In the Digital Identity Compass, we point you to developments in the world of Digital Identity, or Identity & Access Management.
Inhoudsopgave
Workforce Identity
Privileged Access Management
Customer Identity and Access Management
Zero Trust & Network Security
Government
Other developments
Podcast tip of the month
Software & Security: How to Move Supply Chain Security up the Agenda
Dark Reading, 13 december 2023
After the Log4j incident, attention to software supply chain security is growing. The U.S. government now requires software bills of materials (SBOMs) to evaluate risks of software components, but implementation is encountering obstacles. CISOs find it difficult to prioritize and wonder who is responsible for maintaining SBOMs. The article highlights the need for practical accountability in contracts with external vendors, with a focus on development and ongoing documentation. Improved practices are suggested for the challenges, such as automated patching for low-risk and "security by design" methods for developers. Crucial to success is collaboration and prioritization conversations between security and development teams. The article highlights that deep understanding of systems helps prioritize and foster collaboration.
Nearly half of companies suffer disruptions due to security problems in their supply chain
Despite increased investment, Gartner finds that nearly half (45%) of companies still suffer from disruptions due to security problems in their supply chain. Addressing third-party cybersecurity risk management (TPCRM) is challenging because of its cost, process-oriented nature and limited impact on resilience. Gartner emphasizes that effective TPCRM is all about efficient resource utilization, good risk management, resilience and impact on third-party decision making. Only 6% of organizations master all three TPCRM factors. To drive improvement, Gartner recommends four steps for security leaders, including regularly reviewing the communication of third-party risks to business owners and testing third-party contingency plans.
Identity Threat Detection Acquisition: Okta Buys Spera Security
Identity specialist Okta has announced the acquisition of Israeli-based Spera Security. The acquisition is estimated to involve around $100-$130 million. The transaction is expected in Okta's fiscal first quarter, starting Feb. 1, 2024. The acquisition strengthens Okta's capabilities in identity threat detection, security management and attack surface management. The goal is to provide customers with better insights and technology for managing their identity security.
Top 5 Data Security Incidents of 2023 and Predictions for 2024
Terranova Security, 25 december 2023
In 2023, the number of security incidents increased 20%, with notable events such as the social engineering attack on Mailchimp, credential stuffing at 23andMe, and a cyber attack on the Indonesian Immigration Directorate General that leaked 34 million passports. These hacks revealed the vulnerability of large enterprises to phishing and ransomware attacks, highlighting the need for employee cybersecurity hygiene. For 2024, it is therefore recommended to focus on cyber awareness to improve the overall hygiene standards of employees. The adoption, integration and further development of the Zero Trust Network Architecture is expected to increase. The growing influence of artificial intelligence threats in cyber security represents a challenge, where awareness and preparation in organizations are essential to protect future data of internal organizations and employees.
Keeper Security Survey Finds 82% of IT Leaders Want to Move Their On-Premises Privileged Access Management (PAM) Solution to the Cloud
Dark Reading, December 6, 2023
The Keeper Security Insight Report shows a growing drive to move from on-premises to cloud-based PAM solutions. A convincing 82% of respondents prefer the cloud to traditional on-premises systems, which are perceived as complex and too expensive. Cloud PAM offers ease of use, increased security and addresses critical needs such as threat protection and data breach prevention. This shift strategically aligns with changing security needs and budgets, making cloud-based PAM solutions crucial in the fight against ongoing cyber threats.
Threat actors misuse OAuth applications to automate financially driven attacks
OAuth apps, typically used for secure access, are being abused by hackers for financial attacks. They hijack user accounts to create high-access OAuth apps, which can cause damage; from setting up cryptocurrency mining to phishing and compromising business emails. Microsoft is tracking these attacks with Defender and Entra Identity Protection. Organizations can protect against the attacks by implementing MFA, setting access policies and regularly auditing apps and permissions. Office365 functionalities can help. Defender XDR detects malicious activity, while Entra flags unusual logins. Microsoft also provides detailed guides and roadmaps to quickly address these threats.
Delinea working with Microsoft for AI-powered cybersecurity solutions
Securitybrief, 13 december 2023
Delinea has joined Microsoft's Security Copilot Partner Private Preview because of their expertise in Microsoft's security technologies. This partnership aims to integrate AI into Security Copilot development, which will significantly strengthen cybersecurity. Delinea's refines scenarios, provides valuable feedback and seamlessly integrates APIs. As a strategic security partner, Delinea emphasizes the essence of AI in cybersecurity and strives for effortless integration of PAM into the Microsoft ecosystem. This AI-driven security solution focuses on rapid threat response and enhances Priviliged access management for global customers, regardless of their industry.
The surprising reason customers are abandoning digital transactions
In this article, Ashley Diffey of Ping Identity argues that eCommerce companies need to develop efficient and user-friendly methods to verify that an end user is actually who they claim to be. Recent research shows that ineffective CIAM systems have significant impact on purchasing behavior, with password resets, complex security steps and lengthy registration processes being major reasons for consumers to abandon purchases. According to Diffey, by 2024, consumers will demand both ease of use and security. Finding a balance between these two aspects is vital to the success of eCommerce companies.
Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security
SecurityWeek, 11 december 2023
COVID-19 has triggered an unprecedented shift in technology, particularly with the rapid growth of remote working. Traditional security measures are no longer adequate. Instead, security teams must proactively collaborate and stay abreast of new threats and security measures. This is no longer just IT's responsibility; the entire organization has a role to play. Embracing risk as an integral part of innovation is crucial, seeing challenges as opportunities for growth. Anticipating worst-case scenarios and creating robust incident response plans strengthen defenses. Adopting a flexible, collaborative and risk-aware mindset is essential for a resilient and secure modern network.
