Cyber Defense eMagazine December 2019

More documents

Recommendations

Info

71 The Internet Got Safer In 2019: A Cybersecurity Year in Review By Daniel Kanchev, Chief Enterprise Architect, SiteGround It’s just a fact: In 2019 the Internet got safer by default. SSL encryption adoption is now at an all-time peak, with the latest numbers pointing at 56 percent of all websites using the https protocol as default. Web browsers like Google Chrome sought to protect users by working to ensure that https:// pages can only load secure https://subresources. Further, the first CMS Security Summit took place, bringing together content management system professionals, researchers, and hosting providers to discuss how to make the Internet a safer place for everyone. It’s clear that the industry has made strides toward a more secure web in 2019, but there’s still plenty of room for improvement. From physical security keys to HTTP/3, here’s a look back on the progress made in the cybersecurity space this year. Whether you’re a web developer, a small business looking to secure your site, or just a regular Internet user, like all of us, these advancements in security will continue to play a key role in 2020 and beyond.
72 This year, privacy and security were taken more seriously than ever before. End users can control their preferences to a degree that was not previously possible. GDPR-compliant sites, that do not collect any personal data or use cookies without consent are a good example of this idea in practice. Even though there is not yet an official legal U.S. equivalent, some companies decided to extend the practice created for their EU users to their US visitors as well. In an age where using a public WiFi network can compromise a user’s login data across a variety of accounts, data privacy is an area web developers and security professionals will need to continue innovating. To further the topic of privacy and data protection, physical security keys are becoming a more and more popular method for authentication. Developers who want to allow their users to use physical security keys can implement the FIDO2 standard, which allows users to authenticate online services through a variety of personal devices. Physical security keys are currently largely being used by companies like Google, Facebook, Twitter and GitHub, but the idea is growing in popularity, so hopefully, it will become a more wide-spread practice soon. If you want to use physical security keys right now you can check the Google Titan key and the Yubico YubiKey. As we move into 2020, more products focused on privacy and security are available for the average Internet user. DuckDuckGo, a search engine, is a prime example of this by not tailoring search results to a customer’s Internet history. By ensuring that every customer gets the same, unfiltered results, they not only protect user data, but also avoid a more skewed representation of information. Additionally, a relatively new internet protocol, called QUIC, has the potential to rise in popularity among web hosts, as it considerably increases site-loading speed even when users have poor connectivity. It’s the base for the next version of the HTTP protocol - HTTP/3. To explain this further, HTTP is the foundation protocol of the internet. Prior to HTTP/2 and QUIC encryption was not mandatory. All websites that do not use SSL are still loaded via HTTP 1.0 or 1.1. With time, however, new protocols were developed to improve the web experience for all users. HTTP/2 solves many problems and makes websites much faster. The W3Techs statistics portal says that out of the top 10 million sites, 41.7 percent use HTTP/2. Each new protocol helps make sites faster and safer by default, such as the upgrade from HTTP/2 to HTTP/3 and the movement of traffic to TLS 1.3. Past encryption protocols were easily susceptible to attacks, meaning it’s safest for systems to be upgraded to the latest versions when possible. In 2020, over 90 percent of real-user encrypted traffic will move to TLS 1.3. The world of cybersecurity can seem overwhelming at times. It’s key to remember that the most important thing for web developers, small businesses and even regular users, to do is to invest in security education. Security is not a goal - it is an ongoing process, and the sooner we all realize this and start paying attention, the more secure your systems will be and the more protected your users will be. It may sound like a cliché, but it’s still the truth.
