The Cyber Defense eMagazine November Edition for 2023

More documents

Recommendations

Info

operating systems of sorts for their customers. They create a massive amount of opportunity for developers, by reducing barriers to entry and providing access to large pools of customers. In turn, developers enable these platforms to offer a broad array of complementary services, increase average revenue per user (ARPU) and drive more customer retention. The rise of digitalization Cloud platforms and ecosystems are part of an increasingly connected globe driven by the proliferation of technology. Many countries and governments are recognizing this and are accelerating the digitalization of their economies as quickly as possible. This shift means more opportunities for platforms and developers alike, especially as new markets open up. However, it also means greater demands stemming from increased regulation, competition and cybersecurity risks. As part of this digitalization shift, more and more business and transaction data is moving online, exposing the data to a greater risk of cybersecurity-related issues - especially as malicious actors are getting more sophisticated and using AI. Smaller organizations are especially vulnerable and often don’t have the resources or expertise to invest in and maintain their own cybersecurity. Developers are recognizing this too: a recent survey published by small business cloud-accounting platform, Xero, shows more than half (56%) said data privacy and security are top of mind, and that 15% reported having faced cybersecurity challenges in the 12 months prior. As cybersecurity incidents rise, it’s clear more developers are focused on data security and protecting customer data appropriately. Government and financial institutions are responding by introducing new regulatory and policy requirements that help protect consumers and businesses. Additionally, platforms themselves are also setting their own policies on key topics like responsible data use and API security standards. These policies set the expectation of how the platforms will operate internally and externally, and by extension any third-parties that they connect with – including developers. For those looking to take advantage of the digitalization wave, navigating the additional cybersecurity, regulatory and platform requirements can be burdensome - especially for those looking to scale quickly. While cloud platforms are applying some of their own standards and policies, they also carry the distinct advantage of scale and resources. They can not only invest in security and keep up with regulatory changes, but can also provide additional paths to market and access to technology at a lower cost and with greater reliability. Developers seeking to build solutions that help businesses run their operations and handle their financial information can leverage the scalable and secure environments that platforms provide. Regulatory standards and cybersecurity features can be developed into apps and solutions from the ground up, providing assurance to end-users. Building to enable building. For some smaller developers the combination of both internal and external standards can be an extra burden and a barrier to entry. Whether it be a platform policy decision to migrate an ecosystem from Cyber Defense eMagazine – November 2023 Edition 130 Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
OAuth 1.0 to OAuth 2.0, or increasing regulatory requirements for multi-factor authentication (MFA), the increased compliance workload pulls valuable time away from building a product. Increasingly, platforms have recognized this burden and are investing in building out-of-the-box tools required to reduce the load. Underpinning this is extensive documentation, education and support for developers who need help or are interested in taking a deeper dive. An example is the large range of identity tools for user access and credentials that make signing-up and signing-into apps easier for customers, like Single-Sign On using Xero, Okta or Google. Developers can leverage existing customer details within the security of the platform as part of their onboarding and login flow. Additionally, some platforms have already established complementary MFA tools as part of their login flow. This is especially useful for developers wanting to add additional security protocols for their product, or those operating or wanting to operate in countries like Australia where MFA is mandatory for digital service providers. Research from Verizon shows that MFA can prevent up to 80% of data breaches making it one of the most effective methods to protect customer data, especially if their credentials are compromised. Point-of-sale and payments platforms like Square, Stripe and Shopify all offer secure and easily integrated checkout and payments solutions so developers don’t need to build their own. This helps avoid the increased compliance, risk and security burdens that come with directly managing payments - a highly regulated global industry. Platforms also constantly monitor the operation and security of their APIs with dedicated teams and tools. Issues or unusual behavior, such as sudden spikes in request volumes or webhooks errors, can be immediately flagged for investigation, enabling the platforms to move quickly in response and notify developers. Where there may be a product or feature slowness or outage, this also helps both parties manage the customer experience for end-users with status updates or a quick resolution. Reducing burden and barriers to entry for developers encourages innovation and experimentation in a platform. With developers being supported by cybersecurity features at the platform level, their time is freed up to focus on doing what they do best - solving problems and innovating. This ultimately benefits end-user customers who can use the platform and choose associated integrations with greater confidence. Time to focus on the basics Developers and end-users both benefit from the work that cloud platforms do in cybersecurity. By prioritizing identifying and working with platforms that provide a secure environment, developers are prioritizing the safety of the data of both parties. They’re also freeing up resources to spend on building out their products and solutions, enabling time to be spent on developing features that customers want. But even with platforms taking a lot of the security burden off of developers, it’s not permission to be idle when creating solutions. There are many other basic security practices and processes that should Cyber Defense eMagazine – November 2023 Edition 131 Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Artificial Deception: The State Of
Page 3 and 4:
OT Cybersecurity: Safeguarding Buil
Page 5 and 6:
The Crumbling Castle --------------
Page 7 and 8:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10:
Cyber Defense eMagazine - November
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Artificial Deception: The State Of
Page 23 and 24:
Human-in-the-Middle In creating AI
Page 25 and 26:
effectiveness of defenses in place
Page 27 and 28:
this information and related activi
Page 29 and 30:
leading to the potential exploit of
Page 31 and 32:
An Age-by-Age Guide to Online Safet
Page 33 and 34:
Educate: It’s never too early to
Page 35 and 36:
About the Author Chelsea Hopkins is
Page 37 and 38:
Securing Infrastructure Against Bre
Page 39 and 40:
AI And Ad Fraud: Growing Risks for
Page 41 and 42:
enable organisations to make better
Page 43 and 44:
Bolster an Organizational Cybersecu
Page 45 and 46:
in EDP in addition to regular cyber
Page 47 and 48:
prioritize a Secure Software Develo
Page 49 and 50:
6. Deployment: Once the software ha
Page 51 and 52:
Beyond Passwords: AI-Enhanced Authe
Page 53 and 54:
3. Improving the Defensive Cybersec
Page 55 and 56:
7 Steps to Build a Defense in Depth
Page 57 and 58:
The same risks associated with USB
Page 59 and 60:
About the Author Mr. Spears has ove
Page 61 and 62:
As Zombie APIs are essentially forg
Page 63 and 64:
How To Combat the Mounting ‘Hackt
Page 65 and 66:
y pro-Russia hacktivists. These hav
Page 67 and 68:
Unlike IT cybersecurity attacks, wh
Page 69 and 70:
The Cyber Risk Nightmare and Financ
Page 71 and 72:
fell -11.3%, and underperformed the
Page 73 and 74:
DevOps’ Big Challenge: Limiting R
Page 75 and 76:
By making this single alteration to
Page 77 and 78:
ChatGPT For Enterprises Is Here - B
Page 79 and 80: usiness email communication, data s
Page 81 and 82: Chromecast End-of-Life Announcement
Page 83 and 84: Going beyond awareness and fosterin
Page 85 and 86: But the most crucial innovations ha
Page 87 and 88: About the Author Vinaya is a highly
Page 89 and 90: card transactions often comprise a
Page 91 and 92: About the author Stefan Auerbach, C
Page 93 and 94: Consider the following data and rea
Page 95 and 96: 4. Create a digital estate plan. Th
Page 97 and 98: do untold damage to a company’s r
Page 99 and 100: About the Author Sean Newman is the
Page 101 and 102: eing monitored to protect against m
Page 103 and 104: Developers Hold the New Crown Jewel
Page 105 and 106: the fact that many organizations la
Page 107 and 108: Expect to Fail: How Organizations C
Page 109 and 110: The more personnel that you train t
Page 111 and 112: How to Create a Threat Hunting Prog
Page 113 and 114: 5. Decide Whether to Automate Altho
Page 115 and 116: How To Improve Security Capacities
Page 117 and 118: eing noticed in a practice and some
Page 119 and 120: In Pursuit of a Passwordless Future
Page 121 and 122: than to guess their password, but i
Page 123 and 124: configurable data privacy. These bu
Page 125 and 126: It’s Time to Tear Down the Barrie
Page 127 and 128: Is it Time to Re-evaluate Your Thre
Page 129: Building For a More Secure Future:
Page 133 and 134: About the Author Jeremy Butteriss a
Page 135 and 136: which helped feed the development o
Page 137 and 138: Protecting Your Business and Person
Page 139 and 140: Mitigating Phishing with Domain Nam
Page 141 and 142: About the Author Brian Lonergan, VP
Page 143 and 144: adoption is more than just an IT tr
Page 145 and 146: North Korea-Russia Summit A new all
Page 147 and 148: factors on both sides of the confli
Page 149 and 150: That being said, the Russian regime
Page 151 and 152: Protecting Critical Infrastructure
Page 153 and 154: spared from the wrath of Russian ha
Page 155 and 156: About the Author Richard Staynings
Page 157 and 158: The Illusion of Ruthless Prioritiza
Page 159 and 160: Ditch the Worry - Switch to Secure
Page 161 and 162: others are continuing to increase a
Page 163 and 164: Shifting Left Means Shifting Smart:
Page 165 and 166: triggers to allow for a more standa
Page 167 and 168: • The Rise of Remote Work: The CO
Page 169 and 170: About the Author Jaye Tillson is a
Page 171 and 172: In terms of prioritization, out of
Page 173 and 174: Three Things to Know About the New
Page 175 and 176: For example, if a security leader n
Page 177 and 178: Cloud adoption has witnessed a sign
Page 179 and 180: The Tech Jobs That AI Will Not Disr
Page 181 and 182:
Examples of tech jobs that will sur
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Free Monthly Cyber Defense eMagazin
Page 193 and 194:
Page 195 and 196:
show all

The Cyber Defense eMagazine November Edition for 2023

Create successful ePaper yourself

Delete template?

Save as template?