The Cyber Defense eMagazine February Edition for 2024

More documents

Recommendations

Info

One of our customers, a Fortune 100 entertainment and media company, illustrates the security/productivity dilemma. During lockdown and with most of its developers working remotely, the company was racing to meet a deadline for the launch of a consumer product. Remote developers were only able to perform one or two code check-ins involving very large file transfers a day, compared with four or five for office-based staff. As the risk of missing the project deadline increased, the company even considered turning off security to improve connection speeds. We were able to solve the problem before the customer had to take such drastic action. No CISO would wish to face a similar choice. Another big challenge for IT in the era of the hybrid workplace is that you don’t just need to secure two locations but all locations. Work from home is increasingly becoming a misnomer. Users will spend some time in the office, some at home, some on the road, some in a hotel, a coffee shop, a weekend retreat… A better term is work from anywhere (WFA), which means you need security (and performance) everywhere. The revolution is being driven not just by once-in-a-generation events such as global pandemics, but by the expectations of a changing workforce. WFA will challenge existing security practices. It no longer makes sense, for example, to rely on flagging anomalous access patterns when the pattern is constantly changing. It used to be that a typical user went home to the same location every day and logged in at about the same time for email or access to an internal service. If the same user logged in from Cambodia at 2am, you would block the connection. Like users, enterprise services are also moving at unprecedented pace, moving out of traditional data centers to the cloud and to the edge. According to the EMA study, 83% of enterprises are moving applications edge-ward in the hope of resolving latency issues. Any performance benefits depend on how they add security into the mix. If traffic is still backhauled to the cloud or the enterprise data center for inspection, those gains will be lost. This is another illustration of why the hybrid workplace demands an architectural rethink away from centralized networking and security architectures and towards cloud- and edge-native architecture. It will mean a shift from traditional gateway-based approaches to dark networks and automated moving target defense security (AMTD). According to Gartner, AMTD is an evolution of MTD, which is based on the basic premise that ‘a moving target is harder to attack than a stationary one’. It involves the use of strategies for orchestrating movement or changes in various IT environment components and layers, across the attack surface, to increase uncertainty and complexity within a target system.” In a world where the workforce is constantly on the move, AMTD is a more satisfying concept than the old-fashioned notion of a secure perimeter. While AMTD is an aspiration rather than a reality for most enterprises, elements of it are already available. Cyber Defense eMagazine – February 2024 Edition 38 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
For example, the Cloudbrink service uses transient points of presence (PoPs) called FAST edges, which are spun up on demand and spun down at the end of a session. Unlike ZTNA services that rely on dedicated physical PoPs, this means there are no permanent IP addresses to attack. Cloudbrink further shrinks the attack surface by sending traffic over multiple routes. Users of the service are connected to three FAST edges and the routes taken by traffic change each time they use that application. With no fixed route and no fixed network provider, potential attackers will struggle to find a target. The third element in the defensive armory is short-life security certificates. Administering security certificates is an operational headache – one reason why many vendors leave them in place for anything from six months to 10 years. Cloudbrink implements mutual Transport Layer Security (TLS) 1.3 with certificates that are refreshed after only eight hours. In the unlikely event an attacker gains access to the user’s account or device, it means they only have a brief window of opportunity to make mischief. Lastly, while everyone is focused on remote users, perhaps the most important (and most ignored) aspect of hybrid work is that the same users will be in the office two to three days a week. If a user was on a compromised network when they were traveling, you now have that user/device on your network. Now multiply that problem by tens of thousands of users and devices. Just