Single-factor authentications is a common low-security method of authentication that only requires matching one factor, such as a password to a username to gain access to a system.

CISA advises all organizations to avoid single-factor authentication. For organizations that support critical infrastructure, this method is especially dangerous.

Recent incidents have proved cyberattacks against critical infrastructure can have significant impacts on national security, economic stability, life, health, and safety of the public — all critical functions of the government and private sector.

The first bad practice on CISA’s list is the use of unsupported (or end of life) software in services of critical infrastructure organizations.

An example of this is the 2017 WannaCry incident — a global ransomware attack that spread through computers using Microsoft Windows.

About 300,000 computers around the globe and across almost every economic sector were impacted. User’s files were held hostage and a Bitcoin ransom was demanded for their return.

For some organizations, updates can be timely, difficult, and costly. Patching systems and implementing updates can result in downtime, which some critical infrastructure organizations don’t want to lose.

The second bad practice is the use of known/fixed/default passwords and credentials “[Default passwords are] dangerous and significantly elevates risk to national security, national economic security, and national public health and safety,” says CISA in a blog post.

Easily guessable passwords can be easily cracked. Hackers can use a spraying technique to gain access to as many accounts as possible causing anywhere from minor security incidents to major breaches.

CISA says this is only the beginning of the list of bad practices and intends to release more to develop a complete catalog to educate critical infrastructure owners and operators, as well as the defense industry and the organizations that support the supply chain for national critical functions.

CISA’s addition to the bad practice list can be applied to every organization — not just those organizations who provide critical infrastructure.  Cybersecurity should be a risk management priority at every organization.

The post CISA Adds Single-Factor Authentication To List of Bad Practices appeared first on My TechDecisions.

The bill, called the Secure and Trusted Telecommunications Networks Act, bans the Federal Communications Commission (FCC) from giving money to American tech companies to buy equipment from foreign companies deemed a national security threat. This includes Huawei, a Chinese company accused of using its tech to spy on the United States and other countries, and currently the largest provider of 5G equipment in the world. The bill also requires the FCC to provide $1 billion to help smaller national tech companies “rip out and replace” equipment previously purchased from “threatening” companies, and to develop a list of firms viewed as a threat.

“Telecommunications equipment from certain foreign adversaries poses a significant threat to our national security, economic prosperity, and the future of U.S. leadership in advanced wireless technology,” Senate Commerce Committee Chairman Roger Wicker said in a statement. “By establishing a ‘rip and replace’ program, this legislation will provide meaningful safeguards for our communications networks and more secure connections for Americans.”

The Hill also said that if President Trump signs the bill, then it will affect rural telecom providers the most; a previous estimate by The Rural Wireless Association from 2018 said that approximately 25 percent of its member companies use equipment from Huawei or Chinese group ZTE.

About Time

Passing this bill is one of the strongest courses of action the FCC has taken against Huawei since the initial concern of spying emerged a couple of years ago. Prior to the bill, the Department of Commerce added the Chinese company to its list of businesses that American companies are forbidden to work with, “though Huawei’s full inclusion on the list has been delayed multiple times.” The FCC also took steps against Huawei in November 2019, when it banned American tech companies from using its funding to purchase equipment from the company, and when the company was marked a national security threat.

The Trump Administration has been pressuring other nations to move away from Huawei as well. Huawei is pushing back – it announced it was going to sue the FCC in December 2019, claiming there is no proof it is a national security risk. As of right now, it seems that Huawei isn’t making any progress with the lawsuit, especially as the United States takes further steps to hemorrhage the Chinese company’s tech from its own businesses.

The post An Update About Huawei: What Decision Makers Need to Know appeared first on My TechDecisions.

The reason for the switch is to help keep nosey internet service providers (ISPs) out of users’ business, such as monitoring which websites they visit and bombarding them with targeted advertising. Recognizing that users are already tracked by large tech companies like Google and Facebook, Firefox maker, Mozilla, said that implementing encrypted DNS offers more secure alternatives to users, Ars Technica says. For example, it will help “hide your browsing history from attackers on the network, [and] helps prevent data collection by third parties on the network that ties your computer to websites you visit,” Mozilla said in a statement.

The new encrypted DNS uses Cloudflare by default, but users have the option to change it to NextDNS in Firefox settings, or enter the address of another encrypted-DNS service. Mozilla also said that it is open to adding more encrypted-DNS providers as long as they pass a list of requirements for privacy.

