In a dark room lit only by the light from four computer monitors sits a hacker named Hector (not his real name). You can hear the faint pulse of an EDM track coming from his headphones as Hector taps away on his computer’s keyboard. The above description could serve as the setting for a hacker movie set in the early 2000s. But it doesn’t work in today’s context. Nowadays, Hector sits in a brightly lit room with multiple screens at his disposal.
It’s been a few weeks since Verizon released the 12th edition of its Data Breach Investigations Report (DBIR). For this publication, Verizon’s researchers studied 41,686 security incidents in which a response was necessary. These analysts found that 2,013 of those incidents were data breaches in that some sort of information was actually compromised.
Authentication, authorization and access control are three paramount cyber security concepts that are often confused and used interchangeably. It might be because these three are usually perceived as one single process by the end user, yet it is critically important to understand the distinction while designing the security framework.
Since the first documented ransomware attack occurred in the late 80s, the attack method has increasingly become a threat to organizations and individual consumers. One cybercriminal may lock up a family’s computer and hold their precious photo memories hostage with the threat of deleting them. Another may cripple a business by locking up their primary revenue generating application database, costing the company millions of dollars in lost sales by the minute.
YouTube, the world’s top provider of streaming multimedia content, keeps reaching new heights in terms of its popularity. Nearly two billion monthly users and five billion videos watched every single day – these impressive statistics speak for themselves, and the numbers are steadily growing year over year. Everybody loves YouTube and so do cybercriminals, only in their very own nefarious way.
An emerging use case for containerized platforms has been the ability to deploy applications in what is termed as an air-gapped deployment. This deployment pattern is particularly pronounced around edge computing (more on that later in the blog series) – though there exist significant differences between edge clusters and air-gapped deployments. Air-gapped applications are those that run isolated from datacenter or internet connectivity.
The author G.K. Chesterton noted that “there is a lot of difference between listening and hearing.” Of the four communication skills – listening, speaking, reading and writing – we learn listening first, but as time goes on many of us seem to lose interest in truly listening to what others have to say. Leaders would do well to work on listening to inspire workers and increase productivity.
You can’t fix the flaws you don’t know about – and the clearer your sense of your organization’s overall security posture, the better equipped you are to improve it. Vulnerability assessments are a core requirement for IT security, and conducting them on a regular basis can help you stay one step ahead of the bad guys.
When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck. Now that I’m older, I watch more than I play, and I’m able to appreciate the many lessons team sports teach, especially at the professional level. With sports, we can tackle technical topics in a relatable way.
