Ever growing cybersecurity threat vector due to digitization and proliferation of IoT devices, the impact, effectiveness of attacks and the shortage of skilled resources to identify, mitigate threats are the main challenges most of the organizations are facing today. This has lead security technology firms to look for options to reduce the efforts of security analyst and improve the effectiveness of identifying malicious code, abnormal activities at earlier stages of attack kill chain. The Artificial intelligence and Machine learning are the obvious choices for these technology firms. Continue reading “CyberSecurity: How to Avoid Being Blinded by Artificial Intelligence”
In recent days we started hearing a lot about Quantum Computing and how it will change the world the way it getting operated now. We also started seeing a discussion about how it will impact cybersecurity from both hacker’s point of view and organizational defence point of view.
When we think about security, the first line of defence is cryptography. This is most wildly used security major to protect data when it is moving across the network or it is stored for future use. When we see that green lock in front of any browsing link we rest assure our transactions, maybe it is e-commerce site purchase or checking e-mail, is protected from the prying eyes of hackers. The algorithm used for this kind of encryption is the public key algorithm. Continue reading “Post Quantum Cryptography (PQC) – Why We Need to be Proactive ?”
In the world where security breach is becoming part of headlines, there is a persistent and continuous stream of malware attacks, millions of records are hacked every year which costs the government and commercial businesses billions of dollars. Business partners, customers, and shareholders demand the Cybersecurity assurance that organization cannot provide. Security spend is increasing. Continue reading “Anatomy of Security Budget From CISO Viewpoint”
The introduction of cloud, IoT and digital transformation is increasing the attack vector. Security professionals need to expand the security coverage to protect hybrid cloud, SaaS and now Microservices and Function as a Service. The attackers are getting empowered by advancement in technologies like Artificial Intelligence and machine learning to automate the repetitive task like scanning targets and keep them free to plan subtle targeted attacks which are more successful or designing attacks that can impact at a large scale, we witnessed the WannaCry attack in 2017 Continue reading “Impact of Artificial Intelligence & Machine Learning on Cyber-security Career”
The technology advancements resulted in to interconnectedness, digital transformation is driving enterprises and small business equally, cities and homes are becoming smart, cars are becoming driverless and currency is becoming virtual. Almost everything we need in life is available at the tip of finger.
What we used to see in sci-fi films like Matrix in 1990 and 2000 is becoming reality and very soon if we are not changing the way we are looking at security will lead us the situation as Lukas said in German thriller You are wanted “One day they will hack the whole city” Continue reading “Five Security Dynamics That Need to be Re-looked”
Business and organizations are digitally transforming, this spans from automated customer support systems to the intelligent business analytics. The interconnectedness and the use of disruptive technologies like IoT and cloud are enabling the business to grow faster and be competitive. The mammoth of data generated by IT infrastructure, operational technologies, and IoT is utilized for business analytics, improving operational efficiencies. At the same cyber-attack vector is increasing and cybercriminals are making use of exposure of data to launch high profile attacks and steal the data without getting noticed by cyber defense systems for months together. The following diagram shows the biggest data breaches of the 21st century. (Source CSOonline) Continue reading “How Big Data is Impacting Cyber Security Operations”
Today’s cyber-attacks are highly sophisticated and exploit specific vulnerabilities, The regulatory compliance requirements are becoming stringent and there is a shortage of cybersecurity professionals.
To grow in this dynamic profession and a wide variety of the tool and technology landscape, it is always confusing what to do next to progress in career and how to take the advantage of this rising tide of cyber-attacks and regulatory requirements. Continue reading “Top Five Security Certifications”
The Year 2017 was the year of globally impacting attacks like WannaCry and Petya and high profile data breaches like Equifax , Uber , Yahoo where millions of user accounts were stolen by the attackers.
Equifax, one of the three largest credit agencies in the U.S., suffered a breach that may affect 143 million consumers. Hackers were able to access personal data of 143 million Equifax customers—including Social Security numbers and driver’s license numbers. This is one of the worst breaches ever. With help from Mandiant a professional cybersecurity firm, Equifax was able to determine a series of breaches had occurred from May 13 through July 30 hackers were able to exploit a weak point in website software. Continue reading “Application Security Best Practices Framework”