Expert(s):
CEOfeature_status*/ ?>
Byos

Comments Dotted : 10
May 10, 2021

CISA/NCSC Issue Joint Alert to Patch, Re Russian Foreign Svc Cyber Ops
The old saying "the only two things certain in life: death and taxes" should be modified to "death, taxes, and vulnerabilities".

The old saying "the only two things certain in life: death and taxes" should be modified to "death, taxes, and vulnerabilities". One viable strategy for managing this inevitability is network micro-segmentation following a zero trust architecture. With this, vulnerable endpoints can be properly isolated from the network to proactively limit any potential damage that can be done if these vulnerabilities are exploited.

April 30, 2021

Elekta Cyberattack Took Some Us Cancer Radiation Services Offline
Flat networks, or networks with minimal segmentation will continue to experience these kinds of widespread-impact incidents.

This attack demonstrates the need to rethink how medical equipment and devices can be secured online using zero trust principles. Healthcare Delivery Organizations rely on a universe of OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot some of the most critical and sensitive software, medical equipment and devices.

 

Flat networks, or networks with minimal segmentation will continue to experience these kinds of widespread-impact incidents. Undergoing a full zero

.....Read More

This attack demonstrates the need to rethink how medical equipment and devices can be secured online using zero trust principles. Healthcare Delivery Organizations rely on a universe of OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot some of the most critical and sensitive software, medical equipment and devices.

 

Flat networks, or networks with minimal segmentation will continue to experience these kinds of widespread-impact incidents. Undergoing a full zero trust implementation can take time, but a simple and achievable first step would be to apply the principles of "micro-segmentation" to minimize the risk of lateral movement and mitigate the impact of breaches from supply chain attacks. When networks are micro-segmented, IT has more visibility and control over the traffic flows and can isolate and remediate endpoints at the time of attack, while ensuring the rest of the network is protected.

  Read Less
April 29, 2021

77% of Q1 Ransomware Attacks Threaten Exfiltration – Experts Reaction
While the issue at the surface looks to be with RDP itself, it's actually about how networks are architected.

RDP is a great technology, but because of its power, attackers have been leveraging it heavily as an entry point into corporate networks for attacks such as ransomware. While the issue at the surface looks to be with RDP itself, it's actually about how networks are architected - flat networks with minimal segmentation and those that focus on perimeter-based security will always be victims of these types of attacks.

 

Networks have since evolved to become hyper-connected with a proliferation of

.....Read More

RDP is a great technology, but because of its power, attackers have been leveraging it heavily as an entry point into corporate networks for attacks such as ransomware. While the issue at the surface looks to be with RDP itself, it's actually about how networks are architected - flat networks with minimal segmentation and those that focus on perimeter-based security will always be victims of these types of attacks.

 

Networks have since evolved to become hyper-connected with a proliferation of different types of devices, which demands a new approach to securing them. Edge micro-segmentation is a new concept where instead of having networks broken down into a few large segments, they are filled with endpoints that are each on their own protected "micro-segment," and security is applied to the traffic as it enters and exits this micro-segment. This means that there is no exposure of any endpoint within the network, and even if one endpoint does become infected, it won't be able to spread laterally because of the layer of isolation that the micro-segment provides to each endpoint.

 

How does this relate to RDP? The layer of abstraction created by the micro-segment means that RDP services no longer be directly visible on the network, only to the people with access inside the micro-segment.

 

The primary difference is that with edge micro-segmentation, all access requests are initiated by the micro-segment already inside the network, so there are no inbound connections to be initiated by the attackers. Administrators can still access their endpoints remotely, but only by specified ports and protocols, without breaking the isolation in the local network.

 

In order to compromise the micro-segmented endpoint, an attacker would have to first find a way into the endpoint, then they would have to find a way of communicating back to their C2 without the micro-segment being able to pick up on that traffic.

  Read Less
April 22, 2021

CISA: US Govt Agencies, CI Orgs. Hit Via Pulse Secure Vulns – CISO Comments
The concept of a vulnerability on the perimeter highlights the need for adopting technologies that align with the notion of Zero Trust.

The concept of a vulnerability on the perimeter highlights the need for adopting technologies that align with the notion of Zero Trust. Moving from perimeter-based networking model to one where decentralized security by micro-segmentation approach will help organizations minimize the impacts of security incidents.

April 08, 2021

Experts Perspectives On Verizon Mobile Sec Index: WFH The New Normal
Remote work, Work From Home, teleworking, or whatever you want to call it, is here to stay.

Remote work, Work From Home, teleworking, or whatever you want to call it, is here to stay. This means adjusting network defenses and security policies to support the transient nature of where people work from, regardless of which network they connect to. A secure edge architecture, where you can protect devices through micro-segmentation and manage security policies centrally, without necessarily owning the user's device is what security teams are looking for. Adding a layer of security and

.....Read More

Remote work, Work From Home, teleworking, or whatever you want to call it, is here to stay. This means adjusting network defenses and security policies to support the transient nature of where people work from, regardless of which network they connect to. A secure edge architecture, where you can protect devices through micro-segmentation and manage security policies centrally, without necessarily owning the user's device is what security teams are looking for. Adding a layer of security and management to historically unmanaged BYOD is a huge step forward in adapting to the decentralized world of work we now live in.

