Video: Managing the Risks of the Internet of Things
Similar Posts
37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023
When CISOs work with go-to-market teams, cybersecurity transforms from a mere cost center into a valuable business function. This change is crucial in B2B interactions where robust cybersecurity controls offer a competitive advantage. A centralized inventory of cybersecurity controls, grounded in current and past contracts, helps businesses gauge the financial impact of these partnerships. This inventory also identifies unnecessary or redundant controls, offering an opportunity for cost reduction and operational streamlining. By updating this centralized list after the termination of contracts, the business can further optimize both its security posture and operational costs. This integrated strategy empowers the business to make well-informed, data-driven decisions that enhance profitability while maintaining robust security controls.
Yahoo porn hacking breach shows need for better security: 5 ways to protect your company
Security expert Kayne McGladrey, who serves as director of security and IT at Pensar Development and is a member of the Institute of Electrical and Electronics Engineers, said companies need to add extra steps to everything.
“The company could choose to add friction, whether it’s multi-factor authentication or an email link just to put a little additional scrutiny and raise the bar so it is materially more difficult for threat actors who have obtained someone’s credentials to be able to reuse those,” he said.
“The benefit of this strategy is that it applies universally. All of the automated attacks these days around credential stuffing and credential spraying do what the Yahoo hacker had done on a much larger scale. They get compromised credentials and test them across a whole bunch of websites using a distributed botnet.”
What are the biggest ethical considerations of security technology?
Algorithmic bias is one of the primary risks associated with emerging physical surveillance technologies. While the risks of facial recognition software are well known and documented, efforts are being taken to adapt computer vision to new and novel use cases. For example, one of the more deeply flawed failures was an attempt to detect aggressive behaviour or body language, which was unfeasible as there was not enough training data available. Other physical security systems will face a similar challenge of not discriminating against individuals based on protected factors due to a lack of training data, or more likely, a lack of gender or racially unbiased training data. Companies considering purchasing advanced or emerging physical security systems should enquire about the training data used in the development of those systems to not be subject to civil penalties resulting from discrimination caused by using said systems.
3 Cybersecurity Challenges for IIoT Devices in 2018
As the clock ticks towards a massive and preventable cyberattack on IIoT devices, manufacturers and companies deploying them must address three challenges.
How Will the New National Cybersecurity Strategy Be Implemented?
Kayne McGladrey, field CISO at Hyperproof, hopes that a future version of the plan will get more granular. “Industry-specific guidance is missing, as hospitals, banks, and SaaS startups all have different cybersecurity needs and available resources,” he says.
Cybersecurity experts talk about the digital world
“Administrative passwords — they’re sort of interesting,” McGladrey says. “If you can get an application’s password, that’s what got us to the Panama Papers a few years ago, where the third-party attacker was able to compromise the WordPress password, which, because of poor password storage technologies, happened to be the same as their database password.
“All of a sudden we got — three terabytes or something like that; it was something absurd — of ex-filtrated client data. The prime minister of Iceland got in a little bit of trouble about that, as well as people like Jackie Chan, all because the organization didn’t have a good mentality around rotating the passwords that were associated with apps. That problem transitions. It’s not a technology problem. It’s a cultural problem. And it transitions, regardless of environment.”