The cybersecurity implications of working remotely

Help net security | March 20, 2020

The global spread of the COVID-19 coronavirus has had a notable impact on workplaces worldwide, and many organizations are encouraging employees to work from home. What are the cybersecurity implications of this shift?
Having a sizable amount of employees suddenly working remotely can be a major change for organizations and presents numerous problems with regard to cybersecurity.

One issue involves a lack of authentication and authorization. Because people are not seeing each other face-to-face, there is an increased need for two-factor authentication, monitoring access controls and creating strong passwords. There’s also a risk of increased attacks like phishing and malware, especially since employees will now likely receive an unprecedented amount of emails and online requests.

Spotlight

Each week on CloudTweaks we provide a few shoutouts to companies who provide engaging and interesting infographics that reflect our readers interests.  In this case, we have an excellent infographic provided by the team at arellia.com which takes a closer look at cyber-security and some of the biggest malware threats over the past year infiltrating our systems.

Spotlight

Each week on CloudTweaks we provide a few shoutouts to companies who provide engaging and interesting infographics that reflect our readers interests.  In this case, we have an excellent infographic provided by the team at arellia.com which takes a closer look at cyber-security and some of the biggest malware threats over the past year infiltrating our systems.

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

AWS Clients Globally Can Now Use Apiiro Cloud Application Security Platform

Apiiro | January 04, 2023

Apiiro, the market leader in Cloud-Native Application Security, announced that its award-winning security platform is now accessible on AWS Marketplace. Apiiro's solution intends to assist developers and security engineers in resolving significant risks across the software supply chain before launching apps to the cloud. Instead of a single vulnerability or misconfiguration, multiple isolated and unconnected findings are scattered throughout the source code, configurations, open-source packages, and cloud infrastructure that, when combined with appropriate context, form a Risk Story that attackers can exploit. Its Risk Graph technology integrates these endless elements with actionable information to provide developers and security teams with an entirely new way to fix problems. Apiiro has introduced a whole new approach to application security by offering complete visibility into code bases, analyzing risks from design to code to the cloud, and proactively addressing actual vulnerabilities that attackers can exploit before they even get released to the cloud. By connecting to their source control managers via API, Fortune 500 businesses can cut operational costs and risks at scale while ensuring seamless deployment. Now that it is accessible in the AWS marketplace, customers may deploy Apiiro's Cloud Application Security Platform through their AWS Marketplace accounts, enabling them to quickly secure everything they develop and deliver to the cloud by proactively resolving risks with actionable context. About Apiiro Apiiro is a Cloud Application Security Platform that provides comprehensive insight and actionable context to security and development teams to proactively fix risks before releasing them to the cloud. It also assists them in addressing threats throughout the software supply chain. Since its inception, the Apiiro Cloud-Native Application Security Platform has been deployed by developers and security experts in the world's biggest organizations to handle critical threats across more than 1 million code repositories, CI/CD pipelines, and cloud infrastructures.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

ThreatX Launches Robust Online Training to Increase Access to Cybersecurity Expertise

