Digital security certificate company DigiCert has announced the launch of DigiCert Trust Lifecycle Manager – a new solution designed to unify certificate authority-agnostic certificate management and public key infrastructure (PKI) services. Available now as part of the DigiCert ONE platform, Trust Lifecycle Manager aims to set a new standard for managing trust within an organization’s digital footprint and reduce their attack surface to help prevent data breaches, the firm said.

Solution built to address three key security certificate management challenges

In a press release, DigiCert stated that Trust Lifecycle Manager tightly integrates with its “best-in-class” public trust issuance for a full-stack solution governing seamless management of corporate digital trust infrastructure. Brian Trzupek, SVP of product at DigiCert, tells CSO that the solution has been built to address three key digital security certificate management challenges posing risks to organizations amid expanding networks. “These are year-on-year certificate growth, frequent rogue certificate encounters, and disparate certificate oversight across business departments,” he says.

To read this article in full, please click here

Read More

European data regulators issued a record €2.92 billion in fines last year, a 168% increase from 2021. That’s according to the latest GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year’s biggest fine of €405 million was imposed by the Irish Data Protection Commissioner (DPC) against Meta Platforms Ireland Limited relating to Instagram for alleged failures to protect children’s personal data. The Irish DPC also fined Meta €265 million for failing to comply with the GDPR obligation for Data Protection by Design and Default. Both fines are currently under appeal.

To read this article in full, please click here

Read More

The 2023 National Defense Authorization Act (NDAA) passed by Congress and signed by President Biden in late December 2022 was filled with a host of military-related cybersecurity provisions. One little-noticed provision in the bill called for a study of cybersecurity and national security threats posed by foreign-manufactured cranes at United States ports.

Under this provision, the Maritime Administrator, working with Homeland Security, the Pentagon, and the Cybersecurity and Infrastructure Security Agency (CISA), is required to conduct a study to assess whether foreign manufactured cranes at United States ports pose cybersecurity or national security threats. It must be completed by late December 2023 and submitted to the Senate Commerce and Armed Services committees and House Transportation and Armed Services committees.

To read this article in full, please click here

Read More

No details, though:

According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019. In virtue of being a dark web site—­that is, one hosted on the Tor anonymity network—­it should have been difficult for the site owner’s or a third party to determine the real IP address of any of the site’s visitors.

Yet, that’s exactly what the FBI did. It found Al-Azhari allegedly visited the site from an IP address associated with Al-Azhari’s grandmother’s house in Riverside, California. The FBI also found what specific pages Al-Azhari visited, including a section on donating Bitcoin; another focused on military operations conducted by ISIS fighters in Iraq, Syria, and Nigeria; and another page that provided links to material from ISIS’s media arm. Without the FBI deploying some form of surveillance technique, or Al-Azhari using another method to visit the site which exposed their IP address, this should not have been possible.

There are lots of ways to de-anonymize Tor users. Someone at the NSA gave a presentation on this ten years ago. (I wrote about it for the Guardian in 2013, an essay that reads so dated in light of what we’ve learned since then.) It’s unlikely that the FBI uses the same sorts of broad surveillance techniques that the NSA does, but it’s certainly possible that the NSA did the surveillance and passed the information to the FBI.

Read More

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Most of the time, the advantages of technology overshadow the recognition of challenges. IT/OT convergence has given a boost to the industry, there are many cybersecurity considerations. Due to a lack of legislation, best practices are filling the void. This article will give an overview of industrial cybersecurity best practices.

According to a survey presented by Veracode in 2022, more than 75% of all software applications have security flaws that can serve as a gateway to larger environments. With the spread of industrial IT (Information Technology) / OT (Operational Technology) integration, it means that almost every infrastructure is in possible danger of cyberattacks. 

The two sides of the IT/OT convergence coin

Industrial IT/OT convergence has been accelerated by the advantages it offers to the sector. These advantages have made production faster, cheaper, and more automated. The convergence has been advancing at such a pace that the flipside of its use has never been given serious thought until recently. With the obvious advantages, challenges have surfaced as well. The need for a comprehensive solution has already appeared in recent years, but until this day, best practices are routine.

Best practices for IT/OT converged environment

During the years of broad-scale IT/OT implementation, operational and cybersecurity experience has been gathered. This serves as the basis for industrial best practices and their practical implementation, which ranges from recommendations to practical steps.

Regulations. Industrial regulations and legislation should set standards. Though there are some governmental initiatives – like Executive Order 14028 – for building an overall framework, the bottom-to-top need has already surfaced.

CIS Controls (Critical Security Controls) Version 8 is one of those comprehensive cybersecurity bottom-to-top frameworks that are the most often referred to by legal, regulatory, and policy bodies. CIS has been developed by the global IT community to set up practical cybersecurity measures. Each version is an evolution of the previous, so it is constantly evolving as practice, and technological advancement require it.

Zero Trust. In every critical infrastructure, the basic approach should be the “zero trust principle.” According to this notion, entering data, and exiting data, users, and context should be treated with the highest distrust.

Risk-based approach. It is a strategy that assesses hardware and software status to prevent cybersecurity risks and mitigate possible consequences of a breach. The process has several compliance points. These include device version and patching date checkup, finding security and safety issues, and revealing the exploitation history of applied devices.

The strategy is only effective if it is completed with constant threat monitoring. In this case, operators are aware of system vulnerabilities if there is no or a delayed system update.

Passive scanning. It is the “listen, but don’t touch” method. Scanners watch the data traffic of the entire system from its perimeters. These are usually installed at routers that collect information at strategic listening points without interacting directly with the system. Because of this lack of direct intervention, passive scanning is usually used for monitoring sensitive environments.

The upside of passive scanning is that it understands the entering and exiting dataflows, monitors the entire system and the operating software, and can find parts of the network. The downside is that the collectible information is limited, so there is little or no complete picture of the vulnerability status of the environment.

Active scanning. Scanners constantly monitor, evaluate, and assess the weak points of the environment. They can simulate attacks on the network to uncover hidden security gaps. Some active scanners are even able to resolve some discovered security issues.

On the flip side, these scanners only focus on certain points of the system and particular situations. They can easily overwhelm the monitored nodes, so it can affect the speed, performance, and uptime of the given part of the system.

Conclusion

The takeaway message is that best practice solutions are not replacements for each other. They complement one another in an ideal industrial environment to fence off different attack vectors. Though each has its advantages and disadvantages, used as complementing solutions, their strengths can be combined while weaknesses alleviated. This way the possible maximum protection can be achieved.

Read More

Mobilization, migration and infrastructure issues hit fraudsters hard

Read More

Financial penalties top $3bn but incident volumes fall

Read More

US networks are most sought-after by cyber-criminals

Read More