Cyber Defense eMagazine May 2021 Edition
Cyber Defense eMagazine May 2021 Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine May 2021 Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
`<br />
Detecting Privilege Escalation<br />
Call the Doctor! mHealth Apps are<br />
Exposing Medical Records<br />
Industry 4.0 under Threat Landscape<br />
Addressing The CISO the Legacy: Growing Security <strong>Cyber</strong>security Lieutenants Risks of<br />
<strong>Cyber</strong>-Physical Systems<br />
…and much more…<br />
Boosting Morale During Tough Times Will Also<br />
Boost Your Security Resilience<br />
COVID-19 Pushes the Introduction of Secure<br />
Digital Government Solutions<br />
Current <strong>Cyber</strong>security Weaknesses Will Result<br />
in Continued Data Breaches<br />
…and much more…<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 1<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
CONTENTS<br />
Welcome to CDM’s <strong>May</strong> <strong>2021</strong> Issue ------------------------------------------------------------------------------------------------- 6<br />
Addressing the Growing <strong>Cyber</strong>security Risks of <strong>Cyber</strong>-Physical Systems ------------------------------------- 21<br />
By Michael Welch, Managing Director, MorganFranklin <strong>Cyber</strong><br />
Boosting Morale During Tough Times Will Also Boost Your Security Resilience ---------------------------- 25<br />
By Nir Polak, CEO, Exabeam<br />
COVID-19 Pushes the Introduction of Secure Digital Government Solutions --------------------------------- 29<br />
By Andreas Räschmeier, CEO at Veridos<br />
Current <strong>Cyber</strong>security Weaknesses Will Result in Continued Data Breaches -------------------------------- 32<br />
By Randy Reiter CEO of Don’t Be Breached<br />
The Internet of Things Ongoing Directions --------------------------------------------------------------------------- 35<br />
By Milica D. Djekic<br />
The Importance Of Protecting Your App’s Source Code ----------------------------------------------------------- 38<br />
By Rui Ribeiro, CEO and Co-founder, Jscrambler<br />
How Various Flavors of PKI Can Protect and Secure Financial Services Data -------------------------------- 41<br />
By Abul Salek, Director of Product Management, Sectigo<br />
Five Steps for Safely Migrating your Workloads to the Cloud --------------------------------------------------- 45<br />
By Paul Farrall, CISO at Skytap<br />
<strong>Cyber</strong>security in Healthcare: Benefits, Examples, and Usage Tips Healthcare cybersecurity framework<br />
----------------------------------------------------------------------------------------------------------------------------------- 48<br />
By Kate Orekhova, Cleveroad company<br />
All the User Experience, None of The Security? ---------------------------------------------------------------------- 56<br />
By Deepika Gajaria, Vice President of Product, Tala Security<br />
In the Midst of COVID-19, We're Seeing a Pandemic of <strong>Cyber</strong> Attacks ---------------------------------------- 58<br />
By Babur Khan, Technical Marketing Engineer - Enterprise Security at A10 Networks<br />
Why A ‘Layers and Lists’ Approach to <strong>Cyber</strong>security Is Doomed to Fail --------------------------------------- 62<br />
By Gary Fischer, VP Americas, XM <strong>Cyber</strong><br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 2<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
New Report Shows Over Two Million Secrets Detected on Public GitHub in 2020 and a 20% growing<br />
trend Year-Over-Year. ----------------------------------------------------------------------------------------------------- 65<br />
By Jeremy Thomas, GitGuardian CEO<br />
Securing Patient Private Information in The Age of Shared Information ------------------------------------- 69<br />
By Christian Gitersonke, CEO, Health Insurance Answers<br />
Overcoming Security as a Barrier to Cloud Adoption -------------------------------------------------------------- 73<br />
By Ron Newman, SVP at NTT Ltd. Security Division<br />
Three things’ organizations must do to secure “passwordless” ------------------------------------------------- 75<br />
By Jerome Becquart, COO, Axiad<br />
Time Is Money: How to Minimize Data Breach Damages with Early Detection ----------------------------- 78<br />
By Karl Swannie, Founder, Echosec Systems<br />
Why We Care About <strong>Cyber</strong>security Hygiene ------------------------------------------------------------------------- 81<br />
By James Opiyo, Senior Consultant Security Strategy, Kinetic By Windstream<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 3<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
@MILIEFSKY<br />
From the<br />
Publisher…<br />
New <strong>Cyber</strong><strong>Defense</strong>Magazine.com website, plus updates at <strong>Cyber</strong><strong>Defense</strong>TV.com & <strong>Cyber</strong><strong>Defense</strong>Radio.com<br />
Dear Friends,<br />
We’re now only weeks away from RSAC <strong>2021</strong> with the theme “RESILIENCE”. We’re so grateful to be part of this<br />
event and continue in our 9 th year of partnering and promoting this event with the awesome team at the RSA<br />
Conference. Even though we’re all under tremendous pressure in this remote worker transition, we will succeed!<br />
“Grace Under Pressure” is a long-standing commendatory phrase often used to celebrate success under difficult<br />
circumstances. Based on my broad view of the collective response of individuals in our cybersecurity industry, it<br />
is clear that these professionals have demonstrated this sought-after acclamation.<br />
Let me be clear, the cybersecurity threats are nowhere near over; they will continue as long as digital data and<br />
storage facilities exist. But at this moment, with more than 3200 companies, and untold numbers of free-lancers,<br />
in the marketplace, the home team has admirably risen to the challenge.<br />
This <strong>May</strong> issue of <strong>Cyber</strong> <strong>Defense</strong> Magazine is replete with examples of cybersecurity professionals who have<br />
submitted articles based on their own experiences and expertise. In turn, this information and interpretation will<br />
help our readers in the industry to grow their own successes.<br />
As you review the topics in our Table of Contents and focus on the articles of relevance to your own endeavours,<br />
please know that you are among millions of other professionals who depend on <strong>Cyber</strong> <strong>Defense</strong> Magazine and the<br />
other affiliates of <strong>Cyber</strong> <strong>Defense</strong> Media Group to support these important functions of protecting our cyber assets<br />
from attacks by criminals and state actors.<br />
Wishing you all success in your own cyber endeavours.<br />
Warmest regards,<br />
Gary S. Miliefsky<br />
Gary S.Miliefsky, CISSP®, fmDHS<br />
CEO, <strong>Cyber</strong> <strong>Defense</strong> Media Group<br />
Publisher, <strong>Cyber</strong> <strong>Defense</strong> Magazine<br />
P.S. When you share a story or an article or information about<br />
CDM, please use #CDM and @<strong>Cyber</strong><strong>Defense</strong>Mag and<br />
@Miliefsky – it helps spread the word about our free resources<br />
even more quickly<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 4<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
@CYBERDEFENSEMAG<br />
CYBER DEFENSE eMAGAZINE<br />
Published monthly by the team at <strong>Cyber</strong> <strong>Defense</strong> Media Group and<br />
distributed electronically via opt-in Email, HTML, PDF and Online<br />
Flipbook formats.<br />
PRESIDENT & CO-FOUNDER<br />
Stevin Miliefsky<br />
stevinv@cyberdefensemagazine.com<br />
InfoSec Knowledge is Power. We will<br />
always strive to provide the latest, most<br />
up to date FREE InfoSec information.<br />
INTERNATIONAL EDITOR-IN-CHIEF & CO-FOUNDER<br />
Pierluigi Paganini, CEH<br />
Pierluigi.paganini@cyberdefensemagazine.com<br />
US EDITOR-IN-CHIEF<br />
Yan Ross, JD<br />
Yan.Ross@cyberdefensemediagroup.com<br />
From the International<br />
Editor-in-Chief…<br />
The international implications for cybersecurity during the pandemic are<br />
intensified by the widely divergent impacts of COVID-19 and its variants on<br />
our various nations and international organizations.<br />
More and more, we see conflicting vectors pulling us in different directions,<br />
and challenging our ability to maintain a healthy coordination between<br />
national interests and international, even global, responses to the disruption<br />
of “business as usual” and the so-called “new normal.”<br />
Even with the guidance of the World Health Organization, individual nations<br />
are responding to physical threats in divergent ways, which results in<br />
disparate outcomes in health, the ability to function normally, and<br />
ultimately the way digital work gets done.<br />
Both individually and organizationally, our resilience in overcoming these<br />
challenges makes the difference between success and something less.<br />
Although the concept may now verge on becoming a cliché, the threat is<br />
truly “existential” in its potential impact.<br />
As always, we encourage cooperation and compatibility among nations and<br />
international organizations in responding to these cybersecurity and privacy<br />
matters.<br />
To our faithful readers, we thank you,<br />
Pierluigi Paganini<br />
International Editor-in-Chief<br />
ADVERTISING<br />
marketing@cyberdefensemagazine.com<br />
CONTACT US:<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine<br />
Toll Free: 1-833-844-9468<br />
International: +1-603-280-4451<br />
SKYPE: cyber.defense<br />
http://www.cyberdefensemagazine.com<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine, a division of<br />
CYBER DEFENSE MEDIA GROUP (a Steven G. Samuels LLC d/b/a)<br />
276 Fifth Avenue, Suite 704, New York, NY 10001<br />
EIN: 454-18-8465, DUNS# 078358935.<br />
All rights reserved worldwide.<br />
PUBLISHER<br />
Gary S. Miliefsky, CISSP®<br />
Learn more about our founder & publisher at:<br />
http://www.cyberdefensemagazine.com/about-our-founder/<br />
9 YEARS OF EXCELLENCE!<br />
Providing free information, best practices, tips and<br />
techniques on cybersecurity since 2012, <strong>Cyber</strong> <strong>Defense</strong><br />
magazine is your go-to-source for Information Security.<br />
We’re a proud division of <strong>Cyber</strong> <strong>Defense</strong> Media Group:<br />
CDMG<br />
B2C MAGAZINE<br />
B2B/B2G MAGAZINE TV RADIO AWARDS<br />
PROFESSIONALS<br />
WEBINARS<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 5<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Welcome to CDM’s <strong>May</strong> <strong>2021</strong> Issue<br />
From the U.S. Editor-in-Chief<br />
We find ourselves another month into the COVID-19 pandemic with no end in sight. It is no wonder our<br />
pages for the <strong>May</strong> issue of <strong>Cyber</strong> <strong>Defense</strong> Magazine reflect continued and growing developments in<br />
dispersal of the digital workforce as well as the migration to cloud facilities for the storage and access of<br />
data.<br />
No doubt remains that the digital effects of this health emergency are going to be with us well into the<br />
foreseeable future. But there are also diverging trends.<br />
For example, the continuation and institutionalization of work-from-home (WFH) appears to be divided<br />
into two camps: those organizations providing incentives for workers to return to a more controlled<br />
central environment on one hand, and those working to harden the WFH structure to resist cyberattacks.<br />
We are fortunate to count on a broad diversity of perspectives among our contributors this month,<br />
providing informative and actionable information on the various trends and developments.<br />
We strive to make our publication most valuable to our readers by keeping current on emerging trends<br />
and solutions in the world of cybersecurity. To this end, we commend your attention to the valuable<br />
guidance provided by our expert contributors.<br />
Wishing you all success in your cybersecurity endeavors,<br />
Yan Ross<br />
U.S. Editor-in-Chief<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine<br />
About the US Editor-in-Chief<br />
Yan Ross, J.D., is a <strong>Cyber</strong>security Journalist & U.S. Editor-in-Chief of<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine. He is an accredited author and educator and<br />
has provided editorial services for award-winning best-selling books on<br />
a variety of topics. He also serves as ICFE's Director of Special Projects,<br />
and the author of the Certified Identity Theft Risk Management Specialist<br />
® XV CITRMS® course. As an accredited educator for over 20 years,<br />
Yan addresses risk management in the areas of identity theft, privacy,<br />
and cyber security for consumers and organizations holding sensitive<br />
personal information. You can reach him by e-mail at<br />
yan.ross@cyberdefensemediagroup.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 6<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 7<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 8<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 9<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 10<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 11<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 12<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 13<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 14<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 15<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 16<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 17<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 18<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 19<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 20<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Addressing the Growing <strong>Cyber</strong>security Risks of<br />
<strong>Cyber</strong>-Physical Systems<br />
By Michael Welch, Managing Director, MorganFranklin <strong>Cyber</strong><br />
<strong>Cyber</strong>attacks against critical infrastructure and other cyber-physical systems have increased for years.<br />
These attacks are particularly concerning because they pose a realistic threat to peoples’ lives, health,<br />
and safety.<br />
As the Internet of Things (IoT) continues to expand, society also becomes increasingly dependent on<br />
cyber-physical systems. Properly securing these systems is essential to managing the risks that they<br />
pose to owners, managers, and the general community.<br />
<strong>Cyber</strong>-Physical Attacks Are Not Theoretical<br />
<strong>Cyber</strong> threat actors have had the capabilities to access critical infrastructure for a long time. However, in<br />
recent years, security incidents in power grids and other infrastructure have moved from proof of concept<br />
to actually harnessing this access.<br />
Some examples of high-profile cyber-physical attacks include:<br />
●<br />
●<br />
Stuxnet, one of the most famous cyberattacks to date, used malware to disrupt and damage<br />
centrifuges.<br />
Multiple cyberattacks against the Ukrainian power grid caused a loss of power to hundreds of<br />
thousands of residents.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 21<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
●<br />
●<br />
A ransomware attack in February 2020 caused a two-day shutdown of a US-based natural gas<br />
operator.<br />
The recent cyberattack against a water treatment plant in Oldsmar Florida could have resulted in<br />
a poisoned water supply if not detected and reversed in time.<br />
However, while critical infrastructure threats result in some of the most visible and wide-reaching cyberphysical<br />
attacks, they are not the only area to consider. Research has demonstrated numerous potential<br />
attack vectors against pacemakers and other personal health devices, which could be exploited to cause<br />
personal harm or used for ransomware attacks. The increased use of IoT devices in manufacturing,<br />
transportation, and similar sectors make it possible for cyberattacks to cause industrial accidents, train<br />
derailments, and similar incidents.<br />
Addressing <strong>Cyber</strong>-Physical Security Challenges<br />
<strong>Cyber</strong>-physical systems have many of the same cybersecurity challenges as their traditional IT<br />
counterparts. Although, these systems also pose additional enterprise cybersecurity risks for several<br />
different reasons.<br />
Operational Technology<br />
Operational technology (OT) systems include all of the cyber-physical systems that make up critical<br />
infrastructure. This includes both specialized components (like power generation equipment) and the<br />
computers that control them.<br />
OT cybersecurity is challenging because of the industry’s unique situation. Previously, most OT devices<br />
were physically separated from IT networks, making them more difficult to access and attack. In recent<br />
years, a push for increased efficiency and centralization has eroded this air gap, suddenly connecting<br />
many devices to the internet that were not designed for external access.<br />
These security challenges are exacerbated by the high availability requirements of OT environments. It<br />
is not feasible to shut down a power grid for a couple weeks to perform widespread updates. As such,<br />
critical infrastructure components are also only updated during tight maintenance windows, leaving<br />
systems largely out-of-date and lacking adequate protection against modern threats.<br />
Internet of Things Devices<br />
IoT devices are extremely convenient for personal and professional use. The ability to centrally monitor<br />
and manage remote sites offers substantial cost-savings for organizations, and employees commonly<br />
deploy “smart” solutions in the office. This trend has only accelerated with the transition to remote work.<br />
However, IoT devices also create significant security risks for organizations. IoT security is notoriously<br />
poor, which prompted the creation of the California Internet of Things Security Law to help ensure a<br />
baseline level of device security. Unfortunately, this regulation is not enough to ensure the devices are<br />
actually secure against exploitation.<br />
While IoT devices create widespread digital security risks to organizations, they hold physical security<br />
risks as well. Many “smart” devices are given positions of trust within the home or office, such as<br />
controlling the temperature, managing access to doors, detecting smoke and carbon monoxide in<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 22<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
buildings, and similar functions. A cyberattack against these devices could easily cause property damage<br />
or harm to a building’s residents.<br />
Personal Healthcare Devices<br />
Personal healthcare devices like “smart” pacemakers and similar systems provide a higher level of patient<br />
care than was previously available. The ability to continually monitor and manage these devices allows<br />
them to be better tuned to a patient’s needs.<br />
However, the numerous ransomware attacks against healthcare providers in 2020 demonstrated that<br />
cybercriminals have no reluctance for targeting healthcare systems. These same attacks could also be<br />
aimed at personal healthcare devices. Security researchers have already demonstrated that pacemaker<br />
vulnerabilities could be exploited to deliver painful electric shocks. Similar vulnerabilities could install<br />
ransomware on these devices – forcing victims to pay for medical treatment – or performing additional<br />
attacks.<br />
Personal healthcare devices are a specialized type of IoT device and carry many of the same security<br />
challenges. A lack of security research and investment by manufacturers, combined with the difficulty of<br />
installing updates on these devices, leaves patients vulnerable to attack.<br />
Inconsistent Regulation and Enforcement<br />
For critical infrastructure, cybersecurity regulations come from the government agency responsible for<br />
that utility, but the agencies responsible differ from one to another. For example, water distribution falls<br />
under the EPA, the power grid is under the Department of Energy, and transportation is regulated by<br />
DHS and the Department of Transportation.<br />
With different organizations directing cybersecurity needs across the sectors, cybersecurity regulations<br />
and enforcement differ as well. This can result in vulnerabilities when a particular utility lacks stringent<br />
cybersecurity regulations, or the requirements are not effectively audited or enforced.<br />
Best Practices for Securing <strong>Cyber</strong>-Physical Systems<br />
Most cyber-physical attacks take advantage of lacking security sophistication. The targets of these<br />
attacks have often not gained the same level of cybersecurity research and development as traditional<br />
IT systems. Some cyber-physical systems (like parts of the power grid) predate the Internet, while others<br />
(such as IoT devices) are manufactured by companies that do not have backgrounds in IT system design<br />
and cybersecurity.<br />
Managing these types of cybersecurity risks requires taking proactive security measures. Some best<br />
practices for protecting cyber-physical systems include:<br />
●<br />
●<br />
Perform a Risk Assessment: Adding IoT and other internet-connected devices to an<br />
organization’s network can increase convenience at the expense of security. Before deploying<br />
these devices, perform a risk assessment to determine if the cost to organizational security<br />
outweighs the benefits.<br />
Implement Network Segmentation: IoT devices, OT systems, and other cyber-physical systems<br />
should be located on a separate segment of an organization’s network. This helps protect the<br />
organization against compromise via IT networks and from being used as an entry vector into its<br />
environments.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 23<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
●<br />
●<br />
●<br />
Enforce Access Controls: <strong>Cyber</strong>attacks like the Oldsmar water treatment plant hack take<br />
advantage of poor access controls. Access to these systems should be restricted based on the<br />
principle of least privilege and use multi-factor authentication (MFA) to help prevent unauthorized<br />
access.<br />
Apply Updates Promptly: Many cyberattacks against cyber-physical systems also take<br />
advantage of unpatched vulnerabilities in these devices. Regularly testing and applying updates<br />
can help mitigate the impact of security issues in these devices.<br />
Use Real-Time Protection: Real-time protection solutions run on a device and attempt to identify<br />
and block attacks against it. This approach can also help lessen the impact of unpatched devices<br />
on enterprise cybersecurity.<br />
As the world becomes ever more connected, cyber-physical threats will increase in tandem. It is vital to<br />
understand how to incorporate these systems with sound cybersecurity strategies to minimize their cyber<br />
risks.<br />
About the Author<br />
Michael Welch is responsible for supporting new business<br />
relationships and spearheading cybersecurity consulting initiatives<br />
for MorganFranklin. A leader in cybersecurity and technology with<br />
over 20 years of experience in risk management, compliance, and<br />
critical infrastructure. Mike previously served as global chief<br />
information security officer for OSI Group, a privately-owned food<br />
processing holding company that services some of the world’s bestknown<br />
brands throughout 17 countries. In addition, he has worked<br />
with Burns & McDonnell, Duke Energy Corp. and Florida Power &<br />
Light, among other companies. He is an accomplished CISO, senior<br />
manager, and security consultant, leading teams of InfoSec<br />
engineers, architects, and analysts to deliver complex cybersecurity<br />
transformations.<br />
Michael can be reached online at https://www.linkedin.com/in/michael-welch-93375a4/ and at our<br />
company website https://www.morganfranklin.com/cybersecurity/<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 24<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Boosting Morale During Tough Times Will Also Boost<br />
Your Security Resilience<br />
By Nir Polak, CEO, Exabeam<br />
While 2020 impacted nearly every business, the pandemic was not the only obstacle leaders faced last<br />
year. As we begin <strong>2021</strong>, it’s important to remember the factors that shape company morale can also play<br />
a role in determining potential security risks for your business. Changes made to teams, uncertainties<br />
around the economy and job security, employee wellness, shifting to remote work, and rising cyberthreats<br />
are just a handful of the issues leaders must combat to avoid the negative impacts on company culture.<br />
Whether we look around the room or analyze statistical data, it’s clear that job satisfaction and company<br />
culture play a vital role in navigating tough times. A survey of 351 international security professionals<br />
showed that despite high-stress levels, cybersecurity professionals are satisfied and feel secure in their<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 25<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
jobs. While this is good news, business leaders must constantly consider the different ways that a<br />
negative company culture may lead to frequent employee turnover, less loyalty or even disgruntled<br />
employees, which may result in increased security risks due to negligence and/or malicious insider<br />
threats.<br />
There are many ways organizations can improve company morale and top leadership must be behind it.<br />
Great morale will help companies get through any storm, whether unexpected turnover, data breaches,<br />
the challenges of not seeing each other in-person, Zoom fatigue that comes with 100% remote work, and<br />
the initial and ongoing shock of living through a pandemic. Constant communication is key.<br />
As the effects of the pandemic and remote work carry over into <strong>2021</strong>, managers can be empathetic in<br />
their endeavor to understand and address factors contributing to any high stress levels on their teams.<br />
Check in on your employees through regular team meetings and encourage opportunities to unwind. At<br />
Exabeam, we’ve implemented a mix of offerings, from virtual meditation and yoga, to online trivia and<br />
happy hour sessions. To further lift morale, you can also:<br />
●<br />
●<br />
●<br />
Build new communities that encourage frequent meetings between employees from different<br />
departments.<br />
Establish or resume mentorship programs that provide employees with a safe space to discuss<br />
their professional life goals and any obstacles, personal or professional, that stand in the way of<br />
achieving them.<br />
Ensure all managers and employees are working towards transparent and shared business<br />
objectives. This will improve performance, increase trust in leadership, build confidence and<br />
increase engagement. And most importantly, drive loyalty, commitment and passion for the work.<br />
Manage Stress and Recognize Employee Needs<br />
The survey of international security professionals also revealed that despite an increase in cyberthreats<br />
in the early days of the pandemic, three-quarters of organizations had to furlough members from the SOC<br />
team. Combating new and familiar threats with fewer people on staff to help naturally leads to added<br />
stress. The 2008 recession saw higher rates of unemployment and increased anxiety for those who kept<br />
their jobs. Just over a decade later, those who kept their jobs in cybersecurity are facing a larger<br />
threatscape. Compounding the issue, remote work has made it more difficult to mitigate growing threats,<br />
hindered communication with IT departments and led to more mistakes due to distractions at home.<br />
The blurred lines between work and home also mean employees both within and outside of the SOC are<br />
working longer hours and finding it difficult to completely shut down every day. As our employees juggle<br />
the need to work with the distractions that come along with home life -- taking care of aging parents or<br />
helping children with virtual learning, for instance -- burnout should be on every business leader’s radar.<br />
While the idea of vacation might mean stepping away from your desk for a few days rather than traveling<br />
to new locations or visiting loved ones, encourage your employees to take that time off and truly unplug.<br />
Set boundaries with work schedules and offer flexible hours to those who would benefit from them. In<br />
short -- listen to your employees’ needs. Fatigue across departments can lead to more mistakes, such<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 26<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
as falling for phishing emails, and on the security side, burnout can lead to SOC employees missing key<br />
attack indicators. Paying attention to employees’ mental health will help them, their teams and the<br />
company’s security posture.<br />
Keep <strong>Cyber</strong>security Training and Education Top of Mind<br />
Reminding employees of basic security hygiene will also go a long way in mitigating risk and reducing<br />
the impact of negligent insider threats, such as forgetting to log out of a work computer or utilizing weak<br />
passwords. This also serves as an opportunity to remind administrators to change default passwords and<br />
apply security patches. Another useful tactic with remote work is continuing to conduct regular antiphishing<br />
training across the organization. Regularly sending phishing emails and identifying users who<br />
do not recognize the email as phishing attempts will help reduce the number of employees and<br />
contractors who may become compromised insiders. Investing in training can also help employees<br />
develop advanced skills, open up new job opportunities, and enable organizations to deal more effectively<br />
with new, emerging threats.<br />
Provide Employees with Tools for Success<br />
For organizations operating with a smaller team or fewer SOC staff, automation tools are essential in<br />
mitigating security threats. Automation provides security professionals with an opportunity to transition<br />
from lower-valued activities to other high profile, strategic projects. User and entity behavior analytics<br />
(UEBA), which tracks, collects and analyzes user and machine data to detect threats within an<br />
organization, is one such tool. Using various analytical techniques, UEBA determines anomalous from<br />
normal behaviors. This is typically done by collecting data over a period of time to understand what normal<br />
user behavior looks like, then flagging behavior that does not fit that pattern.<br />
UEBA can often spot unusual online behaviors – credential abuse, unusual access patterns, large data<br />
uploads – that are telltale signs of insider threats. More importantly, UEBA can often spot these unusual<br />
behaviors among compromised insiders long before criminals have gained access to critical systems.<br />
Unsettling recent SOC research shows that the pandemic has forced 60% of companies to defer<br />
investments in security technology, which were previously planned. While it’s tempting to cut corners for<br />
the sake of budget, investing in automation tools now will not only assist with minimizing security team<br />
exhaustion and increasing productivity. Paradoxically, doing so could help save thousands or even<br />
millions of dollars in breach and legal costs down the line as well as the immeasurable cost of the toll on<br />
company morale.<br />
Working in technology means your employees are tasked with difficult work that needs constant<br />
protection to keep up with the fast-paced nature of the industry. For many of us, we were able to continue<br />
that work remotely once lockdowns spread throughout the world, but as we look towards maintaining<br />
business continuity and resilience throughout this new year, we must prioritize company culture and<br />
understand the important role it plays in ensuring both employee and security wellness.<br />
Committing to the health of our company culture will continue to ensure customer and security wellness,<br />
too.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 27<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
About the Author<br />
As CEO and Co-Founder of next-gen SIEM company,<br />
Exabeam, Nir Polak is an experienced entrepreneur and<br />
successful leader in the cybersecurity market. Nir can be<br />
reached online at www.exabeam.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 28<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
COVID-19 Pushes the Introduction of Secure Digital<br />
Government Solutions<br />
The Secure Digital Authentication of Official Documents Plays an Important Role in Times of Pandemic<br />
By Andreas Räschmeier, CEO at Veridos<br />
In the wake of the pandemic, governments and public authorities need smart solutions to manage the<br />
situation efficiently. Digital government solutions that enable the authentication of official documents<br />
and provide a high level of IT security have an important role to play.<br />
The ongoing coronavirus pandemic has presented a host of challenges for governments and citizens<br />
alike. The implementation of necessary health precautions has greatly affected working environments<br />
and the ways people interact with one another, meaning many government services can no longer be<br />
carried out without digital alternatives.<br />
While minimizing human contact helps to contain the virus, citizens are in need to gain access to<br />
authenticated sensitive documents, including health and vaccination documents. In addition, public<br />
authorities want to ensure that those documents are genuine in order to manage the crisis efficiently.<br />
Ultimately, we believe that the only valid answer to this problem is the development of digital government<br />
services that enable secure and user-friendly issuing and verification procedures. The outcome: highly<br />
secure certificates with a visible digital seal. This allows key users, e.g. doctors or vaccination centers,<br />
to issue universally accepted, state-authorised and recognised certificates. Such services enable citizens<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 29<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
to obtain digital documents from medical practitioners, insurance companies or authorities responsible<br />
for medical certificates, vaccination certificates or travel permits.<br />
The use of a visible digital seal guarantees that the documents remain secure and in turn allows for a<br />
simple verification process. Since the seals are cryptographically secured, their content cannot be<br />
changed. Additionally, a visible digital seal helps governments and authorities to combat fraud, as<br />
government agencies can check who issued each seal and void seals that were issued in error. The<br />
visible digital seal is displayed in the form of a 2D barcode on a smartphone and can be scanned with<br />
another mobile device, or if preferred by the citizen, the seal can be printed and used in hard copy.<br />
Veridos, a joint venture of the<br />
international technology group<br />
Giesecke+Devrient and the<br />
Federal Printing Office of<br />
Germany, offers such a digital<br />
solution with VeriGO® TrueSeal.<br />
Based on tried-and-tested<br />
technology, the easy-to-use<br />
platform can be rolled out quickly<br />
and customized for use. It<br />
represents a fast and secure<br />
solution for generating officially<br />
certified sensitive documents and<br />
provides a high level of security in<br />
these challenging pandemic times.<br />
The solution is great proof of the<br />
positive impact that smart digital<br />
government services can have.<br />
While innovations in technology are the foundation of the development of digital government use cases,<br />
these new solutions must not only enable high-quality, user-friendly services, but must also guarantee<br />
the privacy and security of citizens. Liu Zhenmin, Under-Secretary-General of the Department of<br />
Economic and Social Affairs at the United Nations, has rightly stated that progress in the implementation<br />
of digital government services "is accompanied by existing and new challenges and risks, such as<br />
cybersecurity and data protection" (1).<br />
Nowadays, there exist tools that drastically reduce security threats. Companies such as Veridos<br />
specialize in providing end-to-end solutions and services that meet all requirements for the secure<br />
collection and storage of data and information and the preservation of citizens' privacy. As citizens will<br />
get used to digital government services in the future, it is essential that they can trust the infrastructure<br />
behind these services – especially when it comes to sensitive documents like vaccination certificates.<br />
In short, digital advancements along with a new normal have not only emphasized the importance for<br />
remote access of services but also the potential to integrate secure eGovernment services to existing<br />
trusted infrastructure and processes.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 30<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
About the Author<br />
Andreas Räschmeier is CEO of Veridos GmbH, a joint venture between<br />
Giesecke+Devrient and Bundesdruckerei (Berlin). The company supplies<br />
governments and authorities with tailor-made complete solutions for secure<br />
