TECHNOLOGY
Cyber Security Awareness & Beyond with 11:11 Systems
Organizations from SME to Enterprise are reviewing and modernizing their security strategies in a threat landscape that continues to dynamically evolve in scope, scale and sophistication, especially with the rapid advance of digital transformation from hybrid working, to Software-As-A-Service (SaaS) adoption and Bring-Your-Own-Device (BYOD) diffusion.
Resilience to vulnerabilities is an imperative and the focus is on exactly this – raising awareness to build resiliency – with the aim to help support organizations of any size in proactively enhancing their security posture. With the CSAM theme this year being: ‘It’s Easy to Stay Safe Online – See Yourself in Cyber’ we will explore the key vectors of change impacting on Cyber Security today, with resources and tips on actions everyone can take to better negate the risk.
Pillars of Security – Getting the Fundamentals Right
Cyber-attackers will always choose the path of least resistance. So, attention to security at the password level remains a key first step in keeping information safe – putting this into context, over 40% of breaches now involve stolen credentials with the number available on the dark web exceeding a staggering 24 billion! This was recently brought center stage by the extensive ripple effect caused by attacks on Uber, from logistical delays to customer dissatisfaction, through to lost driver income, and of course organizational costs from income to reputation, and ultimately trust. It is understood that the employee corporate credentials of an Uber EXT contractor were purchased on the dark web after their personal device had been compromised with malware. So, what can we learn from this?
Firstly, use unique, complex phrases for passwords with a mix of upper and lowercase letters, numbers and characters, and make sure to change this often, as recently discussed by Laura Shafer, Vice President of Product Marketing at 11:11 Systems. Additionally, using multi-factor authentication (MFA) and two-factor authentication (2FA) can make it harder for attackers to access your device, even if they have your login details. However, not all MFA approaches are made equal! For critical internal accounts within organizations, such as those of the C-Suite who are increasingly subject to attacks, the use of hardware tokens and FIDO passkeys is recommended.
This can especially increase resiliency to techniques such as phishing, to which some 89% of organizations have experienced an attack in the past year alone (HYPR 2022). With MFA or 2FA in place, it becomes much harder for attackers to create fake login pages to collect unsuspecting employee credential information, which appears to have been the case with Uber. Put simply, multi-factor authentication (MFA) is not optional anymore – it’s imperative – and beyond this it also heralds an acceleration in innovation and availability around passwordless Sign-Ins altogether.
Finally, and supporting the ever-present need to couple technology solutions with education and awareness, MFA Fatigue should also be acknowledged. These attacks involve the end user being bombarded with verification notifications and are reliant on their ability to approve a simple SMS, Voice or Push notification without having any context of the session they are actually authenticating. This also formed part of the Uber attack, in which MFA Fatigue combined with social engineering enabled its success – in this case the attacker posing as tech support via WhatsApp and telling the user to accept the MFA verification prompt. This naturally makes Social Engineering our next area of focus!
Social Engineering and Cloud Computing
Employing psychological tricks that exploit vulnerabilities in how people react to specific situations and change their behaviours, social engineering attacks come in 5 core types, namely phishing, watering hole attacks, business email compromise (BEC), physical social engineering and USB Fraud. In 2021, more infections were caused by phishing attacks than any other vector. Innovation in areas such as Deepfakes, which employ AI technology to create fraudulent recordings, videos or images of real people, have made phishing attacks even more difficult to detect.
This attack vector is also a significant contributor to cloud security concerns. In the Foundry’s 2022 Cloud Computing Survey, some 35% of IT decision makers listed data privacy and security as their top cloud challenge. Additional research by Kaspersky Lab finds that around 33% of cybersecurity cloud incidents can be attributed to social engineering techniques. To address this, investment in zero-trust infrastructure can limit the potential damage of these and other threats, both internal and external to your organization. It also heightens focus on the benefits of Infrastructure as a Service (IaaS) platforms which bring together the need for security, agility, flexibility, visibility, and scalability, as exemplified by 11:11 Cloud.
Empowering and educating all staff, not just those in tech facing roles, is also key here – cybersecurity is a shared responsibility for everyone and support to enable this must be addressed across technology, culture, process and skills perspectives. This is especially true in around topics such as Social Engineering which absolutely preys on human nature and trust. As an example, how many people do you know who have received training in psychological manipulation as part of their organization onboarding process?
Probably not many…
Unpatched Software and Testing
Additionally, lapses in appropriate and effective vulnerability management are a leading concern, especially around levels of unpatched software. During the height of the pandemic, research showed many organizations were regularly delaying patch updates (IBM 2021) and now an additional study shows as many as 66% of organizations have a vulnerability backlog of an eye-watering 100K bugs! Reflecting back on the issues discussed related to passwords, this is another example of ensuring that basic cyber hygiene is embedded by design.
And beyond this, greater attention must be placed on testing. As an example, recent research by Noname Security shows a clear disconnect, or even a level of denial here, with just 11% of respondents testing APIs for signs of abuse in real-time – yet 67% stating they are confident that their DAST and SAST tools are capable of testing APIs. Validating the reality of disaster recovery is another area where extensive testing is essential. Recommendations include involving scenario- or event-based testing, even to the level of providing application testing and end-user testing in some cases to ensure a robust, well-planned and validated strategy.
