The CTI team at the MS-ISAC has observed the Vice Society RaaS group increasingly targeting U.S. schools, specifically K-12 organizations.[…]

Read More

Company information was stolen from third-party vendor Teqtivity and posted on a dark web forum

Read More

The Payment Card Industry Security Standards Council (PCI SSC) has published version 1.2 of the PCI Secure Software Standard and its supporting program documentation. One of two standards that make up the PCI Software Security Framework (SSF), the PCI Secure Software Standard sets out requirements to help ensure that payment software is designed, developed, and maintained in a manner that protects transactions and data, minimizes vulnerabilities, and defends against attacks.

The latest version introduces minor changes to the standard relating to clarification/guidance and structure/formatting. It also introduces more significant changes regarding new or evolving content, chiefly the Web Software Module, a set of supplemental security requirements to address the most common security issues related to the use of internet-accessible payment technologies. Version 1.2 also adds a requirement that SSF company QA staff are either an SSF assessor or have completed SSF knowledge training. This comes ahead of the PCI DSS 4.0 regulation, which will comes into full effect in March 2025.

To read this article in full, please click here

Read More

Seems like absolutely everyone everywhere is playing with Chat GPT.

So I did, too….

Write an essay in the style of Bruce Schneier on how ChatGPT will affect cybersecurity.

As with any new technology, the development and deployment of ChatGPT is likely to have a significant impact on the field of cybersecurity. In many ways, ChatGPT and other AI technologies hold great promise for improving the ability of organizations and individuals to defend against cyber threats. At the same time, however, the use of these technologies also raises important questions and concerns about the potential risks and challenges they may pose.

One of the key ways in which ChatGPT is likely to affect cybersecurity is by enabling organizations to more quickly and accurately identify potential security threats. With its ability to analyze vast amounts of data and identify patterns and trends that might be difficult for humans to spot, ChatGPT could be a valuable tool for detecting and responding to cyberattacks. This could be especially useful in the case of complex, coordinated attacks that might otherwise be difficult to identify and defend against.

Another potential benefit of ChatGPT in the realm of cybersecurity is its ability to improve communication and coordination among different organizations and agencies. By enabling these groups to more easily share information and work together to defend against cyber threats, ChatGPT could help to make the overall cybersecurity landscape more effective and efficient. This could be especially important in the case of large-scale attacks that require a coordinated response from multiple organizations.

Of course, as with any new technology, there are also potential risks and challenges associated with the use of ChatGPT in the field of cybersecurity. One key concern is the potential for ChatGPT to be used by malicious actors to conduct cyberattacks. By automating the process of planning and executing attacks, ChatGPT could make it easier for attackers to carry out sophisticated, coordinated attacks at a much faster pace than would be possible without AI. This could potentially make it more difficult for organizations and individuals to defend against such attacks.

Another potential risk is the possibility that ChatGPT could be used to create fake news or propaganda, which could be used to spread misinformation or confusion. In the context of cybersecurity, the spread of false information could potentially lead to confusion and panic, making it more difficult for organizations and individuals to respond effectively to cyber threats. Additionally, the use of ChatGPT to create fake news or propaganda could also undermine trust in information and communications systems, potentially undermining the overall security of these systems.

Overall, the development and deployment of ChatGPT is likely to have a significant impact on the field of cybersecurity. While ChatGPT and other AI technologies hold great promise for improving the ability of organizations and individuals to defend against cyber threats, it is important to carefully consider the potential risks and challenges they may pose, and to take appropriate measures to mitigate these risks. This may include implementing strict security protocols and safeguards to prevent unauthorized access to ChatGPT and other AI systems, as well as ongoing monitoring and evaluation to ensure that these technologies are being used in a safe and responsible manner.

Not bad. I don’t think I can retire, but I probably can go on vacation for a few days. And, of course, it’s going to get better…a lot better…and probably sooner than we expect. This is a big deal.

Read More

Cybersecurity is a relatively new discipline in the realm of computing. Once computing became more democratized with PCs connected via local area networks (LAN) and client/server environments, adversaries quickly saw opportunities. The more democratized computing – the more risk and the potential for cyber adversaries.

Dealing with cyber risk and adversaries is now part of a normal business plan. Gone are the days of instilling fear, uncertainty, and doubt (FUD) about the potential of a bad actor. The days of nefarious hackers in hoodies lurking in the shadows are gone.

Businesses of all types and sizes now know that cybersecurity is part of a solid business plan. Security is no longer relegated to a team of really smart experts; security is a business enabler and builder of digital trust.

As we move to 2023, we will continue to see computing more democratized. With the advent of more edge computing (according to the 2022 AT&T Cybersecurity Insights Report, 75% of organizations are on a journey to the edge, the way we interact with technology is rapidly shifting. We are moving from input/output types of functions to more seamless interactions that deliver outcomes.

With more of a focus on outcomes, security becomes the center of focus in the new democratized era of computing. We are just getting started with ideas for edge computing. And, by association, we are just getting started with what security means.

Here are my predictions for some of the trends and highlights we will see in cybersecurity landscape in the year ahead.

Move to the edge

A new paradigm of computing is upon us. This new era is underpinned by 5G and edge.

Edge is a word we have heard for quite some time, but in general conversation lacks a consistent definition. Vendors and business users alike tend to define edge in accordance with the technology stack being sold or used.

When thinking about edge, consider these three characteristics as a starting point:

A distributed model of management, intelligence, and networks
Applications, workloads, and hosting closer to users and assets that are generating or consuming the data – may be on-premise or in the cloud
Software defined

Edge use cases are largely driven by the world of the internet of things (IoT) that collect and transmit data to make logical and rational decisions to derive an outcome.

In 2023, we should expect to see an accelerated full-scale rollout of edge use cases in areas such as:

Real-time fraud detection for financial services
Automated warehousing with near real-time inventory management
Near real-time visual inspections for uses as varied as manufacturing assembly lines, passport control at border crossing, and available parking spaces

These use cases require connected systems from the network layer through to application monitoring/management, and require each component to be secure in order to derive the desired outcome.

With more democratized computing, security is no longer isolated, it is central to delivering strong business outcomes.

In 2023, expect to see more edge use cases and applications. For successful implementation and with security at the core, expect to see the erosion of decades-old siloes such as networking, IT, app development, and security begin to fade away and enable more cross-functional work and roles.

Read more about the edge ecosystem in the upcoming 2023 AT&T Cybersecurity Insights Report due out January 24, 2023. Check out our previous reports available here for: 2022 and 2021.

Disaggregation of the network

Networks are becoming more intelligent. The idea of disaggregation, the separation into component parts, means that some security tools may be able to become part of the network.

Following the theme of software-defined, disaggregated networks can bring in the security components needed at a specific time. Think about a network infected with malware. In the scenario of a disaggregated network, a new instantiation may be easily and quickly spun up and the propagation of malware across the network avoided.

Admittedly, widespread implementation and adoption of disaggregation will take more than the next 12 months. However, expect to see the start of this game-changing technology in 2023.

Data lifecycle

Edge computing is all about data – collecting, using, and enriching.

From a security perspective, expect to see solutions that focus on the data lifecycle to help organizations make sure that data governance policies are automated and enforced.

As more edge applications are deployed the sheer amount of data will multiply at a rapid scale. Data, at the heart of the edge app, needs to be protected, intact/trusted, and usable.  It is critical to make sure the data lifecycle is managed with the proper data governance policies.

In 2023, expect to have more emphasis and focus placed on data – the collection, management, use, and governance.

Application security

Security is central to a successful business, and in a software-defined world, applications or apps are the connecting point.