identification. Räschmeier began his professional career at G+D in 2004,<br />
when he took over as Head of Business Development in the area of chip card<br />
security. Since then, he has held several management positions in various<br />
business sectors, including Group Vice President Sales & Marketing for the<br />
former payment division. Most recently, he was Global Vice President<br />
Operations & Global Support at the subgroup Currency Technology. He has<br />
been CEO of Veridos since November 1, 2019. Before joining G+D, the<br />
industrial engineer worked for Siemens and STMicroeletronics in France.<br />
Andreas can be reached online at LinkedIn and at our company website<br />
https://www.veridos.com/en/home.html.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 31<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Current <strong>Cyber</strong>security Weaknesses Will Result in<br />
Continued Data Breaches<br />
By Randy Reiter CEO of Don’t Be Breached<br />
Problems in cybersecurity resulted in the successful hacking campaign that foreign state hacking groups<br />
used leveraging product updates from the IT software company SolarWinds. The foreign state hacking<br />
groups’ hack of SolarWinds allowed them to access important systems at nine US federal agencies,<br />
Microsoft, cybersecurity companies and 100+ private companies.<br />
Was it the lack of cyber security funding, available security personnel, problems in existing cybersecurity<br />
solutions, management recognition of what’s required to protect confidential data or the lack of security<br />
standards for protection of confidential data? Perhaps all of the above.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 32<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
A recent Bitdefender study found that many organizations have not applied security patches issued two<br />
years ago. They found in 2020 that 64% of the security patches released in 2018 had not been applied.<br />
This is a Hackers dream come true for implementing successful Data Breach and Malware Attacks.<br />
Some of this lag is due to not applying critical security patches on a timely basis since the patches may<br />
have a negative impact on running systems. Applying security patches can also be time-consuming and<br />
not the most exciting work for time strapped IT professionals to perform. This is perfect storm for Hackers,<br />
Rogue Insiders and Supply Chain Attacks to steal confidential data.<br />
Confidential data includes: credit card, tax ID, medical, social media, corporate, manufacturing, trade<br />
secrets, law enforcement, defense, homeland security, power grid and public utility data. This data is<br />
almost always stored in DB2, Informix, MySQL, Oracle, SAP ASE and SQL Server databases. Once<br />
inside the security perimeter (via a Supply Chain or Zero Day Attack) a Hacker or Rogue Insider can use<br />
commonly installed database utilities to steal confidential database data. If a Hacker gains privileged<br />
access to confidential data conventional security software may not detect their presence until it is too late<br />
How to Stop the Theft of Confidential Database Data<br />
Protecting encrypted (and unencrypted) confidential database data is much more than securing<br />
databases, operating systems, applications and the network perimeter against Hackers, Rogue Insiders<br />
and Supply Chain Attacks.<br />
Non-intrusive network sniffing technology can perform a real-time full packet capture and analyze in realtime<br />
100% the database query and SQL activity from a network tap or proxy server with no impact on the<br />
database server. This SQL activity is very predictable. Database servers servicing 1,000 to 10,000 endusers<br />
typically process daily 2,000 to 10,000 unique query or SQL commands that run millions of times<br />
a day. SQL packet sniffing does not require logging into the monitored networks, servers or databases.<br />
This approach can provide CISOs with what they can rarely achieve. Total visibility into the database<br />
activity 24x7 and protection of confidential database data.<br />
In 2020 the DHS, Department of State, U.S. Marine Corps and the Missile <strong>Defense</strong> Agency all issued<br />
requests for proposals (RFP) for network full packet data capture for analysis of network traffic. This is<br />
an important step forward for both cybersecurity and protecting confidential database data.<br />
Advanced SQL Behavioral Analysis of Database SQL Activity Prevents Data Breaches<br />
Advanced SQL Behavioral Analysis of 100% of the real-time database SQL packets can learn what the<br />
normal database activity is. Now the database query and SQL activity can be non-intrusively monitored<br />
in real-time and non-normal SQL activity immediately identified. This approach is inexpensive to setup,<br />
has a low cost of operation and low disk space usage. Now non-normal database SQL activity from<br />
Hackers or Rogue Insiders can be detected in a few milli seconds. The Security Team can be immediately<br />
notified and the Hacker database session terminated so that confidential database data is not stolen,<br />
ransomed or sold on the Dark Web.<br />
Advanced SQL Behavioral Analysis of the query activity can go even further and learn the maximum<br />
amount of data queried plus the IP addresses all queries were submitted from for each of the 2,000 to<br />
10,000 unique SQL queries that run on a database server.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 33<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
This type of Data Breach Protection can detect never before observed Hacker query activity, queries sent<br />
from a never observed IP address and queries sending more data to an IP address than the respective<br />
query has ever sent before. This allows real-time detection of Hackers and Rogue Insiders attempting to<br />
steal confidential database data. Now an embarrassing and costly Data Breach may be prevented.<br />
About the Author<br />
Randy Reiter is the CEO of Don’t Be Breached a Sql Power Tools<br />
company. He is the architect of the Database <strong>Cyber</strong> Security Guard<br />
product, a database Data Breach prevention product for Informix,<br />
MariaDB, Microsoft SQL Server, MySQL, Oracle and SAP Sybase<br />
databases. He has a Master’s Degree in Computer Science and has<br />
worked extensively over the past 25 years with real-time network<br />
sniffing and database security. Randy can be reached online at<br />
rreiter@DontBeBreached.com, www.DontBeBreached.com and<br />
www.SqlPower.com/<strong>Cyber</strong>-Attacks.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 34<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
The Internet of Things Ongoing Directions<br />
By Milica D. Djekic<br />
It takes time to get through the journey. Several decades back the global technological landscape has<br />
been less developed and different than it is today. In the meantime, our societies have become<br />
overwhelmed with the cutting-edge stuffs such as the Internet of Things, artificial intelligence, machine<br />
learning and much more. Indeed, all of those technologies have the strong root in the past and they are<br />
only the part of the historical wheel that impacts our lives and businesses. The primary accent of the<br />
modern emerging world is on the sub-second communication that can make both – people and machines<br />
exchanging the information at much faster level.<br />
It appears we are connected better than ever and in that interconnected surrounding we can deal much<br />
quicker. Also, the good question in such a case is if the humans are capable to process that information<br />
that fast. <strong>May</strong>be the machines can proceed with those findings much better than people as they cope<br />
with the powerful processing capacities. In other words, it seems that this novel time can make us move<br />
at much prompter scale not only physically, but also virtually.<br />
The shift from ordinary to smart landscape is not the surprise as the generations before us have prepared<br />
the condition for such a community’s boom. So, our journey is long-term, and it is not over yet. Apparently,<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 35<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
it seems it is getting ready for the new and new rounds that are waiting for us in the closer or more distant<br />
future. In the modern time, when we think about the things such as virtual reality, renewable energy and<br />
much more we can notice all of those advancements are common for the technologically developed<br />
economies and as well they are doing their knock, knock at the doors of developing world.<br />
At this stage, it appears that we live in the Internet of Things era and that technology is dealing with its<br />
everyday changes and innovations. The crucially important thing for that improvement is the web<br />
connectivity that provides an opportunity to interconnected devices to exchange the information relying<br />
on the internet signal. On the other hand, anything coping with the internet communication has its IP<br />
address and from that perspective it’s clear that such a protocol is from the vital significance to that<br />
communication and also, it’s the biggest weakness to such a system. From this point of view, it looks like<br />
that the security of such a communication can be the imperative for the coming times and indeed, such<br />
an innovation can run the entire breakthrough of the new industrial revolutions. The high-tech defense is<br />
something that is ongoing in this age and maybe some of the directions of the Internet of Things<br />
technology are as so. In addition, the Internet of Things is the non-separated part of the industry 4.0 that<br />
is the leading engine for the economic growth and development. The Internet of Things is gaining its<br />
popularity everywhere in the world and as the technology is getting cheaper and cheaper the industry<br />
leaders are opening the new and new marketplaces across the globe.<br />
Basically, it’s the trick that will transform the digital endeavors in the way that is so simple and probably<br />
not that revolutionary. In the essence, everyone will talk about the 4 th industrial revolution and maybe<br />
they are right, but in our opinion, it is something branding new and still not the discovery on its own. So<br />
many Asian countries will take part into this competition and obviously they will not manufacture anything<br />
new but rather rely on their contractors and suppliers that will produce the semi-products, so some<br />
industry 4.0 factory will just do the assembly of the finalized parts. Anyhow, no one will care, and many<br />
industries will see the convenient chance to make the profit as well as the breakthrough to the always<br />
evolving marketplace, so far.<br />
As we have suggested – the 4 th industrial revolution is not something that will deal with any discovery,<br />
but it is the phenomenon that will impact our economies, societies, and businesses at the same glance.<br />
So, maybe we will not deal with the discovery of the alternating current as it was the case in the industry<br />
2.0, but we will cope with the entire new environment of opportunities that will change many of so with<br />
us. Indeed, maybe this revolution if we can call it like so is not purely technological one, but more<br />
economical, business, and social by its nature. Everything is so simple and the Internet of Things by itself<br />
is becoming the outcome of the golden outlets to industry as we know it from the past. In other words,<br />
this new wave will shake and move everyone in the world and that change being revolutionary or not will<br />
impact the non-returnable process giving the chance to everyone following that tendency to make a profit<br />
for their efforts.<br />
Some prognoses will suggest that the future directions in such a sense will seek from us to take care<br />
about our safety and security in the technological manner and indeed, maybe those courses will define<br />
our further development. From this perspective, we can notice a plenty of similarities between the 3 rd and<br />
4 th technological revolution as the both occurrences will cope with the digital systems. Therefore, the<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 36<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
industry 2.0 will cope with the analog environment, while the industry 3.0 will also be dependable on<br />
electricity but it will make a shift to digital surrounding. Finally, the industry 4.0 is relying on the electricity<br />
as well, but it will be so like the 3 rd industrial revolution as it will also correspond with the digital systems.<br />
The entire new trend will suggest that the next epoch will bring the revolutionary new paradigm such as<br />
quantum computing.<br />
It’s up to us to see what the future will bring, but at this stage we need to think hard how to protect our<br />
lives and assets from the harm. The things are not always as they seem.<br />
About The Author<br />
Milica D. Djekic is an Independent Researcher from Subotica,<br />
the Republic of Serbia. She received her engineering background<br />
from the Faculty of Mechanical Engineering, University of<br />
Belgrade. She writes for some domestic and overseas presses and<br />
she is also the author of the book “The Internet of Things:<br />
Concept, Applications and Security” being published in 2017<br />
with the Lambert Academic Publishing. Milica is also a speaker<br />
with the BrightTALK expert’s channel. She is the member of an<br />
ASIS International since 2017 and contributor to the Australian<br />
<strong>Cyber</strong> Security Magazine since 2018. Milica's research efforts<br />
are recognized with Computer Emergency Response Team for<br />
the European Union (CERT-EU), Censys Press, BU-CERT UK<br />
and EASA European Centre for <strong>Cyber</strong>security in Aviation<br />
(ECCSA). Her fields of interests are cyber defense, technology<br />
and business. Milica is a person with disability.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 37<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
The Importance Of Protecting Your App’s Source Code<br />
By Rui Ribeiro, CEO and Co-founder, Jscrambler<br />
If your business operations involve any type of web or mobile app, it’s likely that the source code of these<br />
apps represents a very important part of your company’s intellectual property. As a result of the ongoing<br />
digital transformation, these apps have often become key pieces of a company’s competitive advantage<br />
and thus a strategic business asset. It's no wonder then that unwarranted access to this source code<br />
could put this competitive advantage at risk. However, this is just the tip of the iceberg, as unprotected<br />
source code can lead to critical security issues such as automated abuse, piracy, and data exfiltration.<br />
When we take a look at the development scheme, we see that JavaScript, for instance, has grown<br />
immensely over the years, and now it powers around 97% of modern web applications. Every Fortune<br />
500 company relies on this thriving open-source ecosystem with thousands of frameworks available that<br />
speed up the development process. But, despite the many benefits and business value associated with<br />
JavaScript, organizations need to consider the changes to their threat model when using JavaScriptbased<br />
web and mobile applications. Especially when it comes to applications in sectors such as banking,<br />
healthcare, broadcasting, and e-commerce.<br />
The tricky part about JavaScript is that it needs to be interpreted by a browser for it to work, therefore<br />
becoming exposed in a way that anyone can access, read, and change. And although the general<br />
recommendation is to keep sensitive code on trusted environments such as the backend, this is often<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 38<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
infeasible due to the inherent performance issues. The result is that companies end up running<br />
proprietary algorithms and important business logic on the exposed client-side.<br />
Regulations and standards such as NIST and ISO 27001 also mention the risks of unprotected source<br />
code, recommending that organizations put in place strict control procedures to keep them from<br />
experiencing the consequences of attacks to the source code.<br />
Security Risks: Automated Abuse, Piracy and Data Exfiltration<br />
As OWASP mentions, potential attackers can take advantage of the exposed code to modify the<br />
application’s data and resources, change the system APIs, or change the contents of memory<br />
dynamically. This way, they can hijack the intended use of the code for personal or monetary gain.<br />
One of the hijacking routes attackers can take is relying on automated abuse attacks by exploiting the<br />
web application’s functionalities to gain access or privileges through the use of bots. Typically, these<br />
types of attacks need some sort of source code manipulation, which is possible when JavaScript is<br />
unprotected. The target for this type of attack is often cloud providers that offer free benefits in new<br />
accounts. Attackers will abuse the system to automate new trial account creation and use the benefits<br />
without ever having to pay for the services. Automated attacks are especially troublesome because they<br />
can target new versions of the code with minimal cost, which means that they can scale up and target<br />
more and more systems.<br />
When it comes to piracy, attackers typically target the growing OTT industry, leaking premium content<br />
which naturally ends up causing a loss of revenue for legitimate businesses. Aware of the problem,<br />
providers are using multiple techniques to fight pirates and trace the leaked content, but they must ensure<br />
that attackers can't easily bypass these techniques, namely by protecting their source code. Other<br />
examples of piracy are also commonly seen in the gaming and gambling industry where counterfeit apps<br />
pose a threat to the business integrity.<br />
Now, one of the most important risks is Data Exfiltration which probably resonates with everyone who<br />
has had to submit data such as email, name, address, credit card number, or even medical information<br />
on a website using a form. Because the logic behind these forms is handled by JavaScript and all the<br />
sensitive data passes through the client-side, the safety of the data is potentially at risk. By leaving their<br />
JavaScript exposed, organizations make it easier for attackers to understand how their web applications<br />
work and facilitate the planning/ automation of data exfiltration or scraping attacks. This class of attacks<br />
is known for generating severe losses, both from the business standpoint and from the breach of<br />
compliance with data privacy regulations.<br />