NIST Framework Resource
And finally, the NIST Cybersecurity Framework is highly recommended to help protect your business through shared best practice. Now downloaded over 1.7 million times, the framework outlines a strategy to better understand your organisation’s security risks, protect against them and, in the event of an attack, how to better triage, respond and recover. The framework holistically covers five core function areas – Identify, Protect, Detect, Respond and Recover. Putting this into context to highlight its real-world applicability, and taking Identify as an example, it is critical to know the who/what/where of your data storage, application and system links, role access and more.
Automation tools such as Continuous Risk Scanning can be very effective, helping to discover security vectors that were previously unknown, identifying the most significant risk areas, and ensuring you ‘get on the right path’ for enhanced protection and more active security intelligence. When we consider that half of all organizations have not put a cybersecurity risk plan in place, taking that first step today has never mattered more!
Final Thoughts
Cybercrime exists in a world of constant change and today’s surge in cybercriminal activity directly correlates to the increase in the attack surface. Last year alone, cybercrime rose more than 15% and so, it is abundantly clear that this focus has never been more important, and indeed must be an all year round imperative. A multi-layered approach to both proactive prevention and real-time response is key, combining automated protection and mitigation with a human perspective by design. To find out more about how 11:11 Systems supports Cloud, Connectivity and Security more information is freely available here.
All questions and feedback most welcome, Sally
About the Author
Prof. Sally Eaves is a highly experienced chief technology officer, professor in advanced technologies, and a Global Strategic Advisor on digital transformation specializing in the application of emergent technologies, notably AI, 5G, cloud, security, and IoT disciplines, for business and IT transformation, alongside social impact at scale, especially from sustainability and DEI perspectives.
An international keynote speaker and author, Sally was an inaugural recipient of the Frontier Technology and Social Impact award, presented at the United Nations, and has been described as the “torchbearer for ethical tech”, founding Aspirational Futures to enhance inclusion, diversity, and belonging in the technology space and beyond. Sally is also the chair for the Global Cyber Trust at GFCYBER.
Source link
TECHNOLOGY
Next-gen chips, Amazon Q, and speedy S3
AWS re:Invent, which has been taking place from November 27 and runs to December 1, has had its usual plethora of announcements: a total of 21 at time of print.
Perhaps not surprisingly, given the huge potential impact of generative AI – ChatGPT officially turns one year old today – a lot of focus has been on the AI side for AWS’ announcements, including a major partnership inked with NVIDIA across infrastructure, software, and services.
Yet there has been plenty more announced at the Las Vegas jamboree besides. Here, CloudTech rounds up the best of the rest:
Next-generation chips
This was the other major AI-focused announcement at re:Invent: the launch of two new chips, AWS Graviton4 and AWS Trainium2, for training and running AI and machine learning (ML) models, among other customer workloads. Graviton4 shapes up against its predecessor with 30% better compute performance, 50% more cores and 75% more memory bandwidth, while Trainium2 delivers up to four times faster training than before and will be able to be deployed in EC2 UltraClusters of up to 100,000 chips.
The EC2 UltraClusters are designed to ‘deliver the highest performance, most energy efficient AI model training infrastructure in the cloud’, as AWS puts it. With it, customers will be able to train large language models in ‘a fraction of the time’, as well as double energy efficiency.
As ever, AWS offers customers who are already utilising these tools. Databricks, Epic and SAP are among the companies cited as using the new AWS-designed chips.
Zero-ETL integrations
AWS announced new Amazon Aurora PostgreSQL, Amazon DynamoDB, and Amazon Relational Database Services (Amazon RDS) for MySQL integrations with Amazon Redshift, AWS’ cloud data warehouse. The zero-ETL integrations – eliminating the need to build ETL (extract, transform, load) data pipelines – make it easier to connect and analyse transactional data across various relational and non-relational databases in Amazon Redshift.
A simple example of how zero-ETL functions can be seen is in a hypothetical company which stores transactional data – time of transaction, items bought, where the transaction occurred – in a relational database, but use another analytics tool to analyse data in a non-relational database. To connect it all up, companies would previously have to construct ETL data pipelines which are a time and money sink.
The latest integrations “build on AWS’s zero-ETL foundation… so customers can quickly and easily connect all of their data, no matter where it lives,” the company said.
Amazon S3 Express One Zone
AWS announced the general availability of Amazon S3 Express One Zone, a new storage class purpose-built for customers’ most frequently-accessed data. Data access speed is up to 10 times faster and request costs up to 50% lower than standard S3. Companies can also opt to collocate their Amazon S3 Express One Zone data in the same availability zone as their compute resources.
Companies and partners who are using Amazon S3 Express One Zone include ChaosSearch, Cloudera, and Pinterest.
Amazon Q
A new product, and an interesting pivot, again with generative AI at its core. Amazon Q was announced as a ‘new type of generative AI-powered assistant’ which can be tailored to a customer’s business. “Customers can get fast, relevant answers to pressing questions, generate content, and take actions – all informed by a customer’s information repositories, code, and enterprise systems,” AWS added. The service also can assist companies building on AWS, as well as companies using AWS applications for business intelligence, contact centres, and supply chain management.
