Cybersecurity in Remote Work Environments

🚨CISA Releases Guidance on Modern Approaches to Network Security🚨 The Cybersecurity and Infrastructure Security Agency (CISA), America's Cyber Defense Agency, and several partners have just released a comprehensive guide on modern approaches to network access security. This report emphasizes the limitations and vulnerabilities of traditional VPN solutions and advocates for adopting more robust and fine-grained security models like Secure Access Service Edge (SASE) and Secure Service Edge (SSE). Key Takeaways: 🔹 VPN Challenges: VPNs are prone to limitations while providing encrypted tunnels for remote access. These issues can expose organizations to significant risks and breaches. 🔹 Value of SASE & SSE: SASE and SSE focus on secure access to web services and applications, combining capabilities like Zero Trust Network Access, secure web gateways, and cloud access security brokers, ensuring all access is continuously verified. Together, they streamline security policies and offer seamless, secure access to data across hybrid environments. 🌐🔒 🔹 Implement Network Segmentation: Network segmentation is crucial for limiting the spread of attacks within an organization. Organizations can contain potential breaches and minimize the impact on critical systems by dividing the network into smaller, isolated segments. 🔀 🔹 Validate Vulnerability Scans on All Public-Facing Enterprise Assets: Regular vulnerability scans on public-facing assets are essential to identify and remediate potential security gaps. Ensuring that these scans are thorough and validated helps maintain a robust security posture and protects against external threats. 🛡️ Organizations transitioning from traditional VPNs to modern network access solutions can significantly benefit from the strategies and best practices outlined in this guide. Implementing these modern approaches strengthens security and aligns with Zero Trust principles, ensuring a more secure and resilient infrastructure. (Full disclosure: I participated in initial discussions about this guidance before leaving CISA earlier this year. Having been in the networking space for almost 30 years, this type of guidance is critical to help shape discussions on how network security is evolving and supports a Zero Trust mindset in new ways). #ZeroTrust #Technology #CloudComputing #SoftwareEngineering

>> Enhancing Government Security: Apple Indigo & BlackBerry UEM Partnership   In today’s fast-paced digital world, the stakes for securing sensitive information are higher than ever, especially within government agencies. Enter Apple Indigo, a robust security solution with certification-ID by Germany’s Federal Office for Information Security (BSI), designed specifically for Apple iOS devices like iPhones and iPads used in high-security government environments. This solution, coupled with BlackBerry's Unified Endpoint Management (UEM), presents an unprecedented level of security without sacrificing user experience. 🔍  What makes Apple Indigo & BlackBerry UEM so revolutionary? 1️⃣ High Security, Zero Specialized Hardware: Apple Indigo allows organizations to leverage standard Apple devices while meeting strict security demands up to VS-NfD (for official use only). 2️⃣ Streamlined Administration: With BlackBerry UEM’s approach, sensitive data is safeguarded on both corporate and personal devices. Its architecture, requiring only outbound firewall ports, simplifies secure installation. 3️⃣ Seamless Integration: The Apple ecosystem—including Mail, Calendar, and Contacts apps—can be securely used for official communication, eliminating the need for extra hardware or complex setups. 4️⃣ Comprehensive Solutions in One Place: BlackBerry’s expertise in secure mobile solutions, combined with Apple’s devices, offers a one-stop-shop for high-security mobile work requirements. 5️⃣ Expanding Use Cases beyond Apple Indigo: Using BlackBerry’s MDM solution for other brighsite deployments, e.g. SecuSUITE for Samsung Knox    💡 Why This Matters: In an era where data breaches can impact national security, solutions like Apple Indigo & BlackBerry UEM provide organizations with high security, usability, and ease of management.   📢  Ready to learn more? Explore how this innovative solution can empower secure communication in high-stakes environments.   🔗 Indigo Webpage: https://lmy.de/uFFiw   🔗 Nehmen Sie an diesem deutschen Webcast teil, um weitere Einzelheiten zu erfahren: https://lmy.de/uqvQB   ❓ Thought-provoking question: How are you preparing your organization for the growing demands of digital security in today’s unpredictable landscape? #GovernmentSecurity #CyberSecuritySolutions #MobileSecurity #AppleIndigo #BlackBerryUEM

