Cyber Security Trend Week in Review: Password Automation, Moving Target Defense, HummingBad
This week in the Cyber Security Trend Community featured several of the community’s best minds weighing in on what to do about the increasingly frequency and sophistication of cyber attacks. This included how to deal with data breaches (certainly timely given the hacks that point to Russian intervention in the U.S. presidential race), and the need to automate password protection to keep up with the bad guys.
A good place to start is with the special guest article from Robert Capps, VP Business Development, NuData Security. In his posting, Sidestepping the Threat Posed by Breached Data, Capps explains that efforts to devalue data will be the most impactful actions an organization can take to reduce the number, scope and impact of breaches.
In our second special guest posting, Cyber Criminals are Automating - Why Can't We?, Jonathan Sander, VP of Product Strategy, Lieberman Software, the question posed in the title is a great one. As the world moves to multi-factor authentication, and hopefully the elimination of passwords through industry efforts such as the FIDO Alliance, the automation of password protection in the meantime just makes common sense. After all, as Sander points out, hackers can attempt to use millions of password combinations in seconds thanks to today’s computing power.
The third posting this week from special guest Arthur Braunstein, vice president of Strategic Accounts, Morphisec, Cyber Security: Method or Madness?, should be of particular interest because of the perspective presented. As an inducement to read the entire article, his conclusions should encourage readers as to how he got there. He explains, “It does not make sense to get better at doing more of what already isn’t working. Moving Target Defense solves the problem of sophisticated attacks by making the attackers’ targets unfindable. Without the need to detect an attack, the cost and effort of defense plummet at the same time success rockets up. And without a target, attacks evaporate. For the defenders, it’s a game changer. For the attackers, it’s game over. Method 100%. Madness 0%.”
As we all know, ransomware has become the bane of CISO existence. It is pernicious to the max, and it is growing in popularity. In fact, there is no evidence it is being used by business organizations to obtain competitive secrets. For this reason you should find out more about the newly created, No More Ransom Project whose aim is to give a real poke in the eye to ransomware perpetrators.
Last and by no means least, special guest Michael Shaulov, Head of Mobility Product Management, Check Point, give a warning for all community members to heed in regards to the truly horrible piece of malware known as HummingBad. In fact, this bad boy is already is generating over $300,000 per month for the organization behind it.
A gentle reminder that the Cyber Security Trend home page has been designed as your easy to use gateway to valuable resources. This includes feature articles, news, white papers and profiles of certifications that can help you keep your organization safe and secure and help advance your career. The Official (ISC)² OnDemand Training and The Rise of the Cloud Security Professional Whitepaper are just two of several great resources available for downloading and review. In addition our companion Cloud Security Resource site is also a source of valuable security insights and news.