Security

General discussion

Trending current topics in information security management

By iamgenius ·
I'm planning to do a research on one of information security management topics for businesses/organizations. I'm wandering what the good choices would be. I mean, I need to identify a gap in the current knowledge and fill it of course with my own findings. I'm reading currently but I haven't yet identified a gap. I thought one of you may know a specific area where it is worth it to do a research and add some value.

Thanks in advance
Thread display: Collapse - | Expand +

All Comments

Collapse -

More explanation

by iamgenius In reply to Trending current topics i ...

To provide more information. What I'm trying to do is to develop a framework which can be followed so that businesses can use a good balance of administrative solutions and technical solutions in order to successfully manage the security of their information.

What areas are like lacking something when it comes to information security management? This is another way to ask the question.

Thanks.

Collapse -

Focus on cloud security

by CaseySenserva In reply to Trending current topics i ...

Cloud security is a major area to focus on here as organizations move away from on-prem solutions.

traditional security safeguards with on-prem are no longer relevant in the cloud. With cloud migration, the user is the key to security.

Focusing on how to ensure a user is who they say they are and they have access to only items they need to is the area to focus on.

Gartner says that 99% of cloud breaches in the coming years will involve a privileged account. Ensuring that there are no misconfigurations should be a great place to start here.

I work at Senserva and we focus on user security for Azure Active Directory. In our findings, there are many organizations that do not have a good grasp on Microsoft security when they make the transition to the cloud. This includes Office 365 migrations (as those user accounts are all AzureAD accounts).

We have found that every client has found an item to review and correct with our analysis. Nobody is perfect, but understanding and working to minimize privileged and focusing on zero trust can reduce the attack surface.

Collapse -

Clarification

by iamgenius In reply to Focus on cloud security

First, thanks for your response. Please allow me to ask questions so that I can be sure I understood your point. Let's use the software as a service model of cloud computing. If I'm a user using the online office suite, do you mean that my account credentials may mistakenly enable me to access software I'm not allowed to access due to mis-configuration? Can you expand on the active directory part as I haven't used azure before.

Is it something like somebody else will know my credentials and access services I paid for? I don't understand how the user is the key, can you please give an example?

Collapse -

Cloud Security User

by CaseySenserva In reply to Clarification

Sure, no worries.... So with cloud migration, everything is accessed with a user account/username and password. If you take Microsoft's cloud world, for example, your username/password can access everything from Outlook/Office, Azure, DevOps, GitHub, an Xbox Live account, any application in the tenant, etc.

You are correct that you need to have the correct access and permissions to access certain items, but it is also possible to elevate privilege via other means.

Applications, for one, have many read/write permissions that can be granted by an admin. That gives a non-privileged users more privilege when using that application and create an opening for a would be hacker.

The Twitter breach that recently happened was due to internal accounts that elevated privilege to disable MFA for accounts and be able to have access to all inbox and post messages.

The Capital One breach, again due to misconfigured user accounts.

Precisely on your question, can a misconfiguration allow a user account to have access to something they should not... yes. That is how many breaches occur.

In larger companies, people leave the organization, join the organization, get promoted, get new responsibilities, etc. This causes the admin team to make changes to configurations. Overtime, those may be forgotten about, not properly tracked, or simple done incorrectly. This causes configuration drift over time.

The user identity and access needs to be correct all the time, as the bad guys only need to be correct once to do massive damage.

To clarify on Azure Active Directory... Many companies use Office and have migrated to Office 365 or Microsoft 365. When doing so, it takes those user accounts and creates an account for each in the Azure Active Directory.

When companies fail to realize this, they fail to understand that they have an Azure tenant and are part of the Azure cloud environment. Many companies would still use the Office 365 admin functions to perform admin duties, but many of these could present security challenges over time.... For example, MFA through Office 365 is now considered legacy MFA and should be replaced by Azure MFA. This can be done with a click of a button by enabling security default in companies that don't do much in the Azure space except use the office suite. However, some companies that do not have security teams and knowledgeable Admins when they make the cut over from On Prem to cloud, could easily not know about his or understanding it.

Collapse -

Understood

by iamgenius In reply to Cloud Security User

I'm at your debt buddy. Many thanks.

Collapse -

Current gaps and their possible solutions

by iamgenius In reply to Cloud Security User

Dear CaseySenserva and others,

Cloud computing has been relevant for some long time now, so naturally many security issues that has to do with migration to cloud must have been already solved by one way or another. So, if may I ask, what security issues that are still pending? i.e. what are the current gaps that need to be filled when it comes to cloud migrations security issues. Preferably from your work experience....What are the specific main points business are having some difficulty to deal with.

I found some here:

https://www.csoonline.com/article/3408618/the-hidden-challenge-of-the-cloud-security-skills-gap.html

but I want both technical challenges and management challenges (Appropriate staffing volume required for cloud migration maybe?)

Thanks.

Collapse -

Trending current topics in information security management

by pooja1588142131 In reply to Trending current topics i ...

You can do research on the ways of network intrusion and their detection and prevention.

Related Discussions

Related Forums