5 items tagged "Cybersecurity"

  • 10 Big Data Trends for 2017

    big-dataInfogix, a leader in helping companies provide end-to-end data analysis across the enterprise, today highlighted the top 10 data trends they foresee will be strategic for most organizations in 2017.
     
    “This year’s trends examine the evolving ways enterprises can realize better business value with big data and how improving business intelligence can help transform organization processes and the customer experience (CX),” said Sumit Nijhawan, CEO and President of Infogix. “Business executives are demanding better data management for compliance and increased confidence to steer the business, more rapid adoption of big data and innovative and transformative data analytic technologies.”
     
    The top 10 data trends for 2017 are assembled by a panel of Infogix senior executives. The key trends include:
     
    1.    The Proliferation of Big Data
        Proliferation of big data has made it crucial to analyze data quickly to gain valuable insight.
        Organizations must turn the terabytes of big data that is not being used, classified as dark data, into useable data.   
        Big data has not yet yielded the substantial results that organizations require to develop new insights for new, innovative offerings to derive a competitive advantage
     
    2.    The Use of Big Data to Improve CX
        Using big data to improve CX by moving from legacy to vendor systems, during M&A, and with core system upgrades.
        Analyzing data with self-service flexibility to quickly harness insights about leading trends, along with competitive insight into new customer acquisition growth opportunities.
        Using big data to better understand customers in order to improve top line revenue through cross-sell/upsell or remove risk of lost revenue by reducing churn.
     
    3.    Wider Adoption of Hadoop
        More and more organizations will be adopting Hadoop and other big data stores, in turn, vendors will rapidly introduce new, innovative Hadoop solutions.
        With Hadoop in place, organizations will be able to crunch large amounts of data using advanced analytics to find nuggets of valuable information for making profitable decisions.
     
    4.    Hello to Predictive Analytics
        Precisely predict future behaviors and events to improve profitability.
        Make a leap in improving fraud detection rapidly to minimize revenue risk exposure and improve operational excellence.
     
    5.    More Focus on Cloud-Based Data Analytics
        Moving data analytics to the cloud accelerates adoption of the latest capabilities to turn data into action.
        Cut costs in ongoing maintenance and operations by moving data analytics to the cloud.
     
    6.    The Move toward Informatics and the Ability to Identify the Value of Data
        Use informatics to help integrate the collection, analysis and visualization of complex data to derive revenue and efficiency value from that data
        Tap an underused resource – data – to increase business performance
     
    7.    Achieving Maximum Business Intelligence with Data Virtualization
        Data virtualization unlocks what is hidden within large data sets.
        Graphic data virtualization allows organizations to retrieve and manipulate data on the fly regardless of how the data is formatted or where it is located.
     
    8.    Convergence of IoT, the Cloud, Big Data, and Cybersecurity
        The convergence of data management technologies such as data quality, data preparation, data analytics, data integration and more.
        As we continue to become more reliant on smart devices, inter-connectivity and machine learning will become even more important to protect these assets from cyber security threats.
     
    9.    Improving Digital Channel Optimization and the Omnichannel Experience
        Delivering the balance of traditional channels with digital channels to connect with the customer in their preferred channel.
        Continuously looking for innovative ways to enhance CX across channels to achieve a competitive advantage.
     
    10.    Self-Service Data Preparation and Analytics to Improve Efficiency
        Self-service data preparation tools boost time to value enabling organizations to prepare data regardless of the type of data, whether structured, semi-structured or unstructured.
        Decreased reliance on development teams to massage the data by introducing more self-service capabilities to give power to the user and, in turn, improve operational efficiency.
     
    “Every year we see more data being generated than ever before and organizations across all industries struggle with its trustworthiness and quality. We believe the technology trends of cloud, predictive analysis and big data will not only help organizations deal with the vast amount of data, but help enterprises address today’s business challenges,” said Nijhawan. “However, before these trends lead to the next wave of business, it’s critical that organizations understand that the success is predicated upon data integrity.”
     
