Wednesday, July 19, 2017

Butterfly Effect

The report of the week

The Chaos Theory is based on the premise that small variations can make great changes in the future,it's impossible to predict anything in long term only with linear logical sequence approaches. This scientific theory is known popularly thanks to the concept of the butterfly effect, whose explanation is better understood through an ancient Chinese proverb: "The beating of the wings of a butterfly can cause a
 hurricane in another part of the world." This means that a small event that you may consider
unimportant may turn around and become a catastrophe.

In the world of cybersecurity we know that any small  misstep or bad step can lead to more than one problem. That's why networks are full of butterfly effects, small "unimportant" events that can be fatal to business and users.
A good example this week is the latest report by One Login. According to the results, the lack of qualified employees has as a result, security breaches in one of every five companies surveyed. This makes it visible, for the umpteenth time, that small and avoidable errors are one of the main causes of cyberincidents.

The study also showed that nearly half of respondents (48%) are aware that their former employees still have access to corporate applications.
On the other hand, one in four participants says their companies take more than a week to remove credentials from former employees, and one in four say they do not know how long active accounts remain once the worker has left the company. company.

With this data, Alvaro Hoyos, head of information security at OneLogin, states that "the end result is that companies are not following basic but essential security measures in relation to employee supply and shortages. This issue should be a matter of concern among company leaders, especially considering how many safety gaps have been caused by former employees. "

The study also points out that almost half (44%) of respondents are wary of former workers having completely eliminated their access to corporate networks. This implies an increase in the companies' needs to use a security event and log management system (SIEM), which half of the participants do not currently use. An SIEM solution can help monitor the employees use of the app to detect threats directed at the corporate network.

"That being said, at least we are now at a point where we recognize that there is a problem," said Hoyos. "Next step will be for decision-makers in the IT department to be proactive in solving the situation. Modern companies need technology that can automate procurement processes to help companies become safer, more productive, and more efficient. "

We close this review with a wake-up call: companies are not the only ones that are at risk, after the latest incidents in the US and French polls it seems that democracy is also in danger. And as an added element, the latest ESG study claims that, according to cybersecurity professionals, threat analysis is becoming increasingly difficult ...

After reading the study of One Login, there are things that should not be news. Something as simple as not removing the privileges to an old worker, that can be done by clicking a button, can have dire consequences. It looks obvious, but there are many "easy" mistakes that are discussed in the day to day. They are so silly that many times we let them pass thinking that they do not matter. That's why it's good to always remember how dangerous a butterfly's fluttering can be.


Post a Comment