Lockdown one year on: what did we learn about remote working?
Securing millions of newly remote workers almost overnight was a huge
undertaking. Against the need to keep businesses and essential services running
(including public sector bodies like councils), security may not have been the
primary considerations. Most organisations have now spent time going back to
“plug the gaps”, but there’s no doubt that a proliferation of devices and the
increased use of cloud services has left companies more vulnerable. McAfee found
a 630% increase in attacks on cloud infrastructure since the start of the
pandemic, and in just one month between March and April 2020, IBM recorded a
6,000% increase in phishing attempts. As well as ensuring remote/flexible
working policies are up to date, there are a host of tactics companies can
employ to address security. This includes mobile device management and endpoint
security, strict patch management and complete backing up of the Microsoft 365
environment, which many assume is done automatically by Microsoft, but isn’t,
which can result in a catastrophic loss of data. Another security approach is to
focus on identity and access management (IAM) to enable single sign-on and smart
identity management.
How Financial Institutions Can Deal with Unstructured Data Overload
Emerging big data analytics solutions which leverage machine learning (ML) can
parse through data to identify important information. These tools allow
financial institutions, particularly investment management firms uncover the
crucial business insights that lie within the unstructured data, giving them an
immediate competitive advantage over their peers that are not leveraging AI in
this way. These analytics tools can uncover new market insights, allowing teams
at investment management firms to get a deeper understanding of businesses and
industries, allowing them to make better investment and trading decisions. For
example, even after an investment management firm has holistically narrowed down
the number of news articles necessary to review, there still might be thousands
of texts to read through over the course of a month. Adding in an ML solution
here would help the portfolio manager identify which stories are most relevant
based on the language and nuanced phrasing within the text. It would give each
article a relevant scoring, and save the PM the countless hours that they’d have
otherwise spent reading through the articles.
Proving who you are online is still a mess. And it's not getting better
For the past two decades, the UK government has looked at ways to enable people
to easily and reliably identify themselves, with little success. Unlike in other
countries, a national ID card to carry around in your pocket now seems to be
firmly off the table; but instead, the concept of creating a "digital identity"
is gathering pace. Rather than digging through piles of archived paper-based
documents, a digital identity would let people instantly prove certified
information about themselves, flashing their credentials, for instance, through
an app on their phone. Although the concept is not new, the idea is gaining
renewed attention. The Department for Digital, Culture, Media and Sports (DCMS),
in fact, recently unveiled plans to create what it called a digital identity
"trust framework". The idea? To lay down the ground rules surrounding the
development of new technologies that will allow people to prove something about
themselves digitally. This could take the form of a digital "wallet", which
individuals could keep on their devices and fill with any piece of information,
or attributes about themselves that they deem useful. The wallet could includes
basic information like name, address or age, but also data from other sources,
at the user's own convenience.
UK Set to Boost Cybersecurity Operations
Johnson has said in Parliament that the creation of the NCF is designed to
strengthen Britain's cybersecurity posture and give the country new defensive
and offensive capabilities. "Our enemies are also operating in increasingly
sophisticated ways, including in cyberspace," Johnson says. "Rather than being
confined to some distant battlefield, those that seek to do harm to our people
can reach them through the mobile phones in their pockets or the computers in
their homes. To protect our citizens, U.K. defense therefore needs to operate at
all times with leading, cutting-edge technology." Currently, the NCF carries out
operations such as interfering with a mobile phone to prevent a terrorist being
able to communicate with their contacts; helping to prevent cyberspace from
being used as a global platform for serious crimes, including the sexual abuse
of children; and keeping U.K. military aircraft safe from targeting by weapons
systems. In addition to the NCF, last year the Ministry of Defense created the
13th Signals Regiment, the U.K.'s first dedicated cyber regiment, and expanded
the Defence Cyber School. While he acknowledged the benefits of a more
cyber-capable military, Cracknell pointed out that, "We don’t have a solid
security foundation, and until all businesses and CNI entities are at that
level, we are wasting resources by going on the offensive."
DDoS's Evolution Doesn't Require a Security Evolution
The idea of monetizing DDoS attacks dates back to the 1990s. But the rise of
DDoS-for-hire services and cryptocurrencies has radically changed things. "It's
never been easier for non-specialists to become DDoS extortionists," Dobbins
explains. This has led to a sharp uptick in well-organized, prolific, and
high-profile DDoS extortion campaigns. Today, cybercrime groups deliver ransom
demands in emails that threaten targets with DDoS attacks. Most of these are
large attacks above 500 gigabytes per second, and a few top out at 2 terabytes
per second. Ransom demands may hit 20 Bitcoin (approximately $1 million).
Attacks that revolve around ideological conflicts, geopolitical disputes,
personal revenge, and other factors haven't disappeared. But the focus on
monetization has led attackers to increasingly target Internet service
providers, software-as-a-service firms and hosting/virtual private
server/infrastructure providers. This includes wireless and broadband companies.
"We've seen the DDoS attacker base both broaden and shift toward an even younger
demographic," Dobbins says. According to Neustar's Morales, reflection and
amplification attacks continue to be the most prominent because of their
inherent anonymity and ability to reach very high bandwidth without requiring a
lot of attacking hosts.
