Category: For technologists

APIs. The glue of hyper connectivity; yet also the wellspring of risk.

Related: The true scale of API breaches

I had an enlightening discussion at Black Hat USA 2023 with Traceable.ai Chief Security Officer Richard Bird about how these snippets of code have dramatically expanded the attack surface in ways that have largely been overlooked.

Please give the accompanying podcast a listen. Traceable supplies systems that treat APIs as delicate assets requiring robust protection. At the moment, Bird argues, that’s not how most companies view them.

All too many organizations, he told me, have no clue about how many APIs they have, where they reside and what they do. A good percentage of APIs, he says, lie dormant – low hanging fruit for hackers who are expert at ferreting them out to utilize in multi-stage breaches.

Companies have been obsessed with using APIs to unlock business value while turning a blind eye to API exposures.

Guest expert: Richard Bird, CSO, Traceable.ai

What’s more, APIs continue to  fuel speedy software development in an environment where standardization has been absent, Bird told me.

“There hasn’t been a lot of motion around the idea of developing boundaries and protocols from an industry standpoint,” he says.

The Biden-Harris Administration has stepped forward to stir the pot.

“Compliance is implied and inferred in the most recent executive orders and in other items coming out of NIST and the SEC,” Bird noted. “They’re basically saying, ‘Look, you have this data transport capability with APIs, so you need to include them in your security requirements.’ ”

The transformation progresses. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business.

Related: Why ‘observability’ is rising to the fore

Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

As a leading supplier of advanced security information and event management (SIEM) technology, Splunk happens to find itself in the thick of a tectonic shift. Network security is getting reconstituted. A new tier of overlapping, interoperable, highly automated security platforms is rapidly taking shape. In this milieu, SIEM systems have emerged as the telemetry ingestion engine, of choice, to help companies figure out how to effectively monitor — and securely manage —  hyper-connected software.

Last Watchdog engaged Forrester Principal Analyst Allie Mellen in a discussion about the cybersecurity angle of the Cisco-Splunk merger. Here’s the exchange, edited for clarity and length:

LW: Why are XDR vendors hustling to add SIEM or a SIEM-alternative to their portfolios?

Mellen: As XDR matures, customers are introducing more telemetry for detection into it. Because of this, there’s more data being stored in multiple places: XDR and SIEM. Security teams are always looking for ways to cut SIEM costs and consolidate data access, and so naturally, they look to XDR to provide that alternative. XDR vendors have started to provide SIEM-alternatives through log management so that organizations can continue to store the data they need while getting the benefits of quality of detection and response that XDR brings.

LW: Will this acquisition help Cisco compete in this space?

Mellen: Splunk is one of the most ubiquitous and most frequently used security tools in enterprises today. The platform has consistently been named a Leader in the Forrester Wave™ evaluation on security analytics platforms for its flexibility and vast capabilities for alerting and compliance.

Mellen

Splunk also has an incredibly loyal set of users, which, more than anything else, serve as a fanbase for the brand. Security leaders struggle, however, with Splunk’s lack of innovation over the past several years and how costly the offering can become.

Even the addition of alternative pricing models has done little to change that. These factors add up to, overall, this acquisition being a massive win for Cisco’s security business. This acquisition positions Cisco to have both sides of the coin — detection and response focus in XDR with Cisco XDR, and flexibility and adaptability in a security analytics platform with Splunk.

LW: You’ve asserted that this deal is a boon for Microsoft? How so?

Mellen: Splunk customers will be drawn to explore alternatives because of the uncertainty of the acquisition, and we expect to see experimental deployments of other smaller security analytics players as backup. This will also be a boon for Microsoft Sentinel.

Microsoft is the biggest SIEM competitor to Splunk right now, and Splunk customers will flock to or expand their Sentinel deployments as they hedge their bets between where Cisco takes Splunk and where Microsoft takes Sentinel.

LW: Are any Splunk customers losing sleep about what happens next?

Mellen: Security leaders know that Cisco has long been a case study for acquisitions that don’t live up to their initial promise and suffer from underinvestment and a lack of focus. In fact, since this was announced, many have showed concern that this pairing will affect the SIEM in the long term. That said, in recent years Cisco has maintained their Duo acquisition. To keep Splunk’s massive, loyal user base, Cisco needs to follow a similar model and let Splunk deliver what Splunk does best: a flexible, powerful SIEM offering.

LW: What does this signal about what a defacto security platform will look like 5 – 10  years from now?

