Organizations have moved business-critical apps to the cloud and attackers have followed. 2020 was a tipping point; the first year where we saw more cloud asset breaches and incidents than on-premises ones. We know bad actors are out there; if you’re operating in the cloud, how are you detecting threats? Cloud is different. Services are no longer confined in a single place with one way in or one way out.
/Over the past several years, cyberattacks have become increasingly more prevalent. As such, understanding cybersecurity has become increasingly important. Digital marketing has now become an entire industry, and as a result, there are more opportunities than before for malicious actors to carry out attacks. Marketers are now equally as vulnerable to cyber-attacks as other online professions. Therefore, marketers need to be aware of these areas where threats continue to emerge.
The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day. What’s changed is the speed and sophistication at which today’s adversary can weaponize these weaknesses.
Getting a password manager is the ultimate minimalist move – after all, reducing the number of passwords you need to remember down to one is pretty significant. When we’re talking about digital minimalism we’re referring to the idea of simplifying your digital life to help you focus on the things that are truly important to you. A password manager is an important tool in any digital minimalist’s life and can help you achieve that organizational, zen-like happiness.
At the end of 2021, Capital One agreed to pay a settlement of $190 million to 98 million customers whose personal data was stolen in a 2019 data breach. Similar class-action lawsuits were filed in 2021 against T-Mobile, Shopify, and Ledger. When it comes to the cost of breaches, however, those are just the legal fees. Every year, businesses lose millions of dollars in revenue to cyberattacks and data breaches.
Cybersecurity is a very unique and niche career however, with this is the shortfall of skilled workers. In comparison to other roles, cybersecurity sees one of the largest gaps in its qualified workers; in 2021, it was estimated that there was a shortfall of around 3.5 million people. Cybersecurity also sees one of the biggest discrepancies in the female to male ratio in the workplace. In 2013, it was estimated that women in cyber security represent around 10% of the global cybersecurity workforce.
Expectations do not always line up with reality. If you’ve started using infrastructure as code (IaC) to manage your infrastructure, you’re already on your way to making your cloud provisioning processes more secure. But there’s a second piece to the infrastructure lifecycle — how do you know what resources are not yet managed by IaC in your cloud? And of the managed resources, do they remain the same in the cloud as when you defined them in code?
Recently, CVE-2022-0847 was created detailing a flaw in the Linux kernel that can be exploited allowing any process to modify files regardless of their permission settings or ownership. The vulnerability has been named “Dirty Pipe” by the security community due to its similarity to “Dirty COW”, a privilege escalation vulnerability reported in CVE-2016-5195, and because the flaw exists in the kernel pipeline implementation.