By leaving their source code exposed, organizations make it easier for attackers to understand how their<br />
web applications work and increase their attack surface. To secure their web and mobile applications,<br />
the best approach is to start securing them during the development stage.<br />
This includes protecting the application's source code with multiple layers, to ensure that any code sent<br />
to production can actively prevent tampering and reverse-engineering attempts. Plus, with the ongoing<br />
digital transformation showing no signs of slowing down, this approach can be crucial to ensure that<br />
companies' intellectual property and user data are protected.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 39<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
About the Author<br />
CEO and Co-Founder of Jscrambler, Rui Ribeiro has led the<br />
company from bootstrapping to global expansion. Currently,<br />
he executes the company's growth strategy and manages its<br />
vision and culture. With over 15 years of experience in IT,<br />
Rui has co-authored several application security patents and<br />
has extensive expertise in the financial sector, namely in<br />
international banking.<br />
Our company website is https://jscrambler.com.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 40<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
How Various Flavors of PKI Can Protect and Secure<br />
Financial Services Data<br />
By Abul Salek, Director of Product Management, Sectigo<br />
How much time and budget does your company allocate to cybersecurity to protect you and your<br />
customers’ critical data and private information? Is your organization doing enough, or is your information<br />
at risk?<br />
In many ways, data constitutes the essential lifeblood of the financial services industry. From providing<br />
real-time account and trading information to automating risk management processes, forecasting, and<br />
fraud detection, to managing real-time transaction details, data is your business’s most important<br />
resource to protect.<br />
According to a recent study by Deloitte, financial firms spend an average of 10% of their IT budget on<br />
cybersecurity. In addition, they reported that CISOs rank keeping up with rapid IT changes and rising<br />
complexities in tech systems as top challenges, regardless of company size or maturity level.<br />
Despite these budget and time expenditures, most financial firms are not sufficiently protected because<br />
they lack data security.<br />
Financial institutions leveraging emerging business models are not recognizing the significant security<br />
risk represented by connected devices. Given the insurance, banking, and brokerage sectors’ growing<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 41<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
reliance on data and the increasing digitization of financial services, financial institutions must continually<br />
fortify their security capabilities and eliminate potential vulnerabilities to stay ahead of threats.<br />
Threats Come from Many Directions<br />
Any device, system, or organization that holds or transmits sensitive financial or customer information is<br />
at risk. These cyber-threats, which can originate from both internal and external sources, run the gamut<br />
from phishing attempts, large-scale data breaches, malware and credit/debit card theft, Business Email<br />
Compromise (BEC), to ransomware-based extortion.<br />
The consequences are far-reaching, such as the Equifax data breach in 2017 that compromised the<br />
personally identifiable information (PII) of nearly 150 million consumers, exposing them to identity theft<br />
and other potentially serious consequences. According to the U.S. Government Accountability Office<br />
(GAO), Equifax had installed a tool to inspect network traffic for evidence of malicious activity, but an<br />
expired certificate prevented that tool from working correctly. As a result, cybercriminals could launch<br />
attacks and gather sensitive consumer information without being detected for 76 days. News of the<br />
breach led to federal investigations and a nationwide consumer class-action lawsuit, which the company<br />
is now reportedly paying $700 million to resolve.<br />
So, how can the financial services sector ensure the security, privacy, and integrity of their data?<br />
Public-Key Infrastructure (PKI), the gold standard in digital privacy, identity, and security, offers an<br />
excellent security foundation for every device, server, user, and application in the enterprise, whether onpremise<br />
or in the cloud. PKI guards data against theft or tampering and guarantees secure authentication<br />
of users and applications to protect against fraud. By leveraging digital certificates, an organization can<br />
roll out passwordless authentication which is experiencing an increasing adoption rate in the enterprises.<br />
While nearly every financial services firm has incorporated PKI into its web and device security in some<br />
way, not all are fully or appropriately leveraging its power.<br />
Unfortunately, organizations are often overwhelmed when it comes to managing security certificates and<br />
secret keys throughout the enterprise, as it can be challenging to issue, manage, and<br />
revoke/renew/replace certificates and keys numbering in the thousands or even tens of thousands. Think<br />
of the number of the Secure Shell (SSH) keys floating around in your enterprise that you may not even<br />
be aware of.<br />
Many financial institutions fail to see the broad range of digital assets and use cases that PKI can protect.<br />
Outside of using Secure Sockets Layer (SSL) PKI certificates to protect public-facing websites, enterprise<br />
PKI solutions can address the large-scale requirements of SSL for internal-facing servers, private<br />
Certificate Authority (CA), S/MIME email encryption, code signing, and document signing.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 42<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
There are at least five ways that PKI can be used<br />
to protect and secure financial services data:<br />
1. Enterprise SSL, which enables<br />
administrators to easily manage certificates through<br />
a single-pane-of-glass interface, is ideal for secure<br />
online banking and transaction sites, customer<br />
information site, market analysis and forecasting<br />
sites, tax filing, insurance, securities trading, and data<br />
gathering sites.<br />
2. Private CA, which allows financial institutions to secure users and devices, and automates the<br />
management of internal devices and applications regardless of which internal protocols an enterprise has<br />
in place, is useful for supplementing Microsoft Active Directory Certificate Services, mobile devices, IoT,<br />
DevOps, cloud/multi-cloud, web servers, SSH Key management, Private S/MIME for secure email,<br />
intranet services, Wi-Fi access, VPN access, POS systems, networking devices, and Windows Hello for<br />
Business.<br />
3. Using Zero-touch S/MIME for email enables both the sender and recipient to use their existing<br />
S/MIME-capable email applications on multiple devices – mobile or desktop; a welcome improvement to<br />
other approaches that disrupt the user experience by requiring users to use multiple certificate<br />
credentials. Zero-touch S/MIME is suited for email signing, email encryption, mobile email encryption and<br />
signing, mobile Wi-Fi access, and mobile website authentication.<br />
4. Code signing supports all file types, from drivers and firmware to scripts and applications. With<br />
enterprise-scale issuance, management, and renewal/revocation/replacement features, development<br />
teams have greater cryptographic flexibility and improved time to market for new financial services and<br />
products. Code signing allows your software to be trusted by users and helps with a wider adoption of it.<br />
It is optimal for application development, DevOps, mobile devices, and IoT. With the higher assurance<br />
EV code signing, your application can achieve instant reputation with many Operating Systems which<br />
helps with users trusting and using it instantly.<br />
5. Document signing allows financial institutions to maintain compliance with the strictest electronic<br />
signature/digital signature regulations, such as U.S. FDA CFR 21 Part 11 requirements. Digital signatures<br />
leverage PKI certificates to offer the highest levels of security for regulated and sensitive document use<br />
cases such as account openings, loan applications, investment/private banking, and insurance<br />
documents and agreements. If the document signing certificate is issued from a CA that is in the Adobe<br />
Approved Trust List (AATL), the signed document can be universally exchanged with trust.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 43<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Sectigo provides a platform for financial services companies to authenticate and secure users,<br />
devices, and data.<br />
Because of the financial, reputational, and business consequences of failing to protect data, banks,<br />
insurers, and other financial institutions should leverage the powerful capabilities of PKI to protect against<br />
increasingly sophisticated threats and avoid costly attacks.<br />
By adopting a suite of enterprise PKI solutions, the financial sector can future-proof security, protect<br />
customer information, gain greater peace of mind, and maximize the value of data.<br />
All About Sectigo<br />
Sectigo is a global cybersecurity provider of digital identity solutions, including TLS / SSL certificates,<br />
DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security. As a leading<br />
Certificate Authority with more than 700,000 customers and over 20 years of experience in online trust,<br />
Sectigo partners with organizations of all sizes to deliver automated public and private PKI solutions for<br />
securing webservers, user access, connected devices, and applications. Recognized for its awardwinning<br />
innovation and best-in-class global customer support, Sectigo has the proven performance<br />
needed to secure the digital landscape of today and tomorrow. For more information,<br />
visit www.sectigo.com and follow @SectigoHQ.<br />
About the Author<br />
Abul Salek, MSc, PMC, is Director of Product Management at Sectigo, a<br />
leading provider of automated digital identity management and web<br />
security solutions. With 20 years of experience in software engineering and<br />
managing cybersecurity products, Abul leads innovations around PKI,<br />
quantum security, and IoT. He holds an M.S. degree in Computer Science<br />
from the University of Alberta, Canada.<br />
Abul can be reached online at abul.salek@sectigo.com and at our<br />
company website https://sectigo.com/<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 44<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Five Steps for Safely Migrating your Workloads to the<br />
Cloud<br />
Why security in the cloud is a shared responsibility relationship between the infrastructure<br />
provider and the customer<br />
By Paul Farrall, CISO at Skytap<br />
Organizations moving workloads to the cloud must make sure that those workloads remain secure,<br />
especially organizations that handle sensitive customer data (such as financial or health records) and<br />
must comply with regulatory requirements as well as security frameworks like the Payment Card Industry<br />
Data Security Standard (PCI DSS). Security in the cloud is a shared responsibility relationship between<br />
the cloud infrastructure provider and the customer purchasing computing resources, however many<br />
organizations get confused about who is responsible for what. These misunderstandings can lead to<br />
insecure systems, data breaches and the loss of sensitive data with all the negative consequences that<br />
go along with them.<br />
To help simplify, here are five steps organizations should take before and during a cloud migration to<br />
make sure their data remains secure.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 45<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
1. Conduct a risk assessment of existing systems<br />
The first step is determining which of your organization’s systems need the most protection. For example,<br />
HR data on employees and financial information is very sensitive and needs to be well-protected.<br />
Marketing documents that are publicly available don’t need as much protection, so your time is probably<br />
better spent focused on other systems. Conducting a risk assessment will help you understand your<br />
current security posture and vulnerabilities. With this information, you can prioritize which systems and<br />
data need the most protection. This will be helpful when you start evaluating cloud providers. Are you<br />
looking for a cloud provider to host your marketing brochures? Security assessment of the cloud provider<br />
can be relatively lightweight. Are you migrating HR data to the cloud? Then you need to do a more<br />
careful evaluation of the provider’s security to ensure they meet your security control requirements.<br />
2. Interview cloud infrastructure providers and ask about their certifications and infosec<br />
program<br />
Certifications like PCI DSS and ISO 27001 indicate that a cloud infrastructure vendor offers a safe, secure<br />
and standards-compliant foundation for business-critical applications. At a minimum, any cloud provider<br />
should allow customers to view their annual SOC 2 Type 2 audit report (which should be prepared by an<br />
independent third-party audit firm). Beyond SOC 2, ask the vendor if they are compliant with other security<br />
standards that are applicable to your business. This will depend on the high-priority systems that you<br />
identified in Step 1 along with any regulatory and contractual requirements you are subject to (for<br />
example, if you are an ecommerce company, you may need to be compliant with PCI DSS and should<br />
look for a cloud provider that possesses PCI certification; if you are a U.S. government agency, you may<br />
be restricted to only cloud providers who possess FedRAMP certification). Remember that vendors may<br />
be working towards compliance with a standard and meet most requirements even if they’re not fully<br />
compliant. Depending on your needs, this may be good enough for your purposes.<br />
Also, ensure that the cloud vendor has a documented information security program led by an<br />
experienced security professional (the most common title for this is Chief Information Security Officer).<br />
These are indicators that the vendor takes security seriously. Again, remember to prioritize and scrutinize<br />
vendors that will be storing sensitive information more closely than ones that will be storing non-critical<br />
information.<br />
3. Understand the Shared Responsibility Model<br />
This step is critical. Cloud infrastructure providers will specify which aspects of the overall security<br />
framework they are responsible for and the aspects that the customer must manage on their own.<br />
Generally speaking, infrastructure providers are responsible for protecting the infrastructure itself,<br />
including the people, hardware, software, networking and physical facilities that comprise the hosting<br />
platform. Customers are typically responsible for securing their own environments, including the guest<br />
OS, applications and data. The vendors should provide you with a copy of their shared responsibility<br />
matrix if you ask. Make sure you understand this thoroughly so you don’t assume the vendor will secure<br />
something that is actually your responsibility.<br />
For example, cloud infrastructure providers do not typically patch servers running in customer VMs or<br />
prevent weak passwords from being used on those servers – these are customer responsibilities.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 46<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Similarly, don’t assume data backups are a service that cloud infrastructure providers include by default.<br />
Depending on the type of cloud service offered, backup of customer data might be included as a standard<br />
service or it might require custom contract terms. Make sure you understand these nuances and don’t<br />
just assume that the vendor will secure everything for you in the cloud.<br />
4. Secure Your Own Virtual Machines<br />
Now that you understand what the vendor will secure, you need to step in and secure the rest. As stated<br />
above, cloud infrastructure providers protect their platform and protect customers from each other. You,<br />
the customer, are responsible for application security and for configuring your cloud environment<br />
correctly. IaaS providers won’t fix your coding mistakes for you! If you introduce a security flaw into a<br />
virtual machine that leads to a breach, there may be nothing that the infrastructure provider can do about<br />
it.<br />
5. Find Out What’s Exposed to the Internet<br />
If you do not implement strong configuration management and server hardening procedures, you may<br />
find that you have accidently exposed your virtual machines and cloud services to the internet. This is<br />
the root cause behind most of the Amazon S3 buckets breaches you may have read about over the past<br />
few years. There are even search engines to find exposed S3 buckets. The risk from configuration errors<br />
is magnified in the cloud because the pool of attackers on the public internet is larger by orders of<br />
magnitude than what a server in a data center behind a firewall would normally face. An unpatched server<br />
with a weak password exposed to the public internet will be hacked in minutes.<br />
To make sure this doesn’t happen to you, spend the time and effort needed to determine exactly which<br />
services are exposed to the public internet, cut off any that do not need to be exposed, and harden those<br />
that do.<br />
Moving workloads to the cloud can produce solid benefits like reductions in cost and potential for<br />
application modernization. But misunderstandings around cloud security can leave your data exposed<br />
and open your organization up to serious consequences. Make sure to follow these steps to reduce your<br />
risk, and don’t be afraid to use a consultant if your team doesn’t have the necessary expertise.<br />
About the Author<br />
Paul Farrall is the CISO at Skytap. He has spent the past fifteen years<br />
in executive cybersecurity roles at Skytap, Big Fish Games and Intelius<br />
and serves on the IT Advisory Board at the University of Washington.<br />
He holds CISSP and CISA certifications. Paul can be reached online<br />
at @paulfarrall and our company website https://www.skytap.com/.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 47<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
