According to a recent Deloitte poll, legacy systems and environments are the greatest challenge to adopting zero trust, with 44.6% of executives agreeing to that sentiment.

However, these organizations plan to forge ahead with their zero trust plans due to increases in cyber threats (30.1%) and the need to better manage third party risks (25.1%), according to Deloitte’s research.

Further down that list of drivers of zero trust adoption include managing workforce-related risks, such as remote work and insider threats (17.2%), managing risks due to cloud adoption (15.1%) and managing elevated cyber risks due to geopolitical conflict (4.8%).

Read Next: First Steps to Take for Zero Trust Implementation

However, organizations far and away cited complexity and compatibility issues with legacy systems and environments as the top challenge to successful implementation of zero trust, with nearly 45% of executives agreeing.

Within zero trust adoption programs, organizations are most likely to prioritize enhancements focused on data security and identity and access management, which came in at 26.1% and 21.5%, respectively. This isn’t surprising given the importance of responsibly handling data and protecting user identities.

Also cited as important in zero trust adoption efforts include SASE implementation (13.9%), network segmentation (13.3%) and endpoint controls improvements (9.3%).

Listen to the podcast with the media player below, or on your favorite podcasting platform!

The post My TechDecisions Podcast Episode 195: Zero Trust Adoption Challenges and Drivers appeared first on My TechDecisions.

IT administrators have a relatively easy May 2023 Patch Tuesday as Microsoft has released fixes for just 38 vulnerabilities in the company’s software products, however two are listed as being actively exploited. This is a very low security update count coming out of Redmond, Wash. with Microsoft issuing fixes for nearly half of the security bugs it fixed last May.

According to researchers, this month’s Patch Tuesday is Microsoft’s lowest volume since August 2021. However, there are still several bugs that should be addressed quickly. That’s where Chris Goettl offers his advice and expert opinion to help admins prioritize the more dangerous vulnerabilities and keep their organization insulated from cyberattacks.

Chris dives into detail on these vulnerabilities, as well as other topics:

• CVE-2023-29336 – Win32k Elevation of Privilege Vulnerability (actively exploited)
• CVE-2023-24932 – Secure Boot Security Feature Bypass Vulnerability (actively exploited)
• CVE-2023-29325 – Windows OLE Remote Code Execution Vulnerability
• CVE-2023-24941 – Windows Network File System Remote Code Execution Vulnerability
• CVE-2023-24955 – Microsoft SharePoint Server Remote Code Execution Vulnerability

Read our previous Patch Tuesday coverage!

The post My TechDecisions Podcast Episode 194: May 2023 Patch Tuesday appeared first on My TechDecisions.

IT administrators in Microsoft environments have about 100 patches to apply for the April 2023 Patch Tuesday release, including one in Windows Common Log File System Driver that is being actively exploited and another one from 2013 that is being reissued.

The company released patches to fix 97 vulnerabilities in its products, which was in addition to three Edge bugs patches earlier this month. Of the new patches, 45 of them intend to fix remote code execution bugs.

The Microsoft patches are in addition to two zero days discovered in Apple products impacting Safari, macOS and iOS.

Listen to the podcast in the player below or on your favorite podcasting platform!

The post My TechDecisions Podcast Episode 193: April 2023 Patch Tuesday appeared first on My TechDecisions.

Early use cases for ChatGPT, the new Bing and other generative AI models include content creation but also more technical applications, such as code development, checking for security vulnerabilities in code and creating scripts to automate processes. Nearly all workers could benefit from a better conversational interface to their applications, data and content, but risk and abuse are a threat, Dekate says.

According to Dekate, IT leaders should avoid the headlines about generative AI because the constant barrage of news and new products can be overwhelming. It can be hard to distinguish between different products, especially if organizations lack internal AI expertise.

Organizations should develop a plan that insulates them from risk, Dekate says, and IT leaders should evaluate the risk in engaging with these emerging AI models and whether they should wait for more advanced and accurate models to be released.

In addition, the consumer adoption of generative AI shouldn’t be viewed as being in the same ballpark as business adoption, as some consumer-facing tools are trained on data inputs, meaning any proprietary information or sensitive data could be accessible by a competitor, Dekate says.

Listen to the podcast in the player below or your favorite podcasting platform to learn more!

The post My TechDecisions Episode 192: ChatGPT, Generative AI and the Enterprise appeared first on My TechDecisions.

Late last month, LastPass revealed that the same threat actor that accessed portions of the LastPass development environment and source code that has forced the company since August 2022 to provide updates as new information is revealed, apparently accessed a shared cloud-storage environment obtained access keys and decryption keys by targeting a developer’s home computer.

To obtain decryption keys needed to access the company’s AWS S3 buckets, the threat actor targeted one of the four DevOps engineers who had access to those decryption keys. The threat actor targeted the engineer’s home computer, exploited a third-party media software package bug to gain remote code execution and implanted keylogger malware.

This allowed the attacker to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gained access to the DevOps engineer’s LastPass corporate vault.