However, Firefox’s encrypted-DNS won’t be turned on automatically outside of the U.S. (although users outside of the U.S. and U.S-based users can enable it in Firefox’s settings). It will also not be turned on by default in certain cases, too, including when enterprise policies have been set up on a device, or parental controls are detected.

A Competitor on Its Heals

As Mozilla is rolling out its encrypted-DNS solution, Google has its own encrypted DNS plans for Chrome. For the time being, Google’s solution is “in the experimental phase.”

It’s also different than Firefox’s, Ars Technica says. “Instead of automatically switching users to a DNS provider chosen by Google, Chrome sticks with whichever DNS provider the user has selected. If the user-selected DNS provider offers encrypted lookups and is in” a particular list of providers, “Chrome automatically upgrades the user to that DNS provider’s encrypted service. If the user-selected DNS provider isn’t in the list, Chrome makes no changes.”

The post Firefox is Making the Internet Safer for Users – Here’s How appeared first on My TechDecisions.

U.S. officials originally told the Wall Street Journal that Huawei built equipment that allowed it to access other tech companies using interfaces created for law enforcement, all without having to alert carriers. Business Insider says this is the first time the U.S. has provided details about how it thinks Huawei is spying for China.

Huawei has pushed back against the allegations, saying in a statement “they don’t adhere to any form of accepted logic in the cyber security domain. Huawei has never and will never covertly access telecom networks, nor do we have the capability to do so.” The tech giant also said that it “is only an equipment supplier,” and doesn’t have the ability “to bypass carriers, access control, and take data from their networks without being detected…”

A Lesson in Back Doors

Business Insider highlights this latest case with Huawei to further question whether or not it’s safe for tech companies to build vulnerabilities like backdoors for law enforcement to use. The idea to have them appears to make sense; for example, law enforcement can tap into vulnerabilities to break into devices of criminals to solve a case, and ultimately protect the public. Business Insider says that the U.S. has pressured large tech companies to develop methods for law enforcement to more easily pass through security measures, such as encryption.

However, even if the intent is to protect users, weakening security measures further puts those same users and their data at risk. “Introducing back doors weakens the internet for everyone, and leaves it so much more vulnerable to everyone from cybercrime rings to authoritarian regimes,” Michael Veale, an expert in digital right and regulations, told Business Insider. Veale also says that the U.S.’s accusations of Huawei only heighten the reasons as to why incorporating backdoors and other vulnerabilities is risky. If Huawei is accused of using backdoors to spy on other countries, who’s to say the U.S. and other governments couldn’t be accused of the same?

“If anything, this new encryption debate highlights the greediness, laziness, and cost-cutting desires of national governments and their willingness to throw fundamental rights and economic trust under a bus in search of a shortcut to avoid investing in proper investigative capacity,” Veale told Business Insider.

The post The U.S. Accuses Huawei of Using Tech Backdoors to Help China Spy appeared first on My TechDecisions.

The platform has an advanced focus on security automation that can sift through daily security alerts generated by next-generation endpoint detection and response solutions, security information and event management devices and software, cloud applications and cloud infrastructure, the company said in a press release Tuesday.

Delta Risk said the new version features compliant existing capabilities for endpoint, network and cloud security and work well with Amazon Web Services, Microsoft Office 365, Azure, Google G Suite, Box and other platforms and devices.

ActiveEye Managed Security Platform Overview from Delta Risk on Vimeo.

The new ActiveEye 2.0 features complement existing capabilities for endpoint, network, and cloud security, including monitoring and management for Amazon Web Services (AWS), Microsoft Office 365 and Azure, Google G Suite, Box, as well as other platforms and devices.

According to Delta Risk, ActiveEye 2.0 solves the problem of organizations struggling to staff IT departments to manage complex legacy security software. Traditional managed security service providers can sometimes be opaque to the user.

Related: Solving the Headaches of Network Security in Wireless Collaboration

In a statement, Vice President of Product Strategy John Hawley said despite the advancement of network security tools, the average organization lacks the skills, expertise, manpower and time to deploy them.

“ActiveEye 2.0 allows our security operations center (SOC) analysts to focus on the most important threats to better protect our customers and take that load off their teams,” he said.

