Small Biz Takes Digital Highway
Data protection and cybersecurity issues will also take centre stage once small
and medium businesses adopt digitisation at a larger scale. He says cyber
attacks and complying with laws and policies will require companies to build
mechanisms which entail considerable, if not hefty, costs. In fact, small and
medium businesses seem to be already bearing the brunt of cyber attacks. A study
by Cisco published in September 2021 that sampled about 1,014 local businesses
showed that about 74% small and medium businesses had faced a cyber incident in
past 12 months. “At the end of the day, digital is here to stay, and nobody
can ignore that. I am sure the service segment will evolve to offer solutions at
affordable prices,” says Subbiah. Costs, after all, are a big factor for smaller
companies, though companies are more than willing to spend on adding technology
capabilities due to high return on investment. ... The bulk of the investment
goes into cloud, automation and modern infrastructure, say analysts.
“Specifically, within cloud, SaaS adoption is seeing acceleration as it entails
lower costs and entry barriers,” says Abhinav Johri, director and practice head,
digital consulting, EY.
2.5 million-plus cybersecurity jobs are open—women can fill them
Encouraging and nurturing the careers of women in cybersecurity is important for
a number of reasons: Our cyber adversaries come from diverse backgrounds, which
means that our defender community must be equally diverse in order to understand
and succeed against them. We are facing a massive talent shortage in
cybersecurity of more than 2.5 million job openings. This is putting a strain on
security teams and organizations of every size. We can vastly decrease the
deficit by deliberately expanding our hiring and mentorship of underrepresented
groups who can bring so much to the table. Innovation is everything! And
what’s more conducive to innovation than bringing together new perspectives,
ideas, and experiences to solve today’s challenges? Cybersecurity depends on it
because cybercrime tactics keep evolving. In fact, an MIT Technology Review
article referred to cybersecurity versus cybercrime as “an innovation war.”
Studies show that diversity of thought and leadership is just good for
business.
IoT comes of age
Cities are near and dear to my heart as a former municipal CIO [chief
information officer]. One of the challenges that we’ve seen in a number of large
cities around the world is the amount of traffic congestion in the center of
cities. A number of different cities have applied congestion pricing. They are
tracking when vehicles are in the center of the city and charging for the times
when congestion is highest. That doesn’t necessarily make the driver happy, but
we have seen material changes in traffic patterns within those cities that have
invested in congestion pricing. ... What we saw happen all too often was IoT
being treated as a technology project, often run by the CIO or by a small
business unit or factory plant all by themselves. And so the technology has
changed, but the actual way of work has not. When we look at some of the
lighthouse factories that Michael referenced earlier from the World Economic
Forum, we see that they treat the integration of IoT as a holistic operating
model transformation. When they look at how systems and processes are going to
change on the factory floor, for example, they think about how they may need to
motivate individuals working within that system differently.
Critical flaws in remote management agent impacts thousands of medical devices
Forescout has identified over 150 potentially vulnerable devices using Axeda
from over 100 different manufacturers. Over half of the devices are used in
healthcare, specifically lab equipment, surgical equipment, infusion,
radiotherapy, imaging and more. Others were found in the financial services,
retail, manufacturing and other industries and include ATMs, vending machines,
cash management systems, label printers, barcode scanning systems, SCADA
systems, asset monitoring and tracking solutions, IoT gateways and machines such
as industrial cutters. The seven vulnerabilities, which Forescout has
dubbed Access:7 include three critical ones that can result in remote code
execution. One vulnerability (CVE-2022-25251) stems from unauthenticated
commands present in the Axeda xGate.exe agent that allow an attacker to retrieve
information about a device and change the agent's configuration. By changing the
configuration, an attacker could point the agent to a server they control and
hijack the functionality.
How to approach cloud compliance monitoring
One common strategy is to use the data collected by cloud and network monitoring
tools to create a centralized view of compliance status across all these
domains. This approach aligns well with current cloud and network monitoring
practices. To start a cloud compliance monitoring strategy, divide the tasks
identified above. Some are design-time considerations. Here, an application will
meet or fall short of compliance standards based on how developers build it.
Others are run-time considerations, meaning the application requires
surveillance during operations to validate compliance. The specific tools and
procedures an organization applies to its cloud applications depend on how
compliance requirements map to these categories. Enforce design-time compliance
standards into the development pipeline, and validate them through logging and
version monitoring. The former requires a systematic way to initiate, execute,
review, test and deploy cloud software. Teams must identify tools that enforce
and document the requirements of each applicable standard.
