Balancing the need for privacy, security and profit is the defining debate of the internet age, impacting all of our lives. Each change to the way privacy and technology intersect needs to be examined on its own merits.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Cloud security firm Ermetic found that vulnerable identities and misconfigured environments on most AWS accounts expose 90% of S3 buckets to potential ransomware attacks.
Secure coding training is critical, but how that training is developed and presented can make a tremendous difference between “checking the box” training – and training that yields results.
An in-depth study from the University of Oxford has examined 24,000 Apple App Store and Google Play apps, and found that Apple's "walled garden" approach has not necessarily made a difference in terms of app privacy.
Palo Alto Networks’ researchers discovered that 96% of cloud containers on public registries were prone to vulnerabilities and misconfigurations that could result in a supply chain attack.
For enterprises, getting up to speed with cloud deployments, migrations, and protecting their cloud infrastructure in time and cost-efficient ways is more important now more than ever.
Fraudsters stole cryptocurrency from 6,000 users in a Coinbase hack attributed to a multi-factor authentication flaw that allowed them to exploit the account recovery process.
Google's Threat Analysis Group has announced it is providing free USB security keys to a collection of politicians, activists and other high-risk individuals likely to be targeted by nation-state hackers.
Businesses that invest in and continuously update their cybersecurity can prevent customer experience disruptions, protect their brand reputation and maintain the trust and loyalty of their customers.
Report from Momentum Cyber finds that the first half of 2021 was the busiest on record for the cybersecurity market in terms of investment and strategic activity. The torrid pace has been indirectly driven by the massive spike in ransomware attacks.