    Source: dzone.com, November 20, 2016
  • How blockchain can help fight cyberattacks

    blockchainImagine a computing platform that would have no single point of failure and would be resilient to the cyberattacks that are making the headlines these days. This is the promise behind blockchain, the distributed ledger that underlies cryptocurrencies like Bitcoin and Ethereum and challenges the traditional server/client paradigm.
     
    In 2009, Bitcoin became the first real application of blockchain, a secure decentralized monetary exchange platform that removed the need for central brokers. More recently, blockchain has proven its worth in other fields.
     
    Blockchain is the culmination of decades of research and breakthroughs in cryptography and security, and it offers a totally different approach to storing information and performing functions, which makes it especially suitable for environments with high security requirements and mutually unknown actors.
     
    The concept is already being used in several innovative ways to enhance cybersecurity and protect organizations and applications against cyberattacks.
     
    Preventing data manipulation and fraud
    One of the main characteristics of the blockchain is its immutability. The use of sequential hashing and cryptography, combined with the decentralized structure, make it virtually impossible for any party to unilaterally alter data on the ledger.
     
    This can be used by organizations handling sensitive information to maintain the integrity of data, and to prevent and detect any form of tampering.
    Guardtime is a data security startup that is placing its bets on blockchain technology to secure sensitive records. It has already used blockchains to create a Keyless Signature Infrastructure (KSI), a replacement for the more traditional Public Key Infrastructure (PKI), which uses asymmetric encryption and a cache of public keys maintained by a centralized Certificate Authority (CA).
     
    Matthew Johnson, CTO at Guardtime, believes that while PKI was a suitable technology for digitally signing software, firmware and network configurations, it was never designed to authenticate data.
     
    “The fundamental threat with PKI is that you need to base your security on the secrets (keys) and the people who manage them,” Johnson says. “That is very hard to do well and impossible to prove — just as in the real world you can‘t prove a secret has been kept, in the security world you can‘t prove a key has not been compromised.”
    Blockchain-based security is predicated on distributing the evidence among many parties.
     
    In contrast, instead of relying on secrets, blockchain-based security is predicated on distributing the evidence among many parties, which makes it impossible to manipulate data without being detected.
     
    “Blockchain has eliminated the need for trusted parties to verify the integrity of data just as in the cryptocurrency example it eliminated the need for a centralized authority to act as a bank,” Johnson explains.
     
    KSI verifies the integrity of data by running hash functions on it and comparing the results against original metadata stored on the blockchain. “This is a fundamentally different approach to traditional security,” Johnson says. “Rather than using Anti-Virus, Anti-Malware and Intrusion Detection schemes that search for vulnerabilities, you have mathematical certainty over the provenance and integrity of every component in your system.”
     
    KSI is already being considered by organizations such as the Defense Advanced Research Projects Agency (DARPA) to protect sensitive military data, and by the Estonian eHealth Foundation to secure over one million health records.
     
    Preventing Distributed Denial of Service attacks
    On October 21, millions of users across the U.S. were cut off from major websites such as Twitter, PayPal, Netflix and Spotify. The reason was a massive DDoS attack that brought down the DNS servers of service provider Dyn.
     
    The episode was a reminder of how a weakness in the current backbone can become a bottleneck and a point of failure in a system that involves thousands and millions of nodes and users.
     
    “The killer weakness of the current DNS system is its overreliance on caching,” says Philip Saunders, founder of Nebulis, a distributed, blank-slate DNS system. “This is what allows China to poison its DNS nameservers, censoring key social networks and banned keywords. At the same time it is also what makes it so easy for millions of autonomous devices under the control of malicious code to shut down whole networks and have these interruptions persist.”
     
    Blockchain offers a solution, Saunders believes, a decentralized system would make it literally impossible for the infrastructure to fail under an excess of requests.
     
