The US government enacted new restrictions on Kaspersky’s customers, indicting 12 of its executives and prohibiting further sales of its software and services in June. The regulations augment existing bans from using its software by US federal agencies that began several years ago and have spread to similar bans by federal agencies in places such as Lithuania and the Netherlands.

The action coordinated efforts by both the Commerce and Treasury departments, based on national security risks about any potential cooperation with Russian intelligence agents.

You can read my analysis for CSO here and what IT managers need to do if they are still using their software tools. 

A new report by the Cybersecurity and Infrastructure Security Agency (CISA) is the latest research to point out the “Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses” – which is the report’s title. While the listed reasons aren’t new or even unexpected, it is a good summary of the steep climb that many SMBs have in implementing SSO. CISA convened a series of focus groups of various stakeholders, including the SSO vendors and their SMB customers and channel providers, along with network auditors.

CISA’s report cites several reasons why SSO hasn’t been deployed by smaller organizations, including greater administrative implementation burdens, lack of technical know-how within SMB IT departments, and incomplete support documentation. You can read my analysis about the report in CSOonline here.

The controversial spyware Pegasus and its operator, the Israeli NSO Group, is once again in the news. Last week, in documents filed in a judgment between NSO and WhatsApp, they admitted that any of their clients can target anyone with their spyware, including government or military officials because their jobs are inherently legitimate intelligence targets. The lawsuit began in October 2019.

NSO has in the past been very circumspect about who is infected with their spyware, which uses so-called “zero-click” methods meaning that a potential target doesn’t have to click on anything to activate the software. It can access call and message logs, remotely enable the camera and microphone and track the phone’s location, all without any notification to the phone’s owner.

I place the context of the suit in the checkered past of NSO and Pegasus in my latest piece for CSOonline.

Comedian Colin Quinn says identity is a big thing. “Your id is who the government says you are. Your personality is the people who know you think you are, your reputation is the people who don’t know you think you are, your social media profile is who you think you are, and your browser history is who you really are.”

While my writing about identity management isn’t going to make the comedy circuit, I  recently updated my explainer piece for CSOonline. Identity is even more important these days, as enterprises move into more cloudy and virtual infrastructures, federate apps with their partners and customers, and try to protect themselves against supply-chain attacks that can tie them in knots for weeks and months.  And thanks to poor multi-factor implementations, more sophisticated phishing methods, more automated credential stuffing techniques and numerous legacy IAM systems that haven’t been updated, bad actors can often find easy entries with minimal effort into corporate systems to ply their exploits.

IAM needs to be a well-integrated fabric or mesh of architectures and processes that connect everything together into a coherent whole that can protect the entire digital surface of an enterprise. This fabric uses adaptive risk assessments to authenticate and connects both people and machines and uses information collected from continuous threat detection and operations visibility. My post explains how to get to this state, and some things that enterprise IT managers need to consider in their evaluations.

Attacks against the Domain Name System (DNS) are numerous and varied, so organizations have to rely on layers of protective measures, such as traffic monitoring, threat intelligence, and advanced network firewalls, to act in concert. With NXDOMAIN attacks on the rise, organizations need to strengthen their DNS defenses.

Akamai has released a new tool to help, as my story for Dark Reading describes.