- This Sonos Ace deal makes these premium headphones a more tempting purchase
- Digging into voice AI platform Deepgram
- La falta de formación no merma la concepción estratégica de la IA
- Amazon's gen AI-powered Alexa is coming - how much it could cost you
- Spy vs spy: Security agencies help secure the network edge
Spy vs spy: Security agencies help secure the network edge
“By following the minimum levels of observability and digital forensics baselines outlined in this guidance, device manufacturers and their customers will be better equipped to detect and identify malicious activity against their solutions,” it said. “Device manufacturers should also use it to establish a baseline of standard features to include in the architecture of network devices and appliances, to facilitate forensic analysis for network defenders.”
Australia took the lead on two documents: Mitigation Strategies for Edge Devices: Executive Guidance and Mitigation Strategies for Edge Devices: Practitioner Guidance. These guides, led by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), provide a summary of mitigation strategies and best practices on securing, hardening, and managing edge devices effectively, and technical details on seven mitigation strategies for operational, procurement and cybersecurity staff to implement to reduce risk to edge devices.
“The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has noted a concerning increase in the number of incidents involving edge device compromises,” the practitioner guidance said. “Edge devices are internet exposed, typically difficult to monitor and able to access other assets on the network, providing an appealing ingress point and target to malicious actors.”
The final document, led by CISA, is an update of a 2023 guide on Secure-by-Design principles for manufacturers with links to resources on implementation.
“Products designed with Secure by Design principles prioritize the security of customers as a core business requirement, rather than merely treating it as a technical feature,” the introductory web page said. “During the design phase of a product’s development lifecycle, companies should implement Secure by Design principles to significantly decrease the number of exploitable flaws before introducing them to the market for widespread use or consumption. Out-of-the-box, products should be secure with additional security features such as multi-factor authentication (MFA), logging, and single sign-on (SSO) available at no extra cost.”
A big deal… if device manufacturers comply
The guidance for manufacturers particularly excites Frank Dickson, IDC’s group vice president for security and trust. “This is a super big deal,” he said. “It is legitimately huge, especially if device manufacturers capitulate and comply with these requirements.”
