To succeed at digital transformation, make application security a priority

first_img 2SHARESShareShareSharePrintMailGooglePinterestDiggRedditStumbleuponDeliciousBufferTumblr,Greg Crandell Greg Crandell provides strategy, market planning, business development, and management consulting to financial technology firms and their clients – Credit Unions and Banks. For more years than he wishes to admit, … Web: queryconsultinggroup.com Details WFH initiatives heighten security concernsAs discussed in the article “Is Digital Transformation a Victim of Covid-19” the “Covid-19 pandemic is putting growing pressure on organizations to expand their digital transformation efforts to include work from home (“WFH”) processes to allow for continued operations in a “social distancing” environment.”As well, “WFH means many more endpoints and many more inadequately secured network access points (“endpoints”). With the use of video conferencing tools like Zoom, Microsoft Teams, and Google Meet growing, and with the use of less secure network connections growing,  there are security implications that CISOs are rushing to address — especially for these remote employees; because an increase in collaboration application usage, and remote access, means a larger attack surface for threat actors to target.”Digital transformation demands better endpoint securityHowever, it’s not just the security response to COVID-19’s impact on daily business with which we should concern ourselves. Credit unions’ digital transformation efforts (designed to tap the power of mobile, internet of things (IoT) and other edge technology to improve business results) are also rapidly expanding the threat vector within which security people must contend. And if we don’t successfully address the security issues generated by digital expansion, our efforts to transform will suffer, maybe implode.The endpoint revolutionDigital transformation is driven, in part, by the dramatic increase in computing power built into endpoint devices such as tablets, smartphones, laptops, IoT sensors, operational technology (e.g. transformers) and other endpoints. To optimize digital initiatives, we are pushing computing outward from centralized or cloud-based servers to these endpoints, to leverage their growing capability and to empower our end users. It’s true that many critical enterprise assets and resources remain behind your credit union’s network firewalls; but access to these resources is needed for endpoint applications and devices to deliver on their promise to end users – employees, members and more.More endpoints, more risks, more lossesAs described by John Aisien, CEO of Blue Cedar, “the growing number of devices and applications presents significant security challenges. Cybercriminals understand well the growing number and power of endpoint devices, and their vulnerabilities. Attackers are exploiting weaknesses in devices, apps, networks, back-end servers and other assets, even gaining access to corporate IT resources or bringing down systems and halting business.” Malware, hacks and data or infrastructure breaches are derailing digital initiatives, violating customer and user privacy, exposing enterprise assets and undermining brand trust.Mr. Aisien tells us “to mitigate these risks, enterprises are fighting back by implementing access controls, user authentication, device status monitoring, data protection and other security measures but, in the face of these actions and investments in security solutions and services, malicious malware attacks continue to grow and continue to do significant damage.” And financial services organizations lead the way in the size and severity of attacks directed at them, with more to come. If all the work being done and dollars being spent isn’t successfully securing our endpoints and protecting our investments in our digital transformation initiatives, what are we to do?To secure the endpoint, one must secure the application running on it“The true security perimeter is actually enforced by each application running on an endpoint,” according to TJ Tajalli, CEO at OnSystem Logic. And it is within “each application’s memory, including those applications implementing the various functions of all modern operating systems of today, where data is manipulated as directed by the application’s instructions inside its memory.”     The credit union technology leaders I’ve spoken with would agree when Mr. Tajalli says “today’s endpoint security defenses have been built around observation and potential enforcement of visible operations OUTSIDE of the applications. This is true regardless of the technology being used by state-of-the-art endpoint security products. However, ALL attacks, including ransomware, data theft, data modifications, endpoint software and data destruction, etc., run inside known applications or benign looking applications without being noticed by current endpoint security products — until it is too late.”  All of this leads to the conclusion that “despite billions of dollars spent on endpoint security the endpoints are truly not safer than before.”App-centric security is the forward step we must takeGiven the growth of both managed and unmanaged endpoints, including bring-your-own-device (“BYOD”) scenarios, credit unions must look beyond current endpoint security solutions.  Not only are these solutions failing to provide the “certainty” needed by our organizations as we work to digitally transform them, but these solutions too often impact negatively the end user experience we fight so hard to improve.Unfortunately for all of us, it appears current endpoint security products have largely given up on trying to stop the execution of unwanted code and have instead moved toward POTENTIALLY detecting and responding, but only after the damage has been done. None of us should accept this as the best that we can buy or the best that we can deploy.How to deploy app-centric securityI have come to understand that in most applications, there are operations that have a security impact on the application. One such operation that impacts all applications is the ability to change its data into executable code. Most applications don’t use this operation; however, it is the most destructive and effective method attackers use to take full control of applications. Controlling self-modification is the first and most important universal problem that must be solved. Another example of an important universal operation to control is the ability of the application to create and/or manipulate other processes. In addition to the universally important operations to control, selecting other operations to control is based on the functionality of an application. For example, a database server’s critical operations include directly manipulating backend data files, its privilege implementation mechanism, etc. In practice, important security operations are seldom used within an application. Learning which part of an application uses those operations during its normal operation is what is required. So, this is doable. In fact, it’s being done. There are firms pursuing and delivering solutions to this problem. They need our attention. And if we are going to succeed at digital transformation, we need their solutions. If you agree and have ideas to share or questions to ask, feel free to ask me.last_img read more

