Daily Tech Digest - June 20, 2024

Measure Success: Key Cybersecurity Resilience Metrics

“Cyber resilience is a newer concept. It can get thrown around when one really means cybersecurity, and also in cases where no one really cares about the difference between the two,” says Mike Macado, CISO at BeyondTrust, an identity and access security company. “And to be fair, there can be some blurring between the two. ... “Once the resilience objectives are clear, KPIs can be set to measure them. While there are many abstract possible KPIs, it is crucial to set meaningful and measurable KPIs that can indicate your cyber resilience level and not only tick the box,” says Kellerman. And what are the meaningful, core KPIs? “These include mean time to detect, mean time to respond, recovery time objective, recovery point objective, percentage of critical systems with exposures, employee awareness and phishing click-rates, and an overall assessment of leadership. These KPIs will properly assess your security controls and whether they are protecting your critical path assets, helping to ensure they’re capable of preventing threats.” Kellerman adds. ... “The ability to recover from a cybersecurity attack within a reasonable time that guarantees business continuity is a crucial indicator of resilience...” says Joseph Nwankpa

Most cybersecurity pros took time off due to mental health issues

“Cybersecurity professionals are at the forefront of a battle they know they are going to lose at some point, it is just a matter of time. It’s a challenging industry and businesses need to recognize that without motivation, cybersecurity professionals won’t be at the top of their game. We’ve worked with both cybersecurity and business leaders to understand the challenges the industry faces. What we’ve discovered shows just how difficult the job is and that there is a significant gap of understanding between the board and the professionals,” said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders to work more closely with cybersecurity professionals to make mental well-being a priority and actually provide the solutions they need to succeed. It’s not just the right thing to do, it makes business sense,” concluded Pylarinos. “Stress, burnout and mental health in cybersecurity is at an all-time high. It’s also not just the junior members of the team, but right up to the CISO level too,” said Sarb Sembhi, CTO at Virtually Informed.

Forget Deepfakes: Social Listening Might be the Most Consequential Use of Generative AI in Politics

Ultimately, the most vulnerable individuals likely to be affected by these trends are not voters; they are children. AI chatbots are already being piloted in classrooms. “Children are once again serving as beta testers for a new generation of digital tech, just as they did in the early days of social media,” writes Caroline Mimbs Nyce for The Atlantic. The risks from generative AI outputs are well documented, from hallucinatory responses to search inquiries to synthetic nonconsensual sexual imagery. Given the rapid normalization of surveillance in education technology, more attention should probably be paid to the inputs such systems collect from kids. ... Not every AI problem requires a policy solution specific to AI: a federal data privacy law that applied to campaigns and political action committees would go a long way toward regulating generative AI-enabled social listening, and could have been put in place long before that technology became widely accessible. The fake Biden robocalls in New Hampshire similarly commend low-tech responses to high-tech problems: the political consultant behind them is charged not with breaking any law against AI fakery but with violating laws against voter suppression.

Resilience in leadership: Navigating challenges and inspiring success

Research shows that cultivating resilience is a long and arduous journey that requires self-awareness, emotional intelligence, and a relentless commitment to personal growth. A great example of this quality and a leader I admire greatly is Jensen Huang, President of Nvidia, which is now one of the most valuable companies in the world with a market cap of more than $2 trillion. As Huang describes quite candidly in many interviews, his early years and the hardships he endured helped him build resilience, where he learnt to brush things off and move on no matter how difficult the situation was. While addressing the grad students at Stanford Graduate School of Business, Huang revealed that “I wish upon you ample doses of pain and suffering,” as he believes great character is only formed out of people who have suffered. These experiences have not only helped Huang develop a robust management style but have also helped him approach any problem with the mindset of “How hard can it be?” While Jensen’s life exemplifies the importance of hardships and suffering, resilience isn't limited to overcoming hardships; it's also about innovation and adaptability in leadership. 

IDP vs. Self-Service Portal: A Platform Engineering Showdown

It’s easy to get lost in the sea of IT acronyms at the best of times, and the platform engineering ecosystem is the same, particularly given that these two options seem to promise similar things but deliver quite differently. For many organizations, choosing or building an IDP might be what they think is required to save their developers from repetitive work while looking for a self-service portal (SSP) to streamline automation. ... By providing a user-friendly interface to define and deploy cloud resources, an SSP frees up the time and effort required to set up complex infrastructure configurations. Centralizing resources provides oversight while also enabling guardrails to be established to protect against “shadow IT” being deployed. This not only helps identify resources that aren’t being used to save money but also helps make cloud practices more eco-friendly by removing unnecessary resources. This is the main difference between an SSP and an IDP, and understanding which capabilities an organization needs is critical for ensuring a smooth platform engineering journey. Like a Russian doll, an IDP is a layer on top of an SSP that offers tools to streamline the entire software development lifecycle.