ThreatX | November 17, 2022

ThreatX, the leading API protection platform, today announced the launch of the ThreatX Academy, an online portal hosting an extensive library of cybersecurity training modules. These courses provide an accessible and approachable opportunity for those looking to begin, or advance, their cybersecurity careers. ThreatX is providing all foundational 100-level content at no charge. Training content spans many areas of cybersecurity, including Application Security, Data Protection and Privacy, Networking, Secure DevOps and Wireless Security, among others. The need for cybersecurity professionals has been growing at a rapid pace, and that demand is expected to continue. The number of unfilled cybersecurity positions worldwide grew 350% between 2013 and 2021 (from 1 million to 3.5 million). Further, it is predicted that the same number of jobs will still be open in 2025. This cybersecurity skills gap, along with the accelerated pace at which both technology and cyberattackers’ tactics are evolving, has made protecting digital assets increasingly difficult for businesses. In fact, 80% of organizations suffered one or more breaches due to a lack of cybersecurity skills and/or awareness within the last 12 months, underscoring the need for solid and robust training content. Alongside Massachusetts-based training company, Security Innovation, ThreatX developed more than 140 hours of online security training videos beginning at an introductory level and progressing to more advanced subjects, such as Blockchain Security and Automating Security Updates. All 100-level content will be available free of charge, while 200 and 300-level content will be accessible via subscription. Through the integrated learning management platform, users will be able to consume the content in sequential fashion and earn certifications. The ThreatX Academy experience is powered by Raven360, a Massachusetts-based digital Academy business. ThreatX will share all content, free of charge, with select nonprofit organizations, including participants of the Massachusetts Rehabilitation Commission’s (MRC) Networking Technology Program. In addition, ThreatX Academy has partnered with (ISC)2 and is now an approved (ISC)2 CPE Submitter Partner. ThreatX content may count toward (ISC)2 CPE credits. (ISC)², is an international nonprofit cybersecurity professional organization. Through (ISC)², members can earn several well-established security certifications, including: CISSP Certified in Cybersecurity SSCP - Security Administration CCSP - Cloud Security CSSLP - Software Security In order to maintain these certifications, members must earn Continuing Professional Education (CPE) Credits. Through ThreatX’s partnership with (ISC)², security practitioners will now be able to earn CPE Credits for consuming ThreatX Academy content. “Cybersecurity is a continuous learning experience, and the need for training resources in the industry is only growing stronger. “We are excited to announce the launch of ThreatX Academy, and we look forward to advancing the program in the future as part of our broader effort to close cybersecurity’s ongoing talent gap.” Gene Fay, CEO of ThreatX About ThreatX ThreatX’s API protection platform and complete managed services make the world safer by protecting APIs from all threats, including DDoS attempts, complex botnets, zero-day and multi-mode attacks. ThreatX applies artificial intelligence and machine learning to detect and respond to even the slightest indicators of suspicious activity in real-time. Today, ThreatX protects APIs for companies in every industry across the globe.

Read More

DATA SECURITY, ENTERPRISE IDENTITY, SOFTWARE SECURITY

Persistent Launches Innovative Cyber Recovery Solution with Google Cloud

Persistent | October 31, 2022

Persistent Systems, a global Digital Engineering provider, today announced the launch of a trailblazing solution that enables organizations to recover more quickly from cyber-attacks. Together with Google Cloud, the Persistent Intelligent Cyber Recovery (PiCR) solution provides a comprehensive and scalable cyber recovery approach, allowing organizations to reduce data loss and minimize the negative impact to brand reputation from prolonged downtime. Persistent Intelligent Cyber Recovery is now available on the Google Cloud Marketplace. Hackers are increasing the frequency and scale of ransomware attacks. They are using continually evolving and sophisticated techniques, which makes recovery from attacks more challenging. These attacks may lead to sensitive data leakage, loss of business, and damage to brand reputation. It is crucial for organizations to not only focus on protection against cyber-attacks but also strengthen their recovery process. Traditional backup and Disaster Recovery (DR) solutions are not designed for recovery from cyber-attacks. Persistent Intelligent Cyber Recovery includes tailored recovery plans, Persistent IP for finding and remediating malware, and the optional managed services to administer the recovery process. Persistent's solution integrates with Google Cloud to provide a secure recovery environment and Google Cloud Backup and DR for protecting the server images. Persistent Intelligent Cyber Recovery offers the following benefits: Reduction in data loss Decreased risk of recurrent attacks through the removal of malware Faster recovery from ransomware and zero-day attacks (from weeks/months to hours/days) Potential cyber insurance cost reduction Scalable solution depending on enterprise size challenges Nitha Puthran, Senior Vice President – Cloud, Infrastructure and Security, Persistent: "The digital environment today is constantly evolving and so are the risks associated with it. We are leveraging our strong relationship with Google Cloud and our product engineering expertise to create an industry-leading solution that allows enterprises to recover faster from cyber-attacks, thereby reducing the impact on their business. "Persistent Intelligent Cyber Recovery combines strategic planning and the creation of playbooks, integration with Google Cloud services and our own IP to find anomalies that indicate malware, remove the malware, and use automation to set up test and production environments to scale. It takes a services and product mindset to create a solution like Persistent Intelligent Cyber Recovery and Persistent is uniquely positioned in the market to deliver both." Dai Vu, Managing Director, Marketplace and ISV GTM Programs, Google: "As cyber threats become more prevalent, customers need solutions that can help them quickly address and recover from cyber-attacks. With the Persistent's Intelligent Cyber Recovery (PiCR) solution available on Google Cloud Marketplace, customers can quickly deploy PiCR to their Google Cloud environment and utilize it alongside Google Cloud technologies and capabilities to address cyber-attacks quickly and securely."

Read More