The following CIS Benchmarks have been updated or released for January 2022. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced to see all changes made.
With digital life-changing so rapidly, it’s time for a new way to protect it. Welcome to McAfee Forward—the future of online protection today.
As all that change reshapes how we spend our time online, we believe that one thing remains constant: meaningful protection is a personal right. Your right. That’s how we see it here at McAfee, and we want you to go forward and enjoy your digital life with confidence. Confident that you’re safe as you bank and shop online, sure. Yet also confident as you consult your doctor online, track your fitness routines, order a pizza with the sound of your voice, start your car with your smartphone, and simply do what’s next—the umpteen other innovations yet imagined, all thanks to the internet.
So what does the future of online protection look like? You. While different technologies may come and go, the one thing that won’t change is you. The person using them. That’s why our focus is on you, your privacy, identity, and overall security, no matter what device, app, or platform you’re doing or what you’re doing it on.
No doubt about it, life online will continue to change how we go about our day in lively and unexpected ways. You have a right to enjoy it all. And you can leave that to us. We thrive on what’s new and different—and then protecting it so you can get the most out of it.
That future of online protection is indeed here today. We’ve already rolled out major updates and industry firsts that look out for you online, particularly your privacy and identity. There’s much more to come in the weeks and months ahead. Because you have a right to a life that’s always safe and enjoyable online, whatever shape it takes in the days to come.
Here’s to living that life with confidence, and to what’s on the horizon. Through it all, we have your back.
The post Welcome McAfee Forward—the Future of Online Protection Today appeared first on McAfee Blogs.
Think carefully before rushing to scan the payment QR code stuck on the side of a parking meter – it may well be an attempt by fraudsters to phish your financial information.
Read more in my article on the Hot for Security blog.
Whether organizations call it digital transformation or just using technology to create opportunities for new, easier ways to work, one thing is certain.
Businesses increasingly need to find simpler ways to securely build and manage new kinds of connections that support an era of:
frustration-free hybrid work;
meaningful collaboration;
anywhere, anytime access to application data; and
superior user experiences.
This is exactly the drive behind the latest collaboration between the cybersecurity and networking experts at AT&T and Cisco. They teamed up to provide a global managed Secure Access Service Edge (SASE) offering that streamlines the way businesses deliver highly secure, anywhere, anytime access to any application. Named AT&T SASE with Cisco, the service converges network and security management into a single cloud-delivered, integrated service.
AT&T SASE with Cisco weaves together some of the most important threads necessary for supporting and protecting the branch offices, labs, manufacturing facilities, and remote workers that make up the tapestry of the modern, distributed workforce. The platform that powers the service integrates SD-WAN, secure remote access, and secure web gateway technology into a single set of consolidated levers and controls for IT and security. Each component offers up crucial functions to enable users to connect to resources while controlling cyber risk along the way:
Improves network visibility, performance and resilience
AT&T SD-WAN with Cisco is a cloud-delivered overlay WAN architecture that connects branches to headquarters, data centers, and multi-cloud environments. It makes it simpler to build, scale, and extend security and access policies across connections.
Grants prescriptive access to applications and data based on identity.
AT&T Secure Remote Access with Cisco is a comprehensive zero trust network access (ZTNA) solution that verifies user identity and device health before allowing connection to company resources. It provides granular access to specific applications, wherever they are hosted, to users at any location.
Restricts access to websites, cloud applications, and data sharing based on risk policies
AT&T Secure Web Gateway with Cisco provides integrated cloud-native security that unifies protection against web-based threats through firewall, domain name server (DNS) security, cloud access broker (CASB) and threat intelligence in a single platform.
The biggest value of the offering is the convergence of these components into a SASE framework. SASE is different because it provides a single lens for understanding opportunities to optimize network traffic while managing user access based on risk, no matter the location.
As my colleague from Cisco, Shaila Shankar explains, a SASE platform future-proofs organizations for digital transformation:
Today’s businesses are planning for a cloud-oriented organizational transformation by consolidating vendors and adopting integrated, cloud-first solutions. This consolidation is fully realized through a SASE platform. With SASE, businesses gain better control over every user and any application, over any network – without a degradation in performance or user experience.
AT&T SASE with Cisco takes those advantages to another level by layering in the skilled resources of AT&T’s networking and cybersecurity professionals into the solution. They help maximize the power of the SASE technology by providing expert SASE planning and deployment, policy design, and 24/7 network monitoring and help desk support. The AT&T SASE with Cisco solution is flexible, with managed and co-managed options available.
The unique combination of technology and know-how from AT&T and Cisco makes AT&T SASE with Cisco particularly suited to support some very important use cases for forward-looking organizations.
This solution is designed to help organizations struggling with inconsistent user experiences with the ability to manage security policies across users depending on the location or cloud service accessed. The optimized WAN architecture connects users to the internet and cloud applications across highest performing links while centralizing the view of health of all network circuits. Meantime, cloud delivered security follows users wherever and however they connect.
This service helps organizations with distributed branch offices keep up with rising bandwidth requirements by optimizing the network on a site-by-site basis, while at the same time tracking and protecting sensitive data across the network. The solution provides highly secure, direct connections to the web and SaaS applications whether users are working at the branch or from a coffee shop. Regardless of location, security policies are consistently applied across users without the performance problems of VPN connections.
This solution is a cornerstone for supporting broader zero-trust security strategies. It provides precise, identity-based permissions to validate the health of devices for every session. The unified security controls, including behavior checks and monitoring, consistently enforce security policy across users and devices. This provides the infrastructure and skilled support to roll out zero-trust security measures within and outside corporate boundaries.
Learn more about how AT&T SASE with Cisco can help your organization continue your transformative journey toward superior user experience and better protection.
It happens with more regularity than any of us like to see. There’s either a headline in your news feed or an email from a website or service you have an account with—there’s been a data breach. So what do you do when you find out that you and your information may have been caught up in a data breach? While it can feel like things are out of your hands, there are actually several things you can do to protect yourself.
Let’s start with a look at what kind of information may be at stake and why crooks value that information so much (it’s more reasons than you may think).
The fact is that plenty of our information is out there on the internet, simply because we go about so much of our day online, whether that involves shopping, banking, getting results from our doctors, or simply hopping online to play a game once in a while.
Naturally, that means the data in any given breach will vary from service to service and platform to platform involved. Certainly, a gaming service will certainly have different information about you than your insurance company. Yet broadly speaking, there’s a broad range of information about you stored in various places, which could include:
Username and password
E-mail address
Phone numbers and home address
Contact information of friends and family
Date of birth
Driver’s license number
Credit card and debit card numbers, bank account details
Purchase history and account behavior history
Patient information (in the case of healthcare breaches)
Social Security Number or Tax ID Number
As to what gets exposed and when you might find out about it, that can vary greatly as well. One industry research report found that 60% of breaches were discovered in just days from the initial attack while others could take months or even longer to detect. Needless to say, the timeline can get rather stretched before word reaches you, which is a good reason to change your passwords regularly should any of them get swept up in a breach. (An outdated password does a hacker no good—more on that in a bit.)
The answer is plenty. In all, personal information like that listed above has a dollar value to it. In a way, your data and information are a kind of currency because they’re tied to everything from your bank accounts, investments, insurance payments—even tax returns and personal identification like driver’s licenses.
With this information in hand, a crook can commit several types of identity crime—ranging from fraud to theft. In the case of fraud, that could include running up a bill on one of your credits cards or draining one of your bank accounts. In the case of theft, that could see crooks impersonate you so they can open new accounts or services in your name. Beyond that, they may attempt to claim your tax refund or potentially get ID issued in your name as well.
Another possibility is that a hacker will simply sell that information on the dark marketplace, perhaps in large clumps or as individual pieces of information that go for a few dollars each. However it gets sold, these dark-market practices allow other fraudsters and thieves to take advantage of your identity for financial or other gains.
Most breaches are financially motivated, with some researchers saying nearly 90% of breaches are about the money. However, we’ve also seen hackers simply dump stolen information out there for practically anyone to see. The motivations behind them vary, yet could involve anything from damaging the reputation of an organization to cases of revenge.
A list of big data breaches is a blog article of its own, yet here’s a quick list of some of the largest and most impactful breaches we’ve seen in recent years:
Facebook – 2019: Two datasets leaked the records of more than 530 million users, including phone numbers, account names, Facebook IDs, and more.
Marriott International (Starwood) – 2018. Leakage of 500,000 guest names, emails, actual mailing addresses, phone numbers, passport numbers, Starwood Preferred Guest account information, date of birth, and information about stays.
Equifax – 2017. Approximately 147 million records, including name, address, date of birth, driver’s license numbers, and Social Security Numbers were leaked, as well as credit card information for a further 200,000 victims.
Needless to say, it’s not just the big companies that get hit. Healthcare facilities have seen their data breached, along with the operations of popular restaurants. Small businesses find themselves in the crosshairs as well, with one report stating that 43% of data leaks target small businesses. Those may come by way of an attack on where those businesses store their records, a disgruntled employee, or by way of a compromised point-of-sale terminal in their store, office, or location.
In short, when it comes to data breaches, practically any business is a potential target because practically every business is online in some form or fashion. Even if it’s by way of a simple point-of-sale machine.
When a business, service, or organization falls victim to a breach, it doesn’t always mean that you’re automatically a victim too. Your information may not have been caught up in it. However, it’s best to act as if it was. With that, we strongly suggest you take these immediate steps.
Given the possibility that your password may be in the hands of a hacker, change it right away. Strong, unique passwords offer one of your best defenses against hackers. Update them regularly as well. As mentioned above, this can protect you in the event a breach occurs and you don’t find out about it until well after it’s happened. You can spare yourself the upkeep that involves a password manager that can keep on top of it all for you. If your account offers two-factor authentication as part of the login process, make use of it as it adds another layer of security that makes hacking tougher.
If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up immediately. That could indicate improper use. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud, along with customer support teams that can help you file a claim if needed.
If you haven’t done so already, consider signing up for a service that can monitor dozens of types of personal information and then alert you if any of them are possibly being misused. Identity protection such as ours gives you the added benefit of a professional recovery specialist who can assist with restoring your affairs in the wake of fraud or theft, plus up to $1 million in insurance coverage.
Our advice is to take a deep breath and get to work. By acting quickly, you can potentially minimize and even prevent any damage that’s done. With that, we have two articles that can help guide the way if you think you’re the victim of identity theft, each featuring a series of straightforward steps you can take to set matters right:
Top Signs of Identity Theft
How to Report Identity Theft to Social Security
Again, if you have any concerns. Take action. The first steps take only minutes. Even if the result is that you find out all’s well, you’ll have that assurance and you’ll have it rather quickly.
The post What to Do If You’re Caught Up in a Data Breach appeared first on McAfee Blogs.
The Jerusalem Post says that its website was defaced on Monday, and pointed the blame at pro-Iranian hackers who they said posted an illustration depicting a ballistic missile being launched at an exploding nuclear facility in Dimona.
Apple users rejoice! CIS Hardened Images for macOS Big Sur (11) and Catalina (10.15) are now available in Amazon Web Services (AWS) Marketplace. These CIS Hardened Images are the first independently-developed offering for macOS Amazon machine images (AMIs) in AWS Marketplace. CIS Hardened Images, pre-configured virtual machine images, provide an additional layer of security to […]
This blog was written by an independent guest blogger.
Technology in healthcare has the potential to make all the difference in terms of safety outcomes. Right now, modern tech is pushing the envelope of what is possible in the doctor’s office and the patient’s home, as telehealth and artificial intelligence transform the landscape of medical care.
But technology isn’t always safe. Experts predict that the healthcare industry will face two to three times more cyberattacks than other industries, making cybersecurity an essential aspect of modern medicine. As we watch ransomware and other malicious cyberattacks disrupt global trade, it’s easy to remember a world less vulnerable to digital threats.
However, technology ultimately is doing more good than bad in healthcare. Tech’s contributions toward safety have revolutionized care accessibility, reach, and potential. In turn, we can look forward to safer treatments and better patient outcomes.
These are some of the most promising contributions of tech in producing more excellent healthcare safety.
Telehealth has been a central aspect of modern care, bridging the needs of patients with safe solutions during the COVID-19 pandemic. Telehealth has proven to be immensely popular, with 65% of consumers now expecting to use it more even after the pandemic. This widespread utilization of telehealth would have been impossible without advancing technology.
Innovations from 5G networks to Internet of Things (IoT) devices are transforming how we connect and assemble data networks, in turn enabling new medical solutions. These innovations power information systems, a market expected to reach $39.7 billion in value by 2025. The value comes in through the power of these systems to collect, categorize, and assess information — all vital parts of any healthcare procedure.
Information systems and the experts that manage them both create and protect vast amounts of valuable healthcare data. With all this information stored and secured through cloud services, patients can be monitored and treated remotely.
For instance, the Michael J. Fox Foundation for Parkinson’s Research is developing web-based sensors on the Internet of Things that can track and report patient movement data and measure severity. This will allow medical professionals to gain a better understanding of their patient’s condition and how to treat it.
By connecting people with care wherever they are, tech is contributing to a safer world. Telehealth means patients don’t have to risk exposure to COVID-19 as often. Information systems are connecting patients and providers with data. And connected devices are improving medical understanding.
The more data care providers have, the better equipped they are to give patients accessible solutions designed to meet their personal needs.
When it comes to improving safety, few technological innovations have contributed more than artificial intelligence. This category of computing now allows for all kinds of incredible processes, from machine learning to predictive analytics. AI has enhanced the medical field, given surgeons a useful tool, and revolutionized diagnostic potential.
The power of AI comes in its ability to assist us in our most grueling tasks. For instance, AI has given surgeons robotic assistants like the Da Vinci Surgical System. This robot gives the surgeon magnified vision and built-in tremor filtration that makes any surgery a more risk-free process. With these features, Da Vinci has already enhanced the safety of more than seven million procedures.
AI also excels in diagnosing conditions. CureMetrix in San Diego, for example, has developed a system that assists radiologists in analyzing mammograms. Their tech uses machine learning algorithms paired with computer vision to compare imagery. From its database of examples, the system can then detect breast cancer up to six years earlier than a human professional with as much as a 70% reduction in false positives.
With such promising safety features built into the technological revolution, the health and well-being of humanity can only improve. This might make our bodies safer, but what about our data?
Fortunately, tech has answers for that, too.
Technology has given the healthcare industry a plethora of safety improvements. The benefits are clear from more equitable, accessible care to electronic medical records like those that helped scientists track and combat the coronavirus. At the same time, however, connected databases of valuable medical data represent a big risk.
This is where AI comes in. Through machine learning functions, AI cybersecurity systems are capable of comparing calls on operating systems to search for anomalies. If a problematic instance is found, the system can classify and flag the call, allowing system administrators to lock out the offender.
Fortunately, the advancement of AI has only improved these functions. Machine learning means systems can analyze vast amounts of data sets, evaluate examples of malicious attacks, and adapt to fight them. In turn, the security of medical data is enhanced.
Additionally, blockchain technology is emerging as a powerful contender in the battle for cybersecurity. These decentralized data systems lock information behind linked cryptographic hash functions. This means that for a hacker to break in, they have to use serious computing power. For storing and recording medical data safely, blockchain just might be the future.
These are just a tiny fraction of the contributions technology has made in healthcare. In the future, cloud data systems, AI diagnostics, and blockchain will all play a larger role in promoting public safety. Accessibility and quality of care will improve as a result.
For now, the role of tech in healthcare cybersecurity is one to watch. Machine learning and blockchain will battle it out for the position of the biggest contributor to healthcare safety. Whichever wins, humanity is the better for it.
Part 2 of a 2-part series By: Kathleen M. Moriarty, CIS Chief Technology Officer and active participant in the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross Sector Enduring Security Framework (ESF) Working Group “Security Guidance for 5G Cloud Infrastructures” is a series of four documents intended to help secure cloud environments. It’s been created as […]
The internet is meant for all to enjoy. And that’s who we’re looking out for—you and everyone who wants to enjoy life online.
We believe it’s important that someone has your back like that, particularly where some of today’s hacks and attacks can leave people feeling a little uneasy from time to time. You’ve probably seen stories about data breaches at big companies pop up in your news feed. Or perhaps you or someone you know had their debit or credit card number hacked. Problems like these are out there, unfortunate thorns in the side of the internet we’ve come to love. Yet while these issues persist, there’s plenty you can do to avoid them.
That’s where we have your back—doing all we can to make life online enjoyable for everyone, with protection that helps people finally feel safe and stay that way.