  Read Less
March 29, 2021

CISA’s ICS Medical Advisory On CT Scanners & Cybersecurity – CEO Perspective
Healthcare Delivery Organizations rely on OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot.

Removable storage without proper access control is yet another example of the increasing number of vulnerabilities found in medical devices. These vulnerabilities highlight the need to rethink how we secure medical devices using zero trust principles. Healthcare Delivery Organizations rely on OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot these medical devices inside of their networks - but they don't trust them. Security through endpoint micro-segmentation

.....Read More

Removable storage without proper access control is yet another example of the increasing number of vulnerabilities found in medical devices. These vulnerabilities highlight the need to rethink how we secure medical devices using zero trust principles. Healthcare Delivery Organizations rely on OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot these medical devices inside of their networks - but they don't trust them. Security through endpoint micro-segmentation gives network owners the ability to isolate and manage medical devices without establishing implicit trust or configuring the network to allow external access. Granular control and visibility of sprawling medical device inventories will help HDOs move toward a more preventative approach to securing their networks.

  Read Less
March 17, 2021

Experts Perspective On HP Bromium Q4 Rept: Detection Not Stopping Newer Threats
A Zero Trust Architecture can address the threat vectors that threat actors are exploiting.

A Zero Trust Architecture can address the threat vectors that threat actors are exploiting, because it asserts that every interaction between the network, the endpoint, and the user is a potential avenue for compromise. Being able to micro-segment endpoints from networks and have direct control of the network traffic allows security teams to stop lateral movement infections when the endpoint is outside of the corporate perimeter.

June 01, 2020

Over Half Of Work-from-home Staff Believe Riskier Cybersec Behaviors Are Ok – Experts Reaction
Some basic steps businesses can take to protect themselves against cyber threats.
There are often dozens of unmanaged devices connecting to our home networks: personal laptops, cellphones, gaming consoles, and home IoT. Any of these devices represent an entry point for attackers; once they've compromised an edge device, chances are high this compromise will spread laterally throughout the home network. And once an attacker or malware gets into a device, they often go undetected, seizing or manipulating data with the ultimate goal of moving from the single remote laptop or.....Read More
There are often dozens of unmanaged devices connecting to our home networks: personal laptops, cellphones, gaming consoles, and home IoT. Any of these devices represent an entry point for attackers; once they've compromised an edge device, chances are high this compromise will spread laterally throughout the home network. And once an attacker or malware gets into a device, they often go undetected, seizing or manipulating data with the ultimate goal of moving from the single remote laptop or tablet into the big prize: the company network and servers. Some basic steps businesses can take to protect themselves against cyber threats include enforcing strong policies that: - Employees never respond to any email asking for personal information, - Keep software applications and operating systems up to date, - Create strong passwords and enable two-factor authentication across all devices and accounts, - For added layers of protection, adopt endpoint micro-segmentation to protect devices from insecure public and home Wi-Fi networks.  Read Less
May 21, 2020

70%~ of Organizations will increase post-COVID-19 cybersecurity budgets – 4 cybersecurity experts on LearnBonds findings
Malware and lateral network movement, exploits and brute force attacks are common threats.
The idea of the corporate perimeter has vanished overnight and the security technologies used to protect the central corporate network have become somewhat obsolete - employees are connecting from their home, meaning they are accessing corporate resources from untrusted, insecure Wi-Fi networks. The shift to a perimeter-less, Zero Trust security strategy has been accelerated out of necessity, which would fall in line with the increased spending prediction. Organizations are forced to adapt to.....Read More
The idea of the corporate perimeter has vanished overnight and the security technologies used to protect the central corporate network have become somewhat obsolete - employees are connecting from their home, meaning they are accessing corporate resources from untrusted, insecure Wi-Fi networks. The shift to a perimeter-less, Zero Trust security strategy has been accelerated out of necessity, which would fall in line with the increased spending prediction. Organizations are forced to adapt to this new "work from anywhere" mentality. Employees working from home don’t have the same firewalls, network-based intrusion detection systems, and other defenses they have in the office. This means that malware and lateral network movement, exploits and brute force attacks are common threats. There are also often dozens of unmanaged devices connecting to our home networks: personal laptops, cellphones, gaming consoles, and home IoT. Any of these devices represent an entry point for attackers; once they\'ve compromised an edge device, chances are high this compromise will spread laterally throughout the home network. And once an attacker or malware gets into a device, they often go undetected, seizing or manipulating data with the ultimate goal of moving from the single remote laptop or tablet into the big prize: the company network and servers. Some basic steps businesses can take to protect themselves against cyber threats:
  • Keep software applications and operating systems up to date,
  • Create strong passwords and enable two-factor authentication across all devices and accounts,
  • Enforce policies stating that employees must never respond to any email asking for personal information, and
  • For added layers of protection, adopt endpoint micro-segmentation to protect devices from insecure public and home Wi-Fi networks.
  Read Less
March 23, 2020

Byos Re New Mirai Variant Targeting IoT Devices – Micro-Segmenting Can Eliminate Risk
This is the concept behind hardware-enforced isolation.
It’s worth remembering that if devices are micro-segmented, attackers cannot gain remote access to it because the device itself would not be discoverable in the network, therefore making it invisible. This is the concept behind hardware-enforced isolation - no device should be exposed to the network without an extra hardware layer of protection, eliminating the possibility of attackers using vulnerabilities found inside of the host device.