Ukraine Fighting First-Ever 'Hybrid War' - Cyber Official
Ukraine continues to fight not just on the ground and in the air, but also
online. "This is happening for the first time in history and I believe that
cyber war can only be ended with the end of conventional war, and we will do
everything we can to bring this moment closer," SSSCIP's Zhora said at a Friday
press conference, the BBC reported. Zhora said Ukrainian cyber defenders
continue to repel attacks on the country's online services and infrastructure,
and said that "they are not afraid of Russian" attacks focused on such critical
infrastructure as power plants or nuclear facilities, the BBC reported. Internet
access remains shaky across Ukraine, due in part to continued bombing, says
Britain's Ministry of Defense. "Ukrainian internet access is … highly likely
being disrupted as a result of collateral damage from Russian strikes on
infrastructure," it says. "Over the past week, internet outages have been
reported in Mariupol, Sumy, Kyiv and Kharkiv." ... "Russia is probably targeting
Ukraine's communications infrastructure in order to reduce Ukrainian citizens'
access to reliable news and information," it adds.
7 reasons to embrace Web3 — and 7 reasons not to
Just because Bitcoin wastes so much energy doesn’t mean that Web3 will need to
do the same. There are many protocols that offer some genuine assurance of
correctness without requiring a bazillion transistors to be constantly solving
some mathematical puzzle. Proof of stake, for example, is a neutral,
decentralized protocol. It may not be perfect, but maybe we can get by with an
adequate consensus model for a number of parts of Web3? Many people might be
just as happy with blockchain managed by a coalition of trusted parties. It may
not be theoretically free of domination, but if the coalition is big enough and
the process is open, it could be embraced at a much lower cost in energy,
silicon, and time. ... Our society is increasingly driven by data. Anything we
can do to increase the accuracy of the data will help everyone who uses the
information to make decisions. One of the side effects of adding more robust
digital signatures and protocols to every interaction means that there will be
more structure. ... Web3 is bound to have more accurate information and that
will lift every part of the web that depends upon it.
The Uncertain Future of IT Automation
As Automox predicted at the end of last year, IT and security transformation
continue as organizations everywhere try to find a new normal following the
disruptions of the pandemic, and IT automation will have to adjust. This has
been challenging for many organizations — and more importantly, people, as
discussed above — but there are silver linings too. The pandemic has pushed new
innovation across many areas, with exciting new tools and practices on the
horizon for IT and security teams. One innovation that is particularly
interesting is cybersecurity mesh architectures. Gartner has claimed that
“organizations adopting a cybersecurity mesh architecture will reduce the
financial impact of security incidents by an average of 90 percent” by 2024. A
cybersecurity mesh architecture leverages various parts of the enterprise to
integrate widely distributed, disparate security services. This is key to
managing and accounting for a workforce that has never been more remote and
globally distributed.
Predicting the future of AI and analytics in endpoint security
What’s troubling about Unit 42’s findings for endpoints is that 40% of
enterprises are still using spreadsheets to track digital certificates manually,
and 57% of enterprises don’t have an accurate inventory of SSH keys. These two
factors contribute to the widening gap in endpoint security that bad actors are
highly skilled at exploiting. It’s common to find organizations that aren’t
tracking up to 40% of their endpoints, according to a recent interview with Jim
Wachhaus, attack surface protection evangelist at CyCognito. Jim told
VentureBeat that it’s common to find organizations generating thousands of
unknown endpoints a year. Supporting Jim’s findings are CISOs who tell
VentureBeat that keeping track of every endpoint defies what can be done through
manually-based processes today as their IT staffs are already stretched thin.
Add to that how CIOs and CISOs are battling a chronic labor shortage as their
best employees are offered 40% or more of their base salary and up to $10,000
signing bonuses to jump to a new company, and the severity of the situation
becomes clear. In addition, 56% of executives say their cybersecurity analysts
are overwhelmed, according to BCG.
New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs
To mitigate the risk, software vendors such as Google and the Linux kernel
developers came up with software-based solutions such as retpoline. While these
were effective, they introduced a significant performance hit, so CPU vendors
later developed hardware-based defenses. Intel's is called EIBRS and ARM's is
called CSV2. "These solutions are complex to learn more about them—but the gist
of them is that the predictor 'somehow' keeps track of the privilege level
(user/kernel) in which a target is executed," the VUSec researchers explain.
"And, as you may expect, if the target belongs to a lower privilege level,
kernel execution won’t use it." The problem, however, is that the CPU's
predictor relies on a global history to select the target entries to
speculatively execute and, as the VUSec researchers proved, this global history
can be poisoned. In other words, while the original Spectre v2 allowed attackers
to actually inject target code locations and then trick the kernel to execute
that code, the new Spectre-BHI/BHB attack can only force the kernel to
mispredict and execute interesting code gadgets or snippets that already exist
in the history and were executed in the past, but which might leak data.
Quote for the day:
"A pat on the back is only a few
vertebrae removed from a kick in the pants, but is miles ahead in results." --
W. Wilcox