Mellen: Consolidation drivers are cyclical; there’s an effort to consolidate, especially during times of financial hardship, which leads to cost savings for end users and fewer third parties to manage. However, it also often leads to innovation stagnation and vendor lock-in. Once these cons set in and the financial situation improves, users divert to best of breed offerings for their flexibility and quality, and the cycle starts over again. We will continue to see consolidation in these markets as the largest vendors look to offer the biggest and best portfolio.

LW: Where are we today on that curve?

Mellen: It’s happening constantly and we expect it will continue. As new technologies emerge and are validated by the market, new acquisitions are made and the portfolios become even larger.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals.

Related: How Putin has weaponized ransomware

In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Many responded by saying they already avoid hospitals and emergency services infrastructure. Others promised to cease attacking health care facilities until the pandemic eased.

An April 2020 study from VMware Carbon Black revealed a 148% ransomware increase between March and April 2020. However, it’s worth noting that health care was the seventh-most targeted industry during that time, when it was usually in the top three.

Less lucrative targets

The reduction in ransomware attacks against health care organizations was relatively short-lived. John Riggi, national advisor for cybersecurity and risk for the American Hospital Association, said in a July 2023 interview that he noticed a spike in large, high-profile ransomware attacks in the previous six weeks.

Amos

However, another topic brought up in the discussion was that Riggi increasingly hears representatives from targeted facilities agree not to pay the ransom. Some ransomware gangs demand payments of $1 million or more. However, IT teams at health care facilities are becoming more proactive about protecting data, so there’s no need to engage with hackers.

Creating a strategic and all-encompassing backup plan is a great way to prevent data loss. If ransomware gangs increasingly hear that health care facilities won’t pay, they’ll turn their attention to other industries.

Hackers shun limelight

There are certainly ulterior motives behind ransomware gangs’ pledges to avoid attacking hospitals. For example, the continual targeting of the facilities could compel those in power to pass laws and devote resources related to catching and punishing the gangs. Virginia’s Senator Mark Warner has prioritized health care ransomware reductions in some of his recent efforts.

If enough lawmakers consider this cybersecurity issue a top-of-mind concern, it would spell trouble for ransomware gangs. During the COVID-19 pandemic, the U.S. and other countries mobilized incredible resources to get vaccines created, tested and distributed in record time. That example shows that when enough people see a threat as significant, they’ll work together to get things done.

Trustworthy morality?

Another consideration is that it’s one thing for a ransomware gang to promise not to attack hospitals. What matters is that they’re telling the truth. The whole concept behind ransomware attacks is that victims should get their data back if they pay the demanded amount. However, a 2023 survey showed that doesn’t always happen. More specifically, 21% of respondents paid the ransom and didn’t recover their data.

If people see news that specific ransomware gangs consider hospitals off-limits, some may think these cybercriminals operate with some sense of morality after all. However, a public statement is no guarantee of truth.

Evidence also suggests ransomware increasingly spans beyond data loss and financial demands. Many organizations — including hospitals — report ransomware-driven extortion as an emerging risk. If the IT teams at health care facilities believe some hacker gangs won’t target them, they could become complacent against emerging threats.

Even if some ransomware gangs steer clear of hospitals, not all will. Ransomware targets and tactics keep evolving, meaning cybersecurity professionals and enthusiasts must stay aware and respond accordingly.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

Creating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry.

Related: The security role of semiconductors

Cutting against the grain, Flexxon, a Singapore-based supplier of NAND memory drives and storage devices, arrived at Black Hat USA 2023 calling for a distinctive hardware approach to repelling cyber attacks.

Flexxon recently introduced its X-PHY SSD drive which now comes embedded in certain laptop models from Lenovo, ASUS and HP. This innovation derives from security-hardened AI-powered memory and storage drives Flexxon supplies that go into medical equipment and industrial machinery.

I had the chance to get briefed about all of this by Flexxon’s founder and CEO Camellia Chan. For a full drill down give the accompanying podcast a listen.

Guest expert: Camelia Chan, CEO, Flexxon

Instead of struggling to account for innumerable attack paths, X-PHY guards just one path; it keeps an eagle eye on the read-write activities at the memory storage level, Chan told me.

It instantly recognizes —  and blocks — any rogue read-write commands, such as those favored by ransomware purveyors and other malicious actors. The system operates in the background without the need for constant updates. It alerts users to anomalous activities and can shut down storage devices to safeguard data instantly, she says.

