Monday, September 25, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

‘Assume the Humans are Human and Bad Things Will Happen’

Researcher by Researcher
April 16, 2023
in Cybersecurity
0
‘Assume the Humans are Human and Bad Things Will Happen’
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


There is a fascination in the security industry with the threats and actors that reside at the top of the pyramid, the apex predators who employ the most sophisticated tools and tactics and have the budgets and patience to penetrate the hardest of targets. The fancier the bear, the more attention it attracts. But, for most organizations, the threats they face on a daily basis are far more mundane, if no less difficult to address.

Those threats come in the form of everyday issues such as someone typing a password into the wrong website, clicking on a link in a phishing email, or inadvertently sharing a sensitive document with the wrong person. They may not be as interesting as an APT team spending months to develop and execute a software supply chain attack, but the consequences can be just as dire. And for most security teams, defending against those unsexy threats is the core of their mission and occupies the bulk of their time.

But despite decades of work on defending against everyday threats, many modern networks still are not built to be resilient against them and one mistake or minor intrusion can have devastating, cascading effects. The time to address that issue was 20 years ago, but the next best time is now.

“I’m the cybersecurity director at NSA and you could absolutely craft a phishing message that would get me to click a link. You’ve got to design your architecture to assume the humans are humans and bad things will happen,” Rob Joyce, the director of cybersecurity at the NSA, said during a discussion at the Center for Strategic and International Studies on Tuesday.

Though there is no small amount of cognitive dissonance involved in hearing the director of cybersecurity at the nation’s premier signals intelligence agency make that kind of statement, it’s a mantra that many in the security community have adopted and have been repeating in one form or another for many years. Worrying about what Russian or Chinese or North Korean or Iranian APT groups are plotting will mainly serve to prematurely age the security team members and likely do little to actually secure the organization’s network. It’s the small, boring, practical measures, implemented day by day and practiced year after year that often make the difference in making a network resilient and resistant to attacks.

But another challenge lies in wait there: money.

“The infosec team in most organizations is lucky if it gets six percent of the IT budget, and probably 25 percent of that will go to antivirus and firewall licenses. It doesn’t leave a lot of money for other things. The money dries up fast. Do they want to do the right thing? Hell yes. But it’s about meeting what the risks are for the organizations,” said Dave Lewis, advisory CISO at Cisco.

“The low-hanging fruit is what they should be picking off, but many people tend to focus on the high end threats.”

“You’ve got to design your architecture to assume the humans are humans and bad things will happen.”

The challenge in building networks and security processes that are resilient by design is both a human one and a technological one. Technology often changes and advances more quickly than humans do, and adapting to those changes can be difficult. The shift to the cloud in the last decade has transformed many organizations’ IT strategies and presented new challenges for security teams who now find much of their data’s security in the hands of Amazon or Google or Microsoft.

“The current push for secure by design is something we’ve got to apply to the cloud and it starts with secure by default. Cloud deployments are often optimized for ease of use rather than security. Those companies are getting better about the default being secure, but we’re not all the way there,” Joyce said.

The same obviously applies to the on-premises portions of corporate networks, and finding ways to make life easier and more secure for users starts with figuring out what assets the organization actually owns and where they are. That’s no small task for many organizations, especially those with distributed operations and years or decades of accumulated stuff.

“We talk about building resilient networks, but how do you secure anything if you don’t know what you have?” Lewis said. “Many people don’t know these basics because we suck at capturing lessons learned and passing them on. A lot of security practices are tactical and not strategic and there’s no strategic vision behind them.”

In a plot twist few would have seen coming a few years ago, NSA is actively involved in trying to help enterprises make this shift, defend themselves more efficiently, and be more pragmatic about their security practices. The agency is sharing more of its security knowledge publicly than it ever has before and Joyce said there is more to come.

“We work hard at getting those secrets sanitized so they can get actioned. We don’t just throw it over the fence. We’ve learned that lesson. What we know is not nearly as secret as how we know it and we never unbundled that in the past,” Joyce said.

“The most useful thing is context. If we can point to something and explain in a classified exchange why something is important, then all of us can work in an unclassified environment to stop it. We have to continue getting faster at taking things that are sensitive and getting them into the operational space. That’s really where we’ve got to be.”



Source link

Related articles

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023
Tags: AssumebadHappenhumanhumans
Share76Tweet47

Related Posts

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
0

Northern Ireland’s top police officer apologized Thursday for what he described as an “industrial scale” data breach in which the...

Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023
0

Enterprise IT teams are struggling to cope with three major forces of change: the evolving regulatory environment, a globally dispersed...

Decipher Podcast: Katelyn Bowden and TC Johnson

Decipher Podcast: Katelyn Bowden and TC Johnson

August 12, 2023
0

Veilid main site: https://veilid.com/ Cult of the Dead Cow site: https://cultdeadcow.com/ Source link

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

August 12, 2023
0

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...

Used Correctly, Generative AI is a Boon for Cybersecurity

Used Correctly, Generative AI is a Boon for Cybersecurity

August 12, 2023
0

Adobe stock, by Busra At the Black Hat kickoff keynote on Wednesday, Jeff Moss (AKA Dark Tangent), the founder of...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
Microsoft to Block Macros by Default in Office Apps

Qakbot Email Thread Hijacking Attacks Drop Multiple Payloads

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
‘Horse Gone Barn Bolted’ is Strong Password – Krebs on Security

‘Horse Gone Barn Bolted’ is Strong Password – Krebs on Security

September 23, 2023
SumUp Launches 7am Payouts; Offering UK Merchants Optimal Financial Flexibility

SumUp Launches 7am Payouts; Offering UK Merchants Optimal Financial Flexibility

September 23, 2023
Stealth Falcon preying over Middle Eastern skies with Deadglyph

Stealth Falcon preying over Middle Eastern skies with Deadglyph

September 23, 2023
Will you give X your biometric data? – Week in security with Tony Anscombe

ESET’s cutting-edge threat research at LABScon – Week in security with Tony Anscombe

September 23, 2023

Recent Posts

‘Horse Gone Barn Bolted’ is Strong Password – Krebs on Security

‘Horse Gone Barn Bolted’ is Strong Password – Krebs on Security

September 23, 2023
SumUp Launches 7am Payouts; Offering UK Merchants Optimal Financial Flexibility

SumUp Launches 7am Payouts; Offering UK Merchants Optimal Financial Flexibility

September 23, 2023
Stealth Falcon preying over Middle Eastern skies with Deadglyph

Stealth Falcon preying over Middle Eastern skies with Deadglyph

September 23, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cyber Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches platform Ransomware RoundUp security Software Stories TFT Threat Top vulnerabilities vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved