Trends in Cyber Security for 2024
The Cybersecurity landscape is constantly shifting, making it difficult to be sure what will be the most challenging top threats. However, based on current trends and expert predictions, I have tried to highlight the major categories of Cybersecurity Threats we’re likely to face in 2024:
I AM SPARTACUS
I AM SPARTACUS
Does your Identity Management System rely on User identifiable information to on-board? Many 2-Factor Authentication methods are self-provisioning, often relying on an email link or mobile number which can be found by social engineering and make Attacker re-instatement straightforward service from the Help Desk Assistant. Note that FIDO type devices have an open specification and if the validation of the Attestation Key is bypassed by User choice, Browser setting or a planted Browser Extension, a forged device succeeds. CASQUE does not need User identifiable information, has no self-provisioning and a CASQUE token cannot be cloned.
Pros & Cons of Identity as a Service
Although written from a self proselytising viewpoint there are worthwhile generic arguments here (click for link to pdf)
WordPress Threats
WordPress powers 43% of all the websites, using CASQUE MFA eliminates third party threats
Until now, two intractable problems persist to cause damage; the Insider threat and the risk caused by the lag between a breach occurring and its detection.
CASQUE is the only solution that addresses these two difficult problems. CASQUE is not exposed to the vulnerabilities inherent in current Authentication methods whose weaknesses provide convenient excuses for disaffected Insiders to deny their, or their collaborators, illegitimate access. CASQUE is the ultimate deterrent against Insider Attack, denying repudiation of access. The second major delivery is the immediate detection of a breach – the exposure time to detection currently averages 9 months and amplifies damage potential. CASQUE can detect clones immediately, allowing breaches to be instantly detected and recovered.
Existing WordPress sites can be easily updated to require CASQUE Multi-factor Authentication for Administrator access.
Quis custodiet ipsos custodes?
The recent Uber breach is distinguished by the shock of its ordinariness.
Most Privilege Account Management products control access to the credentials of Privileged Accounts by hiding them in a secure vault. Of course, its not a good idea to have the access to the vault controlled by Multi-factor Authentication methods that are themselves vulnerable as amplified in this short YouTube clip.
Self-provisioning MFA
Self-Provisioning-the gift that keeps giving
If your MFA rollout is based on self-provisioning, it may have intrinsic vulnerabilities.
According to Mandiant, Hackers exploited this to gain access to a Microsoft Azure Account, here is the link: https://www.mandiant.com/resources/blog/apt29-continues-targeting-microsoft.
The ease of “Passwordless” Authentication has been enthusiastically promulgated especially for Smartphone users which usually involves biometric self-enrolment, but using the Smartphone as the client and having the same Smartphone as the means for Authentication cannot really claim to be “Multi-factor”.
Showcase of the best UK Business
Recently featured in the Showcase of the best of British business.
This is the link to a recent interview with Basil Philipsz, CEO and founder of Distributed Management Systems.
Kalkine Interview
Kalkine Media is an Investor Relations Group and Media House that operates at a global level across different geographies, with the latest developments across equity markets, debt markets, currency markets and commodity markets. Distributed Management Systems CEO, Basil Philipsz, has been featured in their “Expert Interviews” series see https://youtu.be/oqkp0WJlYrM
Insider Threat
The Insider Threat is current and invidious as OKTA can recently testify.
The bigger the organisation the more likely to have a disaffected employee or subcontractor driven by the persistent human frailties of Ideology, Revenge, Greed.
You need to know who is trying to access your data crown jewels., but the current methods of Multi-factor Authentication are weak and so provide convenient excuses for disaffected Insiders to deny their or their collaborators illegitimate access.
CASQUE provides a powerful deterrent against such repudiation and because it does not rely on keeping fixed secrets, there is nothing useful for a hacker to discover or for a complicit Insider to disclose.- see YouTube clip.
No tiresome proprietary Card Readers required!
Naturally, you need a Visa or Mastercard for in person payments but on the same contactless card you can, with CASQUE, also have Strong Customer Authentication. No need for cumbersome, proprietary card readers but instead have higher security assurance and much less hassle- see this short YouTube clip