“Cyber security is actually missing intelligent, dynamic detection sitting at the physical layer,” Chan says. “X-PHY will act as a last line of defense against potential risk and help companies better safeguard their data.”

The transformation progresses. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life.

Sharing intel for a greater good

Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks.

I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd, a pioneer in the crowdsourced security market. Bugcrowd ushered in crowdsourced security with its launch in 2012, and today a covey of vendors have followed suit, each supplying intricate platforms to connect hackers with proven skillsets to companies that have particular needs.

“What we’ve got under the hood is effectively a dating website for people who are good at breaking into computers,” Ellis says.

Crowdsourced security vendors (others include Synack, Hacker One and Intigriti) make it seamless for companies to tap into a global network of software coders, and set them on the hunt for vulnerabilities.

Guest expert: Casey Ellis, CTO, Bugcrowd

This decentralized, diligently-managed approach meshes well with the overall shift to massively interconnected digital services.

For more on this, please do give the accompanying podcast a listen. Ellis and I discuss the evolution of pen testing, the current state of bug bounties and the rising influence of AI. For instance, some 85 percent of hackers responding to Bugcrowd’s Inside the Mind of a Hacker poll said they are already using generative AI in their workflows.

For its part, Bugcrowd has committed to helping companies shift to a risk-management approach to security, Ellis says. With AI speeding everything up, triaging risks makes a lot of sense. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

 

In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft.

Related: Neutralizing insider threats

This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management. Organizations dedicate substantial resources to detecting and preventing fraudulent activity in customer accounts.

Yet, the rise of internal fraud presents a unique challenge. Perpetrated by insiders who already possess unrestricted access to highly sensitive data and systems, internal fraud not only defies easy prevention but also imposes substantial costs.

Annually, American businesses suffer losses exceeding $50 billion, underscoring the impact on competitiveness in today’s fiercely competitive landscape. To navigate this complex landscape, business leaders must strike a delicate balance between fostering open research environments and securing their valuable IP, safeguarding both their business and innovative endeavors.

Remote work factor

The growing trend of remote or hybrid working has particularly intensified the issue, enabling trusted insiders to mask fraudulent activity by operating outside the conventional security perimeter. And while many instances of this type of fraudulent activity may start out as an accidental mistake, the longer the fraudster goes unnoticed, the greater the risk of an easy payout snowballing into more malicious actions becomes.

In some cases, insiders with malintent attempt to circumvent internal processes and policies by stealing innovation through a variety of methods, including gathering human intelligence from other employees and contractors, conducting digital and even physical surveillance operations, among other strategies.

Frogley

Some insiders may borrow tactics from more traditional state sponsored intelligence organizations such as confidential information collection through practices like “ratting” — where cybercriminals utilize malware to access sensitive information. Another example of on-the-ground tactics includes Intelligence agencies exploiting graduate students at research universities to access sensitive materials and coercing professionals working on sensitive technologies to engage in activities like IP theft.

Organizations must prioritize data and decision intelligence to tackle these threats effectively. However, fragmented and siloed data pose a significant hurdle for businesses in mitigating these risks, hindering their comprehensive understanding of the risk landscape. The combination of mounting pressures, accelerated decision-making, and the rapid availability and volume of data has intensified the difficulty of maintaining an efficient and resilient IP protection environment.

Role of AI

One technology businesses are looking to detect and prevent fraud, waste, and abuse is Decision Intelligence (DI), which allows companies to connect data and identify patterns or anomalies that potentially indicate the kind of behavior that may probe an investigation. By leveraging advanced analytics and AI, it offers enhanced scrutiny of individuals and organizations, monitoring their vulnerability to risks from sanctioned or risky entities that jeopardize intellectual property.

To accomplish this, the broader Decision Intelligence strategy should encompass the integration of techniques like graph analytics and entity resolution.

Organizations have access to ample data; the key lies in adopting suitable technology to extract its value. Gartner predicts that by 2026, organizations that prioritize AI transparency, trust, and security will witness a 50% boost in adoption, business goals, and user acceptance of their models. This emphasizes the transformative potential of Decision Intelligence (DI) for organizations that aim to be prepared for disruptions and resilient in the face of challenges. One example of where this impact can come from is entity resolution.

Entity resolution, powered by advanced AI and machine learning models, efficiently connects, organizes, and analyzes data to accurately identify similar entities. It groups related records, establishing a collection of characteristics and labeled connections for each entity. Unlike traditional record-to-record matching in MDM systems, entity resolution enables organizations to introduce new entity nodes that play a crucial role in linking real-world data.

