By: Kaushik Narayan Posted on 10/17/2014
Just like Fortune 500 companies, attackers are investing in sophisticated measures that let them fly beneath the radar of conventional security.
There's always been a tension between the promise of new technology and peril from its misuse or abuse. Look at the recent iCloud breach. A technology that offers the convenience of accessing photos from any device anywhere in the world, iCloud can also be used by malicious third parties to expose your most intimate moments.
I worry about my kids using technology and how it can be abused to defame, embarrass, or bully in ways not thought possible 20 years ago. Perhaps Steve Jobs was right to limit his children's use of technology. In fact, we probably all know people at work who should have their technology use limited for their own safety. But if the risks of cloud apps and mobile devices cannot be reconciled with a healthy childhood, what makes us think they can exist in a corporation with its legal and regulatory duties? The latest evidence to the contrary is a serious breach at a Fortune 500 customer of Skyhigh Networks, the cloud security company I co-founded.
In this recent attack, criminals used popular consumer cloud video sites to remove a large volume of sensitive data without being detected by conventional security measures like the company's intrusion prevention system. What's new is the sophistication used by the attackers to avoid detection; just as companies have invested heavily in technology to detect and stop breaches, so have attackers become smarter about removing data.
Full Article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.