The traditional approach to securing cloud access goes against everything that DevOps is about. Regardless of what providers of legacy IAM, PAM, and other security solutions claim about their ability to scale with cloud application dev cycles, they’re concealing the extensive time, effort, and resources required to manage their solutions – three things that are in short supply in DevOps teams. So, the challenge becomes: how can enterprises integrate world class technologies for securing identities and access to cloud environments without bringing DevOps to a grinding halt?
COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services.
Like the game of Texas Hold ‘Em, the practice of security is ultimately an exercise in decision-making. Specifically, how do you make the best decision possible with limited and incomplete information?
Now, let’s consider how the pandemic has impacted the world of cybercrime. In the beginning, the move to work from home was swift, with organizations being closed and the workforce being sent home to work with little or no warning. People began stockpiling items and even staples such as toilet paper became a scarce commodity. As schools closed, the students were forced to start doing classes online, something a lot of families were not prepared for. Many found themselves in financial difficulties. For those still working, with daycares closing, childcare became an issue, and many people did not have laptops or computers set up at home to support these changes. Even webcams became nearly impossible to get unless you were willing to pay the scalpers’ prices.
With technology becoming more accessible and complex, prioritizing a defense against insider threats may be the better strategy. After all, the moment an outsider breaches an organization, they become an insider.
Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications.
In the tense political and economic climate, state-backed actors have used every possible means to gain leverage over their rivals. And in the midst of the chaos, every individual and organization can become a victim or collateral damage in the context of bigger conflicts. Here’s a glimpse of where we are and how organizations can protect themselves going forward.
Ransomware is nothing new. But the tactics, techniques and procedures (TTPs) leveraged by threat actors have reached new levels of sophistication over the last few years. And with that growth has come an increased difficulty in protecting networks against costly attacks such as the recent DarkSide one on the Colonial Pipeline.
Healthcare businesses are already reeling from massive losses during the pandemic, and cyberattacks could cause further long-term damage beyond the initial attack. Research at Morphisec indicates that almost 3-in-10 consumers say they would consider switching providers if their records were breached in a cyberattack. Considering that same report found that 1-in-5 Americans say a cyberattack has impacted their healthcare provider in the past year, it’s undoubtedly worrying news for the entire industry. With this in mind, here are three avenues hackers are likely to exploit as healthcare becomes a more attractive target and what providers’ need to do to protect their sensitive data and safeguard the lives of their patients.
The social and economic impacts of political violence don’t often match. Terror attacks can accomplish their main objective of striking fear into a local population while not significantly interfering with commerce, and broad waves of unrest have the potential for supply chain disruption, local business closures lasting for days, and repair and remediation that can become quite costly. There’s a third category that doesn’t get enough attention in policy and academic circles: insurance industry losses.
RSS
