The Cyber Defense eMagazine February Edition for 2024

More documents

Recommendations

Info

Thankfully, a lack of data inventory is an easy challenge to address because there are tools available that can provide this visibility. Complete visibility not only into which infrastructure resources contain sensitive data across cloud data stores, but also ownership of the data. A robust data inventory is crucial for any effective data-centric security strategy that enables organizations to proactively identify and address potential security threats before they become a data breach. Dormant Identities and Data Stores Aside from a lack of data inventory, dormant identities are the single most common data security issue and one of the most overlooked paths to breaches and attacks. A Dormant identity is any user, role, or service account that has been inactive for extended periods of time. These identities accumulate in organizations when there is not a proper system in place to remove terminated employees, inactive users, or unnecessary permissions. Delayed or incomplete employee or vendor offboarding are a common cause of dormant identities. Companies often swiftly onboard new employees and third-party individuals. However, when these users leave or change roles, the offboarding procedures are oftentimes pushed aside. With that, permissions or unnecessary identities of departed users are not revoked or deleted, leaving them accessible to former employees, contractors, or potential attackers in case the credentials are compromised. Regardless of the root cause, dormant identities present a common and overlooked avenue for breaches because threat actors seek out the path of least resistance, and a compromised dormant identity can often be the quickest way to obtain sensitive information. If left unmonitored, threat actors can seize control of these accounts and identities without detection, and achieve access to sensitive data. Dormant identities are typically less monitored, so in the event of a compromised dormant identity, security teams often remain unaware of the breach. Dormant data stores can also put organizations at increased risk. Dormant data stores are old and unused, and become potential targets for attacks as they are often forgotten and unmanaged. Organizations retain archives of information due to regulatory compliance or store long past their useful life, in the hope of potential future use. But in reality, dormant data is never utilized once it become dormant and while it may not be of business value, it remains accessible and increases risk by expanding the organization’s attack surface and the blast radius of a potential data breach. To remediate these challenges, it is important to prioritize cleanup tasks and conduct proactive exercises to reduce risk promptly and regularly. To do this, organizations should adhere to their stipulated data retention policies and prioritize removing any high-risk dormant identities and removing any unnecessary permissions. They should ideally invest in automation that enables ongoing monitoring, alerting, and proactive risk reduction. Cyber Defense eMagazine – February 2024 Edition 104 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
The Risks of Over-Privilege Alongside dormant identities and old user accounts, over-privileged identities can be just as dangerous. Users should only have privileges required to carry out their designated job responsibilities or least privilege. If an organization overestimates the level of access or permissions an identity needs, (and they often do) they open themselves up to significant and avoidable risks. If a user with malicious intent gains access through an over-privileged identity, they can acquire heightened access and cause more extensive damage than they would under normal circumstances. Over-privileged data stores also enable widespread access and increase an organization’s risk for a data breach. Virtually every organization has data stores that would be deemed over-privileged. Data within an organization should exclusively be available to users with a genuine business need for that specific data – but this is far more challenging to determine than it may seem. Oftentimes, data stores have widespread access enabled and project managers share credentials without fully understanding the resultant permissions. When permissions are granted in this manner, this puts the organizations at greater risk of data breaches, leaks, and misuse. To enhance security and avoid the risks associated with over-privilege, organizations are advised to grant and continually right size permissions strictly based on job duties and operational necessity. Furthermore, organizations should implement a streamlined, semi-automated process for permission management, only re-granting access when necessary. These measures collectively contribute to reducing the attack surface and mitigating the impact of compromise in the event of a breach. A Case for Increased Visibility These are just a few of the many challenges organizations face when securing their vast amounts of data. To address