    Nebulis uses the Ethereum blockchain and the Interplanetary File System (IPFS), a distributed alternative to HTTP’s centralized structure, to make its DNS infrastructure immune to DDoS attacks.
     
    “Blockchains, particularly the Ethereum platform, can allow a different approach,” Saunders explains. “Only changes or updates to the record cost money in the form of network fees, but reads are free, as long as you have a copy of the blockchain.”
     
    As Saunders explains, with the Ethereum blockchain, you read straight from your own copy without imposing costs on the network. “This has great potential for lifting a great deal of pressure from the physical backbone of the internet,” he says. “It also means we can do away with many of the redundancies of the traditional DNS and come up with something which is much better.”
     
    The team has finished the first draft of the Nebulis directory, which is currently undergoing testing. They plan to launch the first iteration of the directory soon.
     
    Preventing data theft in untrusted environments
    Encrypting data has now become a norm across organizations. However, when you want to act upon that data, you’ll have to decrypt and reveal its contents.
    “Currently, there’s really no option for computing over encrypted data in the market,” says Guy Zyskind, founder and CEO of Enigma, a decentralized cloud platform based on blockchain. “The result is that we can only encrypt data at rest (i.e. while being stored on disk) or in-transit (sending over the wire), but not in-use. This means that when we process data, in whatever way or form, we end up decrypting it. This poses the usual risks associated with data breaches — an attacker with access to a system can see the plain-text data.”
     
    Another problem pertains to the fact that we live in an era of cloud and on-demand services, where our data is accessed and processed by untrusted third parties.
     
    “There are many situations where we want to jointly work on data without revealing our portion to untrusted entities,” Zyskind says. “This happens constantly in the business world, where companies would like to collaborate without revealing sensitive information that they are prohibited from sharing due to security, privacy and even regulation reasons. Similarly, we’re seeing more peer-to-peer systems where users themselves would like to maintain their privacy and anonymity.”
     
    Enigma enables different participants to jointly store data and run computations while maintaining complete privacy. The platform uses blockchain to record time-stamped events and hashes of files that prevent attackers from hiding their tracks if they manipulate data.
     
    Additionally, Enigma uses Multi-Party Computation (MPC), a cryptographic technology that performs computations by distributing data and tasks among multiple untrusted parties and making sure each party only has partial access to the data. “The parties are trusted as a whole, decentralized unit, but not individually,” Zyskind explains.
    According to Zyskind, the combination not only prevents data from being tampered with, but also protects it from falling into the wrong hands. “The main point to consider is that the two technologies are complementary — both are needed to protect against a wide spectrum of cybersecurity threats,” he says.
     
    The paradigm can be used in several settings involving parties that cannot directly share data with each other but have the need to perform joint operations over it. Potential use cases involve simple tasks like bookkeeping, aggregations and generating simple statistics. It can also be used to train machine learning models over encrypted data sets owned by different parties.
     
    Enigma also can be used in fraud detection, where organizations can jointly execute fraud-detection algorithms over their encrypted data without compromising privacy.
     
    Blockchain and the future of cybersecurity
    Blockchain provides a fundamentally different approach to cybersecurity, which can go beyond endpoints and include user identity security, transaction and communication security and the protection of critical infrastructure that supports operations across organizations.
     
    The paradigm shift represented by blockchain can provide the transparency and auditing that will enable us to make the most use of shared online services, while eliminating the potential security and privacy trade-offs.
     
    source: techcrunch.com, December 6, 2016
  • Multi-factor authentication and the importance of big data

    Multi-factor authentication and the importance of big data

    Big data is making a very big impact on multi-factor authentication solutions. Here's how and why this is so important to consider.

    Big data is already playing an essential role in authentication, and as security risks mount, this concern will become greater than ever.

    Kaushik Pal wrote an insightful article on Technopedia a couple of years ago about user authentication and big data. The importance of user authentication has risen more and more since that article was first published. Experts are now discussing the role of multi-factor authentication (MFA) solutions. Big data is proving to be a vital component to that.

