I'm a cybersecurity marketer with expertise writing about endpoint, cloud, zero trust, ASM, red teaming, threat intel, and third party risk management.
What Is Kubernetes Security?
Kubernetes has emerged as the leading orchestration platform of containerized applications in the modern cloud ecosystem. This has coincided with a steep increase in container adoption – CNFC’s 2022 annual survey showed that 76% of organizations that employ cloud-native approaches use containers. However, this rise in popularity has also made Kubernetes a target for threat actors and its security an increasing concern for CISOs and security teams.
This article will dive into the processes and...
Securing the Perimeter: What Attack Surface Does Network Access Control Really Protect?
One of the key ways to reduce your organization’s attack surface is through network access control (NAC), one of the key permissions management technologies for cybersecurity teams. NAC can and often is used to protect Internet of Things (IoT) devices and operational technology (OT) systems, but it’s important to note that using NAC to manage permissions and limit what devices can access is not the same thing as a dedicated IoT security solution.
Strong IoT Security Has Become Necessary to Protect Elections
Most discussions of election security from a technology perspective focus on securing voter databases and ensuring that voting machines remain free from compromise. These are important and vital focuses to ensure election security, but often ignored in the discussion is the impact the Internet of Things (IoT) can have on protecting elections from interference.
IoT devices are used in several different contexts that can have an impact on election security. These include building access control...
Safeguarding ATMs: Mitigating IoT Security Risks
ATMs are critical points of service for consumer banks and credit unions. They empower the customer base to perform most transactions without human interaction and also mean that account holders can access their money outside of business hours. There are 3.2 million ATMs installed worldwide, according to research, with the global ATM market handling $12.6 trillion in transactions.
ATMs are the primary way that many consumers interact with their banks and credit unions. This is true not only i...
Vulnerabilities and Protection of Cyber-Physical Systems (CPS)
The digital and physical worlds are becoming more tightly interwoven every year. Smart electrical grids, autonomous cars, distributed sensors in far-flung locations, and more make it clear that the world is becoming more digitized. Conversely, as digital worlds intersect more with physical reality, there is an evolution occurring in terms of connected devices blending physical inputs and outputs with digital technology.
Known as cyber-physical systems, or CPS, this class of equipment integrat...
Securing Your IoT Ecosystem: The Role of Cyber Asset Attack Surface Management (CAASM)
Cyber asset attack surface management (CAASM) is one of the more important practices in terms of securing your critical systems. It is a blend of internal asset management and external attack surface management, to have known, context-rich inventories. The ultimate goal is knowing what you look like to potential attackers to shore up your defenses. Good CAASM helps keep attackers out, speeds up incident response processes, and helps with any audits or regulations that ask for attack surface d...
Strong IoT Security Requires Effective Forensic Analysis Capabilities
Forensic analysis of a cyberattack is complex at the best of times. Even with traditional IT equipment and cloud technologies, collecting forensic information can mean extensive manual data collection and manipulation to unify disparate types of intelligence into a coherent whole. With Internet of Things (IoT) devices, the struggle of collecting forensic information and transforming it into something useful is compounded.
Forensic analysis as a practice also helps security teams evaluate thei...
Exploring the Dangers of IoT Breaches in HVAC Technology
Smart heating, ventilation, and air conditioning (HVAC) systems are key components in connected buildings. The ability to readily monitor the temperature of a physical space has numerous applications, including ensuring worker comfort and maintaining the environment for temperature-sensitive equipment and materials. Pharmaceutical companies and medical research firms use these systems to keep chemical compounds in the appropriate temperature ranges.
The smart HVAC controls market is expected ...
The Necessity of Continuous Vulnerability Detection
Accurately discovering and patching vulnerabilities is one of the biggest issues with securing Internet of Things (IoT) devices. Finding these weaknesses in the device firmware or in the communication protocols and mitigating them quickly can mean the difference between a secure network and one that’s open to cyberattackers. This work is unfortunately complicated by the number of IoT devices.
There were 15.14 billion IoT devices deployed worldwide by the end of 2023, according to Statista, wi...
Hidden in Plain Sight: The Unseen IoT Vulnerabilities in Building Access Control
Building access control systems like smart locks and badge readers are a critical component of physical security. Without implementing something that ensures unauthorized people can’t enter a facility where they aren’t supposed to be, organizations risk granting access to secure spaces to potentially malicious actors.
Also called physical access control systems, building access control devices are included within the Internet of Things (IoT). This is especially true when remote monitoring is ...
Unpacking the Impact of the White House’s Cybersecurity Allocations on Hospitals in 2025
The White House released its 2025 budget recently to demonstrate what President Biden intends to emphasize throughout the Executive Branch in the next federal fiscal year. The budget includes a number of priorities focused on lowering taxes for working Americans, countering the drug trade, and helping grow the economy.
Also within the budget is substantial spending on cybersecurity priorities.
These stated priorities include greater spending on securing healthcare organizations nationwide, in...
Manufacturers Need to Secure Their IoT Against Remote Access Risks
Internet of Things (IoT) devices have caused a stir in the manufacturing space. Connected industrial machinery used for remote monitoring, predictive maintenance, inventory management, and more has transformed industrial workflows – making manufacturers more efficient overall.
The problem is that IoT devices manufacturers leverage their operations, for all the benefits they provide, increasing risk. We’ve written about the issues with IoT devices in the past, including weak default passwords,...
Network-Accessible Printers Pose Hidden IoT Security Risks
The office printer isn’t often considered a part of the Internet of Things (IoT). The reality, however, is that network-accessible printers and multifunction printer-copier-scanners are in fact the quintessential IoT devices. Printers that can be attached to and discovered on a corporate network present a security risk to the enterprise that’s as potentially damaging as any IoT security camera.
Network-accessible printers offer broad accessibility and connectivity within the enterprise. If a ...
Nissan Australia Data Breach Demonstrates the Wide-Ranging Impact of Ransomware
Malware & Ransomware Protection
5 min read
Ransomware attacks have a habit of continuing to impact the affected organization long after they’re resolved. The immediate costs of resolving a ransomware attack can run into the millions, with a data breach itself costing an average of $4.54 million. And that’s only the direct costs. There are indirect concerns as well, such as reduced revenue from brand damage and monitoring costs in the case of personal data being stolen.
The December 2023 ranso...
Why Data Classification is Critical for Effective Data Loss Prevention
Data Security
5 min read
Data loss prevention (DLP) is a vital component of a data security strategy. Protecting critical information from accidental or intentional removal means setting up a solution whereby the organizations’ vital data is secured against exposure. According to research, 2.5 quintillion bytes of new data are created every day, with 180 zettabytes of global data expected to be created by 2025.
The sheer volume of data created every day and every year makes preventing its acc...