Cybersecurity News

RSS

If you were in an IT-related field 10 years ago, the term “Shadow IT” might strike fear into your heart. In case you missed it – or blocked out the bad memory – that’s when business SaaS emerged, enabling lines-of-business (LOB) teams to buy their own turnkey software solutions for the first time. Why was it called “Shadow” IT? Because IT security teams typically weren’t involved in the analysis or deployment of these Saas applications. IT security often didn’t find out about the apps until something went wrong and they were called in to help – and by that point, data, apps and accounts had sprawled across the cloud.

Despite their preference for remote work, Millennials and Gen Zers experience more technological issues, struggle more with password management, and are far more reckless in their online activity than older demographics. Not only do these younger employees create more work for IT teams and service desk personnel, but they also pose as significant cybersecurity liabilities for corporations.

Nearly two-thirds of workers who have been working remotely during the pandemic would like to continue to do so. While working from home, the boundaries between work and life can decrease or disappear altogether, as employees are using their corporate devices for personal use more than ever before. As we enter the holiday season, IT teams can expect this work/life blend to translate into increased online shopping on corporate devices, which in turn exposes the network to additional cybersecurity threats.

The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.

The World Economic Forum today launched a new report that outlines how organizational leaders can influence their companies and encourage the responsible use of technology and build ethical capacity. “Ethics by Design” – An Organizational Approach to Responsible Use of Technology integrates psychology and behavioral economics findings from interviews and surveys with international business leaders. It aims to shape decisions to prompt better and more ethical behaviors. The report promotes an approach that focuses less on individual “bad apples” and more on the “barrel”, the environments that can lead people to engage in behaviors contrary to their moral compass. The report outlines steps and makes recommendations that have proven more effective than conventional incentives such as compliance training, financial compensation or penalties.

According to media reports, the U.S. Energy Department and National Nuclear Security Administration have evidence that hackers accessed their networks as part of a major cyber espionage operation that affected many U.S. federal agencies. 

The future of business has changed drastically due to the rapid advancement of the remote work era from the pandemic. Here are three key CIAM market trends that security professionals should be aware of as they finalize their 2021 plans.

New data from Jumio reveals that new account fraud based on ID verification declined 23.2% worldwide YTD in 2020, compared to 2019 results. At the same time, selfie-based fraud rates were five times higher than ID-based fraud. This illustrates the growing number of stolen ID documents available on the dark web for purchase and, more importantly, the growing need to determine if an ID is authentic and belongs to the user.

Positive Technologies has published its “5G standalone core security assessment”. The report discusses vulnerabilities and threats for subscribers and mobile network operators, which stem from the use of new standalone 5G network cores. The vulnerabilities in protocols HTTP/2 and PFCP, used by standalone 5G networks, include the theft of subscriber profile data, impersonation attacks and faking subscriber authentication.