Security

The meteoric rise in digital commerce, connected devices and virtual workspaces has rightfully led to an intense focus on cybersecurity to protect company assets and employees. But cyber is only half of the security equation. After all, single sign-on cannot halt an intruder rummaging around in your data center.

State and local governments will be receiving dedicated cyber grants for the first time in 2022, now that the new bipartisan legislation has passed. While previous federal programs offered the potential for grants for cybersecurity projects in state and local governments through the Cybersecurity and Infrastructure Agency (CISA), these grants were not previously dedicated (required) to improving cybersecurity.

Unlike legacy security solutions that alerted after nearly every log event, today’s MDR services can detect—and resolve—many security issues with minimal disruption. A few years ago, identity theft protection company LifeLock aired a commercial that humorously contrasted its competitors’ security monitoring services with its proactive services.

On Dec. 9, 2021, a remote code execution (RCE) vulnerability in the popular Java-based logging package Log4j was disclosed.  Submitting a specially crafted request to a vulnerable system allows an attacker to download and execute a malicious payload to perform additional functions such as data exfiltration, diverting funds, performing surveillance, or disrupting service.  What many experts fear now is that the bug could be used to encrypt data and due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched.  Scanning activity for CVE-2021-44228 has actively begun on the internet with the intent of seeking out and exploiting unpatched systems.  Apache Log4j versions <= 2.15.0 rc1 are vulnerable. 

Innovation and top-line growth are consistently two of the top three key priorities for business executives. Security is always sandwiched right in between these goals, as the threat landscape and perimeter constantly evolves – and never for the better. The digital paradox holds that the same technologies that allow us to innovate and grow give sophisticated intruders the same tools to innovate their method of attack. Just like a chain is only as good as its weakest link, the same goes for our approach to security. It doesn’t matter where in your IT environment a breach occurs; in the end, everything gets affected.

Presidio celebrates Cybersecurity Awareness 24x7x365, but we especially love Cybersecurity in October. Cybersecurity & Infrastructure Security Agency (CISA) just closed out its 18th year deeming October as the month to bring awareness to the importance of cybersecurity. 18 years ago, the internet was in its infancy. Now, it is a part of everyday life.

It has been about 5 years since WannaCry and NotPetya hit companies worldwide in full force, launching a new era of cybercrime. Now, there’s a new report of a ransomware attack weekly. Although this may seem scary, we know more now than we ever have. With each attack, we can see and ultimately learn from which vulnerabilities were exploited. We cannot prevent the inevitable, but we can prepare and minimize the effects. There is a famous quote by author Zig Zigler “Success occurs when opportunity meets preparation.” While a ransomware attack is not an opportunity to look forward to, it is important to be prepared. 

By converging physical and cyber security, organizations gain deeper business insights and better protection against sophisticated threats. The practice of segmenting security teams into distinct physical security and cybersecurity groups has been the norm since the early days of IT. Within the last decade, however, the Fourth Industrial Revolution, advances in cloud technologies and the digital transformation trend have led to a greater awareness between the cyber world and real world.

CIS Controls v8 is here, and there are some significant changes organizations should pay attention to. We spend a lot of time in our blogs talking about—and recommending—cybersecurity frameworks. The reason for this is pretty straightforward: there are a lot of decisions that go into cybersecurity planning, and failing to use a framework makes the process exponentially more complicated.