Cyber Defense eMagazine February 2021 Edition

More documents

Recommendations

Info

data can this app share about me?” Given consumer privacy regulations such as GDPR and CCPA, APIs must include consent controls that are much more rigorous to prevent sharing consumer data without proper consent. For example, third-party consumer apps like Spotify shouldn’t be able to post to someone’s Instagram page or other social media accounts unless they specifically allow it, even when these apps remain linked to one another. 4) VPNs Aren’t Dead Yet, but It’s No Longer a Best Practice for Access With a large percentage of the workforce operating remotely for the foreseeable future, more APIs are being moved outside firewalls to maintain productivity from anywhere and ensure business continuity during the pandemic. Organizations relied heavily on VPNs (Virtual Private Networks) in 2020, but there are security and business risks associated with extending the edge. Given the perimeter-centric ramifications associated with using a VPN, enterprises are moving toward IAM solutions to solve these issues around remote authorization and access. Identity has become the new perimeter for users and services and strong authentication is the front door. Both aspects are critical for remote workers to be able to securely transfer and access important proprietary data. About the Author Nathanael Coffing is the cofounder, CSO and a board member of Cloudentity. He is a technology visionary with a big picture view geared towards simplifying and integrating disparate technologies. Nathanael honed his skills at Sun, Oracle and Imperva. Since then, he’s helped build a number of technology startups ranging from Consumer RFID to Mobile Applications. Nathanael can be reached online via Twitter, LinkedIn and at Cloudentity’s website: https://cloudentity.com/ Cyber Defense eMagazine – February 2021 Edition 26 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
2021 Predictions: Addressing the Challenge of Cloud-Native App Security By Ankur Singla, Founder and CEO of Volterra Organizations of all sizes are adopting cloud-native application design and deployment practices as they continue to digitally transform business processes. This includes the extensive use of microservices and APIs, as well as distributing clusters across multiple cloud providers. Unfortunately, a recent survey by Propeller Insights found that while most organizations today are using cloud-native apps, Kubernetes and microservices, they struggle to secure and connect the complex environments resulting from them. Cloud-native is no longer just a bold new idea for most organizations -- it’s a reality. However, DevOps and NetOps teams are facing some serious security and networking hurdles they did not anticipate from the outset. As a result, organizations struggle to get the agility and scalability they expected from their cloud-native environment and investment. Looking to the year ahead, the following trends will play a critical role in helping organizations understand and overcome their cloud-native app security challenges: Trend #1: API sprawl jeopardizes the security of modern applications As organizations continue to digitally transform business processes, they are increasingly transitioning from legacy applications to modern, cloud-native apps. These intricate modern apps feature far more APIs than their predecessors. And since these apps are built with extensive microservices, many of these APIs are deeply embedded and hidden. This API sprawl has created many new attack vectors. Few vendors address app security properly at the API level, leaving developer and security teams scrambling Cyber Defense eMagazine – February 2021 Edition 27 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: The 2021 Perspective - Challenges a
Page 3 and 4: Does Sunburst Have Your Confidentia
Page 5 and 6: @CYBERDEFENSEMAG InfoSec Knowledge
Page 7 and 8: Cyber Defense eMagazine - February
Page 21 and 22: The 2021 Perspective - Challenges a
Page 23 and 24: A slice of the anti-virus pie? We s
Page 25: Additionally, we saw explosive grow
Page 29 and 30: About the Author Ankur is the found
Page 31 and 32: An independent study conducted by P
Page 35 and 36: The Boomers’ lack of trust in Fac
Page 37 and 38: While it’s unclear if historical
Page 39 and 40: Cyberattacks On K-12 Education Care
Page 41 and 42: About the Author Saryu Nayyar is th
Page 43 and 44: Third-party vendor risk management
Page 45 and 46: Cyber Resiliency Will Become the Ne
Page 47 and 48: About the Author Drew Daniels is th
Page 49 and 50: Phishing Threat actors are taking a
Page 51 and 52: Vulnerability Patching: Why Does It
Page 53 and 54: with any degree of efficiency is to
Page 55 and 56: the nature and its technological ou
Page 57 and 58: kind of the communication streaming
Page 59 and 60: it’s logical to realize that the
Page 61 and 62: eason they will be that hidden part
Page 63 and 64: channeling hotspots are diverse and
Page 65 and 66: Ransomware is Evolving - Agencies M
Page 67 and 68: About the Author Nick Psaki is the
Page 69 and 70: 3GPP Release 15 defines the 5G secu
Page 71 and 72: • Suppliers must prioritize cyber
Page 73 and 74: Does Sunburst Have Your Confidentia
Page 75 and 76: About the Author Randy Reiter is th
Page 77 and 78:
Global Reach and Accessibility Plan
Page 79 and 80:
About the Author Trevor Daughney is
Page 81 and 82:
typical work environment. Public Wi
Page 83 and 84:
increasingly interested in implemen
Page 85 and 86:
Approach cybersecurity as an org-wi
Page 87 and 88:
Are Encrypted Communication Apps us
Page 89 and 90:
How SaltDNA’s platform prevents c
Page 91 and 92:
are turning to new technologies lik
Page 93 and 94:
The Best Network Protection: Go Dee
Page 95 and 96:
Top Tips For Securing Your DevOps E
Page 97 and 98:
Continual Learning Is Necessary The
Page 99 and 100:
a prime target for cyber attacks. I
Page 101 and 102:
Cyber Defense eMagazine - February
Page 103 and 104:
Page 105 and 106:
FREE MONTHLY CYBER DEFENSE EMAGAZIN
Page 107 and 108:
show all

Cyber Defense eMagazine February 2021 Edition

Create successful ePaper yourself

Delete template?

Save as template?