Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Guest Blog Post

 

GUEST ESSAY: The case for an identity-first approach ‘Zero Trust’ privileged access management

By Raj Dodhiawala

Today’s enterprises are facing more complexities and challenges than ever before.

Related: Replacing VPNs with ZTNA

Thanks to the emergence of today’s hybrid and multi-cloud environments and factors like remote work, ransomware attacks continue to permeate each industry. In fact, the 2022 Verizon Data Breach Investigation Report revealed an alarming 13 percent increase in ransomware attacks overall – greater than past five years combined – and the inability to properly manage identities and privileges across the enterprise is often the root cause.

As enterprises continue to fall victim to increasingly complex attacks, there’s one topic that cybersecurity professionals and vendors can agree on: the importance of Zero Trust. Still, ways to properly identify and tackle this strategy often remains one of the biggest challenges to overcome.

A ‘Zero Trust’ core

The Zero Trust buzzword has exploded in use over the last few years. Through endless redefinitions, it’s difficult to find a reliable one. While this continuous pivot can be tough to track, it does not diminish the need for a real, executable strategy for tackling its core tenants.  One helpful perspective is to view Zero Trust as a three-legged tripod:

•The first leg of this tripod is the network – protecting the perimeter and ensuring organizations are safeguarded from the outside in, as well as inside out.

•The second is the endpoint – protecting the workstations, servers, laptops, cloud instances, network devices, etc. – the crown jewels are on

GUEST ESSAY: The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

By Zac Amos

Cybersecurity is a top concern for individuals and businesses in the increasingly digital world. Billion-dollar corporations, small mom-and-pop shops and average consumers could fall victim to a cyberattack.

Related: Utilizing humans as security sensors

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service.

Why should companies be aware of this trend, and what can they do to protect themselves?

Phishing-as-a-Service (PhaaS)

Countless organizations have adopted the “as-a-service (-aaS)” business model. It describes companies that present customers with an offering, as its name suggests, to purchase and use “as a service.” Popular examples include artificial intelligence-as-a-service (AIaaS), software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS).

Phishing-as-a-service, also called PhaaS, is the same as the SaaS business model, except the product for sale is designed to help users launch a phishing attack. In a PhaaS transaction, cybercriminals or cybercrime gangs are called vendors, and they sell access to various attack tools and technical knowledge to help customers carry out their crimes.

SHARED INTEL: Poll highlights the urgency to balance digital resiliency, cybersecurity

By Paul Nicholson

The pace and extent of digital transformation that global enterprise organizations have undergone cannot be overstated.

Related: The criticality of ‘attack surface management’

Massive global macro-economic shifts have fundamentally changed the way companies operate. Remote work already had an impact on IT strategy and the shift to cloud, including hybrid cloud, well before the onset of Covid 19.

Over the past two years, this trend has greatly accelerated, and working practices have been transformed for many workers and organizations.

Yet, with all these changes, the specter of security breaches remains high. This explains the rise and popularity of Zero Trust as a framework for securing networks in these new realities as an effective tool to drive cybersecurity initiatives within the entire enterprise.

Fundamentally, Zero Trust is based on not trusting anyone or anything on your network by default and using least required privilege concepts. Every access attempt by any entity must be validated throughout the network to ensure no unauthorized entity is moving vertically into or laterally within the network undetected.

GUEST ESSAY: The drivers behind persistent ransomware — and defense tactics to deploy

By Eric George

The internet has drawn comparisons to the Wild West, making ransomware the digital incarnation of a hold-up.

Related: It’s all about ‘attack surface management

However, today’s perpetrator isn’t standing in front of you brandishing a weapon. They could be on the other side of the globe, part of a cybercrime regime that will never be discovered, much less brought to justice.

But the situation isn’t hopeless. The technology industry has met the dramatic rise in ransomware and other cyber attacks with an impressive set of tools to help companies mitigate the risks. From sharing emerging threat intelligence to developing new solutions and best practices to prevent and overcome attacks, it’s possible to reduce the impact of ransomware when it happens.

