Today, open-source code is everywhere. In fact, 99% of all codebases contain open-source code, and anywhere from 85% to 97% of enterprise codebases come from open-source. What does that mean, exactly? It means that the vast majority of our applications consist of code we did not write.
Last month this column looked at how humor can enhance leadership. Inspired by the book "Plato and a Platypus Walk Into a Bar: Understanding Philosophy Through Jokes," this month’s column explains security leadership through jokes.
Implementing a converged security organization is perhaps one of the most resourceful and beneficial business decisions an organization can make when seeking to enhance security risk management. In this era of heightened consequences and sophisticated security threats, the need for integration between siloed security and risk management teams is imperative. The need for collaboration between those two teams and the business is equally imperative. Let’s look at five more specific benefits:
Securing diverse and distributed IT environments starts with the identity plane. Modern and evolving security threats are best prevented by securing identity through many layers relying on a Zero Trust model. Zero Trust, by which I mean “trust nothing, verify everything,” can serve as a foundation for the evolution of a modern security perimeter, one virtually drawn around each individual user, from anywhere they log on. By following Zero Trust principles and establishing user identity across devices, programs, and networks, modern enterprises can pursue a security program that is adaptive, contextual, and robust enough to defend against modern threats.
The first line of defense in cybersecurity is taking proactive measures to detect and protect the entire IT landscape. It’s critical to have the right security systems and processes in place to find known and unknown threats before they impact your business. But you also need a bulletproof plan in case your systems are breached. You need to move very quickly to limit damage, so you should have a team experienced in handling these situations ready to jump to action, bringing along tools, procedures, and a proven methodology to stop attacks and to repair and restore whatever you can. Here are five critical factors in preparing for the first 24 hours after an attack:
March 31st is World Backup Day 2021, the 10th anniversary of the inaugural World Backup Day in 2011. Though the day serves as a reminder to backup your data, this process should be done frequently to offset the risk of data loss - or the intentional or unintentional destruction of information, which may be caused by people or processes from within or outside of an organization.
How can consumers and retailers protect themselves against fraud in the coming months? Here, Jane Lee, Trust and Safety Architect at Sift, speaks to Security magazine about this critical issue.
Bitglass announced the release of its 2021 Remote Workforce Security Report. Bitglass surveyed IT and security professionals to understand how remote work has transformed the state of security operations over the last year. Data from this report shows that the majority of organizations (57%) still have over three-quarters of their teams working remotely. An overwhelming 90% of organizations said they are likely to continue these increased levels of remote work in the future due to productivity benefits. Additionally, 53% of companies said they are looking to make some positions permanently remote after the COVID crisis ends--a much higher rate than when the pandemic began (33%).
Online risk mitigation specialists DNProtect released details of their market report that exposes a high number of security issues related to the domain names that Fortune 500 companies rely upon for business and consumer interaction. The report serves as an early warning indicator of possible security threats and open windows for domain theft or service disruption. The market release follows a number of recent high profile cases involving GoDaddy, Network Solutions, and other registrars where critical domain names were stolen, resulting in disruptions that can easily impact millions of Internet users.
China has had a tough 2020. Intellectual property rights infringement, stealing university and U.S. government-funded research, spys routed out in public, Hong-Kong takeover, Human-right abuses, Coronavirus cover-ups, supply-chain bog downs, and the list goes on. The conclusion is that China has lost its luster with businesses in the United States and abroad. These issues are not new; instead, they have reached a boiling point where the international business community is getting leary of putting too many eggs in China’s basket. The U.S. government has certainly done its share to bring many of these things to light. And while this is happening, and companies look elsewhere to move, the possibilities of increasing North America manufacturing has become more attractive than ever.