NIS2 implementation severely underestimated by Dutch management
Dutch management is underestimating the implementation of the NIS2 cybersecurity directive, even though the official directive has been adopted and compliance monitoring is about to begin. About one-third of companies required to comply with NIS2 have started preparations, while one-third have done nothing yet. Telindus' survey of 150 CXOs and IT managers in companies with 250+ employees found that 27% plan to implement NIS2. NIS2 requires organizations to conduct a risk assessment and take measures to secure network and information systems. However, the survey also reveals that 32% think NIS2 is unnecessary, 35% are not sure it will bring improvements and 7% think NIS2 will not bring any improvements at all. Only 58% believe in positive impacts on critical infrastructure security.
Netherlands and other countries allowed by European Commission to put money into Cloud
The European Commission has allowed the Netherlands and other EU countries to invest €1.2 billion in state aid to develop cloud services, under the heading of an "important project of common European interest" (IPCEI). This exception to the normal ban on state aid is intended to encourage innovation, given the reluctance of companies to take on risky projects or have difficulty securing financing. The EU is concerned about the risk of falling behind global powers such as the United States and China. The €1.2 billion state aid is expected to attract private investors, who are estimated to contribute another €1.4 billion. Dutch participants include Leaseweb Global, TNO, the Amsterdam Internet Exchange, the University of Amsterdam (UvA) and the University of Twente.
Tentative agreement on AI Act
The EU has reached tentative agreement on the AI Act. The new law classifies AI applications based on risk, with stricter rules for more dangerous applications. Among other things, it will prohibit the deployment of citizen tracking systems and behavior manipulation technology and the untargeted collection of facial images. Widely deployed AI applications must be transparent, respect copyrights and undergo testing. The rules are expected to take effect in 2026. Outgoing Dutch State Secretary Van Huffelen is positive about the agreement, but stresses the need to monitor opportunities and risks.
Europe sees more hacktivism, GDPR echoes, and new security laws ahead for 2024
Dark Reading, 26 december 2023
Europe faces more hacktivism and new security laws ahead of 2024. The war in Ukraine and the conflict in Gaza have fueled hacktivism, while ransomware is exploiting critical vulnerabilities. The EU Cybersecurity Agency (ENISA) recorded 2,580 incidents between July 2022 and June 2023, in which threats were motivated by financial gain, disruption, espionage, destruction or ideology. On the legislative and regulatory front, the EU remains incredibly active. The GDPR, which came into force in 2018, has put the focus on privacy and data processing. A number of laws, such as the NIS2, the Cyber Resilience Act and the AI Act, will take effect in 2024 to increase the focus on cybersecurity. Initiatives such as the European Cybersecurity Skills Academy and the Cybersecurity Competence Center additionally focus on supply chain security and skill building.
Ransomware increasingly impacts industrial OT systems
SecurityWeek, December 7, 2023
Ransomware attacks on industrial organizations are increasingly affecting operational technology (OT), according to Claroty's "2023 Global State of Industrial Cybersecurity" report. In a global survey of 1,100 IT and OT security professionals, 75% said they had experienced a ransomware attack in the past year. Of these, 21% affected IT systems only, 17% OT systems and 37% both. This 37% is a 10% increase from 2021. Globally, 12% experienced extreme impact, leading to significant business downtime of more than a week, and 10% described the impact as severe, affecting more than one functionality for more than a week. Two-thirds admitted to having paid a ransom, of which 6% paid more than $5 million and 12% paid $1-5 million. In 23% of cases, the financial cost exceeded $1 million. Although more than 60% of organizations use generative AI in security tools, 44% are concerned about its security.
Europol warns of new crime phenomenon: using bluetooth trackers
Europol is warning of increasing use of Bluetooth trackers by organized crime, originally intended for retrieving personal items. Criminals are now adapting these wireless devices to locate illicit goods, especially in cocaine smuggling, by tracking shipments at ports and tracing them by road to storage locations in European markets. This trend underscores the need for awareness and regulation of emerging technologies in the context of organized crime
Soft skills every CISO needs to inspire better boardroom relationships
The role of the CISO is changing. In addition to the traditional responsibility of defending organizations against an increasingly complex threat landscape, CISOs must cover their entire organization, work closely with the C-level and ensure high-level business strategy on risk. The three soft skills CISOs need:
- Collaboration is essential as the new Cyber legislation demands collaboration between CISOs, CFOs and lawyers.
- Communication is essential for collaboration. Stakeholders are more technical than ever. Bridging the gap between technical capabilities and business outcomes gives CISOs an important advisory and thinking position.
- Storytelling. Through storytelling, supported by data, CISOs can highlight the role of cybersecurity in business strategy.
Refocusing on cybersecurity essentials in 2024: a critical review
SecurityWeek, December 27, 2023
In this article, Torsten George highlights the need for organizations to refocus on essential cybersecurity in 2024 to reduce the risk of data breaches due to ransomware attacks, zero-day vulnerabilities and third-party cloud threats. Despite increased spending on cybersecurity, the effectiveness of investments is being challenged by incidents resulting from failure to implement basic security measures. The recommended approach focuses on data integrity, identity management and risk prioritization. He suggests classifying and encrypting data based on business needs, implementing a Zero Trust model for identity management and implementing risk-mitigation-based measures.
Podcast tip - Darknet Diaries
Darknet Diaries is a podcast about hackers, breaches, shadow government activity, hacktivism, cybercrime, and all the things that dwell on the hidden parts of the network.
