David Strom
Latest from David Strom
New Microsoft identity and security products announced at its Build conference
Microsoft today added a collection of new security products to its Azure cloud services, bringing it at feature parity with a number of security providers in the identity and access management market, and providing a new series of secure Azure virtual machine instances. The collection, announced at the company’s Build conference for developers in Seattle ...
‘Infostealer’ malware evolves to become even more lethal
The class of malware called infostealers continues to evolve into a more lethal threat. These threats are software that can steal sensitive data from a victim’s computer, typically login details, browser cookies, saved credit cards and other financial information. SiliconANGLE has covered their role in the past in various ransomware and other attacks, including Stealc ...
ANALYSIS
We need more breach transparency, but a lot of obstacles are in the way
The U.K.’s National Cyber Security Center last week posted a joint blog with the nation’s regulatory commissioner’s office about the need for better cybersecurity breach transparency. They’re concerned about the unreported incidents, in particular ransomware cases, which are getting more dangerous, more prevalent and more costly. The situation creates a vicious cycle: “If attacks are covered up, the criminals ...
COMMENTARY
AI-based chatbots can help improve customer support – if they’re done right
Most of us have been interacting with customer support agents for years. It can be a frustrating experience: Oftentimes the agent knows less than we do about their product or service, calls are dropped or transferred to other agents. About two years ago, I had such a bad experience with AT&T Inc.’s customer support that ...
ANALYSIS
As cloud computing gets more complex, so does protecting it. Here’s what companies need to do
Whether companies are repatriating their cloud workloads back on-premises or to colocated servers, they still need to protect them, and the market for that protection is suddenly undergoing some major changes. Until the past year or so, cloud-native application protection platforms, or CNAPPs for short, were all the rage. These covered four distinct security product lines ...
ANALYSIS
The chief trust officer was once the next hot job on executive row. Not anymore.
We seem to be in a trust deficit these days, as breaches – especially among security tech companies – continue unabated. Ransomware attacks now have spread to data hostage events. The shady corner of the internet known as the dark web is getting larger and darker, with enormous tranches of new private data readily for ...
ANALYSIS
Boards of directors need to be more cyber-aware. That gets complicated.
The Securities and Exchange Commission proposed some new guidelines last year to promote better cybersecurity governance among public companies, and one of them tries to track the cybersecurity expertise of the boards of directors of these companies. Judging from a new study conducted by MIT Sloan cybersecurity researchers and recently published in the Harvard Business Review, it might ...
Magecart malware strikes again, and again, at e-commerce websites
The shopping cart malware known as Magecart is still one of the most popular tools in the attacker’s toolkit — and despite efforts to mitigate and eradicate its presence, it’s the unwanted gift that just keeps on giving. It was first detected in 2018 when it was behind the notable Ticketmaster UK exploit and is still ...
COMMENTARY
Where is our national cybersecurity strategy? All over the place
Earlier this year, the Biden White House released its National Cybersecurity Strategy policy paper. Although it has some very positive goals, such as encouraging longer-term investments in cybersecurity, it falls short in several key areas. And compared with what is happening in Europe, once again the U.S. is falling behind and failing to get the ...
ANALYSIS
Is it time to deploy passkeys across the enterprise? Here’s what you need to know
It’s a great time to think more about passkeys, and not just because this Thursday is another World Password Day. Let’s look at where those 2022 passkey plans stand, and what companies will have to do to deploy them across their enterprises. Interest in the technology, also referred to as passwordless — a bit of a ...