kelly Ahuja

In 2021 we witnessed the continuation of the seismic shift in how people work, a change that started at the beginning of the global pandemic. The acceleration of cloud, mobility, and security initiatives proved to be critical for organizations looking to weather the new threats and disruptions.

Related: How ‘SASE’ blends connectivity, security

In fact, the Verizon 2021 Data Breach Investigations Report found that “with an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11 percent and 6 percent respectively.” Cybercriminals have taken advantage of security challenges that arise from the new model of remote work and collaboration.

To combat this, businesses who are agile in adopting digital transformation strategies reaped the benefits: from better security hygiene to reduce the risk of a data breach to improved productivity that ultimately yields higher revenue. Here are a few important trends that you should consider for 2022:

Single vendor SASE play

Last year, we predicted that SASE would be an essential strategic initiative, design approach, and implementation standard for enterprise network and network security deployments around the globe. In 2022, SASE will accelerate to become the gold standard for organizations looking to achieve consistency, flexibility, and high performance for both their security and networking needs.

Businesses and organizations will gravitate towards a single vendor SASE provider for uniform, consistent, and ubiquitous security, networking, and business policies to every user, application, and device. This single vendor model will still need to allow for the option to integrate with third-party SASE services.

GUEST ESSAY: How the FIDO Alliance helps drive the move to passwordless authentication

By Yves Audebert

For IT leaders, passwords no longer cut it. They’re expensive, difficult for employees to keep track of, and easy for hackers to utilize in cyberattacks. So why are they still around?

Related: IT pros support passwordless access

This traditional authentication method is challenging to get rid of, mostly because it’s so common. Every new account you sign up for, application you download, or device you purchase requires a password. And for businesses, transitioning to new authentication solutions can be expensive and time-consuming.

That’s why the work of the FIDO Alliance is essential. They are working to enable the transition away from passwords with open standards that are more secure than passwords or SMS OTPs, and easier for IT teams to deploy and for end users to manage.

Lowering password use

The FIDO Alliance is an open industry association with the mission of reducing our reliance on passwords. It supports standards that make implementing newer, stronger authentication methods possible for businesses.

As part of this mission, the FIDO Alliance has published three sets of authentication specifications: FIDO Universal Second Factor, FIDO Universal Authentication Framework, and FIDO2. FIDO2 has become a major focus for IT leaders on their transition to passwordless. It enables end users to authenticate to online sites and applications both on mobile and desktop through WebAuthn and CTAP.

GUEST ESSAY: Ransomware pivot 2021: attackers now grab, threaten to leak sensitive data

By Dr. Darren Williams

Ransomware attacks have reached a record high this year, with nearly 250 attacks recorded to date and months to go. As we’ve seen with major attacks like Kaseya and Colonial Pipeline, cybercriminals have continued to innovate, developing new tools and tactics to encrypt and exfiltrate data.

Related: Kaseya breach worsens supply chain worries

Where previously ransomware gangs relied solely on the attack’s disruption to daily business to be enough for the victim to pay the ransom, today’s stakes are much higher, with gangs exfiltrating information to make ransom threats to sell or publish victims’ information far and wide.

This leaves many organizations frustrated, damaged and ultimately devastated, as fully recovering from the loss of sensitive and confidential files detailing financial information, business IP, customer data and more, can be a nearly impossible task.

The ongoing battle to secure data from highly sophisticated ransomware gangs like REvil and others continues to rage on, despite recent news that these groups have disbanded in response to pressure from law enforcement.