Page 1 and 2:
1 8 Most Common Cybersecurity Mista
Page 3 and 4:
2
Page 5 and 6:
4 The Internet Got Safer In 2019: A
Page 7 and 8:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10:
8
Page 11 and 12:
10
Page 13 and 14:
12
Page 15 and 16:
14
Page 17 and 18:
16
Page 19 and 20:
18
Page 21 and 22: 20 8 Most Common Cybersecurity Mist
Page 23 and 24: 22 You can prevent (or decrease) th
Page 25 and 26: 24 While it’s not feasible to res
Page 27 and 28: 26 The major difference is the addi
Page 29 and 30: 28 Oh, my! PerCSoft’s Irony By Ch
Page 31 and 32: 30 • Conduct cybersecurity traini
Page 33 and 34: 32 Persistent Cybersecurity Industr
Page 35 and 36: 34 Automation is welcome and seen a
Page 37 and 38: 36 Protecting Against Modern Cybera
Page 39 and 40: 38 Conclusion Unfortunately, no tec
Page 41 and 42: 40 For 2020 The Death of Traditiona
Page 43 and 44: 42 The Next Five Years The End of E
Page 45 and 46: 44 Government Agencies Are Prime Ta
Page 47 and 48: 46 It’s a basic fact of contempor
Page 49 and 50: 48 simpler way to approach these pr
Page 51 and 52: 50 Why Outsmart Cyber Attackers Whe
Page 53 and 54: 52 Depending on how you look at it,
Page 55 and 56: 54 devices. Russian actors can extr
Page 57 and 58: 56 How to Become a Cybersecurity Sl
Page 59 and 60: 58 industry. Perform online searche
Page 61 and 62: 60 The Security Challenges of Robot
Page 63 and 64: 62 The typical approach in providin
Page 65 and 66: 64 The Blockchain And Wireless Tech
Page 67 and 68: 66 systems. As is quite well-known,
Page 69 and 70: 68 Benefits of Having an SSL Certif
Page 71: 70 Google has made SSL compulsory s
Page 75 and 76: 74 The Perspectives Of The 5th Indu
Page 77 and 78: 76 The balance between offense and
Page 79 and 80: 78 The Rise of Cybercrime-As-A-Serv
Page 81 and 82: 80 About the Author Mark Belgrove i
Page 83 and 84: 82 the conflict. Practically, it’
Page 85 and 86: 84 fact is something that would see
Page 87 and 88: 86 Furthermore, Tessian in 2019 del
Page 89 and 90: 88 Automatic for The SOC People How
Page 91 and 92: 90 Allows Transparency and Drive Le
Page 93 and 94: 92 Only large enterprises can benef
Page 95 and 96: 94 The Growing Costs of Cyber Attac
Page 97 and 98: 96 After suffering a cyber attack m
Page 99 and 100: 98 Some of the most damaging Inside
Page 101 and 102: 100 Out-Smarting the Cybersecurity
Page 103 and 104: 102 Empower Other Teams Network and
Page 105 and 106: 104 New Security Report Highlights
Page 107 and 108: 106 The Threat Lab team also analyz
Page 109 and 110: 108 Drive, AWS, Office 365, etc. It
Page 111 and 112: 110 former governor, this bill also
Page 113 and 114: 112 I mean, if you want to be able
Page 115 and 116: 114 Is It Safe to Connect to Public
Page 117 and 118: 116 5. Safe Browsing Additional dil
Page 119 and 120: 118 flawed method in which Evernote
Page 121 and 122: 120 Really, Imagine a Day Without W
Page 123 and 124:
122
Page 125 and 126:
124
Page 127 and 128:
126
Page 129 and 130:
128
Page 131 and 132:
130
Page 133 and 134:
132
Page 135 and 136:
134
Page 137 and 138:
136
Page 139 and 140:
138 Meet Our Publisher: Gary S. Mil
Page 141 and 142:
140 Free Monthly Cyber Defense eMag
Page 143 and 144:
142
Page 145 and 146:
144
Page 147 and 148:
146 Nearly 8 Years in The Making…
Page 149 and 150:
148
Page 151:
150
show all

Cyber Defense eMagazine December 2019

Create successful ePaper yourself

Delete template?

Save as template?