Authentic8 Blog Category: Cloud Browser

GDPR: A Letter from Elizabeth Denham

Elizabeth Denham.

If your company is doing business in Europe, put that name on top of the list of people you’ll not want to hear from in their official capacity.

Just ask BA (British Airways) or Marriott International. Both encountered data breaches that put millions of their customers at risk. Now, they’ve both received notice from Ms. Denham that they’ll be fined the record amounts of $ 230 million and $ 125 million, respectively, under the European Union’s General Data Protection Regulation (GDPR).

Elizabeth Denham heads up the Information Commissioner's Office (ICO) of the United Kingdom. Yes, the recipients of her notice of intent may appeal the decision. And no, observers don’t expect the ICO to reduce these first GDPR penalties against major international corporations to the proverbial slap on the wrist.

To the contrary. GDPR applies to all companies, including in the US, that store or process data of EU citizens and residents. The EU’s privacy commissioners

Covert Online Investigation Tools: How Yesterday’s DIY Is Today’s Negative ROI

Security Officers, are your online researchers still relying on custom-made covert investigation solutions cobbled together from disparate tools to save money? New research proves that the opposite is happening: It costs you extra.

A few years ago, providing research teams with out-of-the-box capabilities to perform anonymous online research was crazy expensive. The task of enabling cyber threat hunting, without the risk of crippling the network, for example, needed a separate six-figure line item on the IT budget. It’s no wonder that there are so many organizations that rely on a patchwork of make-do and DIY tools and methods.  

Today though, the DIY approach to enabling sensitive research on the open, deep, or dark web is unnecessary, as well as out of sync with the demands of our rapidly changing internet threatscape.

A new comparative analysis by Authentic8 shows how DIY costs leaps and bounds more money than the new, low maintenance, SaaS alternative available today.  

Covert Online Research Costs: DIY Approach vs. Silo Research Toolbox by Authentic8

Source (excerpt): Authentic8 Whitepaper

In a

TRON and Transition

As those of us who have served in the military for a significant period of time can attest, we begin to take certain things for granted. The sense of belonging, the pride of being part of something much bigger than ourselves, and the ability to impact the lives of many were among my greatest gratifications as a military officer.

As I navigated my transition after 27 years of service, the potential of feeling a void in any of those areas was not acceptable. Fortunately, I was able to find a team that allows me to experience a similar sense of fulfillment and gratification. Two short years ago, I was serving as Commanding Officer of a team that remains customers of the team of which I am now a part. The path from customer to Authentic8er was not foreseen but it makes perfect sense now that I am here.

We stumbled across Authentic8’s Silo platform in 2016 when we decided we wanted

ActiveX Data Leaks: Making Bad (Non-) Browsers Worse

Outdated browsers and browser plugins. People use them, forget about them, they become outdated, and their machine gets compromised. It’s a story almost as old as the web browser. The problem is, people never learn and never update - or, in this case, get rid of the problematic plugin.

List of Plugins

Source: sploit.io

ActiveX, a framework native to Internet Explorer, was introduced in 1996. Still supported in Windows 10, it allows an attacker to steal data and fully take over the victim’s machine when that person visits a page that contains a particular set of scripts.

How relevant is this exploit in 2019? In an unscientific survey among software engineers about ActiveX and if it still played a role, we got answers like this, from Zachary S. in San Francisco: "I think it’s dead. I hope it’s dead. It should be killed if it’s not dead."

Unfortunately, it’s not. According to NetMarketShare ("Market share statistics for Internet

Showdown: VPN vs. Cloud Browser

In many companies, VPN has become a staple of the traditional IT security stack. Annually, mid-sized organizations (<5,000 employees) spend an average of $60 per user on VPN technology and maintenance. Not much longer though, it seems.

While VPN has been around for more than 20 years, it now looks as if its promises of secure and private web access have worn off - many of them unfulfilled. In the words of Patrick Sullivan, Global Director of Security at Akamai, we are witnessing The death of VPN.

In his article for SC Magazine, Sullivan proclaimed: “It’s time to say goodbye.”

Sullivan’s farewell to VPN sounds timely, and he is not alone. Organizations large and small have found a way to cut their VPN costs or eliminated them altogether. In the same step, they attained a level of secure and private web access that VPN has never been able to deliver. What happened?

How Companies Cut VPN Costs

They