these challenges, businesses must evolve their approach to data security. Data protection can no longer be confined to traditional perimeters or the devices being used. Instead, securing data requires full visibility into where it resides, how sensitive it is, who has access to it, and how it is being used. When organizations have complete visibility into their data, they are able to remove dormant data and identities, assign users with least privileges, and ensure their data inventories are secure and up to date. By implementing tools that provide a holistic view into an organization's data, and continuously and proactively monitor for threats, organizations significantly enhance their security and ensure the safety of their sensitive information. Data is often an organization's greatest asset, as well as their greatest source of risk. As the volume of data continues to grow, security teams face increasing challenges in trying to protect it. In order to combat these challenges, organizations must prioritize visibility and proper data management. By implementing tools that provide a holistic view of their data, organizations minimize the risk of a data breach, even as their volume of data continues to grow. Cyber Defense eMagazine – February 2024 Edition 105 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
How One Industry Exemplifies the Im
Page 3 and 4:
Data Breach Search Engines --------
Page 5 and 6:
@MILIEFSKY From the Publisher… De
Page 7 and 8:
Welcome to CDM’s February 2024 Is
Page 9 and 10:
Cyber Defense eMagazine - February
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
2001 2024 Cyber Defense eMagazine -
Page 17 and 18:
Page 19 and 20:
How One Industry Exemplifies the Im
Page 21 and 22:
That is where things stand in my in
Page 23 and 24:
current on the mission and values o
Page 25 and 26:
So, monitoring and managing vendor
Page 27 and 28:
About the Author Caroline McCaffery
Page 29 and 30:
How so? Businesses can make things
Page 31 and 32:
Using Cmmc 2.0 To Transform Your Cy
Page 33 and 34:
equire the implementation of additi
Page 35 and 36:
for the Department of Energy’s Cy
Page 37 and 38:
• IT no longer controls where and
Page 39 and 40:
For example, the Cloudbrink service
Page 41 and 42:
5 Cybersecurity Resolutions for The
Page 43 and 44:
The Importance of Cyber Hygiene for
Page 45 and 46:
The key steps to improve your cyber
Page 47 and 48:
Connecting Tech to Black America By
Page 49 and 50:
Establish partnerships with HBCUs E
Page 51 and 52:
Perhaps the most obvious example of
Page 53 and 54: Crafting AI’s Future: Decoding th
Page 55 and 56: The implementation of regulations c
Page 57 and 58: AI Is Revolutionizing Phishing for
Page 59 and 60: That’s why security awareness tra
Page 61 and 62: culmination of this race will revea
Page 63 and 64: Traditionally, DBSEs would only inf
Page 65 and 66: Enhancing Cybersecurity Defenses: T
Page 67 and 68: Social engineering testing In the e
Page 69 and 70: GitGuardian Researchers Find Thousa
Page 71 and 72: *Emergent trends While everything f
Page 73 and 74: There are multiple tools that will
Page 75 and 76: Good Security Is About Iteration, N
Page 77 and 78: to incorporate architectural and de
Page 79 and 80: Hacking and Cybersecurity Trends to
Page 81 and 82: detect attacks as they are occurrin
Page 83 and 84: Legacy solutions hinder an organiza
Page 85 and 86: About the Author Thomas Müller-Mar
Page 87 and 88: Having worked closely with financia
Page 89 and 90: device is emitting its signal the t
Page 91 and 92: Navigating the API Security Landsca
Page 93 and 94: that entities (users, services, or
Page 95 and 96: examine financial transactions, net
Page 97 and 98: Offensive Awakening: The 2024 Shift
Page 99 and 100: Not only are legislators pushing fo
Page 101 and 102: Let’s dive into how security lead
Page 103: Overcoming Common Data Security Cha
Page 107 and 108: Quishing Campaign Exploits Microsof
Page 109 and 110: After inserting their email address
Page 111 and 112: more expensive and time consuming.
Page 113 and 114: Cotton Sandstorm or Static Kitten h
Page 115 and 116: Spike in Layoffs Pose Serious Cyber
Page 117 and 118: About the Author Adam Gavish is the
Page 119 and 120: The Crucial Role of Data Categoriza
Page 121 and 122: The Next Generation of Endpoint Sec
Page 123 and 124: Next-Generation Endpoint Security:
Page 125 and 126: As I reflect back on the past few m
Page 127 and 128: Why Is Hardware More Secure than So
Page 129 and 130: can achieve throughput levels of up
Page 131 and 132: ecome more secure. By the end of 20
Page 133 and 134: Zero Trust Matures, Insider Threat
Page 135 and 136: of the risk of insider threats and
Page 137 and 138: Zero Trust: Navigating the Labyrint
Page 139 and 140: • Enhanced Security: Zero trust b
Page 141 and 142: Cyber Defense eMagazine - February
Page 149 and 150: CyberDefense.TV now has 200 hotseat
Page 151 and 152: Books by our Publisher: Amazon.com:
Page 155:
i https://www.whitehouse.gov/briefi
show all

The Cyber Defense eMagazine February Edition for 2024

Create successful ePaper yourself

Delete template?

Save as template?