Center for Internet Security: 18 security controls you need

The Center for Internet Security has updated its set of safeguards for warding off the five most common types of attacks facing enterprise networks—web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.In issuing its CIS Controls V8 this month, the organization sought to present practical and specific actions businesses can take to protect their networks and data. These range from making an inventory of enterprise assets to account management to auditing logs.In part the new version was needed to address changes to how businesses operate since V7 was issued three years ago, and those changes guided the work. “Movement to cloud-based computing, virtualization, mobility, outsourcing, work-from-home, and changing attacker tactics have been central in every discussion,” the new controls document says.To read this article in full, please click here READ MORE HERE…

Read more

Palo Alto Networks pushes enterprise zero trust

Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto.
More about DNS:
DNS in the cloud: Why and why not
DNS over HTTPS seeks to make internet use more private
How to protect your infrastructure from DNS cache poisoning
ICANN housecleaning revokes old DNS security key

As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. “An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work,” he said.To read this article in full, please click here READ MORE HERE…

Read more

Cisco CEO on security: “There is really no perimeter in the enterprise to defend anymore.”

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster
Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here READ MORE HERE…

Read more

Cisco CEO: There’s no enterprise perimeter to defend anymore

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster
Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here READ MORE HERE…

Read more

Juniper takes SASE security control to the cloud

Juniper Networks has laid a key part of its Secure Access Services Edge (SASE) foundation with a cloud-based security-control service that provides a central way to control and protect on-premises or cloud-based enterprise resources.Called Security Director Cloud, the service focuses Juniper’s SASE efforts by providing a central point to manage enterprise security services including policy setting, and threat-detection and -prevention.Juniper (like other key enterprise networking vendors such as Cisco, Hewlitt-Packard Enterprise (Aruba) and VMware, as well as service providers including Cato Networks, Akamai, and Zscaler) has pledged allegiance to growing SASE support in its product families.To read this article in full, please click here READ MORE HERE…

Read more

802.1X: What you need to know about this LAN-authentication standard

When devics on enterprise LANs need to connect to other devices, they need a standard method for identifying each other to ensure they are communicating with the device they want to, and that’s what 802.1x does. This article tells where it came from and how it works.802.1x defined
IEEE 802.1X is a standard that defines how to provide authentication for devices that connect with other devices on local area networks (LANs).How to deploy 802.1x for Wi-Fi using WPA3 enterprise
It provides a mechanism by which network switches and access points can hand off authentication duties to a specialized authentication server, like a RADIUS server, so that device authentication on a network can be managed and updated centrally, rather than distributed across multiple pieces of networking hardware.To read this article in full, please click here READ MORE HERE…

Read more

VMware bundles support for the branch-of-one workforce

VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today’s COVID-19-driven remote workforce.VMware Anywhere Workspace brings together the company’s core enterprise software products, including its Workspace ONE unified endpoint management, Carbon Black Cloud cloud-native endpoint security, and secure access service edge (SASE) components, into a single system to support a widely distributed workforce. Read more: Who’s selling SASE, and what do you get?
“Enterprises are moving from simply supporting remote work to becoming distributed, anywhere organizations. Companies are rethinking where teams work, how they work, and how they support customers from wherever they are,” Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement. “To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization.”  To read this article in full, please click here READ MORE HERE…

Read more

Water-authority network upgrade spots problems faster

The Albuquerque water authority says recent network upgrades give it greater visibility and control over its remote sites and makes for faster responses to leaks and other problems.The Albuquerque Bernalillo County Water Utility Authority manages more than 3,000 miles of water-supply pipeline covering more than 650,000 users. The authority manages 135 remote locations, which include well sites, tanks, and pump stations, all of which have programmable logic controllers (PLC) connected to a dedicated, fixed-wireless network running at 900MHz back to the core network.[Get regularly scheduled insights by signing up for Network World newsletters.]
“The [main treatment] plant was built [about] 15 years ago,” said Kristen Sanders, the authority’s chief information security officer. “So if a piece of equipment went out, replacing it would be about shopping on eBay.” Also the authority’s fiber backbone that connects the sites with the main plant was past it’s service life and had to be replaced.To read this article in full, please click here READ MORE HERE…

Read more

TCP/IP stack vulnerabilities threaten IoT devices

A set of vulnerabilities in TCP/IP stacks used by FreeBSD and three popular real-time operating systems designed for the IoT was revealed this week by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.Nucleus NET, IPNet and NetX are the other operating systems affected by the vulnerabilities, which a joint report issued by Forescout and JSOF dubbed Name:Wreck.In a report on the vulnerabilities, Forescout writes that TCP/IP stacks are particularly vulnerable for several reasons, including widespread use, the fact that many such stacks were created a long time ago, and the fact that they make an attractive attack surface, thanks to unauthenticated functionality and protocols that cross network perimeters.To read this article in full, please click here READ MORE HERE…

Read more