Customers cited as early adopters include Accenture, BMW and Wunderkind.
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.
TECHNOLOGY
HCLTech and Cisco create collaborative hybrid workplaces
Digital comms specialist Cisco and global tech firm HCLTech have teamed up to launch Meeting-Rooms-as-a-Service (MRaaS).
Available on a subscription model, this solution modernises legacy meeting rooms and enables users to join meetings from any meeting solution provider using Webex devices.
The MRaaS solution helps enterprises simplify the design, implementation and maintenance of integrated meeting rooms, enabling seamless collaboration for their globally distributed hybrid workforces.
Rakshit Ghura, senior VP and Global head of digital workplace services, HCLTech, said: “MRaaS combines our consulting and managed services expertise with Cisco’s proficiency in Webex devices to change the way employees conceptualise, organise and interact in a collaborative environment for a modern hybrid work model.
“The common vision of our partnership is to elevate the collaboration experience at work and drive productivity through modern meeting rooms.”
Alexandra Zagury, VP of partner managed and as-a-Service Sales at Cisco, said: “Our partnership with HCLTech helps our clients transform their offices through cost-effective managed services that support the ongoing evolution of workspaces.
“As we reimagine the modern office, we are making it easier to support collaboration and productivity among workers, whether they are in the office or elsewhere.”
Cisco’s Webex collaboration devices harness the power of artificial intelligence to offer intuitive, seamless collaboration experiences, enabling meeting rooms with smart features such as meeting zones, intelligent people framing, optimised attendee audio and background noise removal, among others.
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.
TECHNOLOGY
Canonical releases low-touch private cloud MicroCloud
Canonical has announced the general availability of MicroCloud, a low-touch, open source cloud solution. MicroCloud is part of Canonical’s growing cloud infrastructure portfolio.
It is purpose-built for scalable clusters and edge deployments for all types of enterprises. It is designed with simplicity, security and automation in mind, minimising the time and effort to both deploy and maintain it. Conveniently, enterprise support for MicroCloud is offered as part of Canonical’s Ubuntu Pro subscription, with several support tiers available, and priced per node.
MicroClouds are optimised for repeatable and reliable remote deployments. A single command initiates the orchestration and clustering of various components with minimal involvement by the user, resulting in a fully functional cloud within minutes. This simplified deployment process significantly reduces the barrier to entry, putting a production-grade cloud at everyone’s fingertips.
Juan Manuel Ventura, head of architectures & technologies at Spindox, said: “Cloud computing is not only about technology, it’s the beating heart of any modern industrial transformation, driving agility and innovation. Our mission is to provide our customers with the most effective ways to innovate and bring value; having a complexity-free cloud infrastructure is one important piece of that puzzle. With MicroCloud, the focus shifts away from struggling with cloud operations to solving real business challenges” says
In addition to seamless deployment, MicroCloud prioritises security and ease of maintenance. All MicroCloud components are built with strict confinement for increased security, with over-the-air transactional updates that preserve data and roll back on errors automatically. Upgrades to newer versions are handled automatically and without downtime, with the mechanisms to hold or schedule them as needed.
With this approach, MicroCloud caters to both on-premise clouds but also edge deployments at remote locations, allowing organisations to use the same infrastructure primitives and services wherever they are needed. It is suitable for business-in-branch office locations or industrial use inside a factory, as well as distributed locations where the focus is on replicability and unattended operations.
Cedric Gegout, VP of product at Canonical, said: “As data becomes more distributed, the infrastructure has to follow. Cloud computing is now distributed, spanning across data centres, far and near edge computing appliances. MicroCloud is our answer to that.
“By packaging known infrastructure primitives in a portable and unattended way, we are delivering a simpler, more prescriptive cloud experience that makes zero-ops a reality for many Industries.“
MicroCloud’s lightweight architecture makes it usable on both commodity and high-end hardware, with several ways to further reduce its footprint depending on your workload needs. In addition to the standard Ubuntu Server or Desktop, MicroClouds can be run on Ubuntu Core – a lightweight OS optimised for the edge. With Ubuntu Core, MicroClouds are a perfect solution for far-edge locations with limited computing capabilities. Users can choose to run their workloads using Kubernetes or via system containers. System containers based on LXD behave similarly to traditional VMs but consume fewer resources while providing bare-metal performance.
Coupled with Canonical’s Ubuntu Pro + Support subscription, MicroCloud users can benefit from an enterprise-grade open source cloud solution that is fully supported and with better economics. An Ubuntu Pro subscription offers security maintenance for the broadest collection of open-source software available from a single vendor today. It covers over 30k packages with a consistent security maintenance commitment, and additional features such as kernel livepatch, systems management at scale, certified compliance and hardening profiles enabling easy adoption for enterprises. With per-node pricing and no hidden fees, customers can rest assured that their environment is secure and supported without the expensive price tag typically associated with cloud solutions.
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.
You must be logged in to post a comment Login