“The question is how do you give access to some of your information and some of the actions that you would normally do yourself to this agent, and only for a certain period of time,” Alcove says. “Maybe you only want the agent to do something once, or maybe they only want to do it for 24 hours, and so making sure you have those controls is really important.”
Microsoft, for its part, acknowledges the challenges of data regulation, but argues , but have simply become more apparent with the advent of AI. “This is simply the latest call to action for enterprises to proactively enforce controls based on their unique relevant policies, industry compliance regulations, and risk tolerances — such as determining which employees should have access to different file types, workspaces, and other resources,” the vendor says.
Error-Free Information Security: Five Gaps in IT Infrastructure Protection That Should Be Addressed Right Now
Alexander Dmitriev, CEO of Neuroinform LLC | 12/20/2024
Take care of yourself, be careful
Hacking in late 2024 looks like an occupation for bahamas mobile database mind. Attack methods are described on specialized forums, and exploits are no more difficult to buy than a subscription to a music or video service. However, low “intellectual qualifications” are only one factor in the development of cybercrime. Another – and perhaps more decisive – is the surprising carelessness of victim organizations.
"Who needs us?!" My colleagues and I hear this remark regularly in response to the recommendation to implement at least the "hygienic minimum" of corporate cybersecurity. But it is truly strange when something similar is said by real victims of cyber attacks. They have already gone through encrypted data and payment of compensation. But they still consider the attack to be a random episode. "A second bomb does not fall into the same funnel," say representatives of the victim companies. Statistics, however, say the opposite: in four cases out of five, cybercriminals strike a victim who has already been attacked.
Stop giving cybercriminals a reason to do something – in my opinion, this is the main strategy in building and improving corporate cybersecurity. You can start by eliminating common security gaps. Filling these gaps will be an important step in protecting the organization from attacks by intruders.
Mistake #1: No active means of protection
For many, information security begins with an antivirus. This type of software is an active means of protection. It not only identifies malicious software, but also prevents it from spreading throughout the computer's operating system by placing it in quarantine or deleting it. The problem is that the antivirus starts working when the malicious software is already inside the computer. Therefore, other solutions are needed that will make it difficult or impossible to penetrate.