Prevalence

The FBI’s Internet Crime Complaint Center (IC3) received 3,729 ransomware complaints in 2021, representing $49.2 million in adjusted losses. Healthcare and public health, financial services, and IT organizations are frequent targets, although businesses of all sizes can fall victim to these schemes.

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

By Dawid Czarnecki

Web application attacks directed at organizations’ web and mail servers continue to take the lead in cybersecurity incidents.

Related: Damage caused by ‘business logic’ hacking

This is according to Verizon’s latest 2022 Data Breach Investigations Report (DBIR).

In the report’s findings, stolen credentials and exploited vulnerabilities are the top reasons for web breaches. This year, these were the top reasons for web breaches.

•A whopping 80 percent were due to stolen credentials (nearly a 30 percent increase since 2017!)

•Exploited vulnerabilities were the second leader at almost 20 percent

•Brute forcing passwords (10 percent) came in third

•Backdoors or C2 (10 percent) were the fourth runner-ups

Poor password practices are responsible for most incidents involving web applications and data breaches since 2009. Password security may seem like a simple solution for a huge problem, but it may be difficult to successfully implement in practice. Ignoring it, on the other hand, can lead to complications such as an unwarranted data breach.

Without strong, secure passwords or two-factor authentication (2FA) enabled in an organization or startup, it becomes easy for attackers to access stolen credentials on their web and email servers.

Consequently, sensitive data can become compromised, ending up in the wrong hands. In 2022, 69 percent of personal data and 67 percent of credentials became compromised in a web breach. This data strongly indicates that password management and 2FA are crucial for any organization or startup to become more secure from web attacks.

We’ve shared some helpful guidance on password security at Zigrin Security blog.

GUEST ESSAY: A breakdown of the cyber risks intrinsic to ubiquitous social media apps

By Mark Stamford

More than half of the world—58.4 percent or 4.62 billion people—use social media.

Related: Deploying human sensors to stop phishing.

And while that’s incredible for staying connected with friends, organizing rallies, and sharing important messages, it’s also the reason we are facing a cyber security crisis.

A record 847,376 complaints of cyber-crime were reported to the FBI by the public, according to the FBI’s Internet Crime Report 2021—a 7 percent increase from 2020. This is now catching the attention of elected leaders like Senator Mark Warner and Senator Marco Rubio.

They recently called on the Federal Trade Commission (FTC) to investigate TikTok and parent company Byte Dance over its data handling. But why is social media such a catalyst for nefarious behavior?

As the founder of the leading cyber security firm OccamSec, I’ve seen first-hand how and why social media is such a weak point, even for the most careful people and companies. Here are the three main reasons.

GUEST ESSAY: The key to a successful cloud migration – embrace a security-first strategy

By Steve Schoener

Migrating to and utilizing cloud environments – public, hybrid, or multi – is a source of real investment and positive change for businesses. Cloud is the powerhouse that drives digital organizations.

Related: Cloud security frameworks take hold

Gartner predicts that spending on public cloud alone is set to top $500 billion in 2022 – a 20% growth over last year. But often overlooked in the migration process is the significance of a company’s embedded security measures.

For cloud migration programs to succeed in both the short and long-term, organizations must have an established cloud security policy to guide operations in the cloud, identify and mitigate vulnerabilities, and defend against cyberattacks – before a single byte is migrated.

But where should you begin? Following these steps will help you lay the foundation for a secure and sustainable cloud strategy.

•Design with security first. Although moving to the cloud should follow a standardized approach, the order of operations is often prioritized in favor of rapid results, not security. When security becomes an afterthought, best practices are overlooked, mistakes are made, and vulnerabilities are introduced that can result in significant risk, cost and breaks later.

By considering security first (not a detail to be added on later) and fully grasping cloud technology and risk exposure, your organization can ensure that the cloud architecture is secure before any data is migrated off-premises. It may slow the start but designing with security-first in mind can save you a lot of trouble down the road. For example, companies must plan to secure the perimeter with access protocols and controls – something that is very hard to do once systems are in use.