Daily Tech Digest - March 16, 2024

New knowledge base compiles Microsoft Configuration Manager attack techniques

“As with most 30-year-old technologies, Configuration Manager was not designed with modern security considerations,” the SpecterOps researchers said in a blog post announcing the new resource. “Many of its default configurations enable various components of its attack surface. Couple that with the inherent challenges of Active Directory environments and you have a massive attack surface suffering from a combined 55 years of technical debt.” The researchers claim they’ve encountered Configuration Manager deployments in almost every Active Directory environment they’ve investigated, a testament to the utility and popularity of the platform which allows admins to deploy applications, software updates, operating systems and compliance settings on a wide scale to servers and workstations. ... One of the most common insecure configurations for Configuration Manager encountered by SpecterOps are overprivileged network access accounts, which is one of the many accounts that SCCM uses for its various tasks. “We (very) commonly find the network access account to be configured as the client push installation account (local admin on all clients), SCCM Administrator, or even domain administrator,” the researchers said.

The IaC Weight on DevOps’ Shoulders

On the one hand, distributing the IaC load lessens the burden on the DevOps teams, but the downside is that it becomes difficult to understand which resources are actually in use and which have been temporarily created for testing purposes. With many owners creating resources on demand, once they are no longer needed, these leftovers create confusion around dependencies and make cloud platforms disorganized and difficult to maintain. Just like enabling more hands to touch IaC creates greater sprawl and disorder, more users with less governance invite careless sprawl in terms of costs as well. This often results in duplicate and unused resources accumulating, wasting budgets that are currently tight, and every penny counts. With a lack of automation and oversight, environments grow messy and expensive. The sprawl issues can also impact security, as expanding permissions raises valid security concerns that are intensified when clouds become disorganized and difficult to maintain. Well-intentioned developers may misconfigure resources or expose sensitive systems, and without proper methods to manage drift or misconfiguration, this can pose real risks to organizations and systems. Another important aspect that also increases with less oversight is intentional insider risk.

How Observability Is Different for Web3 Apps

Many blockchain networks impose a fee for every transaction relayed over the network and successfully written to the blockchain. On the Ethereum network, for example, this fee is known as gas. As a result, it is critical that you not only monitor the functionality of your Web3 dApp but also pay close attention to the economic efficiency of it. Transactions that are unnecessarily large or too many transactions increase the cost of running your Web3 dApp. ... Decentralized applications rely heavily on smart contracts. A smart contract refers to a self-executing program deployed on a blockchain and executed by the nodes that run the network. Web3 dApps depend upon smart contracts for their operations. They serve as the “backend logic” of the dApp, running on the “server” (blockchain network). The operations executed by a smart contract often incur transaction fees. These fees are used to compensate the nodes that run the blockchain network for the computational power they provide to run the smart contract code. Additionally, smart contracts often handle sensitive operations like releasing or receiving funds in the form of cryptocurrency. 

10 Cloud Security Best Practices 2024: Expert Advice

Digital supply chain security must be at the top of every company’s agenda as organizations increasingly work with third and fourth parties to drive innovation, said Nataraj Nagaratnam, IBM Fellow and CTO for Cloud Security at IBM. Modern enterprises require a vast array of hybrid and multi-cloud environments to support data storage and applications, he said. While industry cloud platforms with built-in security and controls are already helping enterprises within regulated industries de-risk the digital supply chain, including protecting banks and the vendors they transact with, organizations will need to continue to be diligent. Cloud security services can help reduce risk and enhance the compliance of cloud environments. He told Techopedia: “Enterprises must take a holistic approach to their hybrid cloud cybersecurity strategies by adopting risk management solutions that can help them gain visibility into third- and fourth-party risk posture while achieving continuous compliance.” Enterprise technology analyst David Linthicum added that it’s important for companies to vet and monitor third-party cloud service providers to ensure they meet security standards and align with the organizations’ requirements.

Data Governance Coaching: A Newcomer's Journey As A Data Manager

Companies are increasingly recognizing the importance of reliable data for informed decision-making. At the heart of this transformation are individuals like me, new data managers tasked with overseeing specific data domains within the enterprise. The foundational element of this data-driven shift lies in the role concept, a framework that identifies and nominates data managers based on their skills, knowledge, and passion for data. Despite their different expertise and company affiliations, this group has a common goal – to ensure high-quality data within their respective responsibility areas. Tackling an initial use case within our data domain is crucial to embark on this journey successfully. ... The narrative of a data manager’s journey in a forward-thinking company emphasizes continuous growth through data governance coaching. A comprehensive approach, including training, use case implementation, and ongoing support, is successfully operationalizing data managers. Past insights stress the importance of the close link between business processes and data management, the seamless identification of data managers, the operational-level conceptualization, and the recognition of varied data domains. 