The reality is that nobody wants to deal with hackers, malware, and other attacks crop up on the internet. And while it’s important to be aware of those things, we’d rather that you didn’t have to worry about them. Protection should come easy. Whether it’s keeping your banking, shopping, and streaming secure, along with your privacy and personal info too, protection should feel simple and tailored to you. That’s what we strive for.
So as you think about protecting your life online, take a moment to consider what you’re protecting. As you do, you’ll see that it means far more than protecting your computers, phones, and other devices. Ultimately, it’s about protecting you, and all the important things connected to you. You can think of it in three ways …
What’s among the top things people say they want to protect? Their photos. Not far behind photos are all manner of digital treasures that people like to keep close, which ranges anywhere from music they’ve downloaded to old voicemails of their children, nieces, and nephews that they’ve saved over the years. Without a doubt, we have plenty of things stored on our computers and phones that we simply couldn’t do without.
Protecting these things means protecting the devices you use to store and access them. Installing comprehensive online protection software like ours is the first step. In addition to award-winning antivirus software and firewall protection to help keep hackers at bay (and away from your photos and other precious files), it goes a step further.
Our new Online Protection Score shows you just how safe you are and guides you through simple steps that can seal up gaps and improve your protection overall. In all, it’s a personalized and simple way to make sure you’re protected as possible and continually make improvements as they’re needed. It’s a way of getting expert protection without being an expert.
There’s also the “Important Stuff” in life, like our financial records, tax returns, and all the banking that we do on our phones and computers. And let’s throw shopping into mix because shopping’s important too! You can protect the important things like this, which can help hackers out of your business.
For starters, you can protect your important files three ways with our online protection by using a combination of the McAfee® File Lock and Shredder features to manage your privacy:
McAfee File Lock allows you to create password-protected encrypted drives on your PC that only appear when you’ve unlocked them, perfect for storing sensitive files like tax returns and financial documents.
And when you’re looking to dispose of sensitive files, McAfee Shredder securely deletes files so that would-be thieves can’t put the pieces back together.
You can lock down your privacy even further with a VPN that can shield you automatically from snooping attacks online, whether at home or when using public Wi-Fi. It creates an encrypted connection that works like a private tunnel that hides your IP address and the things you’re doing online from cybercrooks. It’s ideal for keeping your sensitive personal information like your financial data, passwords, and browsing history hidden from both hackers and websites.
And here’s another big help. A password manager. You likely have dozens of passwords, plus a few more that you’ve probably forgotten about. You can protect your passwords and the accounts associated with them with a password manager that creates and securely stores a strong, unique password for each of your accounts. Plus, you can use it to update those passwords on the regular. Few things make it tougher for hackers than strong, unique passwords that get changed often. In a time of data breaches and account theft, a password manager is a great call.
While it’s important to focus on protecting things like laptops, phones, photos, files, and data, you’re ultimately protecting something far greater You. Your privacy, your personal information, your accounts, all the things that taken together make you—you. The thing is that our lives are more fluid and mobile than ever before. One moment we’re banking on our laptop, the next we’re splitting the cost of dinner with a payment on our phone. The constant here is you. You’re at the center of all this activity regardless of the device you’re using. The same goes for your family and the people you care about.
That’s why we protect people, not just their devices.
McAfee Identity Protection Service monitors the dark web for your personal info such as emails and associated passwords, up to 60 different types of critical info. If we detect that your data was stolen, you’ll get immediate alerts on the devices of your choice and guidance on how to secure your info quickly and effectively. In all, you can keep tabs on your identity any time you’re connected to the internet, and if an issue crops up you can click, solve, and carry on.
Extended identity protection offers up the extra comfort of knowing that you have licensed recovery pros on the case if identity theft does happen to you. This includes monitoring and restoration services, along with identity theft insurance for lawyer fees, travel expenses, lost wages, and more.
While that’s just a few of the ways McAfee has your back, we hope it gives you a good sense of what online protection should do—how it should protect you and all the things connected to you. And on today’s internet, that’s quite a bit. There’s so much to experience online today, and we believe you should enjoy all of it, freely and with the confidence that comes from knowing you’re safe.
The post The Internet is for Everyone to Enjoy—We’re Helping See to It appeared first on McAfee Blogs.