New features in the platform include:

• Virtual analyst playbook orchestration that reduces most false positives and enables analysts to focus on more complex and critical alerts, thereby speeding up incident response times
• Personalized customer notebooks that allow customers to quickly share information with the Delta Risk security team about what’s important or what to ignore in their environment.
• Key performance indicator dashboards that let customers see critical metrics across their entire environment at a glance and create easy-to-understand executive reports.
• Virtual analyst response automation that lets analysts take action directly from the ActiveEye platform to resolve threats and speed response times.

The post Delta Risk’s ActiveEye 2.0 Uses Automation to Keep Your Network Safe appeared first on My TechDecisions.

Cloud benefits are so compelling that most organizations continue to add applications, by strategic design or force of will, at an alarming pace. The result is often a cloud environment that is not cohesive, efficient, or meeting either the goals of the business or the promise of the technology.

One of the big losers in this haphazard cumulus cloud build up is clear visibility to security controls and practices.

How to perform a cloud maturity check

It’s time to reassess. Whether you are relatively cloud immature or have been in the cloud for years, conducting a cloud maturity and security assessment is an important health check to determining whether your current use of the cloud is truly helping you meet your business goals and whether you are extracting the most out of the features and business advantages from the technologies – while at the same time securing your essential data.

It’s important to determine whether your current cloud solutions or future cloud migration plans are meeting your strategic goals, are well matched against your staff and security tool capabilities (and how to address this if not) and determine the efficacy of your deployment so it can be improved.

Strategic alignment

You likely have specific goals for moving to the cloud (or moving specific functions to the cloud), whether they are clearly articulated or not. Such goals typically include cost savings, faster time to market for a product, meeting rapidly changing customer demands, etc.

If these aren’t clearly delineated, you will want to spell it out so you can map these goals against the results of implemented solutions or future plans.

While this may seem an academic exercise, it is important: as an example, if your goal is cost savings, doing a detailed analysis of moving a deeply embedded legacy application to the cloud may reveal that such a move is in fact costlier than retaining it on-prem.

If you are trying to get to market more quickly but don’t have the skills or tools to support the cloud deployment, you may be defeating the purpose.

For current cloud deployments, how you are working in the cloud may be inefficient, failing to meet the goals you set out to achieve; or you may have neglected to build a proper cultural acceptance of the new cloud paradigm, which may effect success.

Capabilities

For both on-prem and cloud solutions, the security mission is the same, but the implementation is different. It’s important to assess whether you have the right tools and staff skills in place for your current and planned cloud usage.

Implementing a best practices security program that addresses both your cloud and remaining on prem environments is key and requires you to select tools that work across both and have staff with the requisite skills to take advantage of the built-in security tools available from your cloud providers.

You must also understand how the shared responsibility models impact your security requirements and leverage them to your advantage.

Efficacy

Many enterprises deep in the cloud can greatly improve how they are securing those services and consider more efficient models as they consume new services. Assess your opportunities to leverage security automation and consider how well you are integrating security as code automation into your CI/CD pipeline.

Today’s public clouds offer a wealth of security tool and information capabilities that provide excellent insight; we recommend you understand these capabilities and evaluate how well you leverage them, incorporating the security information and event data they provide into your security operations processes.

If you are ignoring cloud-native tools, you could be making your job a lot more difficult.

You should also evaluate how well you are leveraging cloud capabilities to scale your security program.

Getting Clearer: gaining visibility into the cloud

By assessing your cloud deployment for strategic and capabilities alignment, as well as the efficiency with which you are using and securing your cloud services, you can get better visibility to your security posture and the benefits you are gaining from the technologies.

Read Next: The Future of Cloud Services: A Comparison of SaaS, PaaS and IaaS

Since the move to cloud has been erratic, often business driven, and in some cases, not fully planned, performing periodic assessments is essential to ensure you are meeting your business objectives with a cloud maturity check.

The post It’s Time to Assess Your Cloud Security & Maturity: Here’s How appeared first on My TechDecisions.

Every business, whether big or small, experiences cyber threats. That is why it is absolutely important to have the right cyber prevention setup for your business to grow.

With the ever changing digital landscape, cyber attacks are becoming more sophisticated. All businesses therefore need to ensure the safety of their sensitive information and the security of their networks.

Being up to date with the methods used by criminals and ensuring employees are also aware of obvious dangers are necessary.

