Cyber Defense eMagazine February Edition for 2023

More documents

Recommendations

Info

Step 1: take inventory. First and foremost, organizations need to have full visibility into all the data and assets they hold. One of the defining hallmarks of CPRA/CCPA is that it gives consumers the “right to know” what data is collected and what it’s being used for. And as the organization, it is your responsibility to ensure full transparency. I’m a firm believer that you cannot possibly protect what you can’t see. As companies continue to migrate entirely to the cloud, their exposed data and resources need to first be identified before they can ever be properly protected. Further, you need to understand who has access to that data, and this isn’t just physical users. Often, malicious activity is done not by individual users with direct access, but by any user who can trigger a cloud component to run activities for them. This is a blind spot security teams should always be aware of – what components have access to the crown jewels within my organization? Is there an open door because of mismanaged Identity and Access Management (IAM) policies that potentially make the organization noncompliant? The new CPRA/CCPA regulations introduced two key amendments that will make IAM even more critical in organizations – the “right to correct” and the “right to limit use and disclosure” of sensitive information. Taking full inventory of what you hold is the first step to remaining compliant. Step 2: don’t neglect encryption. Once data is identified, there are a few best practices all companies should employ to protect this sensitive information. For one, don’t overlook encryption, which is probably the most useful yet simplest technology to use. It is incorporated into almost every cloud and SaaS service that you have, so there’s no excuse for organizations not to take advantage of it! One mistake I’ve encountered as both a leader of Research and Development (R&D) teams and as an entrepreneur working with these teams, is the tendency to disregard pockets of data as insignificant. But as we see with CPRA/CCPA, there is no data that is not at risk of slipping through the cracks which could ultimately result in hefty fines. For example, teams might spend time testing a data set and then proceed to delete it afterward, without realizing the sensitivity of the data at hand. Although it may seem small, this exposed data can open the door to more access, and in turn put your organization at risk. You must enforce the encryption policy at all times. Remember, as the IT security team, it is your responsibility to control the data flowing in and out of your organization. Encryption allows you a stronger hold over your data security in the cloud. Step 3: maintain a least privileged state. Cloud applications differ from legacy applications in that they are dynamic and change frequently. You cannot employ a “set and forget” approach to the identity and access management of data in the cloud. Rather, you need to ensure your security permissions are changing and adapting to the application throughout time. Do you have the technology and processes in place that can alert you of any unnecessary entities that can read your sensitive data? By constantly maintaining a least-privileged state, you will reduce any exposed attack surfaces and limit the potential blast radius of a breach. Every organization is different, depending on a variety of factors, including company size, processes and the type of data they hold. Finding that perfect balance in granting privileges is key, especially where CPRA/CCPA is concerned. For example, having too few permissions could result in denied actions, but Cyber Defense eMagazine – February 2023 Edition 70 Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
having an excessive amount of permissions can create an entirely new attack surface. It’s critical to remain close to your IAM policies and be aware of who has access to them, constantly keeping your eyes out for any surprises in your Infrastructure-as-Code (IaC) files. The success of these new CRPA/CCPA amendments are reliant on how compliant organizations can be and how well they can protect their data, especially in the cloud. We can also expect the new regulations to be strictly enforced, similar to Europe’s General Data Protection Regulation (GDPR) to ensure compliance. Security and IT teams need to have a plan in place to enforce strict accountability of data protection practices. Whether you live in California or not, the rollout of these regulations will impact you in one way or another, and it’s important to take notice. In fact, this regulation is already setting the stage for other states in the U.S. to adopt their own versions, and it isn’t long before the above best practices will be absolute necessities for all