    How does big data influence multi-factor user authentication?

    In today’s day and age cybersecurity issues are ever/growing, and simple passwords as security measures are no longer safe. According to some sources, 86% of passwords are notoriously insecure. But even passwords that seem to be secure are vulnerable if they aren’t managed well and protected with additional authentication options.

    As soon as your password has been exposed by malicious parties, they will access your account and they can do whatever they want with it. Fortunately, multi-factor authentication solutions came into existence. But what exactly is a big data based multi-factor authentication? And how canthese solutions help you? If you’re interested to learn more, then keep on reading.

    What is multi-factor authentication?

    Multi-factor authentication or MFA recognizes online users by carefully validating two or more claims offered by the users, from various types of validation. And this would not be possible without contributions from big data. The basic types of validation used include:

    1. Something you have, like a trusted and known device.
    2. Something you know, like a PIN or password.

    The theory behind the multi-factor authentication is that the joint factors of validation are stronger compared to their individual aspects.

    To make the definition simpler MFA incorporates a second, regularly physical method to verify a person’s real identity. Furthermore, MFA is rapidly becoming a standard for more secure as well as safer logins. Big data is playing an important role in addressing these shortcomings.

    Reasons why you should use multi-factor authentication solutions

    Big data has made multi-factor user authentication possible. But what are the core benefits? We list 5 of the many reasons to use MFA for you here:

    1. Enhance security

    Multi-factor authentication is one of the best solutions that you may want to take advantage of, especially if your main goal is to improve security. Big data has made this easier than ever.

    The main benefit of MFA is that it offers additional protection and security by adding new layers of protection. The more factors or layers in place, the smaller the risk of digital burglars obtaining important systems and data.

    2. Increase productivity and flexibility

    Another benefit of using this type of solution is that it replaces the encumbrance of passwords by changing them with alternatives that have the capability to improve productivity. Predictive analytics and other big data technology have made this possible.

    In addition, multi-factor authentication solutions can also bring an improved usability experience because of the improved flexibility of factor kinds.

    3. Achieve compliance

    Big data is vital for ensuring compliance. With multi-factor authentication, you will be able to attain the important compliance requirements particular to your organization that in turn alleviate audit findings as well as avoiding possible penalties.

    4. Simplify the login process

    As we all know, a difficult password does not excel in user-friendliness. Despite the fact that multi-factor authentication adds additional steps, it actually makes the login process a lot easier.

    Single sign-on, for instance, is one-way multi-factor authentication accelerates the said process. For example, a person using an Office suite needs to sign in through multi-factor authentication especially if it is his/her first time to use the app in his/her device.

    5. Location restrictions

    You can use multi-factor authentication to limit or allow login access depending on the current location of the user. If you’re working outside your office frequently or using your personal device, you are putting your company and personal data at risk from physical theft. Multi-factor authentication, on the other hand, can be also used to recognize when a certain user is looking for access from unknown locations.

    Big data is essential for ensuring multi-factor authentication

    Big data is very important for making sure user security is adequate. It has helped by introducing multi-factor authentication. Multi-factor authentication solutions can be of great help, especially if you have been compromised or an unknown person tries to use your password as well as username. Hopefully, you have learned a lot from this post.

    Author: Sean Mallon

    Source: Smart Data Collective

  • The 4 major cybersecurity threats to business intelligence

    The 4 major cybersecurity threats to business intelligence

    Everywhere a business looks, there are risks, pitfalls, threats, and potential problems. We live in a world where there’s very little separation between the physical and the digital. While this may be beneficial in some ways, it’s problematic in others. When it comes to cybersecurity, businesses have to account for an array of technical and intensive challenges protecting their intelligence.

