Never Trust, Always Verify
Take a glance at the most discussed cybersecurity topics of the week.
Zero Trust approach to customer information cybersecurity
Entrepreneur on September 29, 2018
Never trust, always verify. This is a so-called Zero Trust approach to cybersecurity that helps organizations effectively shield themselves against malicious actors. It offers great benefits, which is confirmed by security pros.
To truly protect their customers’ data, organizations must not trust any activity that might take place either inside or outside of their networks. Instead, they should check all requests to access their networks and ensure it is secure. Not only does Zero Trust boost compliance but also it lowers the possibility of a breach and gives companies better control over the cloud environment.
California as the first state with an IoT cybersecurity law
The Verge on September 28, 2018
California Governor Jerry Brown has signed a cybersecurity law covering “smart” devices, making California the first state with an Internet of Things (IoT) law. It is not just about the IoT, but small connected devices will have to add critical features if they are sold in the state after January 1, 2020.
Any manufacturer of a device that connects to the internet must equip it with security features. This measure helps to prevent cyber risks including unauthorized access, changes, or information disclosure. If it can be accessed outside a local area network with a password, it needs to either come with a unique password for each device or force users to set their own password the first time they connect.
The law has been praised as a good first step by some and criticized by others for its vagueness.
How to improve your cybersecurity
Las Vegas Sun on September 28, 2018
Cybersecurity challenges inspired the PCI Security Standards Council to expand its efforts and create resources to educate small merchants. It is time to focus on priority areas that often leave businesses vulnerable to attacks.
Security experts recommend:
- Seek out resources to know the challenges and threats to payment systems, check out pcisecuritystandards.org/merchants.
- Remove main security issues (i.e., passwords, patching, and remote access), which cause the majority of data breaches.
The Security Standards Council is aware of the concerns about the shortage of cybersecurity experts, so it trains people all over the world. Getting educated and staying up to date on the latest threats and cyber trends is the best way to reduce risk. That is what the community meeting in Las Vegas is all about.