The life of a security architect is rarely simple. Assessing, defending and improving corporate networks requires thorough knowledge of industry best practices designed to secure critical data, combined with real-world understanding of hacker tricks and tactics meant to undermine this purpose.
As noted by the InfoSec Institute, this is an in-demand job that often comes with high expectations, odd hours and the need for constant professional evolution to stay ahead of cybercriminal threats. Complicating matters is the breakneck pace of technological advancement. The rapid rise of cloud deployments, mobile applications and IoT devices can make even best-laid security strategies seem like flies in amber — hopelessly out-of-date and effectively immobile.
Here’s a look at what’s really bugging security architects — and how they can break the mold of static security to combat emerging threats.
PreEmptive had the opportunity to send a couple of representatives to Google IO this year. IO 2019 didn't tell us what dessert starts with a Q, but it did showcase some great tools and frameworks as well as provide insight into the direction of Android:
For the third year in a row, Microsoft’s Build conference set up shop in the Washington State Convention Center, giving technology professionals a glimpse into what lies ahead for the Redmond giant.
Previous years highlighted key advancements such as Microsoft 365, the Azure Cosmos DB and Xamarin — in 2019, the company went all-in with announcements for a new Visual Studio, .NET evolution and the emergence of true Linux on Windows OS.
Here’s a look at the best of Build 2019.
There’s an app for that.
Apple’s (now trademarked) slogan is perhaps more telling than the company intended: Organizations rise and fall on the strength of applications — well-integrated, full-featured apps can help drive market success, while offerings more limited in scope and functionality may prove disastrous.
The sheer volume of both external and internal applications has also created a new challenge for companies: Risk management. Cybercriminals are both creating custom code and leveraging tools available on the Dark Web to compromise applications, steal corporate data and wreak network havoc.
GDPR fines were inevitable. Despite years of lead-up and months of warning before the legislation came into effect last May, many companies simply weren’t prepared for the complex (and evolving) nature of EU privacy expectations.
Now search giant Google is in the compliance law’s cross hairs: As noted by Bloomberg, Google has been assessed a $57 million fine because it “fails to adequately explain how it collects data to offer personalized advertising.” For some experts, the fine is a warning of things to come — companies must improve their data handling or face the consequences. For others, the penalties are a step too far with a purpose too vague.
The hard truth? No matter where opinions fall, GDPR fines are now out in full force — and your application could be next.
Hackers are winning. As noted by Information Age, data breach reports are up 75 percent over the last two years — while part of this increase is tied to emerging legislation and disclosure requirements, a quick look at tech headlines makes it clear that attackers are coming out ahead in the fight to keep corporate networks, applications and data secure.
But it’s not all bad news. Armed with knowledge of the current breach landscape — along with actionable insight to protect critical assets — organizations can start to even the score and put hackers on the defensive. Here’s what you need to know.
Time is of the essence for application security — the sooner IT teams can detect potential attacks and the longer it takes cybercriminals to crack app code, the better your business outcomes.
But with hackers adapting to overcome infosec efforts and new software vulnerabilities constantly emerging, how do companies gain more time — and give hackers less time — across their application stack?
It all starts with a change in direction: Security needs to shift left.
Hotel chain Marriott International isn’t having a good week: As reported by The New York Times, the company announced that its reservation database for Starwood-branded properties had been hacked. The numbers aren’t great, with initial data suggesting that 500 million guest records have been compromised across records dating back to 2014.
The result? This is a bigger breach than the recent Equifax debacle, catapulting it to spot on the “biggest breaches of all-time list” behind Yahoo’s three billion compromised accounts in 2017. It’s a sobering reminder that even large organizations with substantial security resources still face the specter of data breaches, but also raises an important question: What (if anything) can companies do to limit their risk of becoming the next hacked-network newsmaker?