Cyber Defense eMagazine December Edition for 2021

More documents

Recommendations

Info

Building digital trust With identity becoming the new network perimeter, verifying digital identities on a network is integral to a zero-trust strategy. But limiting verification to user identities is not sufficient. Proper zero trust implementation is heavily dependent upon digital certificates and key pairs. The objective is to strengthen security and ensure device verification along with identity verification. Adopting the zero trust model starts with segmentation, implementing privilege access management (PAM), multi-factor authentication (MFA), vulnerability and patch management, and security analytics. However, companies miss out on one crucial area, and that includes managing machine identities. This opens risks rising from compromised encryption tunnels. Manually managing certificate lifecycles whether it’s through spreadsheets – or paper documents – is time-consuming, error-prone, and highly inefficient. With hundreds of thousands of certificates in circulation, administrators cannot rely on manual management techniques to ensure that public key infrastructure (PKI) is constantly secure and up to date. There is a pressing need for a management system that includes alerting processes and automated workflows for PKI tasks such as certificate renewal, requisition, revocation, deployment, and more. Recognizing the power of automation While digital certificates contribute much to a zero-trust architecture, organizations need a managed solution with the capabilities to automate the certificate lifecycle. Implementing an end-to-end certificate lifecycle automation solution is a key initiative towards achieving a fully functional zero trust model. Automation tools simplify certificate operations by allowing administrators to carry out all necessary activities from a single interface (i.e., without using each certificate authority’s interface to renew or revoke the certificates they have issued). Last, automation helps enable cryptographic agility. For example, digital identities can stay on top of protocol and algorithm upgrades to offer the best possible protection under all circumstances. Embracing PKI to secure networks It’s no longer enough to simply set up the necessary SSL certificates on websites and servers and renew them once every few years. PKI protects nearly every internet-facing system (and its back-end servers), software programs (in the form of code-signing certificates), and communication in general. There have been well-documented occurrences of PKI being the weak link that resulted in data breach, such as the Cyber Defense eMagazine – December 2021 Edition 140 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Capital One breach back in 2019. Additional emerging trends that have underscored the need for organizations to embrace PKI include: • Cloud Applications: With the emergence of cloud-based apps, multicloud deployment, and container-based deployment, the need to secure the hosting infrastructure and individual consumer endpoints has become paramount. • Internet of Things (IoT): Not only are IoT deployments numerous in terms of individually connected endpoints, but several applications of IoT also hold sensitive data that should be protected at all by PKI, as the vanguard. • DevOps: PKI and DevOps have never been compatible – DevOps exemplifies agility, while PKI has traditionally been a slow, manual exercise. However, certificates need to be rapidly deployed to protect outgoing code, applications, and communication lines in general. • Remote Work: As an entirely remote workforce slowly becomes the norm, the existence of valid, constantly updated PKI on organizational systems not only makes remote access secure it also ensures that employees' digital assets remain secure by enabling constant updates via air. • Infusing AI and ML in Identity Management to thrive in a current and post-pandemic world In recent years, artificial intelligence (AI) and machine learning (ML) have been quietly transforming industries. With cyberattacks becoming more sophisticated and the continued rise in ransomware demands, new tools with advanced AI and ML capabilities are needed. Machine learning leverages algorithms to analyze large quantities of data to uncover patterns that enable accurate predictions. According to Gartner, IAM is "the security discipline that enables the right individuals to access the right resources at the right times for the right reasons.” Adding ML capabilities to IAM solutions helps authenticate the user and whether they should be granted access to specific applications/data. In other words, it helps validate if these are the right resources for a particular user. AI is instrumental in the future of IAM since it recognizes patterns and expands knowledge exponentially at the same rate as risk. Continuous authentication ensures that for every interaction, the context of a user is constantly evaluated. Organizations can detect potential threats easily as AI analyzes interactions while considering time, place, and even user movement. All these analytics help calculate the level of potential risk at every point. AI-based tools based on machine learning ease off the authentication burden on users and infuse enhanced security fueled by robust identity management and access controls. Organizations need to embrace a holistic cybersecurity strategy that is forward-looking, will reduce access and compliance costs, help them stay agile and flexible while accelerating their journey to the cloud. Cyber Defense eMagazine – December 2021 Edition 141 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
9 Ways Social Media Sabotages Your
Page 3 and 4:
How Do You Secure the Modern Supply
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
Cyber Defense eMagazine - December
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
With over 4 billion users, social m
Page 41 and 42:
Unsecure Mobile Networks When using
Page 43 and 44:
However, as concerning as these pra
Page 45 and 46:
Danny Lopez, CEO, Glasswall “Duri
Page 47 and 48:
estoring data. Modern organizations
Page 49 and 50:
When Diplomacy, Finance and Tech Co
Page 51 and 52:
Another way leaders can take initia
Page 53 and 54:
How Covid-19 Changed Advertising Fo
Page 55 and 56:
However, this shift might not be su
Page 57 and 58:
Why MFA Alone Isn’t Enough for Tr
Page 59 and 60:
just highlights how vulnerable most
Page 61 and 62:
on channels like email. This starts
Page 63 and 64:
3 Best Practices to Avoid Inevitabl
Page 65 and 66:
For example, an employee may become
Page 67 and 68:
and outcomes is essential for proje
Page 69 and 70:
Electric Vehicle Charging: The Next
Page 71 and 72:
Going forward, EV dealers, charging
Page 73 and 74:
How does this relate to MFA? Well,
Page 75 and 76:
constant exposure of countries to a
Page 77 and 78:
Why do you need a malware sandbox?
Page 79 and 80:
Multi-Cloud Security and Compliance
Page 81 and 82:
If security controls are not consol
Page 83 and 84:
How Do You Secure the Modern Supply
Page 85 and 86:
The case for isolation Supply chain
Page 87 and 88:
Don’t Take Yourself Out of The Ga
Page 89 and 90: The U.S. Government Accountability
Page 91 and 92: assessment criteria for the tasks f
Page 93 and 94: the file. This was a great techniqu
Page 95 and 96: the wake of the pandemic where the
Page 97 and 98: Certain communications are protecte
Page 99 and 100: At Salt Communications we work with
Page 101 and 102: And it’s only getting worse. If y
Page 103 and 104: The benefits are great When HDOs ha
Page 105 and 106: 4 Pillars of Privacy-Preserving AI
Page 107 and 108: concern and a desire to be cautious
Page 109 and 110: and stay safe online. That’s why
Page 111 and 112: 2. Enabling over-the-horizon threat
Page 113 and 114: Techniques Used by Hackers to Bypas
Page 115 and 116: Phishing scams avoid email security
Page 117 and 118: ATO Detection Account takeover bene
Page 119 and 120: How To Protect Your Digital Legacy
Page 121 and 122: I worked with cybersecurity experts
Page 123 and 124: Sextortion Email Scams What to Do a
Page 125 and 126: Sextortion attacks are a type of cy
Page 127 and 128: How to respond to a sextortion emai
Page 129 and 130: Example 2:'You've been hacked' emai
Page 131 and 132: How can this strategy be implemente
Page 133 and 134: Surviving The New Era of Terabit-Cl
Page 135 and 136: accompanying shift toward more digi
Page 137 and 138: Survey results show businesses are
Page 139: Enterprises Cannot Achieve Zero Tru
Page 143 and 144: Cyber Defense eMagazine - December
Page 161 and 162: CyberDefense.TV now has 200 hotseat
Page 163 and 164: Books by our Publisher: https://www
show all

Cyber Defense eMagazine December Edition for 2021

Create successful ePaper yourself

Delete template?

Save as template?