It is a sentence I hear a lot; “We treat Microsoft 365 as an exception in our cloud security because it is a managed app.” You might think that’s a reasonable approach to take, after all Microsoft’s security credentials are impressive, all OneDrive app traffic is encrypted, and there are plenty of other unmanaged cloud applications in use as shadow IT all over your organisation that pull your attention.
The role of information security in modern enterprises is evolving like never before. Security will need to improve third-party oversight as organizations increasingly depend on outsourcing models for scale flexibility, efficiency, and cost savings. It will also need to do a better job of balancing security requirements (e.g., regulatory compliance, risk management) against business objectives (e.g., user experience, network performance, reducing costs).
It’s no secret that the security leaders, especially chief information security officers (CISOs), have one of the most stressful jobs in the C-suite. They are bumping up against high demand, high risk, and often unrealistic expectations for their work.
In March 2022, researchers spotted a new ransomware family named GoodWill, with a new method to collect the ransom. Instead of requesting payment through crypto coins like other threats such as Night Sky or Hive, GoodWill requests that its victims help vulnerable people by following a sequence of steps, such as donating clothes, feeding less fortunate children, or providing financial assistance to hospital patients.
By 2025, there will be 55.7 billion connected IoT devices (or “things”), generating almost 80B zettabytes (ZB) of data. These are just some of the statistics that underscore enormous opportunity in IoT—and the enormous security risks all those IoT devices create.
On May 27, 2022, a Microsoft Office document was submitted from Belarus to VirusTotal, using a novel method to deliver its payload. This new technique was identified as a Zero-Day RCE (Remote Code Execution) vulnerability in Microsoft Support Diagnostic Tool (MSDT), which is now being tracked as CVE-2022-30190. As of this writing, it affects only Windows computers running with MSDT URI protocol enabled.
Two years ago, the world shut down. We all lived through the start of the pandemic, when the world’s white-collar workforce was sent home en masse. Remote work became the only option for employees in many positions across many companies. This working environment was isolating, and staff required entirely new workflows just to keep business processes functional—but we survived it.
Trust is one of the things that makes us human. We evolved the ability to trust in order to make life or death judgment calls and it is wired into our brains from birth. Unfortunately, since time immemorial, nefarious characters have always abused the trust of others to their own advantage, and in the modern world it is now one of the primary tools in a cybercriminal’s arsenal.
When defining security policies, it is critical to know who the user is and what their privileges should be based on their role, and whether the device itself or the state of the device at the time of connection is in a known good state.
Whether you view a data breach as your worst nightmare, or simply an inevitable occurrence for the average organisation, knowing what to do and how to respond when it happens to your organisation is critical. A well-executed response contains a crisis and stops it from snowballing, as well as helping you navigate your organisation—and your suppliers and customers—through any follow-on analysis or potential post-incident investigations.
