Daily Tech Digest - March 09, 2022

Small Biz Takes Digital Highway

Data protection and cybersecurity issues will also take centre stage once small and medium businesses adopt digitisation at a larger scale. He says cyber attacks and complying with laws and policies will require companies to build mechanisms which entail considerable, if not hefty, costs. In fact, small and medium businesses seem to be already bearing the brunt of cyber attacks. A study by Cisco published in September 2021 that sampled about 1,014 local businesses showed that about 74% small and medium businesses had faced a cyber incident in past 12 months. “At the end of the day, digital is here to stay, and nobody can ignore that. I am sure the service segment will evolve to offer solutions at affordable prices,” says Subbiah. Costs, after all, are a big factor for smaller companies, though companies are more than willing to spend on adding technology capabilities due to high return on investment. ... The bulk of the investment goes into cloud, automation and modern infrastructure, say analysts. “Specifically, within cloud, SaaS adoption is seeing acceleration as it entails lower costs and entry barriers,” says Abhinav Johri, director and practice head, digital consulting, EY.

2.5 million-plus cybersecurity jobs are open—women can fill them

Encouraging and nurturing the careers of women in cybersecurity is important for a number of reasons: Our cyber adversaries come from diverse backgrounds, which means that our defender community must be equally diverse in order to understand and succeed against them. We are facing a massive talent shortage in cybersecurity of more than 2.5 million job openings. This is putting a strain on security teams and organizations of every size. We can vastly decrease the deficit by deliberately expanding our hiring and mentorship of underrepresented groups who can bring so much to the table. Innovation is everything! And what’s more conducive to innovation than bringing together new perspectives, ideas, and experiences to solve today’s challenges? Cybersecurity depends on it because cybercrime tactics keep evolving. In fact, an MIT Technology Review article referred to cybersecurity versus cybercrime as “an innovation war.” Studies show that diversity of thought and leadership is just good for business.

IoT comes of age

Cities are near and dear to my heart as a former municipal CIO [chief information officer]. One of the challenges that we’ve seen in a number of large cities around the world is the amount of traffic congestion in the center of cities. A number of different cities have applied congestion pricing. They are tracking when vehicles are in the center of the city and charging for the times when congestion is highest. That doesn’t necessarily make the driver happy, but we have seen material changes in traffic patterns within those cities that have invested in congestion pricing. ... What we saw happen all too often was IoT being treated as a technology project, often run by the CIO or by a small business unit or factory plant all by themselves. And so the technology has changed, but the actual way of work has not. When we look at some of the lighthouse factories that Michael referenced earlier from the World Economic Forum, we see that they treat the integration of IoT as a holistic operating model transformation. When they look at how systems and processes are going to change on the factory floor, for example, they think about how they may need to motivate individuals working within that system differently. 

Critical flaws in remote management agent impacts thousands of medical devices

Forescout has identified over 150 potentially vulnerable devices using Axeda from over 100 different manufacturers. Over half of the devices are used in healthcare, specifically lab equipment, surgical equipment, infusion, radiotherapy, imaging and more. Others were found in the financial services, retail, manufacturing and other industries and include ATMs, vending machines, cash management systems, label printers, barcode scanning systems, SCADA systems, asset monitoring and tracking solutions, IoT gateways and machines such as industrial cutters. The seven vulnerabilities, which Forescout has dubbed Access:7 include three critical ones that can result in remote code execution. One vulnerability (CVE-2022-25251) stems from unauthenticated commands present in the Axeda xGate.exe agent that allow an attacker to retrieve information about a device and change the agent's configuration. By changing the configuration, an attacker could point the agent to a server they control and hijack the functionality.

How to approach cloud compliance monitoring

One common strategy is to use the data collected by cloud and network monitoring tools to create a centralized view of compliance status across all these domains. This approach aligns well with current cloud and network monitoring practices. To start a cloud compliance monitoring strategy, divide the tasks identified above. Some are design-time considerations. Here, an application will meet or fall short of compliance standards based on how developers build it. Others are run-time considerations, meaning the application requires surveillance during operations to validate compliance. The specific tools and procedures an organization applies to its cloud applications depend on how compliance requirements map to these categories. Enforce design-time compliance standards into the development pipeline, and validate them through logging and version monitoring. The former requires a systematic way to initiate, execute, review, test and deploy cloud software. Teams must identify tools that enforce and document the requirements of each applicable standard. 