<strong>Cyber</strong>security in Healthcare: Benefits, Examples,<br />
and Usage Tips Healthcare cybersecurity framework<br />
By Kate Orekhova, Cleveroad company<br />
Health organizations deal with a large amount of sensitive personal information. That’s why they face<br />
challenges complying with tightening regulations, and they’re constantly combating increased cyber risks<br />
and adapting to digital transformation.<br />
The healthcare institutions have to prove that technologies and methods they adopted keep patients’<br />
personal information secure and bring no risks. And using recognized standards and frameworks is a<br />
great decision.<br />
In this guide, we discuss how to apply security frameworks in healthcare, along with recognizing wellknown<br />
cybersecurity frameworks.<br />
What Does <strong>Cyber</strong>security Framework Mean?<br />
<strong>Cyber</strong>security framework (CSF) is a mix of processes, technologies, and practices designed to reduce<br />
cybersecurity risks in different fields, including healthcare. Moreover, the framework helps organizations<br />
operate sensitive data and predict security risks due to its adaptive and practical approach.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 48<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
In short, the frameworks are the guidelines to secure IT systems.<br />
But a framework isn’t a panacea from all misfortunes. It offers a common language and methods for<br />
combating cybersecurity-related threats but isn’t the only way to secure sensitive data.<br />
CFS is updated depending on each organization. That’s why CFS is based on questions healthcare<br />
institutions should ask themselves to manage their risks effectively and in the right direction. And while<br />
technologies and standards may transform – the principals stay.<br />
The primary goals of cybersecurity frameworks:<br />
• Defining the current security situation<br />
• Outlining target security position<br />
• Constant improvement<br />
• Analyze progress towards the target position<br />
• Communication risk<br />
But what is the structure of these frameworks?<br />
There are three fundamental pillars of a CSF:<br />
1. The core<br />
2. Implementation layers<br />
3. Profiles<br />
Let’s<br />
consider each of them in detail.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 49<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
• Framework core is based on cybersecurity activities and rules designed to reach a particular<br />
result. Its function is to inform about cybersecurity risks across an organization<br />
• Implementation layers help associations by determining how they understand cybersecurity<br />
management. They help to reveal the right level of thoroughness for a security program and warn<br />
about cyber risks across an organization<br />
• Profiles are a set of organizational objectives and premises, and assets against the framework’s<br />
primary outcome. They reconcile industry standards and common practices, support priority<br />
settings and measurement according to the business goals<br />
Why Use CSF in Healthcare?<br />
Hospitals and other healthcare are vulnerable to security threats.<br />
That's why they need safeguards that private data will be secured within an organization and meet<br />
industry and federal requirements.<br />
Besides, healthcare is one of the industries where internal cybersecurity threats are more dangerous<br />
than external ones. According to the Verison report, 59% of all cybersecurity threats are internal<br />
compared to 42% of external incidents.<br />
Most often, it happens because of human errors. Hospital employees may misuse their power and access<br />
to the internal systems and information they store. In this case, it’s better to build your own CRM<br />
compliance with ISO 27001 standards to reduce frequent cyber-attacks and data breaches. For example,<br />
it happens when the hospital staff wants to know what procedures celebrities take. No surprise that 6%<br />
of breach incidents happen because of “just for fun.”<br />
So how exactly do CFS resolve these matters?<br />
Let’s take the example of the most popular health cybersecurity framework – NIST.<br />
First, CSF is used to detect, react, protect and recover from the influences of security threats and their<br />
consequences. It's not a rule book for healthcare institutions, but an experience of best practices of IT<br />
security. And hospitals use these guidelines to strengthen their existing cybersecurity policies.<br />
Second, the NIST healthcare cybersecurity framework provides security implementing its core elements,<br />
implementation layers, and a profile that coordinates them with business requirements, financial<br />
capabilities, and resilience to risk.<br />
CSF helps both external and internal stakeholders understand and handle cybersecurity together as a<br />
team. It's a tool that lets healthcare entities coordinate business policy with a tech one.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 50<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
It improves security risk management across the whole organization. And, thus, it leads to better<br />
outcomes. It’s crucial when it comes to providing healthcare services to patients or enhanced operational<br />
efficiency with personnel.<br />
Health CSF Adoption<br />
Finally, it’s time to provide medical cybersecurity and work on CSF implementation. Let’s consider what<br />
steps most organization take when it comes to framework adoption:<br />
• Step 1: Determine core tasks and organizational components<br />
• Step 2: Define current risk management approaches<br />
• Step 3: Make a risk management profile<br />
• Step 4: Assess the risks<br />
• Step 5: Create a risk management profile based on the evaluation results<br />
• Step 6: Create an action plan<br />
• Step 7: Implement the plan<br />
Now, let’s take a closer look at framework adoption steps.<br />
1. Prioritize and make the scope<br />
Before starting cybersecurity action, hospitals need to determine the primary goals and priorities. Thus,<br />
they can make strategic decisions regarding the security standards and find the systems and tools that<br />
hold the selected process.<br />
And CSF implementation starts with creating a strategy for framing, estimating, analyzing, and<br />
responding to risks. This way, a healthcare institution understands how and where to utilize the framework<br />
and analyze threats and impacts.<br />
2. Orient<br />
First, the organizations check what resources they have (tools, technologies, data, personnel). They also<br />
choose the appropriate regulatory agency and look for authoritative sources (security standards,<br />
methods, risk management rules, and so on).<br />
Second, they carefully weigh the overall risk approach and determine the system's weak points.<br />
3. Work on a Target Profile<br />
The organization determines its own risk factors and does an overlay of the healthcare framework. After,<br />
the entity sets the overlay to block any threats and breaches. Moreover, organizations may also build<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 51<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
their own Categories and Subcategories to report for unique risks. They identify the category and<br />
subcategory of the results they are dealing with from the framework core.<br />
4. Estimate the risks<br />
At this stage, healthcare organizations figure out the level of risk to the information system. They analyze<br />
possible security risks and the consequences they may cause.<br />
5. Create a Current Profile<br />
The healthcare institutions make a detailed risk evaluation and determine their current posture. It’s better<br />
to conduct an assessment from both the functional area and independently across the organization.<br />
Risk assessment aims at understanding current cybersecurity risks in the healthcare industry. Thus, all<br />
the breaches and vulnerabilities should be found and documented.<br />
6. Define, analyze and prioritize the gaps<br />
After finding all the risks and impacts they cause, healthcare entities should provide a gap analysis to<br />
compare the actual results with the target ones. For instance, they may design a heat map showing the<br />
results clearly. With this approach, it’ll be easy to find the areas that need to be improved. Then,<br />
organizations brainstorm to understand what they should do to fill the gaps between current and target<br />
outcomes.<br />
7. Realization step<br />
Finally, by understanding possible cybersecurity challenges in healthcare and having a list of necessary<br />
actions, medical organizations can adopt the framework.<br />
Indeed, it doesn’t end just with implementing the action plan. Companies should structure and analyze<br />
metrics to ensure their efficiency and that their CSF is meeting the company's expectations. The major<br />
purpose of this process is to get the maximum benefit and customize the framework to meet business<br />
needs.<br />
Best Framework Examples in Healthcare<br />
In 2018, HIMSS conducted a “<strong>Cyber</strong>security Survey” to know what medical cybersecurity frameworks are<br />
in demand in the healthcare sector. Let's take a look at five popular cybersecurity frameworks and the<br />
reasons why healthcare entities implement them.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 52<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
1. NIST Healthcare<br />
Framework<br />
NIST CFS is the commonly used<br />
security framework in many industries,<br />
including healthcare. It’s a USA-based<br />
company that develops lots of tech<br />
standards and rules, data security<br />
included.<br />
The best-known NIST documents are:<br />
NIST Framework for Improving Critical<br />
Infrastructure <strong>Cyber</strong>security<br />
NIST SP 800-53 for Security and<br />
Privacy Controls for Federal<br />
Information Systems and<br />
Organizations<br />
NIST SP 800-171: Protecting Controlled Unclassified Information in Nonfederal Systems and<br />
Organizations<br />
NIST CSF is based on threat modeling, intelligence, and collaboration. By using it, healthcare<br />
organizations not just execute a required analysis of future risks, but remove emerging threats and<br />
collaborate with other institutions.<br />
2. HITRUST<br />
HITRUST framework ranks second in cybersecurity frameworks: 26,4% of frameworks users use the<br />
Health Information Trust Alliance guidelines.<br />
HITRUST is a private organization working with the best specialists in the healthcare industry. Their major<br />
goal is to make data security the foundation of information systems. That's why their CSF strives to satisfy<br />
organizations' needs by offering specific guidance.<br />
The programs involve standard risk establishment, an estimation and assurance methodology,<br />
awareness, and so on. Moreover, the framework uses the ISO/IEC 27001:2005 Information Security<br />
Management system and supports business associates worldwide.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 53<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
3. Critical Security Controls<br />
Critical Security Controls, created by the Center for Internet Security, is a set of practices aimed to prevent<br />
healthcare cyber attacks. In CSC, all the controls are started from the most important ones like operating<br />
vulnerabilities or providing an inventory of assets.<br />
Generally, CIS Controls is used with other CFS, for example, NIST.<br />
4. ISO 27000 Series<br />
ISO stands for International Organization for Standardization. It’s a non-governmental company that<br />
creates standards to uphold world trade. ISO follows measures to create and maintain an information<br />
security management system – ISO/IEC 27000.<br />
This framework can be used in the healthcare sphere to manage complex and changing requirements of<br />
data security.<br />
5. COBIT CFS<br />
COBIT CFS is an IT governance tool. It lets healthcare institutions fill the gap between control<br />
requirements and helps with policy development.<br />
COBIT is aimed at the effectiveness of the IT sphere more than at the security of business processes.<br />
However, many companies utilize the CSF to adopt practices developed by other security standards, for<br />
example, the NIST healthcare cybersecurity framework and ISO 27001/2.<br />
Hospitals and insurance companies join other organizations (financial institutions, private corporations,<br />
governments) in implementing COBIT.<br />
Wrapping Up<br />
<strong>Cyber</strong>security framework implementation can be a difficult task due to its constantly changing rules and<br />
requirements. However, it’s vital to apply these frameworks in the healthcare sphere to prevent<br />
cybersecurity-related threats on time.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 54<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
About the Author<br />
Kate Orekhova is a content writer at Cleveroad. It's a mobile and web<br />
development company in Ukraine. Alina enjoys writing about cybersecurity<br />
technology and AI innovations.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 55<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
All the User Experience, None of The Security?<br />
EU telcos gather a lot of highly sensitive customer information. New research suggests it’s not as well protected<br />
as you might think.<br />
By Deepika Gajaria, Vice President of Product, Tala Security<br />
Mobile service providers are known for their content-rich user experience. But how good are they at<br />
securing it?<br />
Few sectors collect as much sensitive information: from national ID/passport numbers and scans to<br />
payslips, bank details and payment card information, the amount of data the average customer enters to<br />
sign up for a contract or buy services online is significant. But what happens when the same applications<br />
and integrations that deliver that rich user experience inadvertently expose this sensitive information to<br />
over-sharing and theft?<br />
New research that we recently completed indicates that data exposure is a significant, unaddressed<br />
problem for Europe’s top mobile providers - and the more than 253 million customers who sign up for<br />
their services and share sensitive personal data. At the heart of the problem: insecure website supply<br />
chains.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 56<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
`<br />
Unlimited calls, texts, data (sharing)...<br />
We analyzed 13 of the top Mobile Service Providers in 7 EU countries and found that none had effective<br />
web security in place. On a ten point scale where a score of 50 indicates limited control, the average<br />
score was 4.5. This weak security is underscored by vulnerable site architecture:<br />
● Sensitive data is at significant risk via form data exposure - Forms used to capture<br />
credentials, banking details, passport numbers, etc. are exposed to an average of 19 third parties.<br />
Without control, this sensitive data is at risk. This level of exposure, combined with the high value<br />
of the data captured make this an attractive target for Magecart attacks.<br />
● 100% of the websites are vulnerable to cross-site scripting (XSS) - the most widespread<br />
website attack, which frequently results in significant sensitive data leakage<br />
● The highest number of third party JavaScript integrations found on a single site was 735;<br />
the average was 162.<br />
Why it matters<br />
Unintentional data exposure is a significant, unaddressed risk for all of the telcos analyzed. Without<br />
controls, every piece of JavaScript code running on websites - from every vendor included in the website<br />
owner’s website supply chain - can modify, steal or leak information through client-side attacks enabled<br />
by JavaScript. Telcos amongst this sample group averaged 31 third-party integrations.<br />
In many cases, data sharing or exposure takes place via trusted, legitimate applications on the allowlist<br />
- often without the website owners’ knowledge. While most online businesses do a great job protecting<br />
data after the user has entered it, few seem to be aware of data leakage as an unintended consequence<br />
of the dynamic, rich website experience telcos are known for. This has potentially far-reaching<br />
implications for user privacy and, by extension, GDPR. With the lack of awareness of this very real risk<br />
its time for website owners to start caring about oversharing.<br />
About the Author<br />
Deepika Gajaria is the Vice President of Products at Tala Security.<br />
An experienced product leader and technologist, Deepika is<br />
responsible for product strategy and delivery at Tala. Working<br />
closely with customers, she drives product direction and shapes the<br />
product roadmap to address their core needs.<br />
Prior to Tala, Deepika was part of Cisco jasper where she led the<br />
launch of IoT smart city applications. Her career in product<br />
management began at EMC, in the new product introduction team,<br />
working on key initiatives across the Storage and the Data<br />
protection divisions.<br />
Deepika is a longhorn, holding undergraduate and graduate<br />
degrees from the university of Texas at Austin, in Natural Sciences<br />
and the McCombs School of Business.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 57<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
In the Midst of COVID-19, We're Seeing a Pandemic of<br />
<strong>Cyber</strong> Attacks<br />
By Babur Khan, Technical Marketing Engineer - Enterprise Security at A10 Networks<br />
In the first quarter of <strong>2021</strong>, the COVID-19 pandemic is still wreaking havoc around the globe. The<br />
coronavirus is continuously evolving and presenting new challenges.<br />
In addition to the direct effects of the COVID-19 pandemic, we also saw a sharp rise in cybercriminal<br />
activity. From simple phishing attacks to one of the largest DDoS attacks ever recorded, we saw the<br />
cyber threat landscape evolve and grow.<br />
At the same time, we also saw a rapid growth in the tech and cyber security industry. From the roll out of<br />
5G in many parts of the world to exponential growth in the SaaS industry, we saw the pandemic put many<br />
positive changes into full gear as well.<br />
We believe that these challenges, and the changes that they brought about, will not stop. The effects of<br />
this pandemic on the tech industry will be long lasting. Moreover, some of the challenges introduced in<br />
2020 will affect cybersecurity well into <strong>2021</strong>, and even beyond. As we move deeper into <strong>2021</strong>, here are<br />
some of the cyber security trends that we see:<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 58<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong>crimes Will Experience a Surge<br />
