Enterprise security isn’t allowed time off. It doesn’t shut down at 6pm and go home. It has to stay active and ready every moment of every day, writes MATTHEW KIBBY, Regional Director at VMware Sub-Saharan Africa.
Security has evolved into an almost living entity which has to adapt to new circumstances and challenges on an ongoing basis. It is also one of the least understood and often most ignored part of the business with many employees finding the rules and regulations tedious and annoying, things to be dodged and avoided rather than understood and adhered to. These attitudes to security have to change, especially as the threats continue to loom large on the enterprise horizon.
Organisations are, quite simply, becoming more and more vulnerable. Expansion into digital territory, commonplace cloud solutions and employees traversing globe and country with digital devices – all these factors impact security and its validity. So does the fact that most of the technology and mechanisms used by cyber-criminals are becoming increasingly sophisticated and most IT decision makers (ITDMs) don’t think they can keep up. In fact, most are concerned that the threats are moving faster than the defences.
Recent research undertaken by VMware and World Wide Worx with local IT Decision Makers, found that 30% of IT leadership anticipates a major attack on their firm within the next 90 days, a more worrying 16% expect one in the next few days. These statistics are compounded by the fact that 49% of South African IT decision makers (ITDMs) believe their organisation is vulnerable to a cyber-attack.
It’s not surprising to see why – for the research also showed that 8% of organisations won’t detect a cyber-attack unless 24 hours have gone by, 2% won’t realise one has happened at all, and 23% will take around an hour. In just that short period of time, information is gone and systems are compromised. And reputations may lie in expensive tatters.
The challenges around security are not only driven by digital business complexities and a growing mobile workforce – there is a dearth of robust security protocols which are known and adhered to by everyone. There needs to be more awareness around what security solutions are in place and what needs to be done across the organisation in an event of a breach. The survey found that 43% of South African enterprises had a plan in place, but that only part of the company was aware of it. Only 40% said the entire business knew of the plan and a nervous 10% either didn’t have a plan or didn’t know one existed.
While the 40% may well be ready and waiting for the daring cybercriminal to launch an attack, the rest are not. This is compounded by further research which revealed that one-fifth of employees are willing to breach security and those who are untrained or careless are the biggest threat. It is time for the business to drive compliance across the organisation and to ensure that the rules and regulations around security are clear, concise and accessible.
It is essential that the business develops strategic initiatives to combat threats to security, both internally and externally, and shows employees why these are of value. Take that dusty tome out of the drawer, get it up to date and get everyone on board. Even that guy in the C-Suite who thinks the rules don’t apply to him. They do.
Password managers don’t protect you from hackers
Using a password manager to protect yourself online? Research reveals serious weaknesses…
Top password manager products have fundamental flaws that expose the data they are designed to protect, rendering them no more secure than saving passwords in a text file, according to a new study by researchers at Independent Security Evaluators (ISE).
“100 percent of the products that ISE analyzed failed to provide the security to safeguard a user’s passwords as advertised,” says ISE CEO Stephen Bono. “Although password managers provide some utility for storing login/passwords and limit password reuse, these applications are a vulnerable target for the mass collection of this data through malicious hacking campaigns.”
In the new report titled “Under the Hood of Secrets Management,” ISE researchers revealed serious weaknesses with top password managers: 1Password, Dashlane, KeePass and LastPass. ISE examined the underlying functionality of these products on Windows 10 to understand how users’ secrets are stored even when the password manager is locked. More than 60 million individuals 93,000 businesses worldwide rely on password managers. Click here for a copy of the report.
Password managers are marketed as a solution to eliminate the security risks of storing passwords or secrets for applications and browsers in plain text documents. Having previously examined these and other password managers, ISE researchers expected an improved level of security standards preventing malicious credential extraction. Instead ISE found just the opposite.
Click here to read the findings from the report.
MWC: Next generation of inflight connectivity to be unveiled
Next week at Mobile World Congress, the Seamless Air Alliance will reveal progress on its mission towards enabling the next generation of inflight connectivity. This follows a significant start for the Alliance, which has seen membership increase five-fold since the first meeting in June of last year. The Alliance has a new research laboratory setup and continues progress through its three working groups, writing specifications for the technology, requirements, and operations.
These developments represent a huge leap towards the goal of making connectivity as easy and enjoyable in the skies as it is on the ground. Appearing as part of the Airbus stand (Hall 6, stand 6G34), the Seamless Air Alliance will reveal specification topics that have been completed and published to its membership.
“The passenger experience with inflight connectivity remains one of the great technology challenges. From Day One we have been determined to deliver on our mission to bring industries and technologies together to make the inflight internet experience simple to access and a delight to use,” said the Alliance’s Chief Executive Officer, Jack Mandala.
“I have been tremendously encouraged by the enthusiastic and committed response we have seen and the widening areas of expertise we can call upon as more and more companies and organisations continue to join us,” he added.
Announced during MWC 2018, the Seamless Air Alliance has since grown to twenty-three membercompanies with more than one-hundred key personnel from across the membership participating in its three working groups, with numbers continuing to increase.
The Seamless Air Alliance was created by founding members Airbus, Airtel, Delta Air Lines, OneWeb and Sprint, and quickly joined by Air France KLM, Aeromexico, and GOL Linhas Aereas Inteligentes and global technology leaders including Astronics, Collins Aerospace, Comtech, Cyient, iDirect, Inmarsat, Intelsat, Latecoere, Nokia, and Panasonic.
Today, the Alliance is pleased to announce five additional new members: Adaptive Channel, Etihad Airways, GlobalReach Technology, Safran, and SITAONAIR.
“We are extremely pleased to have these companies join and be a part of the companies driving the next generation of connectivity.” said Mr Mandala.
The Seamless Air Alliance will enable travelers boarding any flight, on any airline, anywhere in the world, to use their own devices to automatically connect to the Internet with no complicated login process nor paywall to scramble over.
The Alliance is also announcing the release of a new research study on the economic benefit of standardization on the inflight connectivity market at Mobile World Congress. This report is available for download at https://www.seamlessalliance.com/publications/
The Alliance is moving rapidly towards an expected demonstration of the technology later in 2019 and anticipates massive interest in Barcelona from the whole communications eco-system.