How Do You Know That Access Was Granted in the First Place?

A colleague and I recently had a discussion of Zero Trust Architecture (ZTA). There is no one-shoe-fits-all solution out there. Zero Trust is a journey more than it is a turn-key solution. But there are some common features and the NIST 800-207 standard or Microsoft’s Zero Trust advisory are not bad places to start reading. However – with my background at one of the major IGA solution vendors, I started wondering why Identity Governance and Administration (IGA) was never in the pictures when ZTA was discussed. The policy engine always assumes that if an account is member of a certain AD group or Azure role then it is OK and the role of “zero trust” is to check the identity’s device, location, time of day and other ad-hoc factors to decide whether to accept the request, enforce multi-factor authentication or even reject the request.

Read more

Attacks on Shadow APIs Loom Large

Shadow APIs (Application Programming Interfaces) are now the biggest threat facing API security today. Analysis of more than 20 billion transactions from the first half of 2022 found 16.7 billion of these were malicious in nature and the majority (5 billion) were against unknown, unmanaged and unprotected APIs, more commonly referred to as Shadow APIs.

Read more

How to Build a Computer Security Incident Response Team (CSIRT)

An effective Computer Security Incident Response Team can mean the difference between safety and vulnerability in today’s cybersecurity landscape. The CSIRT ensures your organization is prepared for cyber incidents and can react quickly to minimize the damage. This article will go over precisely what a CSIRT is, what the roles on the team are, how to assemble a CSIRT and what the CSIRT’s responsibilities are.

Read more

Cybersecurity Threats Faced by Small Businesses Expanding Online

It is an exciting prospect to move your business to the online space, but while you will have the chance to reach more customers, you will also need to understand the very possible chance of a data breach or other cybercrime. It only takes one incident to cause your company a world of trouble, and you don’t want to start your expansion off on the wrong foot.

Read more

IoT Regulation: The Carrot and the Stick

Security is a real concern among consumers when it comes to the Internet of Things (IoT) which have time and again succumbed to a litany of attacks due to poor protection mechanisms and vulnerabilities. Yet vendors remain slow to implement the 13 guidelines contained in the UK DCMS Secure by Design Code of Conduct published way back in 2018 and which aligns with the international standard ETSI EN 303-645.
To help boost uptake, the UK Department for Culture, Media and Sport put out a tender to the industry to devise a scheme that would incentivise manufacturers to demonstrate proactive security compliance to customers. The result was the IASME scheme which offers three levels of compliance – Basic, Silver and Gold – in a bid to encourage the industry to take action. Those meeting the criteria can then display the associated badge on their products, reassuring customers. It’s the carrot, if you will, ahead of the legislation expected to be brought in next year under the Product Security and Telecommunications Infrastructure (PSTI) Bill.

Read more

Superintelligence Will Not Be Controlled

The invention of Artificial Intelligence will shift the trajectory of human civilization. But to reap the benefits of such powerful technology – and to avoid the dangers – we must be able to control it. Currently we have no idea whether such control is even possible. My view is that Artificial Intelligence  – and specifically its more advanced version, Artificial Super Intelligence– could never be fully controlled.  

Read more

Boosting Suricata with Next Gen Deep Packet Inspection

Intrusion Detection / Intrusion Prevention Systems (IDS/IPS) play an essential role in cybersecurity by detecting and blocking threats that have penetrated endpoint and perimeter defenses.
Open-source Suricata is one of the most widely deployed IDS/IPS, developed and maintained by the Open Information Security Foundation (OISF), a community-run non-profit foundation. It is used by enterprises and public organizations to protect networks, by consultants to provide cybersecurity services, and by vendors who build more comprehensive commercial cybersecurity solutions on top of Suricata.

Read more