Week 10 Current
Trends in Cybersecurity
As the world steadily move to IoT
(Internet of Things) with driverless trucks and cars, cyber cars, the Roomba
robot you just bought to help vacuum your house poses a security challenge as
it can map your house and offer the information publicly to the highest bidder
(smart home device manufacturers most probable). Is this an infringement on
your right to privacy? iRobot end users license agreement (EULA)/ privacy
notice would make this clearer. Are you planning to remodel your roof? Wait a
second! Tesla can save 30 years of energy for you as its on-test launch for a
new Solar Powered Roof (Crosbie, J., 2017). Similarly, the IT world is evolving
from World Wide Web (Web 1.0), through Social Web (Web 2.0) to Semantic/Intelligent
Web (Web 3.0). The Cyber world is not left behind; With the Siloed cyber (Cyber
1.0) start, through Integrated Cyber (Cyber 2.0), to Intelligent Cyber (Cyber
3.0) and the cloud that offers “machine learning to extract intelligence and content
and machine generated signatures, accurate detection and classification of
threats by fusing distinct dimensions ensuring continuous visibility and better
control” as the threat environment becomes technologically more complex
(Kellermann, T. TREND MICRO, 2012). Blockchain, an innovation to computing and
information security (Google or Bitcoin blockchain, for example) is catching
on, as well as cryptocurrencies. It is becoming popular in identity management,
real estate, contracts and the energy industry. Actually, blockchain is a
ledger arranged in batches (distributed design) of data or blocks that uses
cryptographic hashing techniques for linkage and validation.
What are the latest trends in
ransomware and malware attacks as the world goes IoT? There has been steady
growth at the rate which they spread, threat landscape and the change in
targets. The IT world is increasingly experiencing malware worm spread through hub
connected networks and devices causing greater infection of devices, systems and
networks. Financial institutions such as banks, credit card companies, even
churches, aside medical facilities and government establishments are becoming
increasingly vulnerable targets for malware infection. Small organizations are
not left out
The question at the back of the mind of most private and
public organizations and government agencies’ decision makers, IT and
information system security professional is, how can we effectively protect our
critical resources? Microsoft Digital Crime unit, in collaboration with Dartmouth
University, and NCMEC (National Center for Missing and Exploited Children)
recently developed a crime and fraud mitigation program (Microsoft’s Photo DNA
analyzer) to fight child abuse through the internet.
With increasing data breaches occurring in traditionally
not-too-prone to attack organizations like churches, non-profit organizations,
and some industries, mostly resulting from DDoS, the question at the back of
the mind of the managers, IT and information security experts is, what can we
do to provide a better security to our critical assets? First is to ensure
data, file and message encryption. Strong password and internet use policy.
Compliance to industry standards and government regulations. Biometrics access
and authentication control system. Software and application patching and
regular update. Firewall and IDS/IPS defense implementation. SETA and to
effectively recover from ransomware attack, the need to ensure regular back up
and agile and tested BC (Business Continuity) & DR (Disaster Recovery) program
plan and team, and experienced IT and IS security team. For small businesses,
the steps to ensure effective protection include: implementing multi-layered
protection though endpoint and data/mobile/network device access protection;
securing email servers and applications; backing up all critical information
and offsite storage; education and security awareness training; patching and
updating applications and software, and; protecting the cloud file sharing,
hosted email, and more (Delany, R. Trend Micro, 2017)
References
Crosbie,
J. Here’s How Much One of Tesla’s Amazing Solar Roofs Actually Costs.
(2017-5-8). Retrieved (2017-7-8) from https://www.inverse.com/article/35106-tesla-solar-roof-actual-price
Kellermann,
T. The Evolution of Targeted Attacks in a Web 3.0 World. TREND Micro
(2012-2-7). Retrieved (2017-7-8) from https://blog.trendmicro.com/the-evolution-of-targeted-attacks-in-a-web-3-0-world/
Delany,
R. Data Privacy Day 2017: Tips for Protecting Small Businesses. TREND
Micro. (2017-26-1). Retrieved (2017-7-8) from http://blog.trendmicro.com/data-privacy-day-2017-tips-protecting-small-businesses/
No comments:
Post a Comment