See More

Martin O’Neill won’t allow Republic of Ireland to sit on away-goals advantage

first_img Asked about his pride should his team complete the job, O’Neill said: “My pride in the side has been there from the start. I think the players have wanted to play. “There was a feeling beforehand that some players just weren’t that bothered about playing for their country – I haven’t witnessed it and I haven’t experienced it in the two years that I’ve been here. “Obviously, it would be terrific if we could do it, but I have to be very, very mindful of the fact that we are a long way away from doing that. “We have to put things into perspective: Bosnia are capable of scoring, they could wipe that advantage, that away goal that we have within minutes of the game, and then suddenly they are on the front foot. “If we think that we can keep them out for 90 minutes and camp ourselves just outside our own penalty area, that would be a recipe for disaster. “We have to consider being really on the front foot, genuinely, and going and trying to win this game, and that’s it. “If you’d thought that we’d have to win in the Aviva for the final time, you probably would have taken that.” O’Neill will go into the game with Jonathan Walters available after suspension. John O’Shea, who was also banned for the first leg, and Shane Long trained in Abbotstown on Sunday morning as they continue their respective recoveries from hamstring and foot injuries. Martin O’Neill has warned the Republic of Ireland that relying on their away goal against Bosnia-Herzegovina to secure a ticket to the Euro 2016 finals would be “a recipe for disaster”. Press Association For the likes of 34-year-old O’Shea and skipper Robbie Keane, who is a year older, it could prove to be their final appearance in an Ireland shirt if they do not make the finals, but there will be no room for sentiment in the manager’s team selection. O’Neill said: “That’s called tough luck, just tough luck. I’m not going to put players in because it might be their last international game. “I’ll put them in hopefully on merit and hopefully the experience that they have garnered over the last 10 or 12 or 15 years could stand us in a bit of decent stead. That would be the reason. “I think the motivation is there. If we are beaten here, it won’t be through lack of trying. We might lack a few things in our side, but a bit of strength of character I think is there.” Long, who has not played any football since limping off in Poland on October 11, could prove vital with Daryl Murphy, who started in Zenica, sitting out training on Sunday with a calf injury, although O’Neill confirmed that was purely precautionary. However, the Ireland boss will have to come up with a team which strikes the right balance between potency in attack and solidity at the back with right-winger Edin Visca a particular focus following his eye-catching display at the Bilino Polje Stadium. He said: “They raid down the right-hand side because they’ve got a very, very fine right winger. What they want to do is try to get it out to the little lad, who is exceptionally talented. “I think he could cause problems to anybody.” The Republic returned from Zenica on Friday night with a 1-1 draw having come within three minutes of a victory which might have made their task in the second leg at the Aviva Stadium on Monday slightly more straightforward. They nevertheless enjoy a marginal advantage having scored in Bosnia, although their 63-year-old manager has insisted they cannot afford to play for the 0-0 draw which would guarantee a trip to France along with England, Northern Ireland and Wales next summer. last_img read more

See More