Late last year, we began conversations with the Tuck School of Business at Dartmouth College about their current security concerns. Like many organizations, a portion of their workloads are moving from on-premises to the cloud. One of the big concerns about moving to the cloud is how to secure infrastructure as companies currently do from within the defined perimeter of their internal network. They also needed to provide added security without heavily impacting the end user (students, faculty, and staff) experience. Because these are common concerns for many other organizations, I’d like to share how we helped this customer overcome these security concerns.
In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability can be classified as a logical remote code execution (RCE) vulnerability. It resembles a classic relay attack, but with a nice twist: It is related to RSA cryptography (and prime numbers) which makes it quite unique and interesting.
Hmm, I thought I remembered my password. As I tried to log into my account with a large retailer known for their athletic wear, I click the forgot password link. I enter my email address.
In a very short period of time, machine learning (ML) has had a major impact on the field of cybersecurity. Machine learning has proven to be adept at finding threats in ways that traditional signatures never could, whether detecting malware, finding vulnerabilities, or recognizing when a trusted employee has been compromised by an attacker.
Earlier this year, Teen Vogue wrote an article in its magazine about why their readers should adopt Two-factor (2FA) or Multi-factor Authentication (MFA) for any of their applications or accounts that offer it. Why is this relevant? Because according to the Verizon Data Breach Investigations report, 63% of data breaches start with cracked or stolen passwords. The fact that we are promoting and providing education around cyber-security to our teens today says a lot.
The risks to employees and organizations from stolen or compromised credentials and information are well-known. And with hackers and insiders becoming more advanced and sophisticated in their techniques the global threat is increasing. At a recent IT security forum, I was speaking with a customer about an Alert (TA16-250A) that the United States Computer Emergency Readiness Team (US-CERT) released on “The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations” and how User and Entity Behavior Analytics (UEBA)can help address some of their recommendations.
Even though Cyber Security Awareness month has passed, it is important to remain diligent and and stay aware to defend yourself from threats. I recently worked with CSO Magazine to put together a series of best practices that organizations and their users should follow (both in and out of the corporate network) to minimize threats and reduce risk.
While IT security education may be part of an organization’s onboarding process, many people still don’t realize that they shouldn’t open an email from an unidentified source, or even those from a friend or coworker that have uncharacteristic links or text. And inevitably they still do.
As Benjamin Franklin once said “An ounce of prevention is worth a pound of cure.” As Enterprises continue to build out and reinforce their IT security strategy, a keen eye is being put toward “preventative” solutions. With the rise in insider threats and compromised credentials, this is no surprise.
There have been several articles in the last couple days that talk about NIST’s latest Digital Authentication Guidelines (DAG) draft which is indicating SMS for 2-Factor Authentication is nearing the end. Given its popularity it’s creating a lot of conversation. And lots are asking what this could mean for the Enterprise.