Distributed denial of service (DDOS) attacks - when an attacker attempts to make it impossible for a service to be deliverable - are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. To learn more about how these attacks have evolved over the years, we talk to Roy Horev, Co-Founder and CTO at Vulcan Cyber, a vulnerability remediation orchestration provider.
As employees return back to the office, challenges continue to unfold and the best way to approach many of the computers and systems that have been off company premises for so long is to regard them as potentially infected.
As employees return back to the office, challenges continue to unfold and the best way to approach many of the computers and systems that have been off company premises for so long is to regard them as potentially infected.
The traditional approach to securing cloud access goes against everything that DevOps is about. Regardless of what providers of legacy IAM, PAM, and other security solutions claim about their ability to scale with cloud application dev cycles, they’re concealing the extensive time, effort, and resources required to manage their solutions – three things that are in short supply in DevOps teams. So, the challenge becomes: how can enterprises integrate world class technologies for securing identities and access to cloud environments without bringing DevOps to a grinding halt?
COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services.
Like the game of Texas Hold ‘Em, the practice of security is ultimately an exercise in decision-making. Specifically, how do you make the best decision possible with limited and incomplete information?
Now, let’s consider how the pandemic has impacted the world of cybercrime. In the beginning, the move to work from home was swift, with organizations being closed and the workforce being sent home to work with little or no warning. People began stockpiling items and even staples such as toilet paper became a scarce commodity. As schools closed, the students were forced to start doing classes online, something a lot of families were not prepared for. Many found themselves in financial difficulties. For those still working, with daycares closing, childcare became an issue, and many people did not have laptops or computers set up at home to support these changes. Even webcams became nearly impossible to get unless you were willing to pay the scalpers’ prices.
Congress sent some rather clear messages with passage of the American Rescue Plan (ARP), and the importance of education is undoubtedly top of mind. Based on the sheer volume of school safety allocations, protecting our nation’s students is a high priority with the Biden administration and a majority in Congress.
With technology becoming more accessible and complex, prioritizing a defense against insider threats may be the better strategy. After all, the moment an outsider breaches an organization, they become an insider.
Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications.