Wednesday, December 30, 2020

Crypto(graphy) will Change - Drastically, I dont know...

With the SolarWinds Cyber event, Quantum Computing, & advances in Artificial Intelligence (AI) all in mind, cryptography will evolve in the 2020's.  To what degree, I don't know.

Geopolitical events & circumstances, IMHO, will be a key factor.

As events unfold, the international community will have to determine, with the private sector contributing, where we go from here.

Wednesday, December 23, 2020

You need a Cyber strategy

 https://devops.com/the-best-iam-practices-for-devops/

Most orgs fail to have an internal IAM policy, a partner IAM strategy (B2B), as well as a customer (B2C) strategy.  Due to that, the orgs is all over the place.

Furthermore, the article discusses unstructured data (cloud storage) that is often an issue for orgs as the lack of a strategy leads to a lack of data governance (classification, access controls, etc).  

SolarWinds breach will drive enhanced transparency & tracking mechanisms

https://threatpost.com/cloud-king-software-security-trends-2021/162442/

This article touches upon the need to have better tracking mechanisms between product teams, divisions, lines of business, & supply chains.  Couple this need with the Cybersecurity Maturity Model Certification (CMMC), & a dip in the US economy, & executives will want better tracking mechanisms to identify return on investment (ROI).

We're working on an AppSec/DevSecOps answer to this equation. 

https://www.csoonline.com/article/3535797/the-cybersecurity-maturity-model-certification-explained-what-defense-contractors-need-to-know.html