Articles about Security

In the era of digital transformation, national security faces complex and multifaceted challenges. To address these challenges, the Department of Defense (DOD) is taking a vigilant approach to fortify the security of cloud infrastructure.

This approach seamlessly aligns with overarching national cybersecurity initiatives, which are focused on countering a multitude of emerging threats in the age of automation. Collaboratively, the DOD and other government agencies are dedicated to strengthening the ever-evolving cloud ecosystem, while navigating an increasingly intricate threat landscape.

Continue reading →

Without intending to be trite, there is a very important role that experience plays in the mitigation of risk. Experience comes into play when you are tasked with prioritizing risks. If you have zero experience in cybersecurity risk management, two critical vulnerabilities have equal weight and importance. But not all critical vulnerabilities can or will be weaponized and exploited. And not all critical vulnerabilities will result in a breach or security incident. This is the difference between a priori (independent from any experience) vs a posteriori (dependent on empirical evidence) vulnerability management.

To be effective at mitigating risk, we need to find ways to make intelligent use of experience in running infosec programs. We need to use not just our own experience, but also the experience of others. This is a form of collective resilience that is crucial to defending against nation states, organized crime and, like it or not, bored teenagers attacking and breaching companies just for the lulz like LAPSUS$. This piece aims to help identify some ways in which we can better prioritize our efforts.

Continue reading →

APIs are unseen. They are not typically a technology that end users interact with directly and are somewhat hidden from their day-to-day activities. Therefore, user understanding of API vulnerabilities and the impact an API security incident could have, when it comes to data breaches, is often lacking.

While data breaches are big news, what regularly isn’t reported is the way in which some of these incidents happen. But the reality is that for many data breaches, the weak links, more often than not, are APIs and improper security around those APIs.

Continue reading →

Microsoft 365 Defender is an XDR platform that provides security across multi-platform endpoints, hybrid identities, emails, collaboration tools, and cloud apps. Mastering Microsoft 365 Defender will teach you how to get started and use Microsoft’s suite effectively.

You’ll start with a quick overview of cybersecurity risks that modern organizations face, such as ransomware and APT attacks, how Microsoft is making massive investments in security today, and gain an understanding of how to deploy Microsoft Defender for Endpoint by diving deep into configurations and their architecture.

Continue reading →

Over the past year, we have seen generative AI and large language models (LLMs) go from a niche area of AI research into being one of the fastest growing areas of technology. Across the globe, around $200 billion is due to be invested in this market according to Goldman Sachs, boosting global labor productivity by one percentage point. That might not sound like much, but it would add up to $7 trillion more in the global economy.

However, while these LLM applications might have potential, there are still problems to solve around  privacy and data residency. Currently, employees at organisations can unknowingly share sensitive company data or Personal Identifiable Information (PII) on customers out to services like OpenAI. This opens up new security and data privacy risks.

Continue reading →

Network management and security should go hand in hand. However, making these services work has become more complicated and riskier due to the growth of the public cloud, the use of software applications, and the need to integrate different solutions together.

This complex network security domain requires more skilled cybersecurity professionals. But as this need becomes obvious, so does the glaring skills gap. In the UK, half of all businesses face a fundamental shortfall in cybersecurity skills, and 30 percent grapple with more complex, advanced cybersecurity expertise deficiencies.

Continue reading →

Every organization in the 21st century understands that keeping proprietary data safe is crucial to its success. However, while business leaders tend to believe their current security products and policies are truly secure, breaches continue to climb. It is clear that despite an ever-increasing number of companies maintaining formalized security programs and annually increasing security budgets, there are gaps that continue to go unnoticed and unaddressed.

Through hundreds of assessments and breach analyses, we have concluded there are eight common weaknesses that most commonly enable threat actors to penetrate organizations’ security armor, move through networks to elevate privileges, and ultimately allow them to compromise defenses. These weaknesses are continuously probed by threat actors, and while they may seem secure at deployment, they often are not; and even if initially secure, they frequently become obsolete due to missed updates, upgrades, changes to the enterprise environment, and evolving threat tactics. A frequent misconception is that security products and processes can be set and then forgotten; but since threat actors’ tactics evolve at an alarming pace, security controls must also be continually adjusted to ensure that organizations’ security armor continues to envelop and protect. In the absence of continuous evolution, the armor and its contents become vulnerable and, often, more at risk due to a false sense of security.

