Failure of imagination leads to most crises. As the pandemic persists, vaccinations and vaccine resistance increases, mass shootings rise, and racial and political unrest show few signs of ebbing, seemingly impossible "what if" scenarios are our everyday reality. But can we prevent and protect ourselves from the bad impossibilities? In my experience, if we believe it can happen, then we can look for that trouble, see around corners and potentially head off bad situations. This is why opportunities for protective intelligence analysts are growing and, as digital transformation continues, will be one of the most in-demand roles at corporations alongside cybersecurity experts.
Distributed denial of service (DDOS) attacks - when an attacker attempts to make it impossible for a service to be deliverable - are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. To learn more about how these attacks have evolved over the years, we talk to Roy Horev, Co-Founder and CTO at Vulcan Cyber, a vulnerability remediation orchestration provider.
As employees return back to the office, challenges continue to unfold and the best way to approach many of the computers and systems that have been off company premises for so long is to regard them as potentially infected.
As employees return back to the office, challenges continue to unfold and the best way to approach many of the computers and systems that have been off company premises for so long is to regard them as potentially infected.
The traditional approach to securing cloud access goes against everything that DevOps is about. Regardless of what providers of legacy IAM, PAM, and other security solutions claim about their ability to scale with cloud application dev cycles, they’re concealing the extensive time, effort, and resources required to manage their solutions – three things that are in short supply in DevOps teams. So, the challenge becomes: how can enterprises integrate world class technologies for securing identities and access to cloud environments without bringing DevOps to a grinding halt?
COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services.
Like the game of Texas Hold ‘Em, the practice of security is ultimately an exercise in decision-making. Specifically, how do you make the best decision possible with limited and incomplete information?
Now, let’s consider how the pandemic has impacted the world of cybercrime. In the beginning, the move to work from home was swift, with organizations being closed and the workforce being sent home to work with little or no warning. People began stockpiling items and even staples such as toilet paper became a scarce commodity. As schools closed, the students were forced to start doing classes online, something a lot of families were not prepared for. Many found themselves in financial difficulties. For those still working, with daycares closing, childcare became an issue, and many people did not have laptops or computers set up at home to support these changes. Even webcams became nearly impossible to get unless you were willing to pay the scalpers’ prices.
With technology becoming more accessible and complex, prioritizing a defense against insider threats may be the better strategy. After all, the moment an outsider breaches an organization, they become an insider.
Ben Johnson, former NSA and Chief Technology Officer (CTO) of SaaS application security firm, Obsidian, has found that businesses around the world are adopting Software as a service (SaaS) apps in droves for collaboration, ease of access to data and business continuity. With this increased adoption, comes the inevitable trend of state-sponsored actors merely logging in to steal data rather than having to break in. Here, Johnson talks to Security magazine about security issues associated with SaaS applications.
RSS