Chinese Hackers Used Open-Source Rootkits for Espionage

Attackers exploited an unauthenticated remote command execution zero-day on VMware vCenter tracked as CVE-2023-34048. If the threat group failed to gain initial access on the VMware servers, the attackers targeted similar flaws in FortiOS, a flaw in VMware vCenter called postgresDB, or a VMware Tools flaw. After compromising the edge devices, the group's pattern has been to deploy open-source Linux rootkit Reptile to target virtual machines hosted on the appliance. It uses four rootkit components to capture secure shell credentials. These include Reptile.CMD to hide files, processes and network connections; Reptile.Shell to listen to specialized packets- a kernel level file to modify the .CMD file to achieve rootkit functionality; and a loadable kernel file for decrypting the actual module and loading it into the memory. "Reptile appeared to be the rootkit of choice by UNC3886 as it was observed being deployed immediately after gaining access to compromised endpoints," Mandiant said. "Reptile offers both the common backdoor functionality, as well as stealth functionality that enables the threat actor to evasively access and control the infected endpoints via port knocking."

What are the benefits of open access networks?

Toomey says there are various benefits to open access networks, with a key benefit being the fostering of competition. “This competition drives innovation as providers strive to offer the best services and technologies to attract and retain customers,” she said. “Additionally, open access networks can reduce costs for service providers by sharing infrastructure, leading to more affordable services for end-users. “These networks also promote greater network efficiency and resource utilisation, benefiting the entire telecom ecosystem.” But there are challenges with building an open access network, as Toomey said there are high costs in building and maintaining the necessary infrastructure. Enet invested €50m in 2022 to expand its fibre network, but saw its profits fall 47pc to €3.7m in the same year. “Additionally, there is a risk of overbuild, where multiple networks are constructed in the same area, leading to inefficient resource use,” Toomey said. “Another challenge is the centralised thinking on network roll-out in cities, which can neglect rural and underserved areas, creating a digital divide. “Addressing these challenges requires strategic planning and investment, as well as collaboration with government and industry stakeholders to ensure balanced network development.”

CIOs take note: Platform engineering teams are the future core of IT orgs

The core roles in a platform engineering team range from infrastructure engineers, software developers, and DevOps tool engineers, to database administrators, quality assurance, API and security engineers, and product architects. In some cases teams may also include site reliability engineers, scrum masters, UI/UX designers, and analysts who assess performance data to identify bottlenecks. And according to Joe Atkinson, chief products and technology officer at PwC, these teams offer a long list of benefits to IT organizations, including building and maintaining scalable, flexible infrastructure and tools that enable efficient operations; developing standardized frameworks, libraries, and tools to enable rapid software development; cutting costs by consolidating infrastructure resources; and ensuring security and compliance at the infrastructure level. ... You can’t have a successful platform engineering team without building the right culture, says Jamie Holcombe, USPTO CIO. “If you don’t inspire the right behavior then you’ll get people who point at each other when something goes wrong.” And don’t withhold information, he adds. 

What is the current state of Security Culture in Europe?

Organizations prioritizing the establishment and upkeep of a security culture will encourage notably heightened security awareness behaviors among their employees. Examining this further, research has shown that organizations in Europe have a good understanding of security culture as both a process and a strategic measure. However, many have yet to take their first tactical steps toward achieving that goal. Those who have done so realize that shaping security behaviors is essential in developing a security culture. ... Delving deeper, smaller European organisations score higher in security culture due to more effective personal communication, stronger community bonds and better support for security issues. This naturally leads to enhanced Cognition and Compliance, with improvements in communication channels posited as a key driver for better security policy understanding and proactive security behaviours that outperform global averages. Conducting an examination of which industries displayed the best security culture within Europe, it is certainly gaining traction among security experts within sectors like finance, banking and IT, which are all heavily digitized.

Data Integrity: What It Is and Why It Matters

While data integrity focuses on the overall reliability of data in an organization, Data Quality considers both the integrity of the data and how reliable and applicable it is for its intended use. Preserving the integrity of data emphasizes keeping it intact, fully functional, and free of corruption for as long as it is needed. This is done primarily by managing how the data is entered, transmitted, and stored. By contrast, Data Quality builds on methods for confirming the integrity of the data and also considers the data’s uniqueness, timeliness, accuracy, and consistency. Data is considered “high quality” when it ranks high in all these areas based on the assessment of data analysts. High-quality data is considered trustworthy and reliable for its intended applications based on the organization’s data validation rules. The benefits of data integrity and Data Quality are distinct, despite some overlap. Data integrity allows a business to recover quickly and completely in the event of a system failure, prevent unauthorized access to or modification of the data, and support the company’s compliance efforts. 

Quote for the day:

“Failures are finger posts on the road to achievement.” -- C.S. Lewis

No comments:

Post a Comment