One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8440225 |
| Date de publication | 2024-01-18 11:00:00 (vue: 2024-01-18 11:07:54) |
| Titre | Quatre tendances de cybersécurité que vous devriez connaître pour 2024 Four cybersecurity trends you should know for 2024 |
| Texte | This is part three of a three-part series written by AT&T Cybersecurity evangelist Theresa Lanowitz. It’s intended to be future-looking, provocative, and encourage discussion. The author wants to assure you that no generative AI was used in any part of this blog. Part one: Unusual, thought-provoking predictions for cybersecurity in 2024 Part two: Cybersecurity operations in 2024: The SOC of the future While there are many big things to prepare for in 2024 (see first two posts), some important smaller things don’t get the same attention. Yet, these things are good to know and probably won’t come as a huge surprise. Because they, too, are evolving, it’s important not to take your eye off the ball. Compliance creates a new code of conduct and a new need for compliance logic. Compliance and governance are often overlooked when developing software because a different part of the business typically owns those responsibilities. That is all about to change. Cybersecurity policies (internal and external, including new regulations) need to move upstream in the software development lifecycle and need compliance logic built in to simplify the process. Software is designed to work globally; however, the world is becoming more segmented and parsed. Regulations are being created at country, regional, and municipal levels. To be realistic, the only way to handle compliance is via automation. To avoid the constant forking of software, compliance logic will need to be a part of modern applications. Compliance logic will allow software to function globally but adjust based on code sets that address geographic locations and corresponding regulations. In 2024, expect compliance logic to become a part of the larger conversation regarding compliance, governance, regulation, and policy. This will require cross-functional collaboration across IT, security, legal, line of business, finance, and other organizational stakeholders. MFA gets physical. Multi-factor authentication (MFA) is a way of life. The benefits far outweigh the slight inconvenience imposed. Think about why MFA is so critical. MFA helps with authorization and authentication for mission-critical and safety-critical work. It prevents unauthorized access to critical information. MFA is an easy-to-implement step for good cyber hygiene. Our current way of thinking about MFA is generally based on three things: something you know, a passcode; something you have, a device; and something you are, a fingerprint, your face, etc. Now, let’s take this a step further and look at how the something you are part of MFA can improve safety. Today, MFA routinely accepts fingerprints, facial recognition, or retina scans. That’s just the beginning. MFA can go a step further in helping with business outcomes; here’s how. Biometric and behavioral MFA can help with identifying the veracity of an individual as well as the fitness to perform a function. For example, a surgeon can access the hospital, restricted areas, and the operating room through MFA verifications. But, once in the operating room, how is it determined that the surgeon is fit to perform the surgical task? Behavioral MFA will soon be in play to ensure the surgeon is fit by adding another layer of something you are. Behavioral MFA will determine fitness for a task by identifying things such as entering a series of numbers on a keypad, handwriting on a tablet, or voice analysis. The goal is to compare current behavior with past behavior to ensur |
| Envoyé | Oui |
| Condensat | “i’m “your 2023 2024 2024: about accepts access accounts across act activity actor actors adding address adjust ahead alert all allow always ambassador analysis another any applications are areas aspect assure at&t attack attention authentication author authorization automation avoid aware bad ball based beat became because become becoming beef been before beginning behavior behavioral being benefits best big biometric bit blog branches briefs broad built business but can can’t cases cash change code codes cognitive collaboration collapse colleagues come common compare complexities compliance compromise compromised concern conduct constant continue continues contributor conversation corresponding counteract counterfeit country created creates creating credentials critical cross current cyber cybersecurity danger data dataset deep delight denominator designed despite detect determine determined developing development device; different difficult digital discussing: discussion don’t easily easy element email emotions encourage engineering engineers enough ensure enter entering etc evangelist events everything evolve evolving example exception exciting expanding expect external eye face facial factor family family/friend far finance fingerprint fingerprints first fit fitness forking four frenzy frequent friends from function functional further future gain garbage generally generation generative geographic get gets given glimpse globally globally; goal good governance hallucination handle handwriting happens hard has have help help” helping helps here’s hone hospital how however huge human hygiene identifying impact implement important imposed improve inaccurate include including inconvenience individual industry inexpensive information innovation integrated intelligence intended intentionally internal irony it’s just keypad kingdom know language lanowitz large larger layer learning legal legitimate let’s levels lexicon life lifecycle limitations line link locations logic long look looking lowest machine major make malicious many marketing matching materials may means media member mentioning messages mfa mission model models modern more most move moving multi municipal must need needs networks new next non not now numbers observations off often once one: only operating operations organizational other out outcomes; output outstanding outweigh overlooked owns papers parsed part passcode; past pattern payouts people perform phishing phrases physical places plane play policies policy posts predict predicting predictions prepare prevents prey probably process producing professionals protect provocative provoking public realistic reap recognition regarding regional regulation regulations released remiss repetitive require research researchers responsibilities restricted retina right ripe room routinely rushing safety same scams scanning scans scientists second security see segmented sending sense sensical series sets should simplify slight smaller smishing soc social software some something soon source spoof squishing stakeholders starting step stolen struggles such superb surgeon surgical surprise sweetheart tablet tactics take talk target task teams technology term text that’s theresa these things things: think thinking those thought threat three through time today too tool treasure treated trends trove two two: typically unauthorized understand understanding unfortunately unsuspecting unusual upstream urgency usage use used using veracity verifications vigilant voice voices want wants way ways weakest well what when why will without won’t work world would writing written year yet your |
| Tags | Tool Threat Prediction |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.