Securely Built

🔍 Navigating Security in System Design 🔍 Threat modeling, simply put, is the process of identifying threats, determining countermeasures, and evaluating whether these countermeasures effectively address potential risks in an architecture. When conducting threat modeling, we typically guide our analysis with four basic questions: 👉 What are we building? 👉 What can go wrong? 👉 What are we going to do about it? 👉 Did we do a good job? These questions might sound familiar because we subconsciously use a similar decision making process in everyday life, whether deciding on a commute route, planning an outing, or even something as mundane as choosing a dinner location. However, the stakes and complexity significantly increase when applied to technical architectures that handle sensitive data, interact with third parties, or operate within potentially hostile environments. The process is crucial in today’s digital landscape, where systems not only store and process critical data but also integrate deeply with physical components in cyberphysical systems. By embedding threat modeling into the development process, organizations can proactively identify vulnerabilities, implement effective safeguards, and ensure that their systems are resilient against both current and emerging threats. #threatmodeling #threats #productsecurity

The Price of Healthcare Data on the Dark Web It's alarming to realize the magnitude of data being collected and sold on the dark web. 💰A Social Security number can be worth anywhere from $1 to $5. 💰Credit card numbers are even more valuable, ranging from $5 to $30. 💰However, the most concerning is the price of a complete medical record, which can fetch around $1000. This is because medical records contain a wealth of information, including personal, financial, and medical details. Cybercriminals can use this data for various malicious activities, such as committing insurance fraud, blackmail, or targeted phishing attacks. For healthcare IT professionals, it's crucial to understand the value of the data being handled and take necessary measures to protect it from falling into the wrong hands. Here's a little more on that from a recent talk I gave. #HealthcareIT #DataSecurity #CyberSecurity #DarkWeb

I took a recent deep dive into healthcare IT security, examining the complex environment hospitals navigate to protect patient data. Here’s a tease to the full video and what I cover: 🏥 Extensive Data Collection: Hospitals are not just centers of care but also vast data hubs. From clinical applications to advanced medical devices like MRI machines and even IoT devices such as pacemakers and smartwatches, every piece contributes to a rich tapestry of data that feeds into Electronic Health Records (EHR). 🔗 Data Integration and Sensitivity: The integration of diverse data sources into EHRs creates a detailed repository of sensitive patient information. This makes robust security measures essential to safeguard data from unauthorized access and potential breaches. Stay tuned for the next parts where I'll talk about some of the other unique challenges in this space. Protecting patient data is not just a technical challenge but a fundamental component of patient care today. #HealthcareIT #Cybersecurity #DataProtection #EHR #PatientCare #DigitalHealth

The more you know! If you're not familiar, GitLab provides several features that align well with the National Institute of Standards and Technology (NIST) Secure Software Development Framework (#SSDF). 🗺 The SSDF is a set of guidelines designed to help organizations incorporate security into the #software development lifecycle. 🗺 GitLab’s platform supports many of the practices recommended by the SSDF to ensure #security is integrated throughout the software development lifecycle. A few ways (not all) GitLab supports the four SSDF practices: Prepare the Organization (PO): 📜 GitLab allows organizations to set and enforce policies across their development projects, helping to ensure that security practices are followed consistently. 🛂 GitLab supports RBAC, which helps manage who can access certain parts of the project, ensuring that only authorized personnel can make changes to sensitive parts of the codebase. Protect the Software (PS): 📉 GitLab includes built-in tools for scanning vulnerabilities in the code and in its dependencies. This aligns with the SSDF’s recommendation to analyze code for vulnerabilities and manage the risk associated with third-party components. 🥫Container Scanning: GitLab can scan containers for vulnerabilities, which is crucial for ensuring the security of containerized applications. Produce Well-Secured Software (PW): 🔎 GitLab provides integrated ASTs (SAST, fuzz testing, secret detection, etc) tools that help developers identify and fix security vulnerabilities within their code before it’s deployed. 🕵♀️ Support for DAST, which tests running applications for vulnerabilities, a key practice for ensuring that the software behaves securely under malicious conditions. Respond to Vulnerabilities (RV): 🐛 GitLab has built-in features for tracking issues, including security vulnerabilities. This helps organizations respond promptly to vulnerabilities and manage patches or updates effectively. 🛠 GitLab facilitates the integration of fixes through its merge request features, enabling a quick turnaround on #vulnerability patches and ensuring that changes are reviewed and approved before deployment. By leveraging these and other integrated DevOps tools, GitLab helps organizations adhere to SSDF practices, making it easier to embed security throughout the software development lifecycle. This not only improves the security posture but also enhances the overall efficiency of development teams. Are you using this in your secure SDLC? What did I miss? #devops #devsecops

Unlike the straightforward path of a physical product from creation to consumer, the #financial #supplychain is layered and complexity, involving everything from the initial customer interaction to third-party relationships that banks rely on. 💰 Something as "simple" as opening a bank account can involve multiple third-party services from identity verification to the issuance of banking tools. 📃 Cybersecurity, compliance, operational, and reputational risks associated with third-party interactions can cripple a bank or even have global ripple effects. Additionally, strict regulatory frameworks like #SOX, #PCI DSS, and #GDPR can influence third-party management for financial institutions. 🌐 Geopolitical tensions and rising nationalism affect international #banking, compelling banks to adapt their #data management practices to comply with local data residency #laws. ⛓ However, while there are challenges, there are opportunities that lie ahead for banks in managing their supply chain security over the next decade. Let me know your thoughts on the hidden dynamics that drive the financial services we use every day.