🗞️ Needed report By CyberArk on a burning issue : identity security. A decisive element that will determine our ability to restore digital trust. 🔹 « Identity is now the primary attack surface. » Defenders must secure every identity — human and machine 🔹 with dynamic privilege controls, automation, and AI-enhanced monitoring 🔹and prepare now for LLM abuse and quantum disruption. Machine identities are the fastest-growing attack surface 🔹Growth outpaces human identities 45:1. 🔹Nearly half of machine identities access sensitive data, yet 2/3of organizations don’t treat them as privileged. Quantum readiness is urgent 🔹Quantum computing will break today’s cryptography (RSA, TLS, identity tokens). 🔹Transition planning to quantum-safe algorithms must start now, even before standards are finalized. Large Language Models include prompt injection, data leakage, and misuse of AI agents. So organizations must treat them as a new class of machine identity requiring monitoring, access controls, and secrets management. 🧰 What can we do? ⚒️ 1/ Implement Zero Standing Privileges (ZSP) • Remove always-on entitlements; grant access dynamically and just-in-time. • Minimize lateral movement by revoking privileges once tasks are complete 👥2/ Secure the full spectrum of identities • Differentiate controls for workforce, IT, developers, and machines. • Prioritize machine identities: vault credentials, rotate secrets, and eliminate hard-coded keys. 🛡️ 3/ Embed intelligent privilege controls • Apply session protection, isolation, and monitoring to high-risk access. • Enforce least privilege on endpoints; block or sandbox unknown apps. • Deploy Identity Threat Detection & Response (ITDR) for continuous monitoring. ♻️ 4/ Automate identity lifecycle management • Use orchestration to onboard, provision, rotate, and deprovision identities at scale. • Relieve staff from manual tasks, counter skill shortages, and improve compliance readiness. 5/ Align security with business and regulatory drivers • Build an “identity fabric” across IAM, PAM, cloud, SaaS, and compliance. • Tie metrics (KPIs, ROI, cyber insurance conditions) to board-level priorities. 6/ Prepare for next-generation threats • Establish AI/LLM security policies: control access, monitor usage, audit logs. • Begin phased adoption of post-quantum cryptography to protect long-lived sensitive data. Enjoy the read

𝗦𝗲𝗰𝘂𝗿𝗲 𝗥𝗲𝗺𝗼𝘁𝗲 𝗔𝗰𝗰𝗲𝘀𝘀 𝗶𝗻 𝗢𝗧 — 𝗘𝘅𝗽𝗹𝗮𝗶𝗻𝗲𝗱 𝘄𝗶𝘁𝗵 𝗧𝗲𝗱 & 𝗕𝗼𝗯 Remote access is a lifeline in OT environments — but if not done securely, it can become the weakest link. In this Ted-Bob Conversation Series, we break down Secure Remote Access (SRA) into practical, easy-to-understand pieces. Ted has questions, Bob has answers — and together they demystify how remote support can be done safely. 👷 Topics covered: 1. Why VPNs alone aren’t enough 2. The importance of Multi-Factor Authentication (MFA) 3. Limiting access with proper control policies 4. Real-time session monitoring and malware defense 5. Anomaly detection for suspicious activity 6. Protecting VPNs with Next-Gen Firewalls 7. Device compliance enforcement 8. Managing legacy systems securely 🧠 Cybersecurity in OT isn’t just about tech — it’s about awareness, process, and mindset. Check out the full conversation below: Want more like this ? Follow Shiv Kataria and OT Security Huddle #OTSecurity #Cybersecurity #RemoteAccess #IndustrialSecurity #IEC62443 #ICS #TedAndBob #SRA #Syberwise #CyberAwareness #LinkedInLearning

Heads up—there's a new phishing scam using fake DocuSign and Gitcode sites to trick people into running harmful PowerShell scripts. These scripts install the NetSupport Remote Access Trojan (RAT), giving attackers access to infected machines. The scam works by directing users to lookalike sites that ask them to run a script, sometimes after completing a CAPTCHA that even copies a malicious command to their clipboard. If you paste and run it, you're opening the door for the malware. These fake sites spread through phishing emails and shady social media links, so it's important to be cautious. Always double-check URLs, avoid running scripts you don't trust, and be careful with CAPTCHAs on unfamiliar sites. Keeping your team informed about these tricks can help stop infections before they start. #Cybersecurity #Phishing #Malware #SecurityAwareness

