Tag Archive for: effective

Atos Ensures Effective and Secure Delivery of the Beijing Winter Olympics

/in


BEIJING & PARIS, March 18, 2022 — The Olympic and Paralympic Winter Games Beijing 2022 ended after a successful edition, despite the unique context in which the event was held. These games saw more than 3,400 athletes compete, supported by key digital systems which were orchestrated and secured by Atos, leveraging its global digital platforms, infrastructure, and cloud orchestration expertise. For 30 years, Atos has been supporting the Olympic and Paralympic Games, driving digital innovation so all sports fans can experience the athletes’ achievements in real-time from anywhere, and on any device. No rest for the brave: Atos teams have already started to work on the preparation of the Olympic and Paralympic Games Paris 2024.

Orchestrating the Digital Backbone Behind 187 Competitions

As the Worldwide IT Partner of the International Olympic Committee (IOC) and International Paralympic Committee (IPC), as well as the lead integrator, Atos has run and orchestrated the key digital IT systems that helped to safely and securely deliver the Beijing 2022.

Atos provided more than 50 critical IT applications which supported the smooth running of the overall event, including 187 competitions over a month-long period. These included the Olympic Management System which supported the planning and operations (accreditations, workforce management, volunteer portal, competition schedule, sports entries and qualifications, eVoting) and the Olympic Diffusion System delivering real-time results to fans, journalists, and broadcasters worldwide. Atos also secured the IT infrastructure with cloud-based security services, including a Security Operations Center (SOC), a Computer Security Incident Response Team, endpoint detection and response, and vulnerability assessment services.

Bringing in Key Cloud Orchestration Expertise

In a first for the Games, Atos deployed its systems on a public cloud. This resulted in the need to create applications that could run on different IT environments and to implement innovative technologies and ways of working, such as Edge computing or DevSecOps, in order to bring more security and agility to the whole architecture. All critical systems were…

Source…

Privacy vs. Security: Is Your Bot Mitigation Solution Effective in the Wake of Web Privacy Trends?

/in


Bad Bots Disguise as Humans to Bypass Detection

Bot mitigation providers place significant emphasis on stopping bots with the highest degree of accuracy. After all, it only takes a small number of bad bots to get through your defenses to wreak havoc on your online businesses. One challenge of stopping bad bots is keeping false positives to a minimum (where a human is incorrectly categorized as a bot).

The more aggressively rules are tuned within a bot mitigation solution, the more susceptible the solution becomes to false positives because it needs to decide whether to grant requests for indeterminate risk scores. As a result, real users are inadvertently blocked from websites and/or being served CAPTCHAs to validate they are indeed humans. This inevitably creates a poor user experience and lowers online conversions.

Much of the ongoing innovation in modern bot mitigation solutions has been a reaction to increasing sophistication of the adversary. The fact that bad bots increasingly look like humans and act like humans in an attempt to evade detection makes it more difficult to rely on rules, behaviors, and risk scores for decisioning – making false positives more pronounced.

Humans Now Disguising Themselves for Privacy

A more recent trend is exacerbating false positives, and without proper innovation, it renders legacy rule and risk-score dependent bot mitigation solutions inadequate. It results from the accelerating trends related to humans taking action towards more privacy on the Internet. Ironically, the move towards more privacy on the web can actually compromise security by making it even more difficult to distinguish between humans and bots. 

To understand why it’s essential to know how the majority of bot detection techniques work. They rely heavily on device fingerprinting to analyze device attributes and bad behavior. Device fingerprinting is performed client-side and collects information such as IP address, user agent header, advanced device attributes (e.g. hardware imperfections), and cookie identifiers. Over the years, the information collected from the device fingerprint has become a major determinant for analytics engines used to whether the request is bot…

Source…

Week in review: Most effective security practices, worst password offenders, Patch Tuesday forecast

/in


Here’s an overview of some of last week’s most interesting news, reviews, articles and podcasts:

Open source vulnerabilities go undetected for over four years
For its annual State of the Octoverse report, GitHub has analyzed over 45,000 active code directories to provide insight into open source security (vulnerabilities) and developers’ practices regarding vulnerability reporting, alerting and remediation.

How to reduce the risk of third-party SaaS apps
Third-party SaaS apps (and extensions) can significantly extend the functionality and capabilities of an organization’s public cloud environment, but they can also introduce security concerns. Many have permission to read, write, and delete sensitive data, which can have a tremendous impact on security, business, and compliance risk.

Why microlearning is the key to cybersecurity education
Microlearning and gamification are new ways to help encourage and promote consistent cybersecurity learning. This is especially important because of the changing demographics: there are currently more millennials in the workforce than baby boomers, but the training methods have not altered dramatically in the last 30 years.

Which security practices lead to best security outcomes?
A proactive technology refresh strategy and a well-integrated tech stack are, according to a recent Cisco report, two security practices that are more likely than many others to help organizations achieve goals such as keeping up with business, creating security culture, managing top risks, avoiding major incidents, and so on.

Hackers are targeting the COVID-19 vaccine supply chain
Unknown hackers have been trying to compromise accounts and computer systems of employees in organizations involved in the COVID-19 vaccine supply chain.

Review: The Perfect Weapon
Released at the peak of the US 2020 election campaign and just before the election itself, the documentary examines the harsh reality of today’s conflicts between nations, relying not so much on physical weapons but rather on attacking the enemy in a more stealthy and unpredictable way, with cyber weapons.

How prevalent is DNS spoofing? Could a repeat of the Dyn/Mirai DDoS attack have the same…

Source…

How to make an effective data security governance strategy

/in


Read Article

By Sonit Jain, CEO of GajShield Infotech

An effective data security governance strategy should include features like custom cybersecurity policies, complete visibility over data, data encryption methodologies, among others.

Context-based data leak prevention
A context-based data leak prevention firewall creates context around data to enhance inspection and authentication. It helps to get granular details like sender/receiver address and email text patterns in an email to increase security. The contextual intelligence engine identifies the context to break and classify data into multiple data points. This helps to analyze all granular data points pertaining to these emails as well as other communications and prevent any policy violation.

Context-based data leak prevention firewalls also help to build the foundation for an effective data security governance. Data security governance requires building custom cybersecurity policies, which is among the many things that a context-based data leak prevention firewall allows you to do. A context-based data leak prevention firewall creates context around data and compares it with the custom security policies you created to prevent any data leakage. Hence, you can create policies according to your specific needs for enhanced data governance.

Complete visibility over data
Visibility over data is of utmost importance for monitoring and governance. Complete data visibility allows you to get complete knowledge of what is being downloaded, uploaded, or transmitted over your organization network. You will have complete control over your data.

Contextual data leak prevention firewalls and complete visibility are often interconnected. A firewall backed up by a contextual intelligence engine generates deeper visibility by identifying context around data points. This combination of context-based data leak prevention and complete visibility allows users to create custom cybersecurity policies based on their needs. For instance, you can restrict specific keywords in ‘from,’ ’to,’ ‘subject,’ and ‘email content’ of an email.

Secure data transmission with VPN
A VPN service is a must for effective data governance, especially in…

Source…