Application security is seemingly the last frontier of an ecosystem built with security in mind. In 2001 the Open Web Application Security Project (OWASP) was formed with the goal of identifying the most common web application security vulnerabilities. In the 21 intervening years since the founding of OWASP and their noble work in the field of application security, little has changed. The OWASP Top 10 has not seen radical shifts.

The scant change in the OWASP Top 10 over two decades is indicative of gaps in security strategies and siloed application developers. Moving to an edge compute paradigm, graphical user interface (GUI) based apps give way to headless or non-GUI applets and application programming interfaces (APIs). In fact in 2019 OWASP issued a OWASP top 10 for APIs.

APIs and applets are about computer program to computer program communication. It is critical that the software development lifecycle (SDLC) embrace security as a non-functional requirement. This need may require developers to re-assess software engineering practices and work in more systematic ways.

In 2023, expect application security to be a top priority as organizations move to the edge and understand the importance of security as a central priority for the business – including at the application level.

Threat intelligence

Threat intelligence, the gathering of information about attacks on an organization from a variety of sources, will continue to be an essential component of security.

With edge computing and the expansion of IoT devices, threat intelligence will relay more granular and refined information about the attack surface. Threat intelligence will continue to be delivered as tactical, strategic, and operational. As more machine learning enrichment is available, consumers of threat intelligence will demand more pertinent and personalized reporting.

In 2023, expect to see the need for more relevant and curated threat intelligence feeds designed to combat specific industries or use cases.

Biometric security

Using biometrics to authenticate identity is nothing new, we have been doing this with fingerprints for over 50 years and more recently with facial recognition. In fact, multi-factor authentication (MFA) is frequently framed as something you know – a passcode, something you have – a device, and something you are – a biometric indicator.

We are now seeing celebrities selling their images or digital twins. This means that your favorite actor will continue to be in new movies, at varying ages, indefinitely.

What does this mean for security? Increasingly, we are being asked to authenticate via some sort of biometric. Advancements in digital twins and deepfakes mean there is a need to secure our own physical identities. The abundance of images available of any individual via a quick internet search can yield a treasure trove for an adversary seeking to hack an identity.

In 2023, expect to see more serious discussions regarding digital twins and how to make biometrics more secure.

Cyber/physical

Cybersecurity professionals have secured our cyber world – the electronic bits and bytes that create our computing systems. Increasingly, connected computers are entering a space that was reserved for physical only devices – think internet connected medical devices, internet connected construction devices, and internet connected transportation such as cars, planes, and ships. These previously physical only devices connected to the internet now constitute convergence.

Anything connected to the internet has to be secured and this includes newly converged physical devices that are now considered endpoints.

Making sure that these new style of endpoints are protected from cyber-attacks as well as physical attacks are key.

In 2023, expect to see more solutions focused on protecting the cyber and the physical and expect to see new roles emerge in organizations focused on this new element of security.

Companies born on the edge

Disruption is essential for innovation. As new “born on the edge” companies begin to emerge, the baggage of previous iterations of computing are jettisoned. Just as we saw “born of the web” companies not have to deal with legacy computing systems and infrastructure, “born on the edge” companies will have data and application security embedded from the beginning.

“Born on the edge” companies will take advantage of networks, infrastructure, development practices, and organizational benefits available in 2023. These new types of companies, across industries of all types, will spur on innovation and increase competition. As a result, more businesses will advance edge ecosystems and edge applications to deliver business outcomes.

Expect 2023 to be a year of anticipated disruption as “born on the edge” companies boldly emerge.

Looking forward

Out of necessity, we have seen digital transformation initiatives flourish over the past two years. And, in the last year digital transformation has yielded way to operationalizing what was transformed.

In 2022, we have once again been able to convene in person to discuss, debate, and dream of what is next.

Expect 2023 to be a year where we are reminded of the seemingly endless possibilities of the power of ideas translated to computing.

Here’s to an innovative and exciting 2023!

Read More

Researchers claim AI bot can write malware and craft phishing emails

Read More

Country bucks the global trend thanks to high-profile incidents

Read More