From GDPR to Meltdown: A Look Back at Memorable Infosec Events in 2018 (Part 2)
Following on from the round-up we released yesterday, today we look through the rest of what our regular contributors shared as their standout moments from 2018.
Bob Covello, IT Security Director | @BobCovello
“The most memorable event for me in 2018 was a positive one. There was enormous progress made towards getting multi-factor authentication the recognition it deserves. Then, it was dashed to pieces by the recent Azure 2FA failures. Too many folks recommended the use of a ‘safety account’ that is not protected by 2FA. I certainly understand that businesses lost money during those Azure failures, but how can we argue against government backdoors to encryption yet think to allow a back door to our accounts.
I will probably spend 2019 trying to reconcile this and trying to convince people of the benefits of two-factor authentication. I hope that the 2FA engineers can make this failure a distant memory.”
Chris Hudson, Professional Services Consultant | @askjarv
“Unless you are of a particularly geeky persuasion, most firmware update releases will likely pass you by. Spectre showed the world that hardware related exploits were real, and it had the potential to affect all of us. It also highlighted the challenge of patching hardware and its impact. (I’ll leave it to analysts to cost up the real world price of slower execution caused by hotfixes.)
Finally, by revealing to us the possibility of CPU exploits, researchers are now finding new risks. If your security solution didn’t take regular patching into consideration, here’s yet another reason why you should make sure your devices consistently stay up-to-date.”
Kim Crawley, Cybersecurity Writer | @kim_crawley
“Of all of the cyber attacks I have followed in 2018, SamSam ransomware is the most memorable for me. Yes, SamSam first emerged in 2016. But in 2018, SamSam has (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Joe Pettit. Read the original post at: https://www.tripwire.com/state-of-security/featured/gdpr-meltdown-memorable-infosec-2018-part-2/