Security & Business Resilience

RSS

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous. 

The need for cybersecurity in the financial services industry has never been greater. Financial Institutions (FIs) have been and will continue to be the subject of cyberattacks by adversaries of all varieties. The old adage “why do you rob banks....because that’s where the money is” holds in this domain as well. In 2019, 86 percent of breaches were financially motivated, and the records exposed in all breaches increased by 284 percent. And if that’s not enough for FIs to worry about, consider that the average cost of a breach as disclosed by public firms in 2019 was $116 million. Given the magnitude of this issue, these are the top trends seen in cybersecurity this year.

Cloud communications and other advanced networking solutions have not only changed the way we connect with the world around us today, but they are also driving the change in future connectivity and are set to transform the way businesses create operating models, collaborate, and more. So, what does the future of connectivity look like in 2021? The near future consists of more robust security, more intuitive and streamlined connectivity, and increased mobility for a global workforce.

Thoughts around threat landscapes commonly prioritize corporate and governmental networks assets as high priorities, with personal networks and resources as lower-level threats. However, there have been recent changes that have caused the reassessment of prioritization levels at times. As a result of the COVID-19 pandemic, the number of individuals who work from home has greatly increased. In fact, Stanford researcher Nicholas Bloom places the percentage of people currently working at home at over 40%.

New findings by The App Analyst reveal a privacy bug in Democratic presidential candidate Joe Biden's official campaign app. 

Two new public safety committees were created this month by University of Utah Chief Safety Officer Marlon Lynch and appointed by U President Ruth Watkins. The Public Safety Advisory Committee and the Independent Review Committee are comprised of students, faculty, and staff from across the institution and are designed to ensure a broad representation of constituents are included in public safety decision-making.

What are the expectations, technical implementations, and challenges of using cloud security access brokers (CASB)? Cloud Security Alliance's latest study reveal unrealized gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise.

Today, Zero Trust is the subject of much discussion and debate; for instance, is Zero Trust doable in reality or more so in theory?  As many are aware, Zero Trust is a concept that deems everyone (employees, freelancers and vendors) and everything (datacenters, applications and devices) must be verified before being allowed into a network perimeter – whether they are on the inside or the outside of an organization.

Organizations may consider adopting an adaptive risk-based trust approach to securing their privileged access. This approach uses least-privilege, zero-trust as a baseline for how organizations build trust scores which will then be used to determine the level of security which is required to gain access to the cloud, and specific applications and systems.