zero trust Archives - Cyber Protection Magazine

Poor marketing endangers society

Lou Covey November 8, 2024

n the past few weeks, as various security companies have published multiple studies about the state of cybersecurity, a common theme has arisen: Executives running the companies that purchase security tools and services are not sure their purchases have made them any safer. This widespread position in the market confirms results of a months’ long investigation by Cyber Protection Magazine that marketing practices in the industry are failing to do the job and, in the process, making society less safe.

While every report skews data to convincing customers to add their company’s tools and services to their budgets. However, every report also reports that between 60 and 90 percent of managers have significant concerns and doubts that the tools they have, and the tools they are considering, will not do the job that needs doing. The reasons for that lack of confidence are three-fold.

Three reasons for lack of trust

First, stuff is moving fast. Governments are legislating controls and protections faster than normal. Sometimes this rules don’t make sense and many in the industry think they are holding back innovation and adoption. Criminals and nation states are stepping up attacks that bypass established protections, and lawsuits for negligence are growing. Second, while understanding the need for security best practices is at an all-time high, that’s mainly because weaknesses due to work-from-home, generative AI and news about data breaches is also high. That means while understanding of the need is high, inexperience and ignorance is creating new opportunities for attacks.

“Many executives may not exactly understand how (the tools) work,” said Cache Merrill, founder of software outsourcing company, Zibtek. “. When there is a concern on the functionality of the tools or when attention is on what the tech teams understand without listening to them, anxiety is experienced. To put it simply, if they cannot see it, they will not put faith in it.”

Carl DePrado, an SMB IT consultant based in New York, aid, “The sheer number of cybersecurity products and services can be overwhelming. This contributes to a sense of vulnerability, as they may not feel confident that they have covered all their bases.”

Addressing Financial Organizations’ Digital Demands while Avoiding Cyber Threats

Jon Taylor August 12, 2024

Keeping up with requirements has caused financial organizations to rapidly overhaul their IT infrastructure. Because of this rapid digitalization, organizations are consuming many different security solutions creating a bespoke environment that inadvertently exposes them to cyber threats.

How to stop ransomware in its tracks

Editors Desk May 12, 2024

The name WannaCry still invokes memories of chaos and disaster amongst anyone in the technology world. The anniversary of this widespread attack in May each year has been named Anti-Ransomware Day, to encourage organisations to back up their data and adopt necessary security protections.

IAM in a shifting environment

Apu Pavithran April 19, 2024

The fourth annual Identity Management Day (April 9) brought the opportunity to assess and evaluate the shifting environment plaguing Identity and Access Management (IAM).

Identity plays a pivotal role in all facets of business functions. Overseeing identity and access presents challenges in determining who should have access to what.
This process requires a contextual understanding of the roles and duties of numerous individuals within an organization, ranging from system owners and supervisors to IT, security, and compliance personnel. Managing access between all these stakeholders and decision-makers while mitigating human error, minimizing excessive permissions, and preventing inappropriate access configurations presents a formidable task.

As workforces evolve, managing access privileges becomes even more complex, raising the risk of insider threats and unauthorized access. Understanding identity management is crucial across all business activities, especially with the rise of hybrid and remote work setups.

A strong IAM strategy requires enterprises to maintain a centralized and consistent view of all devices, resources, data, and users, along with timely provisioning of access to different users. When any of these elements are insufficiently operated, both the level of cybersecurity and the quality of user experience are jeopardized.

Tracking 2024’s top three cybersecurity threats

Darren Thomson February 9, 2024

From our predictions issue: As 2024 gets underway, here are three threats which promise to be making waves in the coming year.

One person whispering in the ear of a newspaper reader, distracting him while the world burns

Before you post, would you bet your job on it?

Lou Covey December 5, 2023

In a world awash in AI-generated, intentional misinformation and urban myths, would you bet your job on the reliability of the information you want to share? You might be betting someone’s life on it.

Black Friday Fears: Beating Cybercriminals to the Bargains

Editors Desk November 24, 2023

Each year Black Friday grows in popularity, and Cyber Monday is now a key part of the sales weekend. But, this growth of popularity has sparked the interest of cybercriminals, who are also out to exploit the vast number of people online trying to bag a bargain.

close-up photography of person lifting hands

Navigating an identify-based approach to data security

Stuart Hodkinson November 21, 2023

Today, everyone is trying to solve the problem of what happens when credentials are compromised, and a network is breached. The simplest approach is to minimise movement until security teams can resolve the incident.

a group of carved pumpkins with glowing faces

Navigating the Digital Battleground – Expert Voices on Cybersecurity Awareness Month

Editors Desk November 6, 2023

As October is coming to an end with eerie Halloween celebrations, we’d like to remind everyone that today also marks the last day of National Cybersecurity Awareness Month.

Unpacking the 15-min phone call that took down MGM/Caesars

Lou Covey October 14, 2023

The MGM Grand/Caesar’s breach is the most exhaustively covered cyber event in recent memory. Even the attackers published detailed explanations of how they did it. There was, however, one question still needs answering: