CSOonline: CSPMs explained

Every week brings another report of someone leaving an unsecured online storage container filled with sensitive customer data. Thanks to an increasing number of unintentional cloud configuration mistakes and an increasing importance of cloud infrastructure, we need tools that can find and fix these unintentional errors. That is where cloud security posture management (CSPM) tools come into play. These combine threat intelligence, detection, and remediation that work across complex collections of cloud-based applications. You can see a few of them above.

I discuss the importance of CSPMs and what you need to know to evaluate one of them for your particular circumstances in my CSOonline post.

 

Avast blog: Reimagining staffing in the cybersecurity industry

Since 1967, ISACA has been providing a centralized source of information and guidance within the IT governance and control field. ISACA’s State of Cybersecurity 2021, Part 1 report contains the organization’s update on its workforce development efforts. This is the seventh year that ISACA has surveyed its membership, and the report is based on more than 3,600 respondents from 120 countries, with more than half of them saying their primary jobs are directly in the field.

In spite of the Covid-19 pandemic, overall cybersecurity spending has dropped, which seems counterintuitive but continues to be a trend that ISACA has been documenting for several years.

You can read my analysis of their report here on Avast’s blog.

Avast blog: Time to walk away from Amazon’s Sidewalk

Amazon is releasing a new service called Sidewalk, which allows people to share their wireless network with their neighbors over a low-power Bluetooth mesh network. If you want to read more, The main benefit would be expanding the WiFi coverage for low bandwidth devices.  Amazon explains that Sidewalk would enable outdoor devices such as security cameras and smart lamps to stay connected even when wifi connection is lost as they are often at the edge of a home’s wifi coverage.  Additionally, this service can be used for Tile trackers to locate valuables.  While the service is free, there are serious privacy concerns. I’ll tell you why you should walk away in my latest blog for Avast here.

 

CSOonline: Hacking 2FA: 5 basic attack methods explained

Multi-factor authentication (MFA) continues to embody both the best and worst of business IT security practice. As Roger Grimes wrote in this article about two-factor hacks three years ago, when MFA is done well it can be effective, but when IT managers take shortcuts it can be a disaster. And while more businesses are using more MFA methods to protect user logins, it still is far from universal. Indeed, according to a survey conducted by Microsoft last year, 99.9% of compromised accounts did not use MFA at all and only 11% of enterprise accounts are protected by some MFA method. The pandemic was both good and bad for MFA uptake. I explain more about this, and touch on five ways that MFA can be compromised.

You can read more of my blog post for CSOonline here.

Avast blog: The importance of equitable and inclusive access to digital learning

Schools continue to remain closed around the world. A UNICEF analysis last summer found that close to half a million students remain cut off from their education, thanks to a lack of remote learning policies or lack of gear needed to do remote learning from their homes. And as UNICEF admits, this number is probably on the low side because of skill gaps with parents and teachers to help their kids learn effectively with online tools.

While the situation has improved since last year and more kids are back in their actual classrooms, there are still critical gaps in math and reading skills and a wide disparity when country-wide data is compared. The equity/inclusion problem isn’t exactly new, but the pandemic has focused awareness and foreshadowed the obstacles. I discuss this in my latest blog post for Avast here.

Avast blog: Can AI tell your age?

While social justice issues involving algorithms receive attention, there’s little discussion around ageist algorithmic bias. Algorithms are under attack, but so far, the score seems to be Machines: 1, Humans: 0. While we haven’t quite reached the point of Skynet Armageddon, the machines are making significant strides in keeping track and taking advantage of the various carbon-based life forms on the planet. While the social justice issues involving algorithms continue to receive some attention, there is little discussion around ageist algorithmic bias. I explore this issue and provide several links to illustrate the problem.

You can read more with my post for Avast’s blog here.

Avast blog: The Verizon data breach report for 2021

This year’s report records a rise in ransomware as well as a jump in social engineering-based breaches

What a year it has been. Nothing delineates things more than reviewing the annual Verizon Data Breach Investigations Report (DBIR), which was published earlier this month. To no surprise, phishing increased from 25% of breaches in 2019 to 36% in 2020, aided by the various Covid-themed lures. Also, ransomware loomed large and doubled its frequency from 2019 to 2020 to 10% of the breaches, as you can see in the below chart.

You can read my summary of the report here on Avast’s blog.

Disinformation as an instrument of the fog of war

As many of you know, my daughter has been living in Israel for the past several years. The latest round of fighting and rocket attacks has been difficult for me to watch, mainly because I have experienced exactly one of them on one of my visits. The rocket landed a few miles away and happened in the middle of the night. I woke up briefly, because the sirens sounded and then the ground shook. A house was destroyed, but the family living there survived.

Every Israeli has access to a bomb shelter or safe room, depending on when their house was built and under what circumstances they have. For the more modern residences, the shelters usually have fortified walls, a roll-down metal shutter on the windows, and a metal door to the room itself. For my daughter’s condo, I actually slept in the bomb shelter room. Some of the older buildings have basement shelters or separate buildings that you have to move into.

So that was the context for me and trying to get accurate information during the current hostilities. It isn’t easy and it is getting harder. Let’s take a few examples.

Last week this Tweet was sent out by the Israeli military public affairs office. It says that Israeli “air and ground troops are currently attacking in the Gaza Strip.” The key word in that Tweet was “in” and how the English-language press reported what was happening. This article from the NY Times covers the issues.

Do you recall the Clinton/Monica impeachment testimony when we debated the meaning of the word “is”? This single word last week was responsible for press reports citing an invasion of Gaza by Israeli grounds forces, saying that troops were inside the territory. They weren’t.

Yes, there was plenty of fighting between the two sides, but Israeli ground troops remained on their side of the border, firing missiles from tanks, drones and other aircraft at Gazan targets. But one result of these reports was that Israeli forces were able to get Hamas fighters to take to their underground tunnels and target them from the air. There were many casualties as a result.

The Lt. Col. who spoke (and Tweeted) claimed it was an honest mistake due to the fog of war. But others, including the Hebrew-language press and the Gazans themselves, called this a deliberate attempt to use the press into helping the Israeli military. Hard to say which is true.

This wasn’t the only disinformation campaign going on in last week’s fighting. The NYTimes cites a series of misinformation campaigns by mostly Israeli-based efforts in this article, all designed to inflame pro-war passions. And over the weekend, the Gaza City high-rise building that has been the home of the AP and Al Jazeera offices for many years was demolished by Israeli air strikes. Israel gave occupants an hour to leave the building before it was bombed, claiming that it was being used as offices for high-ranking Hamas leaders. It is hard to determine if that was true, or if the leaders were using the press occupants as human shields. Reporters have asked for documentation about who was actually in the buildings.

This wouldn’t be the first time that Hamas has used this tactic. If you examine the casualty reports from the fighting over the past week, you can see there are dozens of Gazan children who have been killed in the attacks. This is due to the placement of the rocket launchers atop schools and hospitals, so that when these sites are targeted they can claim Israelis are aiming at innocents. Some of the tunnels are also purposely routed near schools as well.

Getting the facts has never been harder in this part of the world.

Red Cross blog: How Debi Meeds Brought Agencies Together

Sometimes the simplest ideas are also the most powerful. One of the great innovations that came out of the response to the Joplin, MO, tornado of 2011 was the first Multiple Agency Response Center (MARC). Since then, MARCs have become the gold standard for partner cooperative efforts.

Debi Meeds, (longtime American Red Cross volunteer profiled here), deserves much of the credit.  While working a disaster back in 2008, she had noticed confusion. “People didn’t know where local resources were located, and our clients were spending a lot of time running around town to obtain assistance. The average client had to go to ten different places to obtain lost documents such as their driver’s license, family services, and things like food and clothing from various charities—and remember, folks didn’t have GPS phones back then.”

So instead of bringing people to the services, Meeds switched things and brought services to the people. Ultimately, the Joplin MARC had 48 different agencies and organizations at one location.

You can

https://www.redcross.org/local/missouri/about-us/our-work/10th-anniversary-of-the-joplin-tornado.html

Avast blog: what’s up with FragAttacks?

A new series of attacks against almost every Wi-Fi router has been posted called FragAttacks. Anyone who can receive radio signals from your router or Wi-Fi hotspot can use these vulnerabilities and steal data from your devices. The issue is the design of the Wi-Fi protocols themselves, along with programming errors to certain Wi-Fi devices. Some products have multiple issues and a dozen different CVEs have been posted that document them.

You can read my blog post for Avast here.