Reusable resource 

With a strong data foundation, businesses can leverage a dependable and reusable resource to automate and enhance decision-making organization-wide, addressing diverse challenges beyond IP theft detection.

A strong data management strategy is vital for companies to monitor illicit and unlawful activities, safeguard intellectual property, and stay competitive. It is crucial to have visibility into networks across different environments, whether it’s an advanced persistent threat, cyber threat, or supply chain issue. The key lies in connecting data to gain a comprehensive understanding and effectively address complex challenges.

Tackling IP theft is an ongoing and intricate challenge that necessitates sustained cooperation between businesses leaders, workers and stakeholders. Ultimately, to drive global technology innovation, businesses must turn to Decision Intelligence to reduce manual work and make quick, well-informed decisions to protect their intellectual property.

About the essayist: Clark Frogley is Head of Financial Crime Solutions at Quantexa. He began his career with the FBI investigating organized and financial crime and served as the Assistant Legal Attaché in the US Embassy in Japan. Previously, Frogley worked as an executive at IBM in positions as the global head of AML and Counter Fraud Services in Banking, the Financial Crime Practice Leader for IBM in Japan, and the Financial Crime Solution leader for AML, Sanctions and KYC.

Over time, Bitcoin has become the most widely used cryptocurrency in the world. Strong security measures become increasingly important as more people use this digital currency.

Related: Currency exchange security issues

For managing and keeping your Bitcoin assets, you must need a bitcoin wallet, which is a digital version of a conventional wallet. The protection of your priceless digital assets will be guaranteed by this article’s discussion of the best techniques for protecting your Bitcoin wallet.Bu

A Bitcoin wallet is a piece of software that enables users to transmit, receive, and store bitcoins securely. While it performs similarly to a regular wallet, it stores digital assets in the form of cryptographic keys rather than actual cash or credit cards. These wallets are available in a variety of formats, including hardware wallets, online wallets, mobile wallets, and desktop wallets. Users can select depending on their unique needs since each type offers a varied ratio of ease to security.

Select a reliable wallet. The first step to protecting your digital assets is choosing a trustworthy Bitcoin wallet. It’s critical to select wallets with a solid track record and reputation in the bitcoin industry. Consider things like security features, user-friendliness, and community reviews when you compare various wallet solutions.

Use strong passwords, 2FA. The security of your Bitcoin wallet is mostly dependent on the strength of your passwords. Use uppercase, lowercase, digits, special characters, and a combination of them to create strong, one-of-a-kind passwords. Keep your name and birthday away from utilizing information that might be easily guessed. Also, whenever it is possible, activate two-factor authentication (2FA). By requiring a verification code in addition to your password, 2FA adds an extra layer of protection and drastically reduces the possibility of illegal access to your wallet.

Update frequently. Bitcoin wallet providers are always making software improvements to address possible security flaws. It’s critical to maintain your wallet software updated in order to stay one step ahead of criminal actors. Patches for security holes are frequently included in wallet upgrades, ensuring that your wallet is protected against new threats. To keep secure, set up automatic updates whenever feasible or often check for new software versions.

Backup, backup, backup. To guard against data loss, it’s crucial to regularly create backups of your Bitcoin wallet. Wallet backups provide a safety net in the event that your device breaks down, is misplaced, or is stolen. Backups should be kept safely in several places, such as encrypted cloud storage or external hard drives. Test the restoration procedure as well to make sure your backups are operational and available when needed.

Secure your network, device. It’s critical to protect the device you use to access your Bitcoin wallet. To avoid potential vulnerabilities, keep your operating system, antivirus software, and other security tools up to date. Refrain from installing illegal or dubious software, and only download wallets from reliable sources. Be careful while connecting to public Wi-Fi networks as well, as they may not be safe. A virtual private network (VPN) can offer an additional layer of encryption and security.

Use multisignature wallets. Multisig wallets, sometimes referred to as multi sigs, provide better protection for your Bitcoin holdings. Transactions in this kind of wallet must have approval from numerous cryptographic signatures, lowering the possibility of unwanted access. You may share keys across several devices or people using multisig wallets, adding an extra layer of security against key loss or theft.

Ashford

Be wary of fraud. As the use of Bitcoin has grown, so have the number of phishing and malware attempts that prey on naïve users. Use caution while downloading files or clicking on websites connected to your Bitcoin wallet. Be wary of dubious emails, texts, or websites that ask for your wallet credentials in an effort to deceive you. Before acting, make sure the source is legitimate to avoid falling for con artists.

