0Auth 2.0 Authorization Code Flows The OAuth 2.0 authorization protocol requires developers to register their applications within the OAuth provider’s framework in order to receive a unique application ID. As part of this process, developers provide their redirect URI, so the provider can redirect the user with the authorization response to the redirect URI. The OAuth 2.0 flow, meanwhile, is made up of authorization code flows, implicit flows and hybrid flows, which combines the authorization…

Half a decade ago, in the wake of the rise of cloud computing, some IT evangelists, CIOs, and large tech research firms foretold the imminent death of the data center as we know it. My co-columnist at CIO.com Mark Settle at the time advised caution in writing off data centers and envisaged how they  would continue to grow based on the evolution of – you guessed it – data. Today, data centers continue to not…

As we continue this series, we have been looking at how the speed of business in today’s global market is continually increasing due to digitization. This is driving massive application growth, leading to more disparate technologies, more complexity across environments, poor visibility, difficulties resolving issues and a range of other challenges. IT Operations are pushed to breaking point. AIOps can help with machine learning & big data, dramatically enhancing IT Operations, with continuous insight across…

The internet is becoming more secure overall, but slightly more than half of websites’ digital keys are still generated via legacy encryption algorithms, according to new research. Security firm Venafi enlisted the help of noted researcher Scott Helme to analyze the world’s top one million sites over the past 18 months. The resulting TLS Crawler Report revealed some progress in a few areas. Nearly three-quarters (72%) of sites now actively redirect traffic to use HTTPS,…

The US-CERT has recorded more vulnerabilities so far in 2021 than any year previously, the fifth year in a row this has happened. At the time of writing, 18,376 vulnerabilities in production code were recorded in the US National Vulnerability Database (NVD), exceeding the 2020 record of 18,351. However, there were fewer high severity bugs in the NVD than last year. In 2020 the figure reached an all-time-high of 4381, falling to 3630 so far…

Senior IT and cybersecurity professionals are nearly half as likely to be fired following a data breach today versus three years ago, according to new data from Kaspersky. The security vendor’s research, IT Security Economics 2021: Managing the trend of growing IT complexity was compiled from interviews with thousands of IT decision makers across the globe. It revealed that just 7% of organizations laid off senior IT staff following a security breach in 2021 versus 12% in 2018. The…

Cloud security is an essential part of today’s cyber security landscape. With hybrid working now the norm, many organisations are relying on Cloud services to access data from home or the office. But whenever organisations adopt technological solutions such as this, they must acknowledge the risks that come with it. Indeed, Cloud computing can increase the risk of data breaches and regulatory non-compliance, as well as introducing other vulnerabilities. To mitigate these risks, the NCSC…

Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise uses to secure its network. Attackers could convince unsuspecting users into unintentionally providing access to the enterprise network or exposing sensitive information. Proper training should be provided to users in order to decrease the risk…

Take a glance on social media on any given day, and we’ll hear from commentators stating how there is a (cyber) skills gap and that it must be addressed if we are to meet the challenges we are all increasingly facing.  Let’s be clear about something before we continue. If we are saying that there is a skills gap, then there are organizations out there that are ready to hire cybersecurity professionals now. The assumption…