The threat actor then exported the native corporate vault entries and content of shared folders, which contained encrypted secure notes with access and decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups, the company says.

According to Caveza, this exemplifies why organizations need a strong patch management program and end user awareness and training to ensure that users are updating any devices they use for work, including those at home.

Listen to the podcast in the player below or on your favorite podcasting platform!

The post My TechDecisions Podcast Episode 191: Learnings From the LastPass Breach appeared first on My TechDecisions.

According to Narang, IT admins should largely be focusing on two vulnerabilities that are being exploited in the wild, including an Outlook spoofing bug discovered by Ukrainian researchers and a Windows SmartScreen security feature bypass flaw that is reportedly being used to deploy ransomware.

While Narang dives deeper into the bugs, here is some information about them:

CVE-2023-23397 – Microsoft Outlook Spoofing Vulnerability

This bug is getting a lot of attention from security researchers. The bug gets a CVSSv3 score of 9.8 and has been exploited in the wild, which makes this a top priority for IT and security admins this month.  The vulnerability is exploited by sending a malicious email to a vulnerable version of Outlook. When the server processes the email, a connection to an attacker-controlled device is established to leak the Net-NTLMv2 hash of the email recipient. This allows the attacker to use the hash to authenticate as the victim recipient in an NTLM relay attack.

What makes this even more interesting is that the discovery of this vulnerability is credited to the Computer Emergency Response Team of Ukraine and Microsoft researchers. Given what is currently happening in Ukraine, this bug could be significant.

CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability

This is the other vulnerability listed as under active attack, but it doesn’t appear to be as severe as the Outlook spoofing bug. This allows attackers to create files that can bypass Mark of the Web protections, rendering features like SmartScreen and Protected View in Microsoft Office useless and allowing threat actors to spread malware via crafted documents and other files.

This bug was discovered by Google’s Threat Analysis Group (TAG), which says ransomware groups are using the vulnerability to deliver the magniber ransomware without any security warnings.

Other notable bugs include an ICMP remote code execution vulnerability and an HTTP protocol state remote code execution bug.

Microsoft also released fixes for 74 other vulnerabilities, including 25 remote code execution bugs.

For more information on the March 2023 Patch Tuesday release, consult Microsoft’s Security Update Guide and analysis from Tenable.

The post My TechDecisions Podcast Episode 190: March 2023 Patch Tuesday appeared first on My TechDecisions.

According to Stempley, we now live in a software-defined world, which is making cybersecurity issues that have been around for decades more prevalent than ever before. She covers the paradoxes in a recent blog, and dives more in-depth into them in the interview.

Stempfley’s paradoxes include:

• Security vs. innovation
• The software defined-everything future is here vs. Software’s inherent vulnerability
• Boundaries vs. “perimeterless” security
• Security compliance vs. risk management
• Responsibility for one vs. culpability of all

Listen to the podcast in the player below or on your favorite podcasting platform!

The post My TechDecisions Podcast Episode 189: Navigating Cybersecurity, Innovation Paradoxes appeared first on My TechDecisions.

The post My TechDecisions Podcast Episode 188: IT Consolidation and the Employee Experience appeared first on My TechDecisions.

The East Lansing, Mich.-based tech firm that offers screen capture and productivity solutions conducted the experiment in July 2022 to see if eliminating meetings would have a positive impact on employee satisfaction, attitude, productive and innovation by offering more flexibility.

The company instead allowed employees to work on their own schedules to complete tasks and projects, and the results suggest that meetings were hampering the company.

TechSmith Corp. found that more than 15% of employees felt more productive, and led to an 8% increase in perceived importance of meetings. According to the company, employees were asked to review all meetings on their calendar and rate each on a scale of one to five, with five being more important. The average score before the meeting-less month was 3.32, but that increased to 3.57 at the end of the experiment.

To learn more, listen to the podcast in the player below or on your favorite podcasting platform!

The post My TechDecisions Podcast Episode 187: A Month Without Meetings appeared first on My TechDecisions.

Microsoft has released patches to fix 75 security bugs in the February 2023 Patch Tuesday release, including one each in Microsoft Office, Windows Common Log File System Driver and Windows Graphics Component that are being actively exploited, as well as a handful of Exchange remote code execution vulnerabilities.

According to Narang, the four Exchange server remote code execution vulnerabilities are were IT admins should start this month. One received a CVSSv3 score of 7.2 while the other three CVEs were assigned CVSSv3 scores of 8.8. The vulnerabilities allow a remote attacker to execute arbitrary code on a vulnerable server, via a network call.

IT admins should also focus on patching the three exploited bugs in Office, CLFS and Windows Graphics Component, especially now that the flaws have been published and could encourage other threat actors to look into those exploits.

Listen to the podcast below or via your favorite podcasting tool!

More: Tenable’s Patch Tuesday analysis

The post My TechDecisions Podcast Episode 186: February 2023 Patch Tuesday appeared first on My TechDecisions.