Cyber Security Trend Week in Review: Alertsec, ZapFraud, Venafi
Though for many, we're wrapping up a week of unusual solemnity culminating in the high point of the calendar on Easter Sunday, that didn't stop the Cyber Security Trend Community from having more that some just merely interesting developments. Below are some of the highlights of the week that was.
There were two special guests this past week that provided words of wisdom. The first came from Alertsec CEO Ebba Blitz who detailed some of the best practices involved in an effective cyber security control setup. The biggest recommendation was technical controls that protect not only software, but also hardware, and even the data itself. This multi-level protection scheme provides wide-scale protection, with encryption of the data outright serving as a final line of defense.
The contribution from ZapFraud CTO and founder Dr. Markus Jakobsson offered a look at one of the latest scams around, business email compromise (BEC). In BEC, email purporting to be from someone the target trusts, like a supplier or a colleague, and makes what looks like a reasonable request. This reasonable request is part of a larger framework of activity that ends up benefiting the scammer, and losses related to BEC have been on an uphill rise since 2008.
The tools used to gather and protect data were found to be woefully inadequate for the times based on the results of a recent ForgeRock study. Nearly all those surveyed considered customer data privacy to be a concern for everyone in an organization. Despite this, however, just nine percent agreed that the measures currently in place were up to the job of protecting data appropriately. This lag demonstrated a clear need for greater cyber security all around.
The cyber security market in general is the focus of a new study by Venafi. Somewhat disconcertingly it found that chief information officers (CIOs) are putting substantial resources into solutions that don't cover the entire problem, and an over-reliance on keys and certificates that could readily prove forged or otherwise fictitious. It was clear that a new approach needed to be put together to get the security back in cyber security.
Finally, another new study is worth contemplating because it affirms what many revealed where the biggest cyber risks to business are likely to be coming from. A SailPoint survey revealed that 44 percent of employees were prepared to sell login credentials for under $1,000, and the numbers who would were on the rise. Better than 40 percent still had active login credentials from a job left long ago. Issues of password hygiene, shadow IT, and others proved big problems for modern business infrastructure.
As we head into an Easter weekend, be sure to join us back here next week for all the latest news, as well as every weekend for our Cyber Security Trend Community Week in Review coverage.