Securing a hybrid workforce with log management
When companies shifted to a remote workforce in response to the COVID-19
pandemic, cybercriminals continued to launch attacks. However, they did not
target distantly managed corporate networks. Instead, they looked to exploit
organizations where workforce members did their jobs on home networks and
devices. Because home networks often lack the robust security controls that the
enterprise uses, they become attractive gateways for malicious actors. During
the COVID-19 lockdowns, cybercriminals increasingly leveraged the Windows Remote
Desktop Protocol (RDP) as an attack vector. RDP allows users to connect remotely
to servers and workstations via port 3389. However, misconfigured remote access
often creates a security risk. There has been a massive increase in RDP attack
attempts in 2020. Windows computers with unpatched RDP can be used by malicious
actors to move within the network and deposit malicious code (e.g., ransomware).
Devices getting infected with malware is a common occurrence when users work
outside the corporate network. Since IT departments cannot push software updates
through to the devices, security teams need to monitor for potential malware
infections. Event logs can detect potentially malicious activity when used
correctly.
Cryptophone Service Crackdown: Feds Indict Sky Global CEO
Sky Global's CEO has disputed those allegations and said he has received no
direct notice of any charges being filed against him or any extradition request.
"Sky Global’s technology works for the good of all. It was not created to
prevent the police from monitoring criminal organizations; it exists to prevent
anyone from monitoring and spying on the global community," Eap says in a
statement released Sunday and posted to the company's website. ... "The
unfounded allegations of involvement in criminal activity by me and our company
are entirely false. I do not condone illegal activity in any way, shape or form,
and nor does our company." Eap has also disputed claims by police that they
cracked Sky Global's encryption. Previously, Sky Global had offered a $5 million
reward to anyone able to demonstrate that they had cracked the encryption.
Following a two-year investigation into Sky Global and its customers, last week,
police in Belgium, France and the Netherlands launched numerous house searches,
leading to hundreds of arrests of alleged users - including three attorneys in
Antwerp, Belgium - as well as the seizure of thousands of kilograms of cocaine
and methamphetamine, hundreds of firearms, millions of euros in cash as well as
diamonds, jewelry, luxury vehicles and police uniforms, officials say.
Optimize your CloudOps: 8 tricks CSPs don't want you to know
Leveraging security managers that span all your traditional systems and public
clouds is three times more effective than following a cloud-native approach.
Similar to tip No. 1 above, cloud-native security systems operate best on their
native cloud. Eventually you'll have silos of security systems, each solving
tactical security problems for their native clouds. What you need is an
overarching security ops platform that can manage security from cloud to cloud
as well as for traditional systems, and perhaps with emerging technologies such
as edge computing. Again, this is about finding something "cross-cloud" that
exists today, and to do that you'll have to look for third-party providers. If
you don't choose cross-cloud security now, the move from cloud-native to
cross-cloud security will happen when your security silos become too complex to
maintain and the first breach occurs. At that point, the transformation from
cloud-native to cross-cloud security is difficult and costly. While this trick
causes some debate from time to time, most experts agree: Abstracting public
clouds for performance monitoring is a much better approach than just monitoring
a single cloud using its cloud-native system.
AI One Year Later: How the Pandemic Impacted the Future of Technology
Those changing consumer behaviors created an abrupt reality for data science
teams: predictive AI and machine learning (ML) models and the data they are
derived from were almost instantly outdated, and in many cases reduced to
irrelevance. In the past, these models were based on historical data from
several years of behavioral patterns. But in a world of tightened spending,
limited purchasing options, changing demand patterns, and restricted engagement
with customers, that historical data no longer applied. To combat this problem
-- at a time when companies could not afford inaccurate predictions or lost
revenue -- AI teams turned to such solutions as real-time, ever-changing
forecasting. By constantly updating and tuning their predictive models to
include incoming data from the new pandemic-driven patterns, organizations were
able to reduce data drift and more effectively chart their paths through the
crisis and recovery period. With their hand forced, companies needed to make
difficult choices during the spring of 2020. Do they put their projects and
initiatives on pause and wait for the pandemic to subside, or push forward in
applying AI as a competitive differentiator during these challenging times?
What is Agile leadership? How this flexible management style is changing how teams work
As Agile development took hold in IT departments, so tech chiefs started
thinking about how the approach could be used – not just to create software
products – but to lead teams and projects more generally. As this happened, CIOs
started talking about the importance of Agile leadership. Over the past decade,
the use of Agile as a technique for leading and completing projects has moved
beyond the IT department and across all lines of business. The increased level
of collaboration between tech organisations and other functions, particularly
marketing and digital, has helped to feed the spread of Agile management. ...
Although Agile leadership leans heavily on the principles and techniques of
Agile software development, such as iteration, standups and retrospectives, it's
probably fair to say that it's a management style that involves a general stance
rather than a hard-and-fast set of rules. Mark Evans, managing director of
marketing and digital at Direct Line, says the key to effective Agile management
is what's known as servant leadership, a leadership philosophy in which the main
goal of the leader is to serve.
Quote for the day:
"Integrity is the soul of leadership!
Trust is the engine of leadership!" -- Amine A. Ayad
No comments:
Post a Comment