Architecture, Authentication, CISO and Encryption

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

Ransomware gangs also got stealthier in 2023, with ThreatLabz observing an increase in encryption-less extortion attacks. The absence of encryption allows attackers to eliminate development cycles and decryption support and quietly exfiltrate data before making ransom demands.

CISO

CISO Social Engineering Architecture Ransomware

The White House Memo on Adopting a Zero Trust Architecture: Top Four Tips

Cisco Security

FEBRUARY 4, 2022

On the heels of President Biden’s Executive Order on Cybersecurity (EO 14028) , the Office of Management and Budget (OMB) has released a memorandum addressing the heads of executive departments and agencies that “sets forth a Federal zero trust architecture (ZTA) strategy.” Devices – Are the devices authenticated and managed?

Architecture

Architecture Authentication CISO Government

How Zero Trust helps CIOs and CTOs in Corporate Environments

CyberSecurity Insiders

JUNE 11, 2023

Zero Trust is a cybersecurity framework that can greatly support Chief Information Security Officers (CISOs) and Chief Technology Officers (CTOs) in their roles of securing organizational systems and data. Simplified Compliance: Compliance with industry regulations and data protection laws is a significant concern for CISOs and CTOs.

CISO

CISO Technology Architecture Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Cryptographic inventories need finalizing and quantum safe encryption needs to be adopted for sensitive communications and data. Consumers will begin to see their favorite applications touting “quantum-secure encryption.” CISOs will have to get quantum resilient encryption on their cyber roadmap.

Cybersecurity

Cybersecurity Marketing Encryption CISO

A Question of Identity: The Evolution of Identity & Access Management

SecureWorld News

FEBRUARY 9, 2024

Technology: Technology is the foundation for an IAM program delivery within a layered security architecture. RELATED: Death of the VPN: A Security Eulogy ] VPNs have notably higher operating costs and lower scalability when using device-based architecture. In this case, CISOs must manage the risks due to the technology debt.

IoT

IoT VPN Architecture Risk

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

It also feeds into the larger argument for adopting a zero-trust architecture , a methodology that essentially assumes that no user or devices trying to connect to the network can be trusted until they’re authenticated and verified. There also is the zero-trust architecture, according to the ThreatLabz report.

IoT

IoT Risk Architecture Manufacturing

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. In 2023, we are likely to see an increase in cloud-enabled data exfiltration in ransomware scenarios in lieu of encryption.

Cybersecurity

Cybersecurity CISO Insurance Ransomware

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Quantum computing poses a potential threat to current cybersecurity practices, which are based on encryption algorithms that can be broken by quantum computers. As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr.

Encryption

Encryption Technology Risk Architecture

ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures

The Last Watchdog

JULY 8, 2021

Here’s what they had to say, edited for clarity and length: Vikram Asnani, senior director – solution architecture, CyberGRX. From there, the malware began encrypting files on the victim’s machine. And then the encryption attack also was completed within minutes. Gary Phipps, VP of solution architecture, CyberGRX.

Ransomware

Ransomware Hacking Software Architecture

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

Imagine a shift away from logging into a “network” to having security seamlessly built into the network, and multi-factor authentication and authorization continuously performed at the application level on the fly — without users typing passwords. The vision being set forth by OMB is ambitious — but vital. What’s Next?

Authentication

Authentication Government DNS Encryption

To Achieve Zero Trust Security, Trust The Human Element

Thales Cloud Protection & Licensing

MAY 6, 2021

As such, this year’s World Password Day is in fact a timely reminder for businesses to drop passwords forever, and instead rollout access management solutions such as passwordless authentication. In our previous blogs we have discussed the many challenges that organizations face as they are seeking to embrace the Zero Trust security model.

Social Engineering

Social Engineering Authentication Passwords Technology

Tetrate and Federal Agency NIST Cohost ZTA and DevSecOps Conference 2022 Kicking Off With Istio and Envoy Training

CyberSecurity Insiders

JANUARY 5, 2022

SAN FRANCISCO–( BUSINESS WIRE )–Tetrate, the leading company providing a zero-trust application connectivity platform, announced their third annual conference on Zero Trust Architecture (ZTA) and DevSecOps for Cloud Native Applications in partnership with the U.S. security standards for a distributed architecture: About Tetrate.

Architecture

Architecture Computers and Electronics Engineering Technology

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Cisco Security

OCTOBER 18, 2021

The primary job of the Chief Information Security Officer (CISO) is to exercise continuous diligence in reducing risk, within the risk appetite and risk tolerance of the organization, so that the likelihood of a boom is low, and the corresponding magnitude of harm is limited. Some “Left of Boom” Processes. Frameworks.

