The Cyber Defense eMagazine August Edition for 2023
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine August Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
• Define ‘Confidential/Sensitive Data’ as it pertains to your organization: For example, this could be<br />
PII in<strong>for</strong>mation such as SSN, home address, email etc. Classifying this data will help you identify<br />
what needs to be protected most carefully. Once identified, consider approaches such as<br />
tokenizing, obscuring or de-identifying PII data even to folks within your organization<br />
• Lock down access to sensitive data: Use identity and access management controls to implement<br />
‘least privilege’ and limit access to sensitive data. Use tools <strong>for</strong> audit trails to get granular insights<br />
on who in the organization accessed what type of data and use that in<strong>for</strong>mation to further restrict<br />
access if the controls are over provisioned.<br />
• Monitor <strong>for</strong> phishing attacks: Phishing attacks via email are the most common attack mechanisms<br />
<strong>for</strong> fraud and malware. Ensure you have the necessary protection systems in your email servers<br />
to limit the attack servers. SaaS email systems such as Gmail have advanced protection<br />
mechanisms against phishing built-in.<br />
• Extend zero trust security in your organization: <strong>The</strong> traditional approach to cybersecurity is based<br />
on the idea of a perimeter. This means that organizations build a perimeter around their networks<br />
and then try to keep unauthorized bad actors out. With the rise of remote work and cloud<br />
computing, it is no longer possible to simply keep everyone out of the network and protection<br />
simply based on a perimeter model is outdated. Zero trust security takes a novel approach to the<br />
“keep the bad actors out” problem. In a layered zero trust model, the concept of perimeter ceases<br />
to exist and no one is trusted implicitly. This means that every access request needs to be passed<br />
at several levels of checks such as device identity, user identity etc. be<strong>for</strong>e the request can make<br />
its way all the way to the resource that it has seeked access to. For example, you could use<br />
Google Cloud’s out of the box BeyondCorp solution that helps enterprises implement zero-trust<br />
at-scale.<br />
After you have done the due diligence of doing a thorough analysis of the 4 secure framework<br />
considerations as called out above, you can confidently say that you are ready to deploy your workload<br />
in the cloud. Depending on what kind of workload you intend to run in the cloud - such as analytics,<br />
managed Kubernetes, serverless, databases etc., the next step is to deep-dive into the security features<br />
of the specific cloud native services that you are planning on using <strong>for</strong> your workload. Specifically, the<br />
three key areas where you want to focus next are - application/infrastructure security, network security<br />
and finally data security (at-rest, in transit and while processing) Last but not the least, consider using a<br />
logging and detection tool and a centralized monitoring plat<strong>for</strong>m which will help you to quickly view all<br />
your threats and vulnerabilities in a single place and take actions on them immediately be<strong>for</strong>e you incur<br />
a potential attack that can tarnish your organization’s reputation.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>August</strong> <strong>2023</strong> <strong>Edition</strong> 84<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.