Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The term “zero trust” is the lack of implicit trust. When we started with “zero trust,” we no longer trusted users because they weren’t on our network domain. As our staff went remote, we had to input stronger authentication to move from zero trust to some level of implicit trust. The problem is that trust is all or nothing.

Now that we’ve explored the familiar form of SaaS file sharing, let’s compare it to the very different ways that storage objects in IaaS/PaaS clouds are shared (e.g., Amazon S3 buckets, Azure blobs, Google Cloud storage). All of these objects begin with a much more controlled default. Only the owner of the object has access—the opposite of the starting point for SaaS.

Each organization has its own unique attack surface, operating model, and risk tolerance. The challenge for CISOs (Chief Information Security Officers) and IT teams is how to keep business running smoothly, without interruption, while at the same time securing and protecting data. And, since every organization is different, no single strategy will work for everyone.

For our latest expert interview on our blog, we’ve welcomed Joseph Williams, Director of the Leahy Center for Digital Forensics to share his thoughts on the topic of cybersecurity. The Leahy Center for Digital Forensics at Champlain College is a leading world-class laboratory providing digital forensics and cybersecurity services to a wide variety of organizations, from government bodies to local businesses.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Ah ha! About time, these De-fi crypto platforms seem to get hit on a regular basis.

ConfigMaps is an API object used in Kubernetes to store data in key-value pairs. It’s essentially a dictionary that contains configuration settings. Some details you might expect to find in a ConfigMap include hostnames, public credentials, connection strings, and URLs. A ConfigMap decouples an application’s code from the configurations, making it possible to alter them without impacting the application.

Organizations must implement effective account protection measures or put themselves at heightened risk of data breaches and other serious cyber attacks, such as ransomware injections. Multi-factor authentication (MFA) is a crucial component of any organization’s cybersecurity program. MFA adds an additional layer of security, helping prevent hackers from gaining unauthorized access to sensitive data.

Technological advances in the healthcare sector have led to increased interconnectivity and Cloud-based infrastructures in order to maintain physical distance due to COVID-19 and address the urgent need to deal with overwhelming patient volumes through online care. According to data from Global Markets Insights, the healthcare Cloud computing market was valued at over $29 billion in 2020 and is expected to be worth $79.3 billion by 2027, with a CAGR of 13.4%.

The Federal Trade Commission has recently updated the 2003 Gramm-Leach-Bliley Act ‘Safeguards Rule’ to create new standards and procedures that will apply to auto dealerships and go into effect in December 2022. The Safeguards Rule outlines the standards required for the protection of consumer data. The new updates create stricter criteria and procedures that car dealers will need to implement, both to reduce the risk of a data breach and to better protect customer data.

A well-thought-out incident response plan is no longer recommended – it’s critical. With the rate that cyber attacks are increasing – putting customer privacy at risk and forcing some businesses to close – it’s never been more important to educate your team on the risks, and help prepare your organization for the worst case scenario.