All about Virtualization and Cloud Security | Recent Articles:

• Ransomware, banking malware, unwanted applications, and Android attacks all rose significantly
• Pandemic-related incidents had a big impact
• Similar threats expected for this year, and cyber security teams need to have the right security tools in place

• Executive order under consideration would expand what companies have to disclose security breaches to the federal government.
• Such breach disclosure laws have been long found over legal concerns.
• The EO would also establish that certain software vendors maintain a software bill of materials.

• All attacks include malicious activity, but not all attacks include writing malware to disk 
• Anti-exploit technology prevents attackers from gaining a foothold 
• What to look for in anti-exploit technology 

Attacks, exploits and vulnerabilities 

Any complete cloud workload security stack must feature robust anti-exploit technology for both end-user and server systems. Cloud workloads run on servers, either on-premises or in the cloud, and end-user systems access those workloads. End-user systems can give attackers indirect access to workload data, while servers can provide more direct access if attackers achieve a foothold.  

Advanced Persistent Threats (APTs) are sophisticated, stealthy attacks designed to gain access to an organization’s network systems over a long period of time in order to covertly steal sensitive information or drain financial resources. 

• EDR and MDR represent two viable paths to achieving successful security defense
• Internal teams use EDR tools to launch investigations and guide remediation actions
• MDR brings professional cross-skilled security analysts and proactive threat hunters
• Security tipping point is determined by gaps in time, skills, efficiency and outcomes

• Efforts have long been underway to create more advanced cryptography, and the market appears ready to deploy these solutions
• Promising new approaches include quantum key distribution, biometrics encryption, and homomorphic encryption

This is the second of a 3-blog series on Practical Cyber Resilience. In the first part, I covered the four key characteristics (or guiding principles) of cyber resilience. In this blog we will review the main objectives and 5-step Cyber Resilience Analysis methodology, as defined by the NIST Special Publication 800-160, Developing Cyber Resilient Systems.

• Attack wiped out 1200 of a company's 1500 Microsoft Office 365 accounts
• Always revoke the access rights of former employees and contractors

• 53% of Web traffic is now cloud-related, a 20% year over year increase.
• 61% of all malware is directly delivered via the cloud.
• Malicious Office documents represented 17% of all malware detected.

• Analysts expect the global IoT market to grow from about $212 billion in 2018 to about 1.3 trillion by 2026
• Unfortunately, these devices often ship with security flaws, poor API management, and lack efficient ways to provide security updates
• Special Publication 800-213 helps federal agencies understand how IoT devices can impact the network and information security risks within their organizations

Bitdefender data suggests IT teams face murky waters in 2021, as the disruptive shift to remote work and cloud-based operations continues to create security blind spots attackers can exploit. With the SolarWinds breach sending ripples well into the future, supply chain attacks are top of mind. Now is the best time to consider a truly robust cybersecurity tool stack, as no technology layer can prevent attacks that silently climb the supply chain ladder.

• Mistaken assumptions about smart home cybersecurity lead to more problems
• We put much trust in a particular IoT device, but we don't secure it enough
• There's always a solution, no matter the security issue