In conclusion, protecting your digital assets in an increasingly linked world requires you to secure your Bitcoin wallet. You can greatly improve the security of your Bitcoin holdings by adhering to these best practices, such as choosing a trustworthy wallet, implementing strong passwords and 2FA, regularly updating your software, backing up your wallet, securing your device and network, using multi signature wallets, and being watchful against phishing and malware attacks.

It’s crucial to keep up with the most recent security procedures in the constantly changing field of cybersecurity and to adjust as necessary.  You may have peace of mind and confidently traverse the world of cryptocurrencies while securing your priceless digital assets by prioritizing the security of your Bitcoin wallet, periodically educating yourself on emerging dangers, and adhering to suggestions from reliable sources.

About the essayist: Ronin Ashford is a passionate tech enthusiast and a dedicated cryptocurrency investor. With a firm belief in the potential of blockchain technology, he is determined to contribute to the transformation of the payments industry landscape.

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe.

Related: The need for supply chain security

This is to be expected. After all, government mandates combined with industry standards are the twin towers of public safety. Without them the integrity of our food supplies, the efficacy of our transportation systems and reliability of our utilities would not be what they are.

When it comes to IoT, we must arrive at specific rules of the road if we are to tap into the full potential of smart cities, autonomous transportation and advanced healthcare.

In the absence of robust, universally implemented rules of the road, cybercriminals will continue to have the upper hand and wreak even more havoc than they now do. Threat actors all-too-readily compromise, disrupt and maliciously manipulate the comparatively simple IoT systems we havein operation today.

I had an eye-opening conversation about all of this with Steve Hanna, distinguished engineer at Infineon Technologies, a global semiconductor manufacturer based in Neubiberg, Germany. We went over how governments around the world are stepping up their efforts to impose IoT security legislation and regulations designed to keep users safe.

This is happening at the same time as tech industry consortiums are hashing out standards to universally embed security deep inside next-gen IoT systems, down to the chip level. There’s a lot going on behind the scenes. For a full drill down on my discussion with Hanna, please view the accompanying videocast. Here are a few takeaways:

Minimum requirements

A few years back, a spate of seminal IoT hacks grabbed the full attention of governments worldwide. The Mirai botnet, initially discovered in October 2016, infected Internet-connected routers, cameras and digital video recorders at scale. Mirai then carried out a massive distributed denial-of-service (DDoS) attacks that knocked down Twitter, Netflix, PayPal and other major web properties.

Then in 2017, clever attackers managed to compromise a smart thermometer in a fish tank, thereby gaining access to the high-roller database of a North American casino. Soon thereafter, white hat researchers discovered and disclosed pervasive vulnerabilities in hundreds of millions of smart home devices such as cameras, thermostats and door locks.

In 2018, UK regulators got the regulatory ball rolling taking steps that would eventually result in mandated minimum requirements for IoT data storage, communications and firmware update capabilities. The U.S., other European nations and Singapore soon began moving in this direction, as well. The U.S. National Institute of Standards and Technology (NIST,) for instance, has since developed a comprehensive set of recommended IoT security best practices.

In 2023, the U.S. announced a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. The new “U.S. Cyber Trust Mark” program raises the bar for cybersecurity across common devices, including smart refrigerators, smart microwaves, smart televisions, smart climate control systems, smart fitness trackers, and more.

Guest expert: Steve Hanna, Distinguished Engineer, Infineon Technologies

“We’re moving to a world where IoT cybersecurity will be table stakes” Hanna told me. “It’s going to be required in every IoT product and governments will have their own checklist of IoT requirements, similar to what we have for electrical equipment.”

Harmonizing the baseline

The efforts by regulators and technologists to establish a baseline for IoT safety has, as might’ve been expected, given rise to conflicts and redundancies. “At the moment, we have a Tower of Babel situation where each nation has its own set of requirements and it’s a big challenge for a manufacturer how they get their product certified in multiple places,” Hanna says.

Harmonizing of different requirements across multiple nations needs to happen, Hanna argues, and this quest is made even more challenging because of the sprawling array of IoT device types. This is, in fact, precisely what a tech industry consortium, calling itself, the Connectivity Standards Alliance, has set out to tackle head on, he says.