Last year was a busy year for both attackers and hackers as well as cybersecurity personnel defending<br />
against the plethora of attacks to which they were subjected. With an election year in the United States<br />
in 2020, we saw a rise in anti-government cyber activities, a prominent example of which was the attack<br />
on FireEye, allegedly by a foreign nation state sponsored entity, where multiple tools were stolen for use<br />
in attacks later on.<br />
In <strong>2021</strong>, such attacks will not just be more frequent, but they will also be very specific regarding who they<br />
target. International cyber espionage will be one of the main motivators for cyber attacks and we will see<br />
security vendors being attacked and compromised at an even greater pace. Even the attacks that<br />
happened in 2020, like the FireEye attack or the Sunburst attack, that targeted the SolarWinds supply<br />
chain, will have long lasting effects. We have only seen the beginning of these attacks. Investigators<br />
suspect, for example, that up to 250 organizations may have been compromised in the SolarWinds attack.<br />
Actual results are yet to come.<br />
Such attacks will not only create opportunities for newer attacks, or variants/branches of the existing<br />
ones, but will also drive cybersecurity innovation in <strong>2021</strong>.<br />
The Intelligent Edge will be Weaponized<br />
One of the major innovations driven by 5G is the implementation of multi-access edge computing (MEC).<br />
Building intelligence into the edge will boost the availability and efficiency of 5G networks. However,<br />
keeping the global cybersecurity trends in mind, we can see that the intelligent edge might be hijacked<br />
by attackers for launching different kinds of attacks, both on the mobile core networks as well as on<br />
victims outside of the realm of the service provider that has been compromised. If nothing else, MEC can<br />
be used for propagating malware into different networks for drone recruitment in IoT botnets.<br />
Low-volume DDoS Attacks will be More Frequent<br />
In 2020, even though we saw one of the largest DDoS attacks ever recorded target one of the biggest<br />
names in the tech industry, we also saw that a large number of DDoS attacks went unnoticed because,<br />
even though the frequency of these attacks was very high, their size was not. These high-frequency, lowvolume<br />
attacks will keep the security industry busy in <strong>2021</strong> and may be instrumental to disabling security<br />
infrastructures or just acting as smokescreens for larger malware attacks such as the recent Sunburst<br />
attack.<br />
Five Million DDoS Weapons will be Added to the Global DDoS Arsenal<br />
The A10 Networks security research team observed that the number of DDoS weapons doubled from<br />
around six million at the end of 2019 to 12.5 million in 2020. This trend will remain the same in <strong>2021</strong> as<br />
more IoT devices come online with each passing day, with an expected addition of at least five million<br />
weapons.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 59<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
The large number of DDoS weapons will also enable attackers to launch another record-breaking DDoS<br />
attack in <strong>2021</strong>.We will have to wait and see whether it will be made public by the victims or not.<br />
<strong>2021</strong> will be the Year of Zero Trust Implementation<br />
2020 was the year of understanding what the Zero Trust model is in a practical sense. Throughout the<br />
year, we saw security vendors align their solutions with the Zero Trust model, adjust the model as we got<br />
more clarity on what it means to be a Zero Trust user, device, or network, and explore the policy changes<br />
necessary to a successful implementation of the Zero Trust model. As the COVID-19 pandemic fasttracked<br />
the move to SaaS and made the “work from home” model mainstream, the importance of Zero<br />
Trust security has gained critical importance.<br />
Organizations now understand that Zero Trust is not a specific device or vendor, but rather a series of<br />
strategic policy and practical changes that help enable better security. A successful implementation<br />
requires good understanding of what the Zero Trust model is as well as the many diverse solutions that<br />
have to work in unison to enable its implementation.<br />
We believe that the concept of Zero Trust has reached a level of maturity and clarity where it will be<br />
effectively adopted and implemented by many organizations in <strong>2021</strong>, and that it will become the go-to<br />
security model for all types and sizes of organizations. Sophisticated attacks like Sunburst will also drive<br />
the need for effective Zero Trust implementation.<br />
SASE Adoption will Accelerate<br />
Since 2020 forced most of the workforce to work remotely, attackers have been experimenting with new<br />
ways of exploiting security loopholes or shortcomings exposed by these rapid changes. This accelerated<br />
and will continue to accelerate the development and adoption of Secure Access Service Edge (SASE)<br />
solutions.<br />
However, since the move to the cloud does not happen overnight, many organizations still have most of<br />
their resources hosted on-premises. They will keep on struggling with maintaining the remote work model<br />
and will revert back to business as it was once a vaccine for COVID-19 becomes readily available and<br />
things go back to normal.<br />
This, however, might be temporary as the world has now experienced a pandemic and many<br />
organizations have already started moving their businesses from on-premises to the SaaS-based model,<br />
with the trend only being accelerated by COVID-19. In summary, SASE will be an essential part of the<br />
enterprise security infrastructure in <strong>2021</strong> and beyond.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 60<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>2021</strong> will the Year TLS 1.3 Shines<br />
TLS 1.3 will finally start seeing widespread adoption, in part, driven by the adoption of QUIC/HTTP3 given<br />
that TLS 1.3 is built into it. Many vendors support TLS 1.3 already and that will help drive the protocol<br />
into mainstream use. Changes will also be made to the TLS 1.3 standard as the demand for encrypted<br />
SNIs rise.<br />
That said, TLS 1.2 will still remain the more widely used choice as an encryption protocol over the internet<br />
since moving to the newer version may prove to be expensive for many organizations. But as<br />
QUIC/HTTP3 becomes more widely used by the end of the year, we may see this change.<br />
In conclusion, we are facing new, persistent threats of all shapes and sizes, and we have to make sure<br />
that, going forward, we face these threats with the best of our collective abilities. <strong>2021</strong> will be the year of<br />
cybercriminal activities, but it will also drive innovations in cybersecurity like never before.<br />
About the Author<br />
Babur Nawaz Khan is a technical marketing engineer at A10 Networks. He<br />
primarily focuses on the company’s enterprise security solutions, including<br />
Thunder® SSL Insight for TLS inspection and Cloud Access Proxy, which is<br />
a SaaS access security and optimization solution. Prior to his current role, he<br />
was a member of A10 Networks’ corporate systems engineering team,<br />
working on application delivery controllers. Babur holds a master’s degree in<br />
computer science from the University of Maryland, Baltimore County.<br />
Babur can be reached online at (bkhan@a10networks.com) and at our<br />
company website https://www.a10networks.com/<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 61<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Why A ‘Layers and Lists’ Approach to <strong>Cyber</strong>security Is<br />
Doomed to Fail<br />
By Gary Fischer, VP Americas, XM <strong>Cyber</strong><br />
Why is cyber-defense such an asymmetrical war? Hackers can launch a barrage of attacks on a single<br />
target and keep going until they find one overlooked weakness. Defenders, meanwhile, are often<br />
overwhelmed with alerts, unsure what to patch first and have little real visibility into the weaknesses of<br />
their ever-changing environments.<br />
In a battle between active adversaries who only need to land a single blow to win -- and passive defenders<br />
who aren't even sure where they are truly vulnerable -- the outcome is almost pre-ordained.<br />
Fortunately, there is something IT teams can do right now to flip the odds: Drop the old approach of siloed<br />
security products and disconnected lists and build a cybersecurity defense that mimics the attacking<br />
mindset of adversaries -- and turns it against them.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 62<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Layers and Lists vs. Risk-Based Vulnerability Management: Why It's No Competition<br />
Piling security controls on top of security controls and working with endless streams of poorly prioritized<br />
Common Vulnerabilities and Exposures (CVEs) is no way to protect your assets. Unfortunately, that's the<br />
status quo for many enterprises.<br />
While firewalls, standard Vulnerability Management (VM) and endpoint tools have their uses, all of them<br />
can be defeated by a simple human error. They don't always play nice with each other. Additionally,<br />
server misconfigurations, credential mismanagement and other mistakes are a perpetual problem.<br />
Larger organizations are often deluged with alerts, and the amount of time security teams spend chasing<br />
down patches for relatively low risk vulnerabilities is enormous. Without key risk context, defenders often<br />
spend precious hours addressing the wrong set of problems at the wrong time. Not only does it place<br />
your most valued assets at risk, it's also a massive waste of time and energy.<br />
Fortunately, there is a better way: Constant, attack-centric analysis of exposures caused by exploitable<br />
vulnerabilities and human error paired with effective prioritization. Integrating these concepts into an<br />
existing security posture allows you to achieve continuous, risk-based vulnerability management -- and<br />
provides the best tool we have against Advanced Persistent Threats and other sophisticated attackers.<br />
Beat Them at Their Own Game<br />
To adopt an attacker's mindset, defenders need to stop thinking "lists" and start thinking "attack graphs."<br />
In practical terms, this means incorporating risk-based VM software that can continuously scan a network<br />
and identify exposures from exploitable vulnerabilities and errors. Then, such software can launch<br />
simulated attacks against critical assets seeking to illuminate paths that can be exploited.<br />
The outcome of all of this continuous scanning and attack modeling is a targeted and ranked list of<br />
exposures that put your business-critical assets at the most risk. Factor in context-sensitive and least<br />
effort remediation advice, and SecOps teams can begin quickly patching exposures. The entire process<br />
of identifying, classifying and addressing vulnerabilities can be profoundly streamlined and made vastly<br />
more effective.<br />
Now let's contrast this sort of tool with the conventional approach.<br />
You've got a slew of siloed security controls, but no real visibility into evolving vulnerabilities in complex<br />
hybrid environments -- places where even the smallest change can create new security gaps.<br />
You've got vulnerability scanners, but you're missing key risk context. Without understanding how<br />
exposures can be exploited and which vulnerabilities are truly exploitable, you can't efficiently prioritize<br />
your patches. Without a risk-based VM tool to point you to the most accurate vendor patch or update,<br />
you may waste untold hours of research time. Larger enterprises may deal with thousands of CVEs, each<br />
of which must be researched and prioritized. In many cases the issues are low risk or require a patch<br />
that has been superseded by another patch. Without all the needed context, defenders are often<br />
struggling to make the right decisions.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 63<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
The Takeaway<br />
Ultimately, relying on layers and lists alone is a recipe for subpar security and wasted resources. Attackfocused,<br />
risk-based VM solutions represent the next wave of risk quantification for cloud and on-premises<br />
environments. Using a tool that allows you to think like an attacker -- and helps you understand potential<br />
impact, asset criticality, related connections and choke points -- is essential for meeting today's<br />
cybersecurity challenges.<br />
The right risk-based VM tool should be able to help identify vulnerabilities that allow attack paths leading<br />
to business-critical assets and prioritize based on risk to those key assets. This then allows you to<br />
immediately perform the right remediation work to close the attack chain.<br />
By working smarter, you not only lower your risk but save your team a substantial amount of time and<br />
effort. An attack-centric, risk-based VM tool can help you focus on the most critical patches, which can<br />
reduce workloads by up to 90-percent -- because you are only working on the 10-percent of CVEs that<br />
pose the gravest risk.<br />
Less wasted time for defenders and better security for your crown jewel assets. Everybody wins -- except<br />
for the adversaries trying to steal your data.<br />
About the Author<br />
Gary Fischer is the VP Americas for XM <strong>Cyber</strong>. He has been in the<br />
cybersecurity software arena for over 20 years. Prior to joining XM<br />
<strong>Cyber</strong>, Gary served as Vice President of Sales for the Americas at<br />
Skybox Security for close to 10 years. Before that, he held other<br />
senior sales leadership roles in the cybersecurity field. He has a<br />
proven track record of taking startup companies from early stage to<br />
acquisition. Gary can be reached online at<br />
https://www.linkedin.com/in/gsfischer/ and at our company website<br />
http://www.xmcyber.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 64<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
New Report Shows Over Two Million Secrets Detected<br />
on Public GitHub in 2020 and a 20% growing trend<br />
Year-Over-Year.<br />
By Jeremy Thomas, GitGuardian CEO<br />
When we started working on GitGuardian’s detection algorithm and got the first detection results, we<br />
could not believe it. We were facing a very counterintuitive reality. Secrets were actually hard coded in<br />
source code and available for all to see on public GitHub. And not just developers’ personal secrets but<br />
also corporate secrets ending up on developers’ personal repositories outside of corporate control.<br />
After scanning billions of commits each year on public GitHub, we wanted to share our findings and we<br />
issued our first State of Secrets Sprawl on public GitHub report. The report, which is based on<br />
GitGuardian’s constant monitoring of every single commit pushed to public GitHub, indicates an alarming<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 65<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
growth of 20% year-over-year in the number of secrets found. A growing volume of sensitive data, or<br />
secrets, like API keys, private keys, certificates, username and passwords end up publicly exposed on<br />
GitHub, putting corporate security at risk as the vast majority of organizations are either ignoring the<br />
problem or poorly equipped to cope with it.<br />
A major blind spot in application security<br />
What companies ignore most of the time is that only 15% of leaks on GitHub occur within public<br />
repositories owned by organizations. 85% of the leaks occur on developers’ personal repositories.<br />
Secrets present in all these repositories can be either personal or corporate and this is where the risk lies<br />
for organizations as some of their corporate secrets are exposed publicly through their current or former<br />
developer’s personal repositories.<br />
GitHub is more than ever “The Place to Be” for developers when it comes to innovating, collaborating<br />
and networking. GitHub gathers more than 50 million developers working on their personal and/or<br />
professional projects. When 60 million repositories are created in a year and nearly two billion<br />
contributions added, some risks arise for companies even if they don’t use GitHub or open source their<br />
code, because their developers do.<br />
A growing issue linked to componentization of applications<br />
As architectures move to the cloud and rely more on components and applications, the growth of commits<br />
occurring and the use of digital authentication credentials has increased the number of secrets detected.<br />
To compound the problem companies are pushing for shorter release cycles, developers have many<br />
technologies to master, and the complexity of enforcing good security practices increases with the size<br />
of the organization, the number of repositories, the number of developer teams and their geographical<br />
spread.<br />
As Anne Hardy CISO of Talend states it, “We launched an audit using GitGuardian, and several leaked<br />
secrets were brought to our attention. What was very interesting and what we didn't anticipate was that<br />
most of the alerts came from the personal code repositories of our developers."<br />
Using our secrets detection engine, we have found over 2 million secrets on public GitHub in 2020 which<br />
is about 20% more compared to previous year. The type of secrets found include google keys, keys from<br />
development tools, data storage, payment systems, cloud providers and so on.<br />
Why is this happening?<br />
Usually these leaks are unintentional, not malevolent. They happen because developers typically have<br />
one GitHub account that they use both for personal and professional purposes, sometimes mixing the<br />
repositories. It is also easy to misconfigure git and push wrong data and it is easy to forget that the entire<br />
git history is still publicly visible even if sensitive data has since been deleted from the actual version of<br />
source code.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 66<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
A need for automated secrets detection<br />
Companies can’t avoid the risk of secrets exposure even if they put in place centralized secrets<br />
management systems. These systems are typically not deployed on the whole perimeter and are not<br />
coercitive as they do not prevent developers from hardcoding credentials stored<br />
in the vault.<br />
Solutions are available for them to automate secrets detection and put in place the proper remediation,<br />