organizations, regardless of size. These three steps should set you off on the right foot as you navigate the rollout of these new CRPA/CCPA regulations and the web of other data protection regulations you’ll face this year. About the Author Shira has over 17 years of experience in cybersecurity, cloud computing, product management and leadership. Prior to co-founding Solvo, Shira formed the technical security research team and the big data product at Dome9 Security (acq. by CheckPoint in 2018). Shira is the co-chair of OWASP Israel, and acts as a lecturer and mentor in different voluntary organizations. Shira spent 13 years serving as an officer in the Intelligence Corps. Cyber Defense eMagazine – February 2023 Edition 71 Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Time to Build an Unhackable Interne
Page 3 and 4:
Emerging API Security Trends: What
Page 5 and 6:
@MILIEFSKY From the Publisher… De
Page 7 and 8:
Welcome to CDM’s February 2023 Is
Page 9 and 10:
Cyber Defense eMagazine - February
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20: Cyber Defense eMagazine - February
Page 33 and 34: Banco Banrisul’s thirty-six domai
Page 35 and 36: Why Cybersecurity Remains a Persist
Page 37 and 38: Robust Cybersecurity is Essential f
Page 39 and 40: 1. Facing the Cyber Crisis No compa
Page 41 and 42: About the Author Amitabh Sinha is t
Page 43 and 44: 1. Risk Assessment Government agenc
Page 45 and 46: 8. Incident Response Plan Preventio
Page 47 and 48: This is what happened to Dropbox la
Page 49 and 50: trust and growth, the board can hel
Page 51 and 52: etween governments and operators wi
Page 53 and 54: Accelerating Machine Learning Advan
Page 55 and 56: Secondly, MLOps platforms record al
Page 57 and 58: Cybercriminals Are Ramping Up Their
Page 59 and 60: Organizations should follow best pr
Page 61 and 62: 7 Biggest Cyber Attacks of 2022 By
Page 63 and 64: 4. Ex-Amazon worker convicted over
Page 65 and 66: About Salt Communications Salt Comm
Page 67 and 68: saw this most recently through a ra
Page 69: CPRA/CCPA Compliance in A Cloud-Fir
Page 73 and 74: In the coming months and beyond, on
Page 75 and 76: Emerging API Security Trends: What
Page 77 and 78: malicious communication pattern thr
Page 79 and 80: Free Consumer Apps Are Not Safe for
Page 81 and 82: But simultaneously - and unlike ema
Page 83 and 84: lives and works. The topic is tough
Page 85 and 86: and tendencies. The good question h
Page 87 and 88: others or the situation among some
Page 89 and 90: eing pushed into heavy criminalitie
Page 91 and 92: preparing and analyzing such a coll
Page 93 and 94: words, behind those high-tech crimi
Page 95 and 96: always make new and new damage if t
Page 97 and 98: References: [1] Djekic, M. D., 2017
Page 99 and 100: How Government Agencies Can Leverag
Page 101 and 102: The result leads to optimal perform
Page 103 and 104: A linchpin of Biden’s cyber-defen
Page 105 and 106: An effective observability platform
Page 107 and 108: Section 3553(h) of title 44, U.S. C
Page 109 and 110: Exchange (MX) and Name Service (NS)
Page 111 and 112: Looking Ahead to 2023: Cyber Trends
Page 113 and 114: we’re falling behind, especially
Page 115 and 116: Old vulnerabilities are not being d
Page 117 and 118: Insider Threats are a Primary Vulne
Page 119 and 120: The first step in insider threat mi
Page 121 and 122:
“We’re happy to announce MIRACL
Page 123 and 124:
The organisers of Europe’s most i
Page 125 and 126:
usable by everyday people. I think
Page 127 and 128:
Quentyn Taylor, Senior Director Pro
Page 129 and 130:
SDR for Cyber Defense By Kaue Morce
Page 131 and 132:
Figure 2: Cyan SDR - from Per Vices
Page 133 and 134:
as it allows the SDR to capture and
Page 135 and 136:
Security at the Enterprise Edge: To
Page 137 and 138:
This behavior makes it essential to
Page 139 and 140:
Shields Up: Organizations Need to D
Page 141 and 142:
eport, domains with the terms “bi
Page 143 and 144:
The Anti-Fraud Frontline Predictive
Page 145 and 146:
Cloud vendors' features can be depl
Page 147 and 148:
About the author Ryohei Fujimaki, F
Page 149 and 150:
The resulting phishing sites mirror
Page 151 and 152:
The javascript code in which the da
Page 153 and 154:
The Top Secrets of CISOs By Pat McG
Page 155 and 156:
About the Author Pat has more than
Page 157 and 158:
The latest analysis shows that Nort
Page 159 and 160:
What Role Can AI Play in Data Objec
Page 161 and 162:
Avoiding bias Objectivity and credi
Page 163 and 164:
As more and more data moves to the
Page 165 and 166:
to know where a document or other r
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
CyberDefense.TV now has 200 hotseat
Page 181 and 182:
Books by our Publisher: https://www
Page 183 and 184:
Page 185 and 186:
show all

Cyber Defense eMagazine February Edition for 2023

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?