Ukraine Fighting First-Ever 'Hybrid War' - Cyber Official

Ukraine continues to fight not just on the ground and in the air, but also online. "This is happening for the first time in history and I believe that cyber war can only be ended with the end of conventional war, and we will do everything we can to bring this moment closer," SSSCIP's Zhora said at a Friday press conference, the BBC reported. Zhora said Ukrainian cyber defenders continue to repel attacks on the country's online services and infrastructure, and said that "they are not afraid of Russian" attacks focused on such critical infrastructure as power plants or nuclear facilities, the BBC reported. Internet access remains shaky across Ukraine, due in part to continued bombing, says Britain's Ministry of Defense. "Ukrainian internet access is … highly likely being disrupted as a result of collateral damage from Russian strikes on infrastructure," it says. "Over the past week, internet outages have been reported in Mariupol, Sumy, Kyiv and Kharkiv." ... "Russia is probably targeting Ukraine's communications infrastructure in order to reduce Ukrainian citizens' access to reliable news and information," it adds.

7 reasons to embrace Web3 — and 7 reasons not to

Just because Bitcoin wastes so much energy doesn’t mean that Web3 will need to do the same. There are many protocols that offer some genuine assurance of correctness without requiring a bazillion transistors to be constantly solving some mathematical puzzle. Proof of stake, for example, is a neutral, decentralized protocol. It may not be perfect, but maybe we can get by with an adequate consensus model for a number of parts of Web3? Many people might be just as happy with blockchain managed by a coalition of trusted parties. It may not be theoretically free of domination, but if the coalition is big enough and the process is open, it could be embraced at a much lower cost in energy, silicon, and time. ... Our society is increasingly driven by data. Anything we can do to increase the accuracy of the data will help everyone who uses the information to make decisions. One of the side effects of adding more robust digital signatures and protocols to every interaction means that there will be more structure. ... Web3 is bound to have more accurate information and that will lift every part of the web that depends upon it.

The Uncertain Future of IT Automation

As Automox predicted at the end of last year, IT and security transformation continue as organizations everywhere try to find a new normal following the disruptions of the pandemic, and IT automation will have to adjust. This has been challenging for many organizations — and more importantly, people, as discussed above — but there are silver linings too. The pandemic has pushed new innovation across many areas, with exciting new tools and practices on the horizon for IT and security teams. One innovation that is particularly interesting is cybersecurity mesh architectures. Gartner has claimed that “organizations adopting a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90 percent” by 2024. A cybersecurity mesh architecture leverages various parts of the enterprise to integrate widely distributed, disparate security services. This is key to managing and accounting for a workforce that has never been more remote and globally distributed.

Predicting the future of AI and analytics in endpoint security

What’s troubling about Unit 42’s findings for endpoints is that 40% of enterprises are still using spreadsheets to track digital certificates manually, and 57% of enterprises don’t have an accurate inventory of SSH keys. These two factors contribute to the widening gap in endpoint security that bad actors are highly skilled at exploiting. It’s common to find organizations that aren’t tracking up to 40% of their endpoints, according to a recent interview with Jim Wachhaus, attack surface protection evangelist at CyCognito. Jim told VentureBeat that it’s common to find organizations generating thousands of unknown endpoints a year. Supporting Jim’s findings are CISOs who tell VentureBeat that keeping track of every endpoint defies what can be done through manually-based processes today as their IT staffs are already stretched thin. Add to that how CIOs and CISOs are battling a chronic labor shortage as their best employees are offered 40% or more of their base salary and up to $10,000 signing bonuses to jump to a new company, and the severity of the situation becomes clear. In addition, 56% of executives say their cybersecurity analysts are overwhelmed, according to BCG.

New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs

To mitigate the risk, software vendors such as Google and the Linux kernel developers came up with software-based solutions such as retpoline. While these were effective, they introduced a significant performance hit, so CPU vendors later developed hardware-based defenses. Intel's is called EIBRS and ARM's is called CSV2. "These solutions are complex to learn more about them—but the gist of them is that the predictor 'somehow' keeps track of the privilege level (user/kernel) in which a target is executed," the VUSec researchers explain. "And, as you may expect, if the target belongs to a lower privilege level, kernel execution won’t use it." The problem, however, is that the CPU's predictor relies on a global history to select the target entries to speculatively execute and, as the VUSec researchers proved, this global history can be poisoned. In other words, while the original Spectre v2 allowed attackers to actually inject target code locations and then trick the kernel to execute that code, the new Spectre-BHI/BHB attack can only force the kernel to mispredict and execute interesting code gadgets or snippets that already exist in the history and were executed in the past, but which might leak data.

Quote for the day:

"A pat on the back is only a few vertebrae removed from a kick in the pants, but is miles ahead in results." -- W. Wilcox

No comments:

Post a Comment