Cyber Defense eMagazine December 2019
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
72<br />
This year, privacy and security were taken more seriously than ever before. End users can control their<br />
preferences to a degree that was not previously possible. GDPR-compliant sites, that do not collect any<br />
personal data or use cookies without consent are a good example of this idea in practice. Even though<br />
there is not yet an official legal U.S. equivalent, some companies decided to extend the practice created<br />
for their EU users to their US visitors as well. In an age where using a public WiFi network can<br />
compromise a user’s login data across a variety of accounts, data privacy is an area web developers and<br />
security professionals will need to continue innovating.<br />
To further the topic of privacy and data protection, physical security keys are becoming a more and more<br />
popular method for authentication. Developers who want to allow their users to use physical security keys<br />
can implement the FIDO2 standard, which allows users to authenticate online services through a variety<br />
of personal devices. Physical security keys are currently largely being used by companies like Google,<br />
Facebook, Twitter and GitHub, but the idea is growing in popularity, so hopefully, it will become a more<br />
wide-spread practice soon. If you want to use physical security keys right now you can check the Google<br />
Titan key and the Yubico YubiKey.<br />
As we move into 2020, more products focused on privacy and security are available for the average<br />
Internet user. DuckDuckGo, a search engine, is a prime example of this by not tailoring search results to<br />
a customer’s Internet history. By ensuring that every customer gets the same, unfiltered results, they not<br />
only protect user data, but also avoid a more skewed representation of information.<br />
Additionally, a relatively new internet protocol, called QUIC, has the potential to rise in popularity among<br />
web hosts, as it considerably increases site-loading speed even when users have poor connectivity. It’s<br />
the base for the next version of the HTTP protocol - HTTP/3. To explain this further, HTTP is the<br />
foundation protocol of the internet. Prior to HTTP/2 and QUIC encryption was not mandatory. All websites<br />
that do not use SSL are still loaded via HTTP 1.0 or 1.1. With time, however, new protocols were<br />
developed to improve the web experience for all users. HTTP/2 solves many problems and makes<br />
websites much faster. The W3Techs statistics portal says that out of the top 10 million sites, 41.7 percent<br />
use HTTP/2. Each new protocol helps make sites faster and safer by default, such as the upgrade from<br />
HTTP/2 to HTTP/3 and the movement of traffic to TLS 1.3. Past encryption protocols were easily<br />
susceptible to attacks, meaning it’s safest for systems to be upgraded to the latest versions when<br />
possible. In 2020, over 90 percent of real-user encrypted traffic will move to TLS 1.3.<br />
The world of cybersecurity can seem overwhelming at times. It’s key to remember that the most important<br />
thing for web developers, small businesses and even regular users, to do is to invest in security<br />
education. Security is not a goal - it is an ongoing process, and the sooner we all realize this and start<br />
paying attention, the more secure your systems will be and the more protected your users will be. It may<br />
sound like a cliché, but it’s still the truth.