This post highlights five critical cybersecurity training tips to get your employees up to date and in turn ensure the protection of your business data.

1. Social engineering:

This is a term used to manipulate others so they give up their important information. It is commonly referred to as phishing. Based on an investigation report by Verizon, 93 percent of data breaches are as a result of pretexting and phishing.

Educate people working for you to be cautious while opening an email or communicating with clients on social media.

They should be weary of pretext such as:

• A request for sudden help: Your friend has traveled to a different country and is stranded. He needs some money immediately so he can return home.
• Give to a charity: The reason for the fundraiser might be honest, the payment link might not be.
• A request that you verify some information: Requests like this seem official and come from an email disguised as from your bank.
• An unusual request from your co-worker: If a co-worker asks for information regarding a project the organization is carrying out.
• You’ve won a prize: These messages appear to be from your lawyer, a lottery, or the IRS for a deal that is nonexistent.

Cyber criminals usually succeed with most of these phishing messages employees act without giving much thought. Train your workers to pause and analyze situations before responding to such emails.

2. Password management:

According to a research conducted in 2017 by OneLogin, less than 31 percent of IT services require their employees to change passwords monthly. Password management is a major challenge for business owners as it regards cyber security.

With IT decision makers failing to remind employees, there needs to be a major change in attitude if you want to improve your cyber security.

Additionally, teach your workers to make use of strong passwords. Trace Security conducted a research and discovered that 81 percent data theft are connected to weak passwords.

When selecting strong passwords, keep the following in mind:

• Use a combination of numbers, letters and special characters
• Get creative
• Choose something you can remember and that is impossible to be guessed
• Avoid using personal information like your name, pet names, birth dates, and family names
• Don’t share your passwords with anybody
• Use a password that is unique for every device
• Regularly change your passwords

3. Email usage:

Most businesses depend on emails daily for both external and internal communications. Since emails are primary delivery methods for computer malware, employees need to know how to responsibly use them.

They should exhibit caution when clicking on emails and opening attachments under these conditions:

• Received from a strange email
• An unusual tone
• Having strange characters and wrong spellings
• You antivirus doesn’t clear the file
• The attachment seems unusual

More Cybersecurity Training Tips: Tools and Tips to Protect Your Organization from Ransomware

4. Unauthorized software:

A quick way for viruses to infect your computers is by downloading software from sources that are unknown. Even software that appears innocent such as a game could have ransomware, spyware or other malicious codes.

Have a policy in place regarding software employees can and cannot install on company computers.

5. Using the internet:

Carry out training for your employees to avoid opening unfamiliar links on the internet or from sources that seem suspicious. Such links might download malicious software that could potentially infect your computers and put them at risk.

Establish safe browsing guidelines for using the internet in the office, and let your IT support workers to educate other employees on these rules.

The post Stay Protected: 5 of the Most Important Cybersecurity Training Tips For Your Employees appeared first on My TechDecisions.

This begs the question, what are NetOps teams’ top priorities today and what challenges do they need to overcome?

A new survey of network and IT professionals sheds light on these issues, addressing the top business objectives that are driving network transformations today. The findings showed that overall, organizations are driving their IT teams to focus on network transformation projects as a way to achieve key business goals.

Here are some of the top results from the survey:

• The top three network transformation projects for enterprise IT in 2019 are deploying switch infrastructure, expanding cloud infrastructure and expanding Wi-Fi systems.
• When it comes to troubleshooting, 45% of enterprise IT professionals consider improving application performance across the entire network to be their largest focus.
• Perhaps the most fascinating finding was that one third of networking professionals cited improved network agility as their highest priority in 2019, reinforcing it as one of the most important business goals in the industry.

Understanding and Achieving Network Agility

Let’s take a deeper look at the concept of network agility and why it’s so critical for NetOps.

From a technical perspective, network agility is when network infrastructure has the ability to effectively self-manage itself through the automation of configurations and policies.

More broadly, the term is being used to describe when NetOps teams are equipped with the scale and flexibility to move at the speed of their connected businesses. As we know, key business goals are driving IT to pursue major network transformation projects, which add a tremendous amount of complexity, and require highly effective optimization and troubleshooting across all network domains.

By improving network agility, NetOps teams are able to keep up with constant network changes and allow their organization to capitalize on the tangible business benefits these technologies can offer.

This is an easy idea to understand, but many find it difficult to achieve in practice.