Building a Sustainable Data Ecosystem

While data sharing is essential for advancing generative AI technology, it also presents significant challenges, particularly regarding privacy, security, and ethical use of data. As generative AI models become increasingly sophisticated, concerns about potential misuse, unauthorized access, and infringement of individual rights have grown. Developing sustainable policy frameworks is crucial to address these challenges and ensure that generative AI technology is deployed responsibly and ethically. Effective policies can establish guidelines and standards for data-sharing practices, promote transparency and accountability, and mitigate risks associated with privacy violations and misuse of generated content. Moreover, robust policy frameworks can foster stakeholder trust, encourage collaboration, and contribute to generative AI technology's long-term sustainability and advancement. Generative AI is a subset of artificial intelligence focused on creating new content that mimics or resembles human-generated content, such as images, text, or sound. This is achieved through machine learning techniques, including deep learning algorithms such as Generative Adversarial Networks (GANs), Variational Autoencoders (VAEs), and transformers.

Why Are There Fewer Women Than Men in Cybersecurity?

The tech industry, including cybersecurity, has been rightly criticized for its "bro culture," which can be unwelcoming and even hostile to women. This culture is characterized by practices and attitudes that devalue women's contributions, overlook them for promotions and challenging projects, and subject them to harassment and discrimination. The recent surge in employee population growth from other cultures, many of which are used to the devaluation of women outside of the workforce, doesn’t translate well or do anything reformative. Such an environment not only discourages women from remaining in the field but also dissuades others from entering it. The underrepresentation of women in cybersecurity is also self-perpetuating due to the lack of visible female role models in the field. Women considering a career in cybersecurity often find few examples of successful female professionals to inspire them. This lack of visibility contributes to the misconception that cybersecurity is not a viable or welcoming career path for women. The absence of female mentors and role models means that aspiring women in cybersecurity lack guidance, support and networking opportunities that are crucial for career development and advancement in any and all fields.

Answers for the IT Skills Gap

One effective strategy is to deploy autonomous automation into your enterprise storage infrastructure, so it reduces the level of complexity, thereby decreasing the dependence on specialized IT skills that are becoming harder to find. With the power of autonomous automation, an admin can manage petabytes of storage easily and cost effectively. ... A complementary strategy is to automate the technical support process through Artificial Intelligence for IT Operations (AIOps). AIOps supports scalable, multi-petabyte storage-as-a-service (STaaS) solutions, enabling enterprises to simplify and centralize IT operations and improve cost management. ... A third strategy for shortening the gap is through storage consolidation. We have a $20 billion enterprise customer that went from 27 storage arrays from three different vendors to only four arrays. A Fortune 100 customer dramatically reduced their storage infrastructure, going from 450 floor tiles to only 50 floor tiles running all the same applications and workloads. This consolidation had many benefits, but one of the key ones was reducing the need for IT manpower. You don’t need such high-level skills with years of experience when the need for IT resources has been streamlined.

6 CISO Takeaways From the NSA's Zero-Trust Guidance

After tackling any other fundamental pillars, companies should look kick off their foray into the Network and Environment pillar by segmenting their networks — perhaps broadly at first, but with increasing granularity. Major functional areas include business-to-business (B2B) segments, consumer-facing (B2C) segments, operational technology such as IoT, point-of-sale networks, and development networks. After segmenting the network at a high level, companies should aim to further refine the segments, Rubrik's Mestrovich says. "If you can define these functional areas of operation, then you can begin to segment the network so that authenticated entities in any one of these areas don't have access without going through additional authentication exercises to any other areas," he says. "In many regards, you will find that it is highly likely that users, devices, and workloads that operate in one area don't actually need any rights to operate or resources in other areas." Zero-trust networking requires companies to have the ability to quickly react to potential attacks, making software-defined networking (SDN) a key approach to not only pursuing microsegmentation but also to lock down the network during a potential compromise.

The Role of Enterprise Architecture in Business Transformation

In the context of strategy management, tools such as strategic roadmaps and business model canvases can support in planning and communicating the business objectives of your organization. To put the strategy into execution, businesses need to organize their resources – people, process, information and technologies – into a composable set of capabilities. These are usually documented in the form of a business capability map. To provide an overview of the available and required resources, portfolios such as process portfolio, application portfolio management, data catalogue and technology radar need to be in place. One or more capabilities are described in operating models. Here, organizations define how the elements of the portfolio are connected to realize the said capabilities. By analysing capability maturity, data quality, and technology fitness, strategic gaps are identified and roadmaps for implementation and transformation are specified to close these gaps. ... EA can serve many initiatives and therefore many stakeholders in your organization. However, no matter how convenient and simple EA can be, we cannot expect everyone to be familiar with every aspect of EA, nor with the modeling languages that are used to implement it.

Quote for the day:

"Leadership means forming a team and working toward common objectives that are tied to time, metrics, and resources." -- Russel Honore

No comments:

Post a Comment