Tag Archive for: Navigating

Navigating Biometric Data Security Risks in the Digital Age

/in


COMMENTARY

Although it wasn’t called biometrics at the time, a rudimentary form of the technology emerged in 1901 when Scotland Yard adopted fingerprint classification to identify criminal suspects. Biometrics has come a long way in the more than 120 years since then.

Public and private sector organizations now use it to identify and authenticate individuals to grant access to computer systems, such as laptops and tablets, and enterprise applications such as human resources or customer relationship management systems. Apple adopted biometrics to unlock the iPhone in 2013, and today face ID is a common feature on mobile phones. The Mastercard Biometric Card combines chip technology with fingerprints to verify the cardholder’s identity for in-store purchases. Healthcare organizations also use biometrics to verify individuals to determine access to medical care. This is particularly useful if the patient can’t produce other forms of identification.

With biometric devices part of the growing body of data-bearing devices deployed across multiple sectors, including government agencies and the military, organizations looking to use this technology must make sure their data security solutions protect what may be a new goldmine for hackers.

DoD Details Biometrics Data Risks

The US government is now fully aware of the potential danger of biometrics data breaches: The Inspector General (IG) of the US Department of Defense (DoD) released a report in November 2023 revealing significant gaps in security and management of biometric data within the DoD. These gaps may pose risks to personnel and potentially threaten clandestine operations. According to the IG’s report, the DoD’s use of biometric data has been extensive, particularly in areas of conflict where accurately identifying individuals is critical for security operations. The report found many of the DoD’s biometric collection devices lacked data encryption capabilities and a clear policy for destroying or sanitizing biometric data.

While commercial enterprises don’t face the same challenges as the DoD, the threat of biometrics data breaches to business operations are also a serious concern. Some of the top threats to private sector…

Source…

Ransomware Negotiation and Ethics: Navigating the Moral Dilemma

/in


Ransomware attacks have developed in recent years from mere data breaches to sophisticated operations. These attacks often involve targeting organizations, and these cyber criminals have gone from a minor speck on the digital security radar — to a widespread and highly advanced type of cybercrime. Nowadays, businesses of all sizes and industries find themselves trapped in a game of digital chess. Their opponents use nefarious tactics to compromise essential and sensitive data, holding said data hostage for exorbitant ransoms, with ransomware attacks increasing 105% in 2021.

The difficult choice of whether to engage with hackers holding critical information hostage has repercussions beyond the digital sphere, challenging the ethical foundations of businesses and institutions. A thorough analysis of the ethics behind choosing to negotiate or not is necessary as businesses struggle with the conflicting demands of protecting their operations and honoring their ethical obligations.

The Case for Negotiation

As organizations confront the imminent threat of data loss, operational disruption, and potential harm to stakeholders that may be caused by ransomware, a compelling argument emerges in favor of engaging in negotiations. Therefore, we must examine the most effective techniques for mitigating the effects of ransomware attacks. Although it may appear counterintuitive to some, negotiation can be a useful strategy for safeguarding the interests of victims and the larger digital ecosystem.

    • Data Protection and Business Continuity: Because a business’s capacity to operate is significantly compromised when it is the target of ransomware, negotiation may provide enterprises access to crucial data and systems again, allowing them to resume operations quickly. Negotiation offers victims the opportunity to recover encrypted data while decreasing the impact on their everyday operations; this can be particularly crucial for medical institutions, emergency services, and other essential services that directly affect the safety and well-being of the general public.

Source…

Houston expert shares tips for navigating cybersecurity challenges amid the holiday season

/in


It’s a grinch’s cyber-playground, and this holiday season, you’re at risk — even if you think it won’t happen to you.

The good news is you can protect yourself from scams and fraud. Just remember that cybercriminals don’t discriminate, they can prey on anyone.

These statistics may surprise you:

  • Anxiety about having a mobile device hacked differs by demographic; low-income Black women rank mobile security as their number one concern, while the general population ranks mobile security as their third largest concern, according to a recent Recon Analytics survey of more than 3,297 U.S. consumers.
  • 44 percent of millennials have been victims of online crime in the last year and 31 percent admit they share their passwords with others.
  • Romance scams resulted in the most financial losses for adults aged 60 and over
  • Younger consumers took fewest actions after being notified of a data breach affecting their identity/online accounts in Q1 2022
  • Nearly 50 percent of American gamers have experienced a cyberattack on their gaming account or device
  • 47 percent of women who live in cities say their identities and/or data has been compromised in the past 6 months due to lack of home internet protections, compared with 53 percent of city men who say the same thing, according to a recent Recon Analytics survey.

People everywhere, regardless of gender, race, income level, education, or age, deserve to feel safe online. And yet, many aren’t aware how to protect themselves, don’t make it a priority, or wait to act until they are alerted to suspicious activity.

With words like malware, phishing, spoofing, and encryption, learning to protect yourself can feel like a college-level course. But it doesn’t have to be that complicated.

Top 5 ways to guard against cyberthreats

By following five simple steps, you can start to protect your network, devices and data from many digital threats.

  1. Understand cyberattacks are real. One of the first hacks was documented in 1963 and today, nearly 60 years later, hackers are attacking phones and computers every 39 seconds. Cyberattacks continue to grow in number every year.
  2. Be proactive. Don’t wait for an attack to happen. Monitor your accounts daily so you are…

Source…

Navigating risks in a 5G enabled IoT Channel

/in



Read Article

By IC Bala Prasad Peddigari, IEEE Senior Member, Growth and Transformation Innovation Leader, TCS

The high-speed communication that comes with 5G has undoubtedly opened a host of opportunities for the future of tech. According to a recent Ericsson Mobility Report, massive IoT will contribute to 51% of cellular IoT connections and 5G subscriptions are expected to reach 4.4 billion by 2027. These findings promise to deliver reliable and secure high data rates. However, each device that is connected in the 5G enabled IoT ecosystem, opens a surface for the channels that allow the sensing, collecting, and processing vast amount of information at high speed. This process accumulates a huge amount of data that is highly prone to many security challenges because of the interconnectivity between the billions of devices participating in the IoT landscape – and inevitably making them vulnerable to attacks.

Furthermore, the integration of edge cloud in the context of 5G enabled IoT has opened many new use-cases, where multiple tenants can leverage the local compute power of edge devices, edge gateway and edge data centers. This triggers many data security threats, and it requires taking measures to protect attack surfaces from advanced persistent threats, web application vulnerabilities, API security, and lateral propagation.

As the density of devices is over a million per square kilometer, the attack surface has multiple channels that can be exploited and result in threats to data passing through the wire. Common attacks like Supply Chain Attacks, Network attacks, and BotNets can be mutated and replicated with ease across the channels. Other attacks include:
• Man in the middle: The first attacker expropriates the transmitted messages and then attempts to update or delete the messages before forwarding them to the receiver
• Impersonation attack: The attacker effectively determines the identity of the actual communication party and generates a message on behalf of the ‘‘genuine communicating party’’ to send to the recipient.
• Bidding Down: This is a cryptographic attack to abandon the higher quality order of operation when compared to the lower quality…

Source…