“Basically, we’re creating, shall we say, one certification to rule them all,” Hanna told me. “We’re going to bring together all the requirements from these national and regional certifications and say if you get this one certification from CSA, then that indicates you’re compliant with all of the national or regional requirements, no matter where they might come from. And your product can then be sold in all of those different regions.”

The technologists are striving to resolve a profound pain point, in particular, for IoT device makers facing the prospect of needing to test and certify their IoT products in 50 different locales. “If I can test it once against a set of requirements that I understand, then that’s much less expensive,” Hanna says.

Safety labels

The give-and-take vetting of emerging standards that’s now unfolding reflects a tried-and-true dynamic; it’s how we arrived at having detailed food additive labels we can trust on every item on supermarket shelves and it’s why we can be sure no electrical appliance in our homes poses an egregious hazard.

The ramping up of IoT rulemaking and standards-building portends a day when we won’t have to worry as much as we now do about directly encountering badness on the Internet.

I asked Hanna about what individual citizens and small business owners can do, and he indicated that staying generally informed should be enough. He noted that the regulators and tech industry leaders are cognizant of the need to foster consumer awareness about the incremental steps forward. The push behind the new Matter home automation connectivity standard introduced in late 2022 being a case in point.

“We can’t expect the consumer to be an expert on IoT cybersecurity, that’s just not realistic,” he says. “What we can ask them to do is to look for these security labels coming soon to IoT products . . . you just can’t buy an unsafe extension cord anywhere today; only the ones with the proper safety inspections get sold. I hope the same will be true in five or 10 years for IoT products, that all of them are adequately secure and they all have that label.”

This is all part of a maturation process that must happen for digital systems to rise to the next level. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

For a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to use to work.

And despite advances, like sandboxing, browser isolation and secure gateways, the core architecture of web browsers has remained all-too vulnerable to malicious attacks.

There was a lot of buzz at Black Hat USA 2023 about advanced “enterprise browsers.” I visited with Uy Huynh, vice president of solutions engineering at Island.io, to discuss this. For a full drill down please give the accompanying podcast a listen.

Built on the Chromium open source code, Island’s Enterprise Browser recognizes the identity and considers the role of each user—be it an employee, contractor, or HR personnel. This granular visibility aids in rapid onboarding while also bolstering security protocols, Huynh explained.

This can serve as a “last mile” checkpoint to curtail Shadow IT; in particular, the exploding popularity of generative AI.

Guest expert: Uy Huynh, VP of solutions engineering, Island.io

Island’s solution prevents sensitive data from slipping out from a web browser into services like ChatGPT, or through downloads, screen shots, printing or copy/paste.

“With generative AI, you could inadvertently be placing your intellectual property or other sensitive information into large language models that anyone can access,” Huynh warns.

Meanwhile, a specific alert can be communicated to the user, enhancing awareness training, and reinforcing compliance.

“In essence, what we’re trying to do is to offer enterprises granular control over their browser environment,” Huynh says.

Anything that can improve security while preserving a high-quality user experience has a place in networks, going forward. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

 

API security has arisen as a cornerstone of securing massively interconnected cloud applications.

At Black Hat USA 2023, I had a great discussion about API security with Data Theorem COO Doug Dooley and Applovin CISO Jeremiah Kung. For a full drill down, please give the accompanying podcast a listen.

As a fast-rising mobile ad network going toe-to-toe with Google and Facebook, Applovin has been acquiring advanced security tools and shaping new practices to manage its API exposures. Kung described for me how Data Theorem’s API Secure is proving to be a vital weapon in Applovin’s security arsenal.

APIs have become the “lifeblood” of apps and thus a prime target for cyber criminals, Kung says. AppLovin has learned that it must mitigate API exposures from multiple angles, he told me.

Robust API security has become table stakes – for cloud-native companies like AppLovin as well as for legacy enterprises stepping up their cloud plays, Dooley argues.

Guest experts: Doug Dooley, COO, Data Theorem; Jeremiah Kung, CISO, Applovin

“The moment you go cloud, the number of attack surfaces explodes and there’s really no way to stop it, because it’s like trying to stop innovation,” Dooley says. “As long as you let feature development happen with modern techniques of cloud services and third-party software suppliers, you’re going to have more APIs than you even realize you have embedded and exposed throughout your application stacks.”

Securing APIs is even more vital as generative AI takes center stage, giving attackers one more powerful tool to scale up their campaigns. Yes,  AI is bolstering hacking techniques; but it can also strengthen defensive capabilities by security teams, programs, and products Dooley observes.

The arms race is just warming up, folks. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)