because an employee carries a badge, it doesn’t mean you should give them unaudited access to your internal network. So, hybrid work is going to require a change of mindset that not only affects the view of external networks but internal ones too. You might think of the in-office network as a giant coffee shop network which delivers the same levels of security control as if the user were accessing your systems from an external network. What else needs to change? We believe that as more users become hybrid workers, it will no longer be acceptable to offer a different in-office and work-from-anywhere experience. Security will always be a top priority, but CIOs will not accept it as a valid excuse for suboptimal user experience. They won’t settle for security at the expense of performance. They will demand both. Cyber Defense eMagazine – February 2024 Edition 39 Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: How One Industry Exemplifies the Im
Page 3 and 4: Data Breach Search Engines --------
Page 5 and 6: @MILIEFSKY From the Publisher… De
Page 7 and 8: Welcome to CDM’s February 2024 Is
Page 9 and 10: Cyber Defense eMagazine - February
Page 15 and 16: 2001 2024 Cyber Defense eMagazine -
Page 19 and 20: How One Industry Exemplifies the Im
Page 21 and 22: That is where things stand in my in
Page 23 and 24: current on the mission and values o
Page 25 and 26: So, monitoring and managing vendor
Page 27 and 28: About the Author Caroline McCaffery
Page 29 and 30: How so? Businesses can make things
Page 31 and 32: Using Cmmc 2.0 To Transform Your Cy
Page 33 and 34: equire the implementation of additi
Page 35 and 36: for the Department of Energy’s Cy
Page 37: • IT no longer controls where and
Page 41 and 42: 5 Cybersecurity Resolutions for The
Page 43 and 44: The Importance of Cyber Hygiene for
Page 45 and 46: The key steps to improve your cyber
Page 47 and 48: Connecting Tech to Black America By
Page 49 and 50: Establish partnerships with HBCUs E
Page 51 and 52: Perhaps the most obvious example of
Page 53 and 54: Crafting AI’s Future: Decoding th
Page 55 and 56: The implementation of regulations c
Page 57 and 58: AI Is Revolutionizing Phishing for
Page 59 and 60: That’s why security awareness tra
Page 61 and 62: culmination of this race will revea
Page 63 and 64: Traditionally, DBSEs would only inf
Page 65 and 66: Enhancing Cybersecurity Defenses: T
Page 67 and 68: Social engineering testing In the e
Page 69 and 70: GitGuardian Researchers Find Thousa
Page 71 and 72: *Emergent trends While everything f
Page 73 and 74: There are multiple tools that will
Page 75 and 76: Good Security Is About Iteration, N
Page 77 and 78: to incorporate architectural and de
Page 79 and 80: Hacking and Cybersecurity Trends to
Page 81 and 82: detect attacks as they are occurrin
Page 83 and 84: Legacy solutions hinder an organiza
Page 85 and 86: About the Author Thomas Müller-Mar
Page 87 and 88: Having worked closely with financia
Page 89 and 90:
device is emitting its signal the t
Page 91 and 92:
Navigating the API Security Landsca
Page 93 and 94:
that entities (users, services, or
Page 95 and 96:
examine financial transactions, net
Page 97 and 98:
Offensive Awakening: The 2024 Shift
Page 99 and 100:
Not only are legislators pushing fo
Page 101 and 102:
Let’s dive into how security lead
Page 103 and 104:
Overcoming Common Data Security Cha
Page 105 and 106:
The Risks of Over-Privilege Alongsi
Page 107 and 108:
Quishing Campaign Exploits Microsof
Page 109 and 110:
After inserting their email address
Page 111 and 112:
more expensive and time consuming.
Page 113 and 114:
Cotton Sandstorm or Static Kitten h
Page 115 and 116:
Spike in Layoffs Pose Serious Cyber
Page 117 and 118:
About the Author Adam Gavish is the
Page 119 and 120:
The Crucial Role of Data Categoriza
Page 121 and 122:
The Next Generation of Endpoint Sec
Page 123 and 124:
Next-Generation Endpoint Security:
Page 125 and 126:
As I reflect back on the past few m
Page 127 and 128:
Why Is Hardware More Secure than So
Page 129 and 130:
can achieve throughput levels of up
Page 131 and 132:
ecome more secure. By the end of 20
Page 133 and 134:
Zero Trust Matures, Insider Threat
Page 135 and 136:
of the risk of insider threats and
Page 137 and 138:
Zero Trust: Navigating the Labyrint
Page 139 and 140:
• Enhanced Security: Zero trust b
Page 141 and 142:
Cyber Defense eMagazine - February
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
CyberDefense.TV now has 200 hotseat
Page 151 and 152:
Books by our Publisher: Amazon.com:
Page 153 and 154:
Page 155:
i https://www.whitehouse.gov/briefi
show all

The Cyber Defense eMagazine February Edition for 2024

Create successful ePaper yourself

Delete template?

Save as template?