In one corner of cyberspace, there's a fervent debate about privacy concerns with machine language models like ChatGPT, Gemini, and Copilot. Meanwhile, in a far more routine corner of our digital lives, the privacy settings of social media and messaging apps go unnoticed. Isn't that ironic? As an academic and observer of this fascinating digital world, I've always believed that security is a perception, shaped by our awareness of threats and risks. Through this article, I aim to shed light on this irony and promote a more nuanced understanding of our online security.
0 Comments
In an increasingly interconnected world, information security has become a cornerstone for the success and sustainability of businesses. In this landscape, a crucial question arises: Is it better to hire a full-time employee or seek the expertise of a specialized consultant in cybersecurity and information systems? The answer to this question can define your company's ability to navigate the murky waters of digital threats. A cybersecurity consultant not only brings extensive technical expertise but also offers a strategic and tactical vision that aligns perfectly with your business's security and growth objectives. Navigating the Evolution of Cybersecurity: Understanding the Transition from NIST CSF 1.0 to CSF 2.02/28/2024 The landscape of cybersecurity is constantly evolving, challenging organizations to adapt and enhance their security measures. The National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF) has been a pivotal guide in this journey. With the release of CSF 2.0, significant advancements have been made, building upon the foundation laid by CSF 1.0. In this blog post, we will explore the key differences and improvements brought by CSF 2.0, focusing on its scope, focus, structure, and additional features. In 2023, the cybersecurity world witnessed a diverse array of sophisticated threats. From credential stuffing to ransomware, and nation-state attacks, the landscape has evolved rapidly, presenting new challenges for businesses and individuals alike. This post delves into some of the year's most significant breaches, highlighting crucial lessons and strategies for a more secure future.
In the digital age, the importance of information security cannot be overstated. As we navigate the complex landscape of cybersecurity, one factor often stands out as both a potential risk and a line of defense: the human factor. This was the focus of my recent doctoral dissertation, where I explored the behavioral and cross-cultural factors that influence an individual's intention to comply with information security policies. A lot have been investigated, written and said about how to better protect companies against the unstoppable proliferation of advanced and sophisticated cyber-threats/attacks. By default, and by common sense, we tend to think that by adopting and implementing cutting-edge security technologies, companies will be on a better position to stop, prevent, and reduce security threats from cyber-criminals. This is not so far from reality. Lots of technologies have emerged and being adopted to reach that goal. Among these technologies are: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewalls, Antivirus, Network Access Control (NAC), Proxies, Gateways, Advance Threat Analytics (ATA), Sandboxes, Multi-factor Authentication (MFA), Artificial Intelligence (AI), and Machine Learning (ML) solutions to mention a few. However, security and data breaches still happen and are on the news all around the world, every day.
In the last decade of the proliferation of the World Wide Web, there has been a shift from normal human combat warfare to electronic warfare, where a person with a computer can do more damage to the infrastructure of a country than thousands of soldiers. The amount of data, intelligence, and damage generated by such warfare is astronomical. This type of warfare requires artificial intelligence and Expert Systems to go to the forefront of the battlefield in order to analyze data and trends to identify potential attacks and provide countermeasures to such attack. AI has put in a new perspective how Decision Support Systems (DSS) improve defense. DSS implemented today are in place to stop and deter in the shortest possible amount of time a cyberattack, and assist cyber defenders in finding the correct response. WannaCry or Wanna Decrytor ransomware is an informatic virus that attacks Windows operating system based computers primarily (including servers) by taking advantage of system vulnerabilities exploited by Eternalblue, a tool believed to be developed by the USA National Security Agency. What is the unique effect once infected by the virus? Well, you will notice it fast. The system will show you a Popup window letting you know that your computer is infected, all your files are encrypted, and for you to recover it all, they require a ransom payment using bitcoins. Unless you make the payment, all your files will stay encrypted. The worst thing about this virus is that, if you do not pay in a certain period, the ransom payment will keep rising.
But, wait! The intention of this article is not to create panic. Even though you should panic if your computer got infected and you didn't backed up your files recently (last day or night before the infection). As of today, we have many technological gadgets around us. We have them at home, in our offices, automobiles, even as personal dressing accessories. Definitively we live in a technological era in which smart devices allow us to make collaborations, and to share personal or business data on social networks, such as Facebook®, Twitter®, LinkedIn®, Instagram®, and Google® to name a few. We also have the never ending clouds on our environment, such as Dropbox®, Box®, AmazonDrive®, GoogleDrive®, and Microsoft OneDrive®, among others. We have entered into an era in which even baby boomers interact with mobile devices and high-end technologies, not to mention millennials who were born with their genetic codes already programmed for these technologies. Even my niece, less than one year old, uses an iPad. We enjoy technology. Or at least, marketing departments make us believe it is a high-priority need, and convince us to rush and get the latest gadget. |
AuthorDr. Gilberto Crespo is an information security researcher & technology expert. Archives
April 2024
Categories
All
|