but the market is far from mature on this subject. The reality is most organizations are operating blind.<br />
Most leaks of organization’s credentials on public GitHub occur on developers’ personal repositories,<br />
where organizations often have no visibility, let alone the authority to enforce any kind of preventive<br />
security measures. Companies need to scan not only public repositories but also private repositories to<br />
prevent lateral movements<br />
of malicious actors.<br />
Some best practices can be followed to limit the risk of secrets exposure or the impact of a leaked<br />
credential:<br />
●<br />
●<br />
●<br />
●<br />
Never store unencrypted secrets in .git repositories<br />
Don’t share your secrets unencrypted in messaging systems like slack<br />
Store secrets safely<br />
Restrict API access and permissions<br />
Developers training programs should be put in place although these do not eradicate the risk of leaked<br />
credentials.<br />
Following best practices is not sufficient and companies need to secure the SDLC with automated secrets<br />
detection.<br />
Choosing a secrets detection solution they need to take into account:<br />
●<br />
●<br />
●<br />
●<br />
●<br />
Monitoring developers’ personal repositories capacities<br />
Secrets detection performance - Accuracy, precision & recall<br />
Real-time alerting<br />
Integration with remediation workflows<br />
Easy collaboration between Developers, Threat Response and Ops teams.<br />
To conclude<br />
There are millions of commits per day on public GitHub, how can organizations look through the noise<br />
and focus exclusively on the information that is of direct interest to them? How can they make sure their<br />
secrets are not ending on their developers’ personal repositories<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 67<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
on GitHub? They can’t avoid that developers have personal repositories, they need automated detection<br />
and efficient remediation tools. In this state of secrets sprawl on GitHub analysis we focused on secrets<br />
although this is not the only sensitive information that can end up being<br />
publicly exposed: Intellectual Property, personal and medical data are also at risk.<br />
About the Author<br />
Jérémy Thomas, co-founder of GitGuardian, is an engineer &<br />
an entrepreneur. He graduated from Ecole Centrale in Paris.<br />
He first worked in finance and then began his entrepreneurial<br />
journey by first founding Quantiops, a consulting company<br />
specializing in the analysis of large amounts of data, then<br />
GitGuardian in 2017. GitGuardian, a cybersecurity start-up cofounded<br />
with Eric Fourrier, has been pursuing a strong growth<br />
trajectory since 2017, supported by investors such as<br />
Balderton Capital, BPI France or Scott Chacon, co-founder of<br />
GitHub and Solomon Hykes, founder of Docker.<br />
https://www.linkedin.com/in/jeremy-thomas-gitguardian<br />
@GitGuardian<br />
https://www.gitguardian.com/<br />
Holly Hagerman is the Contact<br />
Hollyh@Connectmarketing.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 68<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Securing Patient Private Information in The Age of<br />
Shared Information<br />
By Christian Gitersonke, CEO, Health Insurance Answers<br />
The Problem<br />
Theft of Private Health Information (PHI) has been around almost as long as healthcare in this country.<br />
As technology has evolved and safeguards continue to be put in place to protect it, criminals have found<br />
ways to exploit the often times inadequate and sloppy protection of our personal health data.<br />
Regardless of the technological safeguards in place, one of the greatest exposures we see are<br />
employees writing down PHI on a note pad or post it note and throwing that in a trash can at a desk or<br />
purposely walking out with the information to sell on the dark web. Another glaring problem is that many<br />
times employees do not realize the data they are exposing is considered a breach and inadvertently<br />
release it to those who may do harm.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 69<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Many low-level healthcare crimes start at the most basic level. A disgruntled employee in a clinic or a<br />
biller looks to make extra money and the gate is open. Dealing in stolen PHI is also a lot less risky for<br />
many would-be identity thieves. The process for starting a Medicare approved service, Durable Medical<br />
Equipment (DME) company or home health agency has traditionally been an easy one. Once established,<br />
all the would-be thieves need to do is secure a few, readily available facts about a patient and then go to<br />
work billing for services and products without the patient being the wiser for a long period of time.<br />
With little to no regulation on medical billers, front office staff, and even certain clinical support staff,<br />
healthcare is a free-range market for thieves. Where did the breach originate? Many times, it’s difficult to<br />
identify the source and whether it was intentional or not.<br />
Outsourcing healthcare job functions overseas invites PHI compromise and data breaches<br />
Do patients know what their data is used for when it is collected? Do they know where that data is stored?<br />
Are they advised how their PHI is handled when seeing a doctor or healthcare provider? When your<br />
healthcare provider changes, does that information stay behind for good or is it destroyed once it is<br />
handed off to the next healthcare professional? What happens when the physician uses a dictation<br />
service or a billing service based in another country? Does HIPAA cover these entities? The short answer<br />
is no. Even with the most robust business associate agreements, HIPAA’s strength and reach does not<br />
protect this information from falling into the wrong hands. To add a scarier aspect to all this, many<br />
providers do not realize some or all of their services are offshored away from the protection of HIPAA.<br />
To date, there is no law requiring a vendor to disclose this. If the provider doesn’t know, you can all but<br />
guarantee the patients do not know either.<br />
Solutions & Challenges<br />
The Health Insurance Portability and Accountability Act (HIPAA) was created in 1996; one of the law’s<br />
principal purposes is to protect sensitive patient information. Other objectives of the Act were to combat<br />
waste, fraud and abuse in health insurance and healthcare delivery. It brought about much stiffer<br />
penalties for those who breached the newly imposed regulations and gave lengthier sentences for those<br />
who wished to criminalize healthcare. Even with the stiff financial penalties for breaches, the problem has<br />
not abated and continues to grow.<br />
The Centers for Medicare & Medicaid Services (CMS) threw their hat into the ring to help offset the outof-control<br />
fraud, waste and abuse that was happening for decades within CMS regulated programs. As<br />
part of the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) initiative, it was required<br />
by Department of Health and Human Services (HHS) to issue new cards that would no longer display the<br />
cardholder's Social Security number no later than April 2019. In the past, all a would-be criminal would<br />
need to commit fraud was a copy of a patients Medicare insurance card and a date of birth. Of course,<br />
the fraud was rampant.<br />
One suggested solution to this challenge would be to require medical providers and facilities to guarantee<br />
the security of the patient’s private information and impose additional penalties to those exposing a<br />
patient’s secured data. It’s worthy of consideration.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 70<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Transparency<br />
The key component that has been missing for decades is transparency for patients. There are few other<br />
services in life we receive that we don’t know exactly what we are being charged and what that charge<br />
is for. Can you imagine having your car serviced and you are given a cryptic statement that doesn’t clearly<br />
list what is to be done and how much each item costs. You have no way to compare to see if what you<br />
were going to receive is even comparable, reasonable, or necessary. And to boot, you are told there was<br />
no way to estimate your cost but please sign here that whatever the cost, you agree to it. Imagine grocery<br />
shopping this way or having your yard landscaped in this manner.<br />
Audit reports of employees printing documents as simple as determining who ran, accessed, and<br />
downloaded reports with patient data can go a long way to shoring up internal management’s handle on<br />
what is happening with this very sensitive data on a daily and ongoing basis.<br />
A strong cyber defense can identify trends and anomalies in people’s behavior, which is the first step in<br />
stopping cyber criminals before they ever get started. Recently, an employee with the State of California<br />
in the I/T department at copied more than 1,400 Covid test results with no apparent reason.<br />
Understanding the motivation behind why cyber healthcare criminals are doing what they are doing, lends<br />
us clues and answers as to how to get ahead of them and implement the right technology solution to stop<br />
them before they get started.<br />
Real Time Access<br />
When patients can see changes happening to their health record in the same way we can access our<br />
credit report is when this theft and fraud can be come to a grinding halt. If you were able to see any new<br />
charges paid on your behalf today rather than weeks, months, or years later, it would offer a real time<br />
solution to combatting this ever-growing problem.<br />
Conclusion<br />
In the age of one click ordering and speedy delivery, we take for granted the security or lack thereof,<br />
behind some of our most important and guarded personal information, our private health information.<br />
Making informed decisions and authorizing the right type of consent to those who handle this information<br />
is vitally important and ultimately falls to the responsibility of the patient. As in many other facets of life,<br />
personal responsibility is king. When in doubt as to where your personal health information is going to<br />
end up, demanding to know who else will have access to it, when it will be accessed, and how long it will<br />
be accessible, are all questions we have a right to have answered to our satisfaction.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 71<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
About the Author<br />
Christian Gitersonke is the CEO of Health Insurance Answers. He has run multiple revenue cycle<br />
management companies on behalf of physicians, works closely with<br />
electronic health record organizations and advocates for patients’ rights,<br />
protection of protected health information, and transparency in healthcare.<br />
Christian is endorsed by providers as well as community organizations<br />
that seek to make healthcare work for patients through protection and<br />
proper disclosure. He also serves on multiple boards for post-secondary<br />
education as an advisor.<br />
Christian can be reached online at christian@healthinsanswers.org,<br />
https://www.facebook.com/healthinsanswers,<br />
https://www.youtube.com/channel/UCbia0MOqTYGEFZ2ZRAosLDQ<br />
and at our company website http://www.healthinsanswers.org<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 72<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Overcoming Security as a Barrier to Cloud Adoption<br />
By Ron Newman, SVP at NTT Ltd. Security Division<br />
The last year has forced organizations into change, both planned and unplanned. Companies have had<br />
to pivot, rethink their business strategies and accelerate their digital transformations. A recent study found<br />
that nearly 90 percent of decision makers believe the COVID-19 pandemic has forced them to rely on<br />
technology more than ever before. For many organizations, this includes moving workloads to the cloud,<br />
a migration that has become somewhat of a necessity for businesses across the globe. Hybrid cloud<br />
services, for example, offer benefits, such as assurance of business continuity, resilience, and agility, all<br />
issues pushed to the forefront during the COVID-19 pandemic.<br />
A recent report found that nearly 94 percent of organizations responding to the survey agreed that the<br />
hybrid cloud is critical for meeting their immediate business needs. More than six in 10 of respondents<br />
said they are already using or piloting hybrid cloud services, with another third planning to roll out a hybrid<br />
cloud solution in the next one to two years.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 73<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Still, there are a hiccups holding some organizations back from embracing the cloud. Many survey<br />
participants see cloud security and compliance issues as problematic and a barrier to cloud adoption.<br />
Security concerns in the cloud<br />
Cloud security is complex, and most organizations want a complete picture of the risk. Over a third of<br />
the survey respondents migrated applications or data away from the public cloud to private or non-cloud<br />
environments, with more than four in 10 moving to non-cloud environments. And just under 30 percent<br />
of those organizations that migrated data from the public cloud named a security breach as the primary<br />
driver of their migration to private or non-cloud environments. Meanwhile, close to half of those<br />
responding said that data security management is the number one barrier to adopting the hybrid cloud.<br />
With its heightened prominence, security has moved from a cost center to an enabler of organizational<br />
transformation. But cloud customers are concerned about their cloud providers becoming targets, with a<br />
larger attack surface area to secure. Ultimately, security becomes a shared responsibility in the cloud,<br />
with both providers and customers playing a major role. But cloud customers can take steps to ensure<br />
their applications and data are as secure as possible.<br />
Securing your cloud-based data<br />
First, cloud users should view and establish security as an enabler of digital transformation. With better<br />
security, experiences with cloud-based applications can be improved for both a company’s customers<br />
and its employees. On the other hand, insecure applications hurt customer experience, brand reputation,<br />
and company revenue. I would recommend that cloud users build security into their applications from the<br />
very start. Businesses and their products and services should be secure by design to minimize risk.<br />
In addition, organizations moving to the cloud can seek partners that can help them with their cloud<br />
journeys. The right partner can secure mission critical applications using cloud and data center<br />
infrastructure. Using a partner to take a platform-wide approach enables discovery, configuration,<br />
integration, and the management of services across multiple enterprise applications and technology<br />
partners. This provides cloud customers with optimized outcomes and the realization of their business<br />
goals.<br />
For more on securing your cloud environment, click here.<br />
About the Author<br />
By Ron Newman, SVP at NTT Ltd. Security Division<br />
Ron oversees strategy, services and execution for NTT’s Security<br />
Division in the Americas. He brings his more than 25 years of experience<br />
in the information security industry to drive growth, implement solutions<br />
to improve efficiency, lower costs, and reduce risk, and lead business<br />
transformations.<br />
Ron can be reached via his LinkedIn profile or at https://hello.global.ntt<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 74<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Three things’ organizations must do to secure “passwordless”<br />
By Jerome Becquart, COO, Axiad<br />
The pandemic forced organizations to accelerate their journey to passwordless with secure<br />
authentication methods such as multi factor authentication (MFA), as individuals were expected to access<br />
the corporate network from a diverse number of locations, without compromising security or operational<br />
capacity. According to Gartner, 60% of large enterprises and 90% of midsize businesses will be using<br />
passwordless authentication by 2024. But passwordless in isolation is not enough. In order to maximize<br />
the strength of your offering, you need to ensure your authentication methods are standardized and<br />
automated across your organization.<br />
The Problem<br />
Instituting new security programs—particularly when it comes to identity security—ultimately relies on the<br />
end user consistently adhering to the new policies. It only takes one instance of circumventing controls<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 75<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
to expose your company to a hacker. This problem is further compounded by the fundamental failure of<br />
passwords as a method of authentication. Many organizations spend in excess of $1 million in passwordrelated<br />
IT support according to Forrester, and by some estimates, over 80% of data breaches can be<br />
related back to poor password hygiene in one form or another.<br />
Practically of course, it is a lot more difficult to enforce a passwordless system across every employee<br />
logging into each device or system they use. If an authentication credential is expired for example, or<br />
temporarily misplaced, how do employees regain access to the system without using insecure one-time<br />
passwords, costing the organization valuable resources? How long does the end user sit idly waiting for<br />
a solution before simply thinking (from an operational standpoint) that the lesser of two evils would be to<br />
find a workaround in the system, which would leave the organization open for threat actors to gain a<br />
foothold into the corporate network.<br />
The 3-step solution - fostering a company-wide policy of security culture<br />
Attempting to solve the problems described above can be difficult, often placing undue burdens and costs<br />
on an over-stretched and underfunded IT department, who are already dealing with the huge task of<br />
transferring huge swathes of the workforce to a remote model. Here are 3 key steps to help you increase<br />
security policy compliance, decrease IT burdens, adopt a passwordless security approach, and bolster<br />
end user self-sufficiency -- all critical issues to address as you ensure secure remote work.<br />
First, it is important that you make the case for security as a primary concern to all individuals. As it<br />