The risk of insecure WiFi has just increased, with the revelation of the Nearest Neighbor attack, used in 2022 by the Russian GRU. Attacking WiFi is usually assumed to require close access - “war driving” to discover networks, and then connecting from an antenna close to the target. According to cyber security firm Volexity, in early 2022, attackers from Russian military intelligence agency GRU (aka APT28, aka Fancy Bear) were able to compromise a Washington DC-based office across the street from their target, then use WiFi from the compromised WiFi network to attack the target network. This method of attack reduces operational risk, as it can be carried out from abroad rather than risking a “Mission Impossible” team on the ground. We can probably assume this style of attack is already in use elsewhere. As with most cybersecurity, the basics apply here: 🔵 Upgrade to a strong WiFi security protocol such as WPA3-Enterprise 🔵 Apply MAC address filtering to only allow known NICs to connect to your WiFi 🔵 Use separate WiFi networks for IOT devices (anyone remember the casino that got hacked using the fish tank thermometer?) 🔵 Segment your networks to prevent lateral movement (see NIST SP 800-207 for advice on how to do this well, aka “Zero Trust”) 🔵 Consider using Ethernet and avoid WiFi altogether! It’s faster and more reliable…

Security PSA: Anyone that has home routers or connected devices should ensure they aren't out of support and have the latest firmware. It's unfortunately that we have to think about this, but it's part of interoperating in a digital ecosystem. Our Black Lotus Labs team recently discovered a new cybercrime campaign that exploits outdated routers and IoT devices. The campaign uses a modified version of "TheMoon" malware to power a proxy service called "Faceless", which allows cybercriminals to hide their identity and launch attacks on various targets, including financial and critical infrastructure sectors. We have blocked this traffic from across our network using our proactive defense solutions that leverage our global network data and machine learning algorithms. However, we urge consumers and businesses to update and secure their devices to prevent them from being compromised. https://lnkd.in/gf-Nk5rb

Organizations managing 500+ devices save up to 60% in IT workload. An FMCG company’s procurement manager walked into our office at QuickTech with a concern. “We want to upgrade to Apple devices, but managing hundreds of them seems like a nightmare.” They needed different setups for their sales and tech teams, pre-installed apps, security settings, and minimal IT intervention. Configuring each device manually wasn’t an option. That’s when we introduced them to Apple Business Manager (ABM) and Mobile Device Management (MDM). With Zero-Touch Deployment, their employees could receive a sealed Apple device, turn it on, and everything would be pre-configured, right from apps to security policies. "So, no manual setup? No IT headaches?" he asked. Here are three key features of Apple Business Manager (ABM), which we explained to him: 📍Zero-Touch Deployment – Devices arrive pre-configured and ready to use, with all apps and settings automatically installed. 📍Centralized Device Management – Manage and assign different profiles for sales, tech, or any team from a single platform. 📍Enhanced Security & Compliance – Enforce security policies, remotely wipe data, and ensure all devices stay updated. Today, their teams work seamlessly, and IT no longer spends hours setting up devices. If your business is confused about whether this setup would be helpful to you or not, let’s have a chat :)) #procurement #apple #procurementmanagers #quicktech #it #fmcg

Letter H: Hybrid Work: Protecting an Organization with a Hybrid Workforce Our "A to Z of Cybersecurity" tackles Hybrid Work - the new normal with employees working both remotely and on-site. However, a dispersed workforce introduces new security challenges. Let's bridge the security gap and keep your hybrid castle safe: Fortifying Your Defenses: · Secure Remote Access: Implement strong authentication and access controls for remote connections. · Endpoint Security: Deploy robust security software on all devices, regardless of location. · Data Loss Prevention (DLP): Prevent sensitive data from being accidentally or maliciously shared outside the organization. United We Stand: · Collaboration Tools: Use secure collaboration platforms to share information and foster teamwork. · Cloud Security: Choose cloud service providers with robust security measures and educate employees on secure cloud usage. · Zero Trust Architecture: Implement a security model that verifies access for all users, regardless of location or device. Hybrid work offers flexibility, but security remains paramount. By building strong defenses, fostering awareness, and implementing secure collaboration tools, you can create a safe and productive hybrid environment for your organization. #Cybersecurity #HybridWork #A2ZofCybersecurity