took place this fall, featured speakers from around the world with IT expertise. Here are three key issues that came out of the convention in terms of security threats to IT systems.
Container Adoption GrowsThe Cloud Native Computing Foundation reports that about half of all firms have more than 250 containers in use, while less than 25% have between 1 and 50 containers. That’s a dramatic shift from 2017, when those figures were 12% and 61%. Container use can happen on premises or in the cloud. On-premise use has declined in the past 18 months, according to CNCF. Amazon (EC2/ECS) continues to be the most popular choice among all providers in the container deployment environment. Liz Rice of Aqua Security told conference attendees that the deployment of software for containers exposes potential vulnerabilities once they are published and hackers discover them. Without the proper tools to secure containers, hackers “will eventually get in,” she said, according to Tech Beacon.
Server-less ComputingServer-less computing involves using a cloud provider that acts as the server, managing the allocation of machine resources. This method offers an alternative to buying server space for your website. This area of cloud computing is among the fastest growing, with an annual growth rate of about 75%. From a security standpoint, server-less computing allows the cloud-based service to handle most of the security for your data. Developers at a business do not have to concern themselves with issues such as extraneous code in their libraries or compromised servers or containers. However, it’s still important to restrict access to information from the business side. Minimizing the privileges of running functions is critical for decreasing the potential of cyberattacks, Yan Cui, an engineer at video-streaming firm DAZN, said at the conference.
Standard Security Checks Not EnoughThe OWASP Top 10 provides the 10 applications with the highest security risk, giving developers and cybersecurity professionals a place to start when securing their systems. However, as pointed out by Tech Beacon, they do not include issues such as the business logic vulnerabilities that hackers exploited to breach data at Facebook. The trend now is in shifting security “to the left” – that is, toward developers rather than operators. The shift is needed because current security tools work from the outside of the application, while total security can be achieved by what happens inside the application.
Overall IssuesWhile the conference provided high-level and emerging threats to experts in IT, the biggest issues for most businesses continue to involve human error, especially in opening emails from people they do not know. Four of the most critical cyber threats to businesses right now, according to cybersecurity experts AlienVault, are:
- The cloud
- Cryptocurrency mining
© 2021 Montclair State University | All Rights Reserved