The sudden shift to a largely distributed workforce because of the COVID-19 pandemic complicated already Byzantine security challenges at many organizations this year.
Security teams were forced to find ways to protect their enterprise from an army of work-from-home users even as they had to confront other challenges from ongoing digital transformation initiatives and cloud adoption.
TechBeacon‘s top 12 security stories from 2020 provide a broad overview of the trends, challenges, and changes that organizations had to deal with on all of the major fronts: application security, information security, data security, and identity and access management.
A TechBeacon analysis of the widely used National Vulnerability Database (NVD) showed that organizations have more to be worried about than just the rising number of vulnerabilities. With the threat landscape changing rapidly, organizations also need to be cognizant of the different types of vulnerabilities being disclosed, their organization’s exposure to those threats, and risks from vulnerable open-source components in their software.
Freelance writer Rob Lemos explains why companies need to adjust their development, patching, and app sec practices to address the increasing number of vulnerabilities being identified, and offers other key takeaways.
The rapid adoption of SaaS applications has created a variety of new security problems for enterprises. Mobile workforces opened up new holes in the network perimeter a decade ago, and SaaS applications are doing the same now and forcing organizations to rethink traditional approaches to application security. Dror Davidoff, co-founder and CEO of container and cloud-security provider Aqua Security, says addressing the security issues around how organizations configure and use cloud-native applications requires new thinking.
Application programming interfaces (APIs) that connect services and transfer data have become critical for microservices architectures, but are becoming increasingly harder to secure because of their growing numbers. Common API security risks include excessive data exposure, misconfiguration, insufficient monitoring, and logging and broken authorization mechanisms at the object, user, and function levels. Lucy Kerner, security evangelist and strategist at Red Hat, draws on her expertise as a cloud security architect to compile this handy list of 10 best practices for managing API risks.
The global pandemic has pushed many companies to accelerate their digital transformation initiatives—not just for business continuity purposes, but also as a way to take advantage of new market opportunities, deliver new customer channels, and leapfrog the competition. The changes have broadened the operational attack surface and increased exposure to automated, AI-based exploits at many organizations. Mark Fernandes, CTO of security at TechBeacon corporate parent Micro Focus, explains why digital transformation requires organizations to think beyond the traditional SOC to concepts such as an integrated threat operations center (ITOC).
Some breaches are either so big in scope or so significant that they serve as lessons to others of what not to do when it comes to information security. One example is a ransomware attack at GPS smartwatch maker Garmin in July 2020 that forced the company to shut down its main customers for five days while it attempted to recover locked systems. In the end, Garmin paid a multimillion-dollar ransom to get the decryption key to restore encrypted data. Freelance writer John P. Mello, Jr. spoke with multiple industry experts to compile this list of eight major takeaways from the Garmin attack.
Serverless applications allow developers to create custom functions and speed up app deployment without having to worry about issues such as the underlying infrastructure and delays while the operations team spins up virtual machines or containers. A survey that RightScale conducted found that more than one-third of the respondent organizations already had deployed serverless apps for these reasons. In this report, Eric Johnson, a senior instructor at the SANS Institute, explains why, in their enthusiasm to use the technology, development teams should not overlook security.
Regulations such as the European Union’s GDPR, California’s CCPA, and Turkey’s KVKK have put enormous pressure on organizations to better protect personally identifying information (PII) belonging to customers, employees, and others. The regulations mandate not just better data security but also processes that allow data subjects to ask for and expeditiously receive copies of their PII. Meeting these requirements can be challenging and highlights the need for new processes where PII files can be quickly identified, indexed, and retrieved, says Dave Humphrey, CTO at Micro Focus. In this report he offers advice on how privacy and security leaders can best meet PII privacy requirements.
COBOL continues to be one of the most widely used programming languages, especially among large organizations, though it has been around for six decades. The main reason for its longevity is the sheer value of the business logic encapsulated in COBOL code over all these years. Nobody wants to rewrite the code, because it is working fine, says Phil Smith III, senior product manager and architect for mainframe and enterprise at Micro Focus. Smith, who has deep experience with z/OS, z/VM, and Linux on IBM mainframes, explains why format-preserving data protection is the best way to guard data in COBOL environments in a compliance-friendly manner.
Many organizations have adopted a cloud-first or cloud-only strategy because of the scale, agility, and consumption-based pricing benefits available in the cloud. However, few have done so with any formal strategy for data security. Often, organizations have hybrid, multi-cloud environments where they are forced to deal with different security models that they know little about. Sid Dutta, data security evangelist at Micro Focus, takes a look at some of the data-centric security capabilities available from the biggest cloud providers.
Identity and access management
The large-scale shift to remote work as the result of the COVID-19 pandemic exposed organizations to a slew of new cyber security risks this year. Security teams suddenly were forced to find ways to secure the enterprise network against remote workers logging in from insecure home networks, often with poorly protected personally owned devices. This report, from freelance writer Rob Lemos, on the importance of a zero-trust security model in this environment, is based on perspective from industry analysts and security specialists.
Many security groups might think they are doing all the right things to protect sensitive enterprise data against improper access and abuse. The reality is quite different, says Nick Nikols, vice president of strategy at Micro Focus. Nikols, whose areas of specialization include identity and access management (IAM), says that while many companies may have invested heavily in comprehensive IAM, the architecture at their organizations is not equipped to deal with how data travels in the cloud. He explains why security leaders should consider revamping their security architectures for the cloud.
Even the best security controls can be undermined by a lack of secure identity and access management practices. IAM is the foundation of cyber resilience. To be good at it, organizations need to have comprehensive control and an unimpeded, real-time view of identities across the enterprise, says Rob MacDonald, security evangelist at Micro Focus. Here he offers five best practices for strengthening cyber resilience with strong IAM practices.