Building a cyber-resilient enterprise informed by threat intelligence is not an easy task. Risks and requirements are often as unique and diverse as organizations themselves. Determining factors like industry, size, and market contribute to one simple truth: a one-size-fits-all approach to incorporating threat intelligence does not exist. Some invariants, however, do remain; successful threat intelligence programs must staff the right people in the right positions. Below, I’ll introduce four core threat intelligence focuses to consider as businesses plan and allocate budgets for 2021:
Analyst1, provider of a threat intelligence platform (TIP), added recognized cybersecurity industry veteran, Jon DiMaggio, to its executive team. As chief security strategist, DiMaggio will be responsible for driving security research and strategy for the next generation threat intel company.
Securing identities and their privileges and access should be at the center of your strategy for reducing your cloud attack surface. The old network perimeter, with its limited number of points of ingress secured with firewalls and other perimeter defenses has given way to a distributed arrangement. Software-as-a-Service (SaaS) today is the new IT, and cloud identities are the new perimeter with thousands of users and points of potential failure existing outside of your traditional security protocols. The greatest threats to this new perimeter include:
The cyber intent strategy is to seek out the reconnaissance traffic that precedes an attack and manipulate it so well that the attack never succeeds. Leveraging and countering malicious cyber intent as your earliest defense draws from information warfare. Investing a small misdirection here could pay dividends later.
The role of the chief information security officer – or CISO for short – is to understand a corporation’s cyber threat landscape and know where vulnerabilities lie. And given the relentless increase in sophisticated hacking, their clout and importance to the CEO and Board is increasing exponentially.
Sr. Advisor Felker brings additional maritime cybersecurity partnership expertise to information sharing and analysis center
November 12, 2020
John Felker, former Assistant Director, Cybersecurity and Infrastructure Security Agency brings significant public-private sector relationship building expertise to the Maritime Transportation System Information Sharing and Analysis Center’s (MTS-ISAC) nonprofit, community focused mission.
What is causing digital fraud to rise year over year? From current trends and consumer attitudes to technological enhancements and more sophisticated tactics, let’s take a look at the top nine reasons digital fraud is rapidly increasing:
Organizations' migration to the cloud is a broad term that encompasses many different trends: (1) Moving existing applications from private data centers to AWS, Azure, or the Google Cloud Platform as cloud service providers (CSPs), often referred to as lift-and-shift or infrastructure-as-a-service (IaaS); (2) Completely restructuring how applications are built to make heavier use of prepackaged services available on these cloud service platforms – often referred to as lift-and-reshape, serverless, or platform-as-a-service (PaaS); (3) Choosing to forgo running copies of standard applications instead of having the application vendor host them is sometimes referred to as drop-and-shop or software-as-a-service (SaaS).
With the emergence of major public health issues, or crises, such as COVID-19, grant funding for research and program development will be made available from various government agencies to help with the response. Additionally, foundations such as the Bill & Melinda Gates Foundation or Ford Foundation may provide the precious funds to perform the vital work to battle the at hand issue. If fortunate, those in receipt of funding to pursue the global health issue to be addressed will often utilize technology either developed or custom created and implemented to address the critical response, or in the case of COVID-19, slow the spread or research the creation of vaccines.
Starting on December 8, Apple will require all third-party developers to detail their app’s privacy information, according to an Apple post. Security experts note that this new update (iOS 14) puts additional focus on user privacy, and in particular gives users better visibility into their personal information that is shared with third parties.
RSS