    4 Major cybersecurity threats

    For better or worse, cloud computing, the internet of things (IoT), artificial intelligence (AI), and machine learning have converged to create a connected environment that businesses must access without exposing themselves to hackers, cyber criminals, and other individuals and groups with unsavory intents. In 2019, it’s the following issues that are most pertinent and pressing:

    1. The rise of cryptojacking

    As the swift and malicious rise of ransomware has shown, criminal organizations will go to any lengths to employ malware and profit. This year, cryptojacking is a major topic.

    “Cryptojacking, otherwise known as “cryptomining malware”, uses both invasive methods of initial access and drive-by scripts on websites to steal resources from unsuspecting victims,” according to SecurityMagazine.comc. “Cryptojacking is a quieter, more insidious means of profit affecting endpoints, mobile devices, and servers: it runs in the background, quietly stealing spare machine resources to make greater profits for less risk.”

    2. Lack of confidence in the marketplace

    There’s a widespread lack of confidence in cybersecurity among customers and consumers in the marketplace. This limits many of the opportunities businesses have to implement much-needed change.

    This lack of confidence stems from highly publicized data breaches and cybersecurity issues. Take the US presidential election in 2016, for example. Despite that no proof of election tampering has been found, the media has led people to believe that there was some sort of breach. In the process, the notion of online voting seems unsafe, despite the fact that it’s something we need.

    In the context of business, every time there’s a major data breach, like Target or Experian, consumers lose trust in the ability of companies to protect their data. (Despite the fact that thousands of companies protect billions of pieces of data on a daily basis.)

    The challenge moving forward will be for individual businesses to practice data integrity and promote the right cyber security policies to rebuild trust and gain confidence from their customers.

    3. Supply chain attacks

    As businesses continue to build up their defenses around key aspects of their businesses, cyber criminals are looking for a softer underbelly that’s less fortified. Many of these attackers are finding it in vulnerable supply chains where risks aren’t completely understood (and where there has to be better cooperation between partners who rarely care to be on the same page).

    As we move through 2019, businesses would do well to consider what sensitive information they share with vendors. It’s equally important to consider the risk level of each vendor and which ones are worth working with.

    4. Insider threats

    According to a recent survey by Bricata on the top network security challenges facing businesses in 2019, 44% of respondents identified insider threats as an issue. (The next closest threat was IT infrastructure complexity at 42%.)

    In the context of this survey, insider threats aren’t necessarily malicious actions from employees. Instead, it’s often the result of accidental incidents and well-intended actions that go wrong. Businesses can counteract some of these insider threats by using tools like SAP Cloud Identity Access Governance, which allows businesses to use real-time visualizations to monitor and optimize employee access to data and applications.

    Better employee education and training is also a wise investment. Far too many employees remain unaware of the risks facing their employers, continuing to make foolish mistakes without realizing they’re making them.

    Moving toward a safer digital future

    While some would say we’re already living in the future, it’s important for business leaders to remain cognizant of what’s coming down the innovation pipeline so that the right strategic initiatives can be put into place. In doing so, we can all bask in the optimism of a brighter, safer digital future.

    Author: Anna Johansson

    Source: SAP

  • The future of cybersecurity threatened by the emergence of IoT devices

    Imagine being able to communicate effortlessly with the devices around you. This means having your devices fully automated and connected by sharing data through the use of sensors. This will definitely improve the quality of life and make our day to day activities much easier. This will also make businesses more efficient and facilitate in driving new business models.

    Well, there is no need to imagine as this is already a reality. These are the wonders of the innovation brought about by the Internet of Things (IoT), which simply refers to the network of devices, such as vehicles and home appliances, that contain electronics, software, sensors, actuators and connectivity that allows them to connect, interact and exchange data. The emergence of IoT brings about numerous benefits, but also poses a huge threat to security as it creates new opportunities for all the information it gathers to be compromised.

