General Archives - Page 3 of 28 - Cybersecurity Magazine

Career Profile: Anand Prasad, Deloitte

December 9, 2022December 12, 2022 Editor's Desk 717 Views 0 Comments careers 3 min read

Name: Anand Prasad Affiliation: Deloitte Editor of Cybersecurity Magazine Can you briefly introduce your current role in cybersecurity? My role

Career Profiles General

Career Profile: Hans Christian Rudolph, Deloitte

December 9, 2022December 12, 2022 Editor's Desk 742 Views 0 Comments career, careers 5 min read

Name: Hans Christian Rudolph Affiliation: Deloitte Tohmatsu Cyber Editor of Cybersecurity Magazine Can you briefly introduce your current role in

General Journal Abstracts

An Efficient Solution to User Authorization Query Problem in RBAC Systems Using Hierarchical Clustering

December 5, 2022January 17, 2023 Editor's Desk 667 Views 0 Comments journal 0 min read

Abstract: Role Based Access Control (RBAC) systems face an essential issue related to systematic handling of users’ access requests known

General

How Do You Know That Access Was Granted in the First Place?

December 2, 2022December 2, 2022 Michael Rask Christensen 675 Views 0 Comments 6 min read

A colleague and I recently had a discussion of Zero Trust Architecture (ZTA). There is no one-shoe-fits-all solution out there. Zero Trust is a journey more than it is a turn-key solution. But there are some common features and the NIST 800-207 standard or Microsoft’s Zero Trust advisory are not bad places to start reading. However – with my background at one of the major IGA solution vendors, I started wondering why Identity Governance and Administration (IGA) was never in the pictures when ZTA was discussed. The policy engine always assumes that if an account is member of a certain AD group or Azure role then it is OK and the role of “zero trust” is to check the identity’s device, location, time of day and other ad-hoc factors to decide whether to accept the request, enforce multi-factor authentication or even reject the request.

General

Attacks on Shadow APIs Loom Large

November 25, 2022November 25, 2022 Andy Mills 1398 Views 0 Comments expert, expert. opinion, Opinion 5 min read

Shadow APIs (Application Programming Interfaces) are now the biggest threat facing API security today. Analysis of more than 20 billion transactions from the first half of 2022 found 16.7 billion of these were malicious in nature and the majority (5 billion) were against unknown, unmanaged and unprotected APIs, more commonly referred to as Shadow APIs.

General

How to Build a Computer Security Incident Response Team (CSIRT)

November 18, 2022November 18, 2022 Zac Amos 2128 Views 0 Comments 12 min read

An effective Computer Security Incident Response Team can mean the difference between safety and vulnerability in today’s cybersecurity landscape. The CSIRT ensures your organization is prepared for cyber incidents and can react quickly to minimize the damage. This article will go over precisely what a CSIRT is, what the roles on the team are, how to assemble a CSIRT and what the CSIRT’s responsibilities are.

General

Cybersecurity Threats Faced by Small Businesses Expanding Online

November 11, 2022November 11, 2022 Luke Smith 929 Views 0 Comments basics 6 min read

It is an exciting prospect to move your business to the online space, but while you will have the chance to reach more customers, you will also need to understand the very possible chance of a data breach or other cybercrime. It only takes one incident to cause your company a world of trouble, and you don’t want to start your expansion off on the wrong foot.

General

IoT Regulation: The Carrot and the Stick

October 28, 2022October 28, 2022 David Adams 1164 Views 0 Comments expert, expert. opinion, Opinion 5 min read

Security is a real concern among consumers when it comes to the Internet of Things (IoT) which have time and again succumbed to a litany of attacks due to poor protection mechanisms and vulnerabilities. Yet vendors remain slow to implement the 13 guidelines contained in the UK DCMS Secure by Design Code of Conduct published way back in 2018 and which aligns with the international standard ETSI EN 303-645.
To help boost uptake, the UK Department for Culture, Media and Sport put out a tender to the industry to devise a scheme that would incentivise manufacturers to demonstrate proactive security compliance to customers. The result was the IASME scheme which offers three levels of compliance – Basic, Silver and Gold – in a bid to encourage the industry to take action. Those meeting the criteria can then display the associated badge on their products, reassuring customers. It’s the carrot, if you will, ahead of the legislation expected to be brought in next year under the Product Security and Telecommunications Infrastructure (PSTI) Bill.

General

Superintelligence Will Not Be Controlled

October 21, 2022October 21, 2022 Roman V. Yampolskiy 1774 Views 0 Comments AI, expert, expert. opinion, Opinion 8 min read

The invention of Artificial Intelligence will shift the trajectory of human civilization. But to reap the benefits of such powerful technology – and to avoid the dangers – we must be able to control it. Currently we have no idea whether such control is even possible. My view is that Artificial Intelligence – and specifically its more advanced version, Artificial Super Intelligence– could never be fully controlled.

General

Boosting Suricata with Next Gen Deep Packet Inspection

October 14, 2022October 21, 2022 Erik Larsson 1211 Views 0 Comments 3 min read

Intrusion Detection / Intrusion Prevention Systems (IDS/IPS) play an essential role in cybersecurity by detecting and blocking threats that have penetrated endpoint and perimeter defenses.
Open-source Suricata is one of the most widely deployed IDS/IPS, developed and maintained by the Open Information Security Foundation (OISF), a community-run non-profit foundation. It is used by enterprises and public organizations to protect networks, by consultants to provide cybersecurity services, and by vendors who build more comprehensive commercial cybersecurity solutions on top of Suricata.