Tag Archive for: prioritizing

Are You Prioritizing Digital Identity Management?

/in


The rapid shift to remote working has created newfound challenges for organizations when it comes to digitizing their operations. One major hurdle is managing employees’ digital identities. So much so, that the vast majority of organizations (84%) report experiencing some form of identity-related breach within the past 12 months, which is undoubtedly a huge security risk.

A recent study found that nearly all organizations have seen an exponential increase in the number of identities they have to manage. This is because more applications and workloads are being moved to the cloud, while organizations are typically also working with more third-party software providers than ever.

Organizations must understand that they have a responsibility to protect their employees’ digital identities. Without a well-developed digital identity security strategy, they can face huge risks, such as operational disruption, negative publicity, and costly regulatory fines.

In this article we will examine some of the measures organizations can put in place to ensure the security of their digital infrastructure and regain control over employees’ digital identities.

Zero Trust Architecture – The ‘Be All and End All’ Solution? 

Security strategies have to evolve with the times. With the hybrid working boom, it’s no longer enough for organizations to just protect the perimeter of their networks. Employees are now often logging in from multiple locations and on different devices; all they need is a reliable internet connection. Organizations have to take this into account – and understand that traditional measures are no longer fit for purpose.

The evolving business landscape has created new challenges for enterprise network security. Zero trust architecture (ZTA) is becoming an increasingly popular approach, as it provides a higher level of security than a perimeter-centric model. ZTA assumes that all devices and users are potentially malicious and requires that they be authenticated as they move laterally within a network, making it more difficult for attackers to breach the system.

The effective management of users’ digital identities is the cornerstone of ZTA. Its…

Source…

Battle of the breach: Prioritizing proactive ransomware defense

/in


Editor’s note: The following is a guest article from Sebastian Goodwin, chief information security officer at Nutanix. 

Over the last decade, ransomware has become the de facto tactic of cybercriminals looking to make a quick buck.

And why not? Average ransomware payments are nearing the $1 million mark, and many criminal groups are now selling their tools and services on specialty ransomware as a service marketplaces.

With nearly every business already permanently connected to the internet, global ransomware damage is expected to reach an annual impact of $265 billion within this decade.

In practical terms, this means that we will soon face a reality where organizations are attacked every two seconds by threat actors that continue to evolve their tools and tactics. 

Doing business in such a world can seem overwhelming, but modern cybersecurity approaches are working to keep up with the growth of ransomware.

As a result, CISOs looking to apply advanced thinking to ransomware defense can integrate new processes and tactics as they formulate their cybersecurity strategies. 

What’s in a name? Ransomware types by description 

Today’s ransomware can come from many specialized groups and threat actors. To make things more complicated, some criminal groups even sell their tools through a ransomware as a service business model, letting anyone with a bank account or cryptocurrency wallet automate ransomware attacks via the dark web. 

Most common types of ransomware fall into six distinct categories: 

  • Crypto ransomware: After breaching individual workstations and systems, this type of ransomware finds and encrypts files, rendering them unusable. Victims are encouraged to pay a ransom or lose access to their data permanently, often by having it completely deleted off their system. 
  • Locker ransomware: While crypto-style ransomware blocks access to individual files, Locker-type ransomware affects whole machines, preventing a user from accessing any files or programs until a ransom is paid. In general, this type of ransomware affects computer systems, though some are specifically made to lock IoT and smart home…

Source…

Enterprise Mobile Q&A With DJ Oreb at DMI: Prioritizing UX in Mobile

/in


Enterprise mobility has become an increasingly important part of enterprise connectivity, especially as many companies have shifted to remote, global, and hybrid work. Mobile devices and a strong mobile strategy ensure that employees and customers alike are receiving an optimized digital experience.

DMI, an IT service management and digital transformation company that specializes in enterprise mobility, focuses on creating client- and user experience (UX)-driven mobility solutions to match these new enterprise models of operation.

See below to learn about top enterprise mobility trends and expert insights from DJ Oreb, president of managed services at DMI:

DJ Oreb DJ Oreb, president of managed services at DMI

DJ provides guidance and customer insights while retaining loyal and satisfied customers in today’s mobile-connected world. He possesses extensive industry experience in mobile life cycle management, mobile strategy, help desk, telecom expense management, procurement, and mobile device management (MDM). Oreb helps build strong relationships to develop mobile programs for customers. These drive business results to enhance and grow their mobile ecosystem and user experience.

Upon joining DMI, Oreb brought with him an extensive background in information technology, operations management, mobility management, managed services, systems administration, and project management. His customer-focused approach has brought customers new insights into how they manage their mobile programs today.

Also read: Mobile Security Trends

Enterprise Mobile Q&A

Building an enterprise mobile career

Datamation: How did you first get started in or develop an interest in mobility services, mobile strategy, and the enterprise mobile industry?

Oreb: I developed an interest in mobility when I got the Nokia 3310 mobile phone. I was intrigued by the ability to be connected on the go and saw it as a turning point in what was possible as well as what it could do for the enterprise.

Datamation: What are your primary responsibilities in your current role?

Oreb: I am the president of the managed services organization at DMI. I am responsible for our managed mobility services, IT infrastructure services, and end-user services portfolio of business and the…

Source…

Prioritizing a Proper Response to the Colonial Pipeline Hack.

/in


The best way to get the American public’s attention is to hit them in their wallets, especially if it happens at the gas pump. Still, inviting the ire of the entire East Coast and commanding headlines of major news publications for a week was certainly not what the DarkSide ransomware group had in mind when they targeted Colonial Pipeline’s IT infrastructure. On May 7th, DarkSide launched a ransomware attack against Colonial Pipeline, resulting in a shutdown of their entire operation and an eventual ransom payment of $5 million.

It seems that the most powerful nation in the history of the world has a major issue with cyber threats…

While most Americans were wrapped up in the more sensational parts of the story—plastic bags filled with gas or the mysterious perpetrator and any possible ties they may have to the Russian government—there is a more serious underlying issue that is garnering less attention. It seems that the most powerful nation in the history of the world has a major issue with cyber threats, and despite some promising solutions that are being implemented as a result of this recent hack, there is still a prioritization issue and an ongoing ignorance about the proper path forward.

Ironically, not many people know what good cyber security hygiene looks like despite spending most of their days within the cyber world. Part of that can be explained away by the novelty of this new way of living where we are permanently connected, but the amount of time left to use that excuse is running out. Americans are soon going to wake up to find that all their personal data is littered throughout the world’s computer infrastructure, just waiting for a crafty hacker to steal.

Thankfully, the blinders are starting to lift, ever so slightly, as drivers are confronted with the price to fill up—if they can find gas at all.

Out of service gas pump.

Out of service gas pump.

CALCULATE THE RISK, THEN ASSUME BREACH

Businesses are not ignorant of the dangers that they face, especially after the high-profile cyber attacks targeting SolarWinds’ software and Microsoft Exchange servers. The…

Source…