Cybersecurity

Cybersecurity CISO Insurance Risk

The Zero-Trust Approach to Important Control Planes

Duo's Security Blog

MARCH 3, 2021

Zero Trust Key Concepts Zero trust, as a set of design ideas and principles for a security architecture allows for numerous interpretations about how to approach an efficient and safe implementation. Common challenges involve restricted availability of authentication methods and difficulty in gaining visibility of non-managed devices.

Architecture

Architecture Authentication CISO Risk

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

For instance, SD-WAN solutions have generally lacked threat prevention capacities that CISOs today look for in cybersecurity solutions, Greenfield observes. Notably, this very helpfully reinforces Zero Trust Network Architectures (ZTNA) and passwordless authentication , both of which have been steadily gaining wider adoption on their own.

Firewall

Firewall Digital transformation Internet Internet

5 Application Security Standards You Should Know

Security Boulevard

DECEMBER 21, 2021

The ASVS lists 14 controls: Architecture, design, and threat modeling. Authentication. Additionally, the ASVS notes it can be applied to the following use cases: Security architecture guide. Apply secure design principles in application architectures. Provide secure authentication features. Session management.

Software

Software Architecture Risk Penetration Testing

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. Passwordless authentication : Eliminates passwords in favor of other types of authentication such as passkeys, SSO, biometrics, or email access.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Verdict is in: Forward-thinking security controls prepared Jersey Courts for COVID

SC Magazine

MAY 18, 2021

Such efforts involved encryption, two-factor authentication, secure network access and cloud-based networking. For many companies, “if security was done during the pandemic, it was probably too late,” explained McCarthy’s colleague Sajed Naseem, CISO of New Jersey Courts. Click here for more coverage of the 2021 RSA Conference.

VPN

VPN Encryption Authentication CISO

State auditor’s office clashes with file transfer service provider after breach

SC Magazine

FEBRUARY 2, 2021

Mike Hamilton, president and chief information security officer at CI Security and former CISO of Seattle, told SC Media that the disparity in dates might simply be a matter of semantics. Our latest release of FTA has addressed all known vulnerabilities at this time,” said Frank Balonis, Accellion’s CISO, in a statement.

Government

Government CISO Media Encryption

The Road to Zero Trust

Thales Cloud Protection & Licensing

APRIL 21, 2021

One of the biggest challenges is likely to be, how you actually make the transition to a Zero Trust model whilst still having to maintain investment from your previous IT security tools and architectures, which were likely built around more perimeter-based models. Encryption. Encryption Key Management. Key management.

Risk

Risk Technology Mobile Digital transformation

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

Active Lock protects individual files by requiring step-up authentication until the threat is cleared. There are many options for step-up authentication, including Cisco Duo OTP and push notifications. The team validated Multi factor Authentication (MFA) for Cisco ASA VPN via RADIUS using the CyberARK Connector. Read more here.

Technology

Technology Firewall VPN Authentication

The Hacker Mind Podcast: Digital Forensics

ForAllSecure

DECEMBER 2, 2021

To be good at digital forensics, to be a digital Sherlock Holmes, you need to understand systems architecture. Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure. So the infrastructure was pretty smashed.

Penetration Testing

Penetration Testing Encryption Ransomware Passwords

Cyber Security Informer

Top 5 Cyber Predictions for 2024: A CISO Perspective

The White House Memo on Adopting a Zero Trust Architecture: Top Four Tips

Webinars

Trending Sources

How Zero Trust helps CIOs and CTOs in Corporate Environments

Webinars

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

A Question of Identity: The Evolution of Identity & Access Management

IoT Devices a Huge Risk to Enterprises

2023 Cybersecurity Predictions from Marcus Fowler, Darktrace

Quantum Computing: A Looming Threat to Organizations and Nation States

ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures

What’s New in the Federal Zero Trust Strategy?

To Achieve Zero Trust Security, Trust The Human Element

Tetrate and Federal Agency NIST Cohost ZTA and DevSecOps Conference 2022 Kicking Off With Istio and Envoy Training

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

The Zero-Trust Approach to Important Control Planes

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

5 Application Security Standards You Should Know

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Verdict is in: Forward-thinking security controls prepared Jersey Courts for COVID

State auditor’s office clashes with file transfer service provider after breach

The Road to Zero Trust

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

The Hacker Mind Podcast: Digital Forensics

Stay Connected