NetOps teams carry the heavy burden of having to manage and monitor today’s complex networks, but the numerous legacy tools they use don’t provide them with the proper visibility to do so.

Unfortunately, many teams are using up to 10 network monitoring tools just to keep up with the challenges these network transformation initiatives present. So, we weren’t surprised that survey respondents reported consolidating network monitoring tools as their highest network improvement initiative for 2019.

The survey found that 35% of networking pros have poor visibility into performance levels across all fabrics of their network.

Poor visibility leads to time-consuming troubleshooting, which can have negative outcomes for the business with network downtime, decreased productivity and frustrated users.

Not to mention, it distracts from their highest priorities! In fact, a whopping 43% of network professionals are challenged to find time to focus on strategic business initiatives because they spend too much time troubleshooting the network!

Additionally, without proper visibility, NetOps cannot monitor the network proactively. And, 38% of NetOps professionals cited that they are unable to proactively identify network performance issues, which forces them into a reactive position, scrambling to troubleshoot problems after they’ve already begun to impact the business.

So with all of the network optimization and troubleshooting issues associated with network transformation initiatives, how can IT teams achieve network agility and support broader business objectives?

Many are finding that unified network performance monitoring and diagnostic (NPMD) platforms can help with these issues.

These platforms provide NetOps teams the end-to-end network visibility they need to monitor and manage the entire network, even at endpoints or in hybrid environments.

As a result, administrators can proactively monitor and identify network issues, which leads to faster and easier troubleshooting.

Beyond that, they can actually focus their time and energy on the key business objectives listed above, which support enhanced network agility, which in turn supports strategic business initiatives.

These Unified NPMD platforms help eliminate the issue of tool sprawl as well. Having one central platform can eliminate the numerous legacy tools that most IT teams are burdened with today.

Legacy network performance management solutions were designed to solve specific network domain issues, such as VoIP performance degradation, etc.

But these legacy tools create performance blind spots since they can only see part of the network.

To make the network more responsive and flexible, today’s NetOps teams need network performance management tools that provide visibility across the entire enterprise, from SD-WAN to endpoints and even the cloud. This allows them to not only manage change, but to optimize network performance over time.

In order to overarching business goals and objectives, NetOps teams need to achieve end-to-end visibility that can establish and accelerate true network agility.

Unified NPMD platforms can allow IT to gain this level of visibility across all network domains, which will help NetOps teams focus on planning, deploying and optimizing strategic network transformation projects, instead of endless troubleshooting requirements.

Chances are, your priorities are similar to those listed above. The question is, are you armed with the network visibility you need to succeed?

The post Obstacles and Priorities for NetOps Teams (And How to Address Them) appeared first on My TechDecisions.

Based on the company’s CloudShark analysis software, CS TraceFrame brings instant packet visibility to products offering network and cloud visibility, performance monitoring, diagnostics, or cybersecurity.

“Packet data is a critical value-add for applications,” said Zach Chadwick, Product Manager and inventor of the CloudShark technology.

“At the end of the day, NOC and SOC teams need to look at the packets. As demand increases for better network visibility and enhanced security monitoring, integrated direct packet analysis will be the difference maker when choosing tools.

“This is especially true in the increasingly complex world of SDN, data analytics, and hybrid cloud solutions. We’re providing an easy way to integrate the power of packet analysis while saving significant development costs.”

CS TraceFrame is a white-label development kit, meaning companies adding it to their product can preserve their own brand while adding the benefits of instant packet visibility.

End-users will be able to look at raw packet data in a responsive way without having to download and analyze it outside the product.

“We’re already using it in our other products,” said Matt Langlois, Director of Engineering at QA Cafe.

“We added CS TraceFrame capability to our CDRouter automated network device testing platform. Now our customers have powerful, fast, and easy to use packet analysis built for a seamless user experience. It was very easy to integrate and completely customizable. The devkit gave us everything we need.”

“We’re really excited to work with product teams and CTOs in the networking industry who are planning their product strategy,” said Chadwick.

“We believe very strongly that packet captures are necessary when performing network and security analysis, and want to see everyone, from experts to entry-level, get real benefits from the ability to use them.”

Read Next: Women Know Cyber: New Cyber Security Book Spotlights Women in Network Security

The post CloudShark TraceFrame is a Devkit for Network Visibility appeared first on My TechDecisions.