Continue reading →

There is some good news for anyone who wants or needs to stick with Windows Server 2012 for a little longer.

Just a month after Windows Server 2012, Windows Server 2012 R2, and Windows Embedded Server 2012 R2 reached end of support, Microsoft has announced that administrators are able to get three additional years of Extended Security Updates (ESUs).

Continue reading →

For many enterprises, the move to cloud computing has raised concerns for security, but when applications are architected with focus on security, cloud platforms can be made just as secure as on-premises platforms.

Cloud instances can be kept secure by employing security automation that helps make your data meet your organization's security policy.

Continue reading →

Patch Tuesday, the second Tuesday of each month when Microsoft releases updates for Windows, has been with us for a long time now. In fact, Microsoft has been using the predictable schedule for releasing patches for no less than 20 years.

The emergence of Patch Tuesday -- a day anticipated for its bug-fixing and dreaded for its bug-introductions -- dates back to the days of Bill Gates and Windows Vista. In celebrating the incredible landmark of two decades of update releases on a reliable timetable, Microsoft has shared some of the history behind it and reiterated the importance of updating the operating system in this way.

Continue reading →

In a sea of messaging apps, WhatsApp remains one of the most widely used, its popularity buoyed by end-to-end encryption. Meta has now added a new feature aimed at "those who are particularly privacy-conscious".

There is a new option to protect your IP address by hiding it from other WhatsApp users during calls. This is important as IP addresses can reveal quite a lot, including location. While the new call relaying privacy measures are likely to be welcomed, there are a couple of significant caveats to keep in mind.

Continue reading →

It’s no secret the depreciation of third-party cookies has been a popular topic of conversation in the industry. Now, however, Google is making changes that will eventually lead to the demise of third-party cookies. The tech giant is rolling out its Privacy Sandbox initiative in the latest version of Chrome and for Android. With any big privacy change, there is a ton of controversy and impending regulations that may mean the Privacy Sandbox is not the futureproof solution brands hope it is.

So, what can IT teams do to help marketers take back control of their data collection strategies and ethically reach customers during this time of change?

Continue reading →

"Are we secure?" For most security leaders, this is one of the most daunting questions they can be asked. While it may seem like a basic inquiry for those in leadership positions, for those on the ‘cybersecurity front line’, thinking in these terms is far too vague and oversimplifies a complex and ever-evolving threat landscape.

Instead, management and IT teams need to shift their thinking to a far more appropriate measure of security:  "Are we adversary aligned?" But what does adversary alignment really mean?

Continue reading →

With the release of the latest Canary build of Windows 11, Microsoft has introduced welcome new security options. The first gives administrators the option of requiring encryption of all outbound SMB client connections.

The second is the arrival of support for Discovery of Network-designated Resolvers (DNR) which allows for the automatic discovery of encrypted DNA servers. Eliminating the need for manual configuration is an ease-of-use move that makes adoption more likely.

Continue reading →

It’s almost impossible to escape the hype around artificial intelligence (AI) and generative AI. The application of these tools is powerful. Text-based tools such as OpenAI’s ChatGPT and Google’s Bard can help people land jobs, significantly cut down the amount of time it takes to build apps and websites, and add much-needed context by analyzing large amounts of threat data. As with most transformative technologies, there are also risks to consider, especially when it comes to cybersecurity.

AI-powered tools have the potential to help organizations overcome the cybersecurity skills gap. This same technology that is helping companies transform their businesses is also a powerful weapon in the hands of cybercriminals. In a practice, that’s sometimes referred to as offensive AI, where cybercriminals use AI to automate scripts that exploit vulnerabilities in an organization’s security system or make social engineering attacks more convincing. There’s no doubt that it represents a growing threat to the cybersecurity landscape that security teams must prepare for.

Continue reading →