    Cybersecurity is already at the top of the agenda for many industries, but the scale and scope of IoT deployments escalate security, making it harder than ever to protect businesses and consumers from cyber attacks. intelligent organizations already need to protect their data and information, but cybersecurity is growing more important than ever with the emergence of IoT devices. Although IoT developments have made life easier on so many levels, it has also brought about serious security implications, as the scale of connected devices greatly increases the overall complexity of cybersecurity, while the scope of the IoT which isn’t operating as an independent device but an ecosystem magnifies these challenges — any data breach can cause significant damage to a whole business database.

    As HP found out, 70% of the Internet of Things devices are vulnerable to external attacks. With the technical vulnerability of most of these devices, it can only escalate these threats. Also, with its constant evolution and little attention to security, the potential for damaging cyber attacks can only tend to increase in the future. The implementation of IoT networks opens up the grid to malicious cyber attacks and any form of compromise in the network could lead to great data leakage.

    8 IoT threats to cybersecurity in the future

    8 IoT threats to cybersecurity in the future

    1. Complexity

    Variation of devices connected to a network is accompanied by risks worsening cybersecurity worries with its diverse and wide ecosystem.

    2. Volume of Data

    With IoT’s great need of data to work, it opens up nearly every part of our lives to the Internet, posing an important threat to the possibility of data manipulation. As a result, we must consider what this kind of access to the Internet means for your digital and personal security, as the availability of numerous access points leads directly to an increase in the risk of a breach or hack.Unified attacks can bring down a system or a network of data that is relied upon by millions. IoT is an incredible idea with the potential to change our lives dramatically but brings with it a flurry of concerns that will stretch your abilities and require you to be on your toes at all times.

    3. Continuous Expansion

    The IoT evolution doesn’t seem like slowing down anytime soon and, in fact, it continues to evolve and expand rapidly. This makes it difficult for cybersecurity to keep up with the pace.

    4. Over-Dependence On the Cloud

    With the cloud infrastructure, IoT has a heavy reliance on the cloud for safety, which makes cyber attacks to be targeted to the cloud. With this knowledge, it’s important to look for more ways to reduce those threats. More monitoring will be highly needed for cloud configuration, as well as logging. This monitoring can also be done with the use of external tools — These includes antivurus softwares and VPNs needed to be reviewed and compared carefully. These reviews and comparisons will enable you to choose the tool best suited for your device and needs, while the use of these tools will go a long way in securing your internet connections.

    5. Privacy Issues

    The issue of privacy is generated by the collection of personal data in addition to the lack of proper protection of the data.

    6. Deficiency In Authentication

    This area deals with ineffective mechanisms being in place to authenticate to the IoT user interface and/or poor authorization mechanisms whereby a user can gain a higher level of access than allowed with regard to their weak authentication mechanisms. For example, there is usually a large amount of data that is not sufficiently encrypted and these data are transmitted via wireless networks, many of which are public and lacking in security.

    7. Insecurity

    Over the past two years,AT&T’s Security Operations Center has logged a 458% increase in vulnerability scans of IoT devices. The risk with this is that the IoT device could be easier to attack, allowing unauthorized access to the device or its data. Most IoT manufacturers concentrate more on the efficiency of the device and less on the security, making devices vulnerable to cyberattacks. It is also difficutl to secure these devices after they become an end product, which only increases the challenges of cybersecurity.

    8. Industrial IoT

    According to Forcepoint, in 2019 attackers will break into industrial IoT devices by attacking the underlying cloud infrastructures. This target is more desirable for an attacker, as access to the underlying systems of these multi-tenanted, multi-customer environments represents a much bigger payday.<

    What does the future hold?

    Due to the aforementioned IoT-related weaknesses, which give cybercriminals more access to manipulate connected devices, it’s clear that IoT is painting a scary future for cybersecurity. However, it’s noteworthy that no system can ever be perfect. A continuous effort has to be put into work in order to provide more effective cybersecurity measures to ensure more safety in our day-to-day use of the IoT devices around us.

    Author: Joseph Chuckwube

    Source: SAP

EasyTagCloud v2.8