When is the last time you assessed your monitoring platform? You may have already noticed signs indicating that your tools are not keeping up with the rapidly changing digital workforce – gathering nonessential data while failing to forewarn you about legitimate issues to your network operations. Post-2020, these systems have to handle workforces that are staying connected digitally regardless of where employees are working. Your monitoring tools should be hyper-focused on alerting you to issues from outside your network and any weakness from within it. Often, we turn out to be monitoring for too much and still missing the essential problems until it’s too late.
China has had a tough 2020. Intellectual property rights infringement, stealing university and U.S. government-funded research, spys routed out in public, Hong-Kong takeover, Human-right abuses, Coronavirus cover-ups, supply-chain bog downs, and the list goes on. The conclusion is that China has lost its luster with businesses in the United States and abroad. These issues are not new; instead, they have reached a boiling point where the international business community is getting leary of putting too many eggs in China’s basket. The U.S. government has certainly done its share to bring many of these things to light. And while this is happening, and companies look elsewhere to move, the possibilities of increasing North America manufacturing has become more attractive than ever.
Deepfakes –mostly falsified videos and images combining the terms “deep learning” and “fake” – weren’t limited in 2019 to the Nixon presentation and were not uncommon before that. But today they are more numerous and realistic-looking and, most important, increasingly dangerous. And there is no better example of that than the warning this month (March 2021) by the FBI that nation-states are virtually certain to use deepfakes to help propagate increasingly misleading campaigns in the U.S. in coming weeks.
The recent SolarWinds breach has brought vendor risk management into the spotlight. With 59% of data breaches being traced to third-party vendors and the average enterprise having 67 vendors with privileged access, managing third party risk is no longer optional, says Tony Howlett, Chief Information Security Officer (CISO) of SecureLink. Here, we speak to Howlett about why security and risk professionals need to take control of their third-party exposure and implement safeguards and processes to reduce their vulnerability.
When it comes to most digital initiatives, user experience is a primary focal point. Not only is user experience a critical element in the design process, it also remains pertinent as product evolution keeps pace with business scale. As online interactions have exponentially grown during the pandemic, it has become startlingly clear that seamless and secure user experiences (UX) are necessary for success.
Has the pandemic and remote working created an environment of heightened risk of insider data breaches? Here, Darren Cooper, Chief Technology Officer (CTO) for Egress, speaks to Security magazine about what organizations can do to prevent data loss.
Another challenge is the new home office, where spouses may be working remotely, often alongside their children attending school online. Home networks lack typical protections and bifurcations of the corporate office and may be prone to attacks using lateral movement techniques. In these scenarios, after gaining initial access through an insufficiently protected device, such as a family computer, attackers move deeper into a network, searching for other devices to compromise or obtain increased privileges. This continued probing could eventually lead to the exfiltration of sensitive corporate data or high-value intellectual property.
Have you considered a career as a cybersecurity professional, but weren't really sure if you had the right degree or skillset needed for success? Here, Jay Leaf-Clark, Head of IT at Dashlane, walks you through how to get started in cybersecurity.
We have come to a point in the world where IT is being called upon more than ever due to the surge in remote work and technology’s increasingly significant role in driving business direction. The pandemic disruption has increased internal-control risks, leaving every business to adapt and have an increased focus on the overall technology vulnerabilities. To accomplish all they need to keep their organization secure, IT departments have been brought to the realization that they must prioritize building trust among their business partners – but that trust doesn’t happen in a flip of a switch, there’s a variety of steps both parties have to take in order to reach the light at the end of the tunnel.
Keypoint: The appointment of the five California Privacy Protection Agency board members is the first significant step to the California Privacy Rights Act becoming fully operative in 2023.
On March 17, California officials announced the establishment of the five-member inaugural board for the California Privacy Protection Agency (CPPA). The CPPA was established by the California Privacy Rights Act (CPRA), which California voters approved in the November election. The CPPA will take over rulemaking duties from the California Attorney General’s office and will administratively enforce the CPRA. Given that California has the world’s fifth largest economy, the CPPA has the potential to be one of the most important data privacy authorities in the world.