BBC Tech

Tesla sued by Walmart over solar panel fires

US supermarket chain Walmart is suing Tesla's energy division, after solar panels on seven of its stores caught fire. It alleges that the firm was negligent in how it installed the panels on the roofs of the stores. Court documents describe a string of fires
/
ARS

How malformed packets caused CenturyLink’s 37-hour, nationwide outage

CenturyLink's nationwide, 37-hour outage in December 2018 disrupted 911 service for millions of Americans and prevented completion of at least 886 calls to 911, a new Federal Communications Commission report said. Back in December, FCC Chairman Ajit Pai called the outage on CenturyLink's fiber network
/

Top Security and IT Priorities To Pay Close Attention To

Top Security Priorities

By 2019, cybercrime is expected to cost businesses over $2.1 trillion globally according to Juniper Research. Needless to say, security and IT professionals and teams have been under immense pressure to secure their organizations while trying not to slow down business operations. The growing attention on their departments and roles has been a double-edged sword: the increased visibility highlights their importance to the company but their performance is also being scrutinized by the executives and board.

Bringing security to the forefront of business planning can help position your organization as security-focused, which can be a valuable asset to the company’s bottom line. Security can be a great marketable attribute to show your commitment to keep the data of your organization’s clients and customers, partners, and investors secure.

Here are five actions that should be top priorities for security and IT teams in 2017:

Let’s Ditch FUD

Top Security Priorities

Far too many security vendors are taking advantage of these increasing cybercrime numbers with a Fear, Uncertainty, and Doubt (FUD) approach to sell their product. The FUD strategy is a scare tactic that plays on a prospect’s fear of security vulnerability to win a sale rather than actually delivering real value and improving security resiliency. These FUD sales pitches often include “there are bad things in your network or application” or “this product is the only way to secure your organization.”

The problem is that the products bought out of FUD aren’t actually improving their security resiliency so organizations will only continue to buy more and more point solutions in search of the “right one.” This is the same approach as trying to become more fit by only purchasing quick fix pills instead of eating healthy and working out. In 2017, we need to ditch FUD and build a security plan that actually moves the needle toward security resiliency.

Flip the Switch from Defensive to Offensive

According to the World Economic Forum, a significant portion of cybercrime goes undetected every year. If security teams focus on playing defensive such as fighting cybercrime as it happens or rather once they detect it, we’re giving cybercriminals a huge advantage. Apparent in the headlines, it often takes organizations months, if not years, to discover a data breach or security vulnerability.

Forward thinking organizations are starting to recognize this security paradigm shift and are moving from a defense to offensive approach. Your processes solutions need to be proactive-learning rather than relying on defensive strategies, such as incident response. Identifying and improving a security weakness before it becomes a fully established problem will result in cost, resource and credibility advantages for your organization.

Adopt DevSecOps

The benefits of adopting DevSecOps are endless but the main one is deterring the efforts of cybercriminals. Hackers only have to have one opening to get in and often use continuous hacking tactics through automation. DevSecOps can help by making security an in-line strategy for application development – developing a continuous approach to application security.

Historically, developers have been reluctant to incorporate security into application development since they believe it may slow down the process and get in the way. But organizations can utilize automation tools to incorporate security checks and proficiencies into every step of the application development process, creating a continuous way of incorporating security measures into applications from the start.

Be Prepared for Regulatory Issues

There are constantly new or updated cybersecurity regulations being introduced that organizations need to comply by or pay serious fines. As of March 1, 2017, financial firms in New York City will face stiff cybersecurity obligations under a new regulation that requires maintenance of a cyber security program that can ‘protect the confidentiality, integrity and availability’ of the data within their system,” including detection, defense and response capabilities, regulatory reporting obligations, and penetration testing.

In 2017, it’s crucial to stay ahead of these regulations to protect your organization, its reputation and its clients – and to prevent some hefty fines.

Embrace Automation

Automation often invokes concerns that robots are taking away people’s jobs. In reality, automation in security is empowering security teams to do their job more efficiently in a world where we can’t manually keep up with cybercrime anymore. No matter how large and efficient your security team may be, they simply cannot continuously scale to match hacker’s evolving tactics and the needs of increasingly demanding security tools and processes. While advances in technology have propelled us forward, it’s imperative to keep in mind that each advance opens up even more possibilities for hackers to exploit.

The key is to find the right balance between automation and manpower. Embrace automation to replace the low-intensity, repetitive, defensive work so your team can play offense with high intensity tasks and be able to give accurate status updates regarding security.

By Ernesto DiGiambattista, CEO and founder of Cybric

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading brand and thought leadership exposure programs.

Is Machine Learning The Future? Making Your Data Scientists Obsolete

Is Machine Learning The Future? Making Your Data Scientists Obsolete

Is Machine Learning The Future? In a recent study, almost all the businesses surveyed stated that big data analytics were fundamental to their business strategies ...
Cloud Computing In Education

Cybersecurity Policies Must Address Internal Threats

Cybersecurity Policies The contentious U.S. election campaign offered up many highlights, but the aftermath of election night – explosive cyberattack allegations – provided even more ...
4 Tips for Secure Video Conferencing

4 Tips for Secure Video Conferencing

Securing Video Conferencing Today, cybersecurity dominates headlines as businesses of all sizes and across multiple industries are falling victim to data breaches and distributed denial ...
Machine Learning Open-Source Tools

Do More With Machine Learning Thanks to These 6 Open-Source Tools

Machine Learning Open-Source Tools We are in the middle of a machine learning, AI and big data renaissance — at least, that’s what we’re calling ...
Door Dash

DoorDash reveals details of its new tipping model

/
DoorDash announced last month that it would be changing its controversial tipping model. Today it’s revealing the basics of how the new system will work. Under the past model, Dashers ...
Tech Crunch

Google, Mozilla team up to block Kazakhstan’s browser spying tactics

/
Google and Mozilla have taken the rare step of blocking an untrusted certificate issued by the Kazakhstan government, which critics say it forced its citizens to install as part of ...
BBC Tech

Tesla sued by Walmart over solar panel fires

/
US supermarket chain Walmart is suing Tesla's energy division, after solar panels on seven of its stores caught fire. It alleges that the firm was negligent in how it installed ...