only takes one individual error in order to let a hacker into the network, then take responsibility for<br />
explaining the consequences of this action to your employees through security training, both in terms of<br />
personal consequences for them, and the wider consequences for the business should a breach occur.<br />
Second, ensure that your passwordless authentication system does not exist in a vacuum. Users<br />
are often resistant to change, and will procrastinate and delay any proposed changes (renewing and<br />
replacing credentials) while their existing credentials continue to work: Don’t let them. Consider<br />
implementing technology that will flag users attempting to bypass the authentication protocols you have<br />
in place and automatically reroute these users to a system that requires specific actions to be taken<br />
before the user can access their corporate network. The empowerment this gives a company from a<br />
security perspective cannot be understated: It provides enterprises with a security standard, which can<br />
be consistently applied across the entire company, without impacting employee productivity.<br />
Third - and arguably, most crucial - ensure that shaping user behavior happens without the involvement<br />
of IT support. If this process can be automated, it can avoid undue burdens being placed on already<br />
overstretched IT teams and their involvement in every individual incident of authentication being<br />
bypassed. In turn, this will help to free up IT teams for their own projects. When the teams are not<br />
constantly putting out fires, they can also work to proactively improve the IT posture of their enterprise.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 76<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
A cultural shift in authentication<br />
Strong authentication methods need to be recognized as a hugely successful and effective method of<br />
dealing with cybersecurity threats that impact the ability of a business to function, grow and thrive.<br />
Whether we like it or not, passwordless is coming: Gartner’s predictions tell us that we need to be<br />
imminently ready for this seismic shift in authentication. By making it simple for employees to uphold<br />
secure best practices your organization can successfully become passwordless and better protect<br />
themselves from breaches, no matter where your employees work and without adding any additional<br />
layers of complexity for the end user.<br />
About the Author<br />
Jerome Becquart is COO of Axiad. Jerome has over 20 years of<br />
experience in identity and access management solutions, including 15<br />
years at ActivIdentity. Jerome’s management experience includes roles<br />
in operational management, sales management, professional services,<br />
product and solution marketing, engineering, and technical support.<br />
After the acquisition of ActivIdentity by HID Global in 2010, Jerome<br />
served as general manager of the HID Identity Assurance business<br />
unit. He chaired the Global Platform Government Task Force for three<br />
years, and served on the board of directors of this Industry<br />
organization.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 77<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Time Is Money: How to Minimize Data Breach Damages<br />
with Early Detection<br />
In the current landscape of cybersecurity, most CISOs have come to understand that breaches<br />
are inevitable – however, with early detection and remediation, organisations can significantly<br />
reduce the harmful impacts of a breach, writes Karl Swannie, Founder of Echosec Systems.<br />
By Karl Swannie, Founder, Echosec Systems<br />
Data breach recovery is only as successful as the time it takes to find and remediate the compromise.<br />
Thanks to reports like IBM’s 2020 Cost of a Data Breach, we know that damage scales with the length of<br />
a breach lifecycle. In the cybersecurity world, days can mean millions.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 78<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
So why does it still take businesses 280 days, on average, to find and contain a breach? And what can<br />
CISOs and IT Managers do to minimize this timeframe and—as a result—financial and reputational<br />
losses?<br />
There are a number of reasons why compromise often takes so long to detect and address. For one,<br />
enterprise cybersecurity is notoriously underfunded. According to ISACA’s 2020 State of <strong>Cyber</strong>security<br />
Report, 60% of respondents claim that their cybersecurity budget is either somewhat or significantly<br />
underfinanced. Underfunded cybersecurity programs usually lack the security infrastructure, personnel,<br />
and training required to avoid attacks or respond effectively when a breach inevitably occurs.<br />
Organizations also sacrifice speed-to-information without security automation. According to IBM, fully<br />
deployed automation can reduce breach lifecycles by almost 25% compared to security systems with no<br />
automation. Attacks can fly under the radar if companies aren’t diligent about third-party compromise.<br />
And there’s the fact that, between nation-state actors, criminal groups, and the COVID-19 pandemic,<br />
attackers are becoming more sophisticated by the day.<br />
We also know that early breach detection isn’t always about visibility into your internal systems and data<br />
feeds. Breach indicators are often first detectable on public online sources like deep and dark web forums,<br />
paste sites, and marketplaces where data is monetized or freely available. If you’re not including obscure<br />
online sources within your threat intelligence toolkit, you’re missing a potential opportunity to reduce<br />
detection and remediation time.<br />
What’s At Stake: A Quick Recap<br />
As a security professional, you’re probably well aware of the cost of late detection. According to IBM,<br />
enterprises with over 25,000 employees are looking at a breach price tag of $5.52M—but organizations<br />
can save an average of $1.12M if they shorten its life-cycle to under 200 days. This cost captures<br />
expenses related to crisis management, lost business, regulator communications, and victim response.<br />
These numbers don’t include regulator expenses for non-compliance. For example, under GDPR<br />
regulations, breached organizations must report incidents within 72 hours or risk hefty fines in the millions.<br />
Businesses also risk potential lawsuits and the immeasurable cost of losing customer and stakeholder<br />
trust.<br />
Early Detection & Remediation Strategies<br />
How can you support earlier breach detection within your organization? The good news is that several<br />
solutions are within reach. Varonis suggests the following high-level strategies to minimize breach<br />
lifecycles:<br />
●<br />
●<br />
●<br />
●<br />
●<br />
Invest more in comprehensive cybersecurity solutions, particularly those harnessing automation.<br />
Improve communications with executives and board members to factor cybersecurity concerns<br />
into org-wide budgeting and decision-making.<br />
Establish a dedicated cybersecurity and incident response team.<br />
Develop and routinely test a breach response plan so that you’re better prepared for remediation.<br />
Prioritize other cybersecurity best practices, such as limiting file permissions within the<br />
organization and educating employees about cybersecurity.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 79<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
But that’s not all. We mentioned earlier that early breach indicators are often present on public online<br />
sources, such as the deep and dark web – sometimes even before a compromise is apparent on your<br />
systems.<br />
<strong>Cyber</strong>security teams can avoid these blind spots by leveraging tools and data feeds that monitor a variety<br />
of hidden online spaces for mentions of your company or sensitive assets – like email addresses and<br />
other internal data. Improving data coverage isn’t the answer to early detection, but it can go a long way<br />
to support a more proactive solution.<br />
Many of these obscure data sources, which include unindexed chan boards, forums, and paste sites, are<br />
not crawled by commercial threat intelligence solutions—which is why it’s important to examine data<br />
coverage when evaluating new vendors. Relevant sources emerge quickly on the deep and dark web.<br />
Your cybersecurity analysts don’t have time to navigate these sources manually for potential risks, so let<br />
your software do the work for them.<br />
Most CISOs understand that breaches are inevitable. But with early detection and remediation,<br />
organizations can significantly reduce fiscal damages, protect their data subjects and IP, and preserve<br />
their reputation.<br />
As attack surfaces increase through digital transformation and workforces turn domestic, early detection<br />
strategies are essential for business growth in <strong>2021</strong> and beyond.<br />
About the Author<br />
Karl Swannie is the Founder of Echosec Systems.<br />
Founded in 2013, Echosec Systems is an advanced digital<br />
threat intelligence technology provider that monitors data<br />
across mainstream social media, decentralized social<br />
networks, messaging apps and the dark web.<br />
Headquartered in Victoria, British Columbia, Echosec<br />
Systems has created a range of unique software solutions<br />
to provide organizations with an all-in-one toolkit to create<br />
an easy-to-understand, comprehensive picture of potential<br />
threats online, without the risk of drowning in data. Karl can<br />
be reached through LinkedIn and at Echosec.net.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 80<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
Why We Care About <strong>Cyber</strong>security Hygiene<br />
By James Opiyo, Senior Consultant Security Strategy, Kinetic By Windstream<br />
Maintaining good cybersecurity hygiene habits is just as important as maintaining good personal hygiene<br />
habits. We must maintain high cybersecurity standards to protect our digital health from some common<br />
cyber threats.<br />
Common threats to our digital health<br />
• Malicious software (malwares) designed to steal information and or cause damage to our connected<br />
devices.<br />
• Viruses that infect connected devices and then spread to others while giving cybercriminals access<br />
to those devices.<br />
• Ransomware malware that kidnaps a connected device and prevents an authorized user from<br />
accessing the affected device until a ransom (usually cash) is paid.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 81<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
• Phishing scam where cybercriminals attempt to steal sensitive data (SSN, Credit Card numbers etc.)<br />
using deceptive electronic messages e.g. email, text messages, pop-up windows etc. They use fake<br />
websites, emails, etc. and lure users to disclose sensitive information. They may, for example, send<br />
a link masked to look like your bank’s legitimate web address and ask you to click on it and login to<br />
your bank. This will give them access to your real login credentials which they can use to log into<br />
your real bank account and steal money, personal information etc.<br />
<strong>Cyber</strong>security hygiene habits to help mitigate common threats<br />
• Install reputable antimalware & antivirus software to prevent malware attacks.<br />
• Create complex passwords that cannot be easily guessed. For example, using combinations of at<br />
least 12 letters, numbers, and special characters.<br />
• Secure your Wi-Fi network with a strong password and router name. Turn off remote management<br />
of the router and ensure that the router offers WPA2 or WPA3 encryption to maintain the highest<br />
level of privacy of information sent via your network.<br />
• Change the manufacturer default passwords for all your smart devices e.g. smart thermostat, smart<br />
doorbells, smart locks, etc. A hacker can easily download a smart device’s user manual and get its<br />
default password.<br />
• Update software and apps regularly to maintain latest version of software patches that fix security<br />
flaws.<br />
• Permanently delete sensitive data from your computer and keep your hard drive clean.<br />
• Never click on a link, open pop-up, etc. from unknown source.<br />
Conclusion<br />
In summary, we should include installing reputable antimalware software, creating strong passwords,<br />
keeping our connected devices clean, and always be suspicious of request for information coming from<br />
unknown sources as paramount steps to keeping good cybersecurity hygiene habits.<br />
About the Author<br />
James Opiyo is a Senior Consultant for Security Strategy at Kinetic<br />
by Windstream. Kinetic provides premium broadband, entertainment,<br />
and security services through an enhanced fiber network and 5G fixed<br />
wireless service to consumers and small and midsize businesses<br />
primarily in rural areas in 18 states.<br />
Email: james.opiyo@windstream.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 82<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 83<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 84<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 85<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 86<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 87<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 88<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 89<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 90<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
You asked, and it’s finally here…we’ve launched <strong>Cyber</strong><strong>Defense</strong>.TV<br />
Hundreds of exceptional interviews and growing…<br />
Market leaders, innovators, CEO hot seat interviews and much more.<br />
A new division of <strong>Cyber</strong> <strong>Defense</strong> Media Group and sister to <strong>Cyber</strong> <strong>Defense</strong> Magazine.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 91<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
FREE MONTHLY CYBER DEFENSE EMAGAZINE VIA EMAIL<br />
ENJOY OUR MONTHLY ELECTRONIC EDITIONS OF OUR MAGAZINES FOR FREE.<br />
This magazine is by and for ethical information security professionals with a twist on innovative consumer<br />
products and privacy issues on top of best practices for IT security and Regulatory Compliance. Our<br />
mission is to share cutting edge knowledge, real world stories and independent lab reviews on the best<br />
ideas, products and services in the information technology industry. Our monthly <strong>Cyber</strong> <strong>Defense</strong> e-<br />
Magazines will also keep you up to speed on what’s happening in the cyber-crime and cyber warfare<br />
arena plus we’ll inform you as next generation and innovative technology vendors have news worthy of<br />
sharing with you – so enjoy. You get all of this for FREE, always, for our electronic editions. Click here<br />
to sign up today and within moments, you’ll receive your first email from us with an archive of our<br />
newsletters along with this month’s newsletter.<br />
By signing up, you’ll always be in the loop with CDM.<br />
Copyright (C) <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine, a division of CYBER DEFENSE MEDIA GROUP (STEVEN G.<br />
SAMUELS LLC. d/b/a) 276 Fifth Avenue, Suite 704, New York, NY 10001, Toll Free (USA): 1-833-844-9468 d/b/a<br />
<strong>Cyber</strong><strong>Defense</strong>Awards.com, <strong>Cyber</strong><strong>Defense</strong>Magazine.com, <strong>Cyber</strong><strong>Defense</strong>Newswire.com,<br />
<strong>Cyber</strong><strong>Defense</strong>Professionals.com, <strong>Cyber</strong><strong>Defense</strong>Radio.com and <strong>Cyber</strong><strong>Defense</strong>TV.com, is a Limited Liability<br />
Corporation (LLC) originally incorporated in the United States of America. Our Tax ID (EIN) is: 45-4188465,<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine® is a registered trademark of <strong>Cyber</strong> <strong>Defense</strong> Media Group. EIN: 454-18-8465, DUNS#<br />
078358935. All rights reserved worldwide. marketing@cyberdefensemagazine.com<br />
All rights reserved worldwide. Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved. No part of this<br />
newsletter may be used or reproduced by any means, graphic, electronic, or mechanical, including photocopying,<br />
recording, taping or by any information storage retrieval system without the written permission of the publisher<br />
except in the case of brief quotations embodied in critical articles and reviews. Because of the dynamic nature of<br />
the Internet, any Web addresses or links contained in this newsletter may have changed since publication and may<br />
no longer be valid. The views expressed in this work are solely those of the author and do not necessarily reflect<br />
the views of the publisher, and the publisher hereby disclaims any responsibility for them. Send us great content<br />
and we’ll post it in the magazine for free, subject to editorial approval and layout. Email us at<br />
marketing@cyberdefensemagazine.com<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine<br />
276 Fifth Avenue, Suite 704, New York, NY 1000<br />
EIN: 454-18-8465, DUNS# 078358935.<br />
All rights reserved worldwide.<br />
marketing@cyberdefensemagazine.com<br />
www.cyberdefensemagazine.com<br />
NEW YORK (US HQ), LONDON (UK/EU), HONG KONG (ASIA)<br />
<strong>Cyber</strong> <strong>Defense</strong> Magazine - <strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> rev. date: 05/03/<strong>2021</strong><br />
Books by our Publisher: https://www.amazon.com/Cryptoconomy-Bitcoins-Blockchains-Bad-Guysebook/dp/B07KPNS9NH<br />
(with others coming soon...)<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 92<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
9 Years in The Making…<br />
Thank You to our Loyal Subscribers!<br />
We've Completely Rebuilt <strong>Cyber</strong><strong>Defense</strong>Magazine.com - Please Let Us Know<br />
What You Think. It's mobile and tablet friendly and superfast. We hope you<br />
like it. In addition, we're shooting for 7x24x365 uptime as we continue to<br />
scale with improved Web App Firewalls, Content Deliver Networks (CDNs)<br />
around the Globe, Faster and More Secure DNS<br />
and <strong>Cyber</strong><strong>Defense</strong>Magazine.com up and running as an array of live mirror<br />
sites and our new B2C consumer magazine <strong>Cyber</strong>SecurityMagazine.com.<br />
Millions of monthly readers and new platforms coming…starting with<br />
https://www.cyberdefenseprofessionals.com this month…<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 93<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 94<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>May</strong> <strong>2021</strong> <strong>Edition</strong> 95<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.