NIST SP 800-161 revision 1 outlines a cybersecurity framework for mitigating security risks in the supply chain. NIST SP-800-161 is a subset of NIST 800-53, a broader cyber risk mitigation framework that’s foundational to most cybersecurity programs. The National Institute of Standards and Technology (NIST) designed NIST 800-161 to improve cyber supply chain risk management for all U.S federal agencies.

IoT has emerged as a concept in the early 2000s. Since then, this technology has been adapted to facilitate more innovative building technologies and improved security strategies. It looks like IoT is here to stay and will be the future of building technology and security. According to Statista, there are currently 3.65 billion IoT-connected devices worldwide.

The term “zero trust” is the lack of implicit trust. When we started with “zero trust,” we no longer trusted users because they weren’t on our network domain. As our staff went remote, we had to input stronger authentication to move from zero trust to some level of implicit trust. The problem is that trust is all or nothing.

Now that we’ve explored the familiar form of SaaS file sharing, let’s compare it to the very different ways that storage objects in IaaS/PaaS clouds are shared (e.g., Amazon S3 buckets, Azure blobs, Google Cloud storage). All of these objects begin with a much more controlled default. Only the owner of the object has access—the opposite of the starting point for SaaS.

Each organization has its own unique attack surface, operating model, and risk tolerance. The challenge for CISOs (Chief Information Security Officers) and IT teams is how to keep business running smoothly, without interruption, while at the same time securing and protecting data. And, since every organization is different, no single strategy will work for everyone.

For our latest expert interview on our blog, we’ve welcomed Joseph Williams, Director of the Leahy Center for Digital Forensics to share his thoughts on the topic of cybersecurity. The Leahy Center for Digital Forensics at Champlain College is a leading world-class laboratory providing digital forensics and cybersecurity services to a wide variety of organizations, from government bodies to local businesses.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Ah ha! About time, these De-fi crypto platforms seem to get hit on a regular basis.

ConfigMaps is an API object used in Kubernetes to store data in key-value pairs. It’s essentially a dictionary that contains configuration settings. Some details you might expect to find in a ConfigMap include hostnames, public credentials, connection strings, and URLs. A ConfigMap decouples an application’s code from the configurations, making it possible to alter them without impacting the application.

Organizations must implement effective account protection measures or put themselves at heightened risk of data breaches and other serious cyber attacks, such as ransomware injections. Multi-factor authentication (MFA) is a crucial component of any organization’s cybersecurity program. MFA adds an additional layer of security, helping prevent hackers from gaining unauthorized access to sensitive data.

Technological advances in the healthcare sector have led to increased interconnectivity and Cloud-based infrastructures in order to maintain physical distance due to COVID-19 and address the urgent need to deal with overwhelming patient volumes through online care. According to data from Global Markets Insights, the healthcare Cloud computing market was valued at over $29 billion in 2020 and is expected to be worth $79.3 billion by 2027, with a CAGR of 13.4%.