Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, December 09, 2016

IT Security Industry News - 2016/12/08

Table of Contents

     
  • Onapsis Joins IBM Security App Exchange Community
  •  
  •  
  • Above Security and Hitachi Data Systems launch information security service offering across North America to fight cybercrime
  •  
  •  
  • 5nine Software Simplifies Hyper-V Network Configuration Best Practices with New Version of Manager
  •  
  •  
  • Tyco Security Launches Shooter Detection System Integration
  •  
  •  
  • Big Data and Data Analytics in Homeland Security and Public Safety is Forecast to Reach $11B in 2022, according to a New Research Report from Homeland Security Research Corp.
  •  
  •  
  • OT and Australian Fintech Start-up Inamo Have Partnered to Introduce Inamo’s Wearable Devices and Platform into the Australian Market
  •  
  •  
  • OpenVPN will be audited for security flaws
  •  
  •  
  • AWS tries to protect its customers from DDoS attacks with new service
  •  
  •  
  • Chinese giant Tianjin Tianhai closes $6bn Ingram Micro buyout
  •  
  •  
  • Google and Slack deepen partnership in the face of Microsoft Teams
  •  
  •  
  • 4 top disaster recovery packages compared
  •  
  •  
  • Amazon’s Giant Data Transfer Trucks Are an IT Auditor’s Worst Nightmare
  •  
  •  
  • Lisa Ropple joins Jones Day’s Boston Office
  •  
  •  
  • Frost & Sullivan Acclaims FireEye’s Dominance of the Global Advanced Malware Sandbox Market
  •  
  •  
  • OwlDetect scans the Dark Web for stolen data
  •  
  •  
  • Cloud Security Market to Cross $10 Billion by 2021: TechSci Research Report
  •  
  •  
  • Cisco Talos: Zeus spawn “Floki bot” malware gaining use, cyber-underworld notoriety
  •  
  •  
  • Cisco Signs on with Privacy Shield
  •  
  •  
  • Cisco whacks its Secure Access Control System
  •  
  •  
  • Symmetry and Sage Solutions Consulting to Bring World Class Security and Compliance for Mission Critical SAP Environments
  •  
  •  
  • LookingGlass Announces New Program for Managed Security Services Providers (MSSPs)
  •  
  •  
  • Kenna Security Closes $15 Million Series B Funding
  •  
  •  
  • Threat intelligence feeds are, at best, uneven in quality, says Microsoft
  •  
  •  
  • SANS Announces Winners of the 2016 Difference Makers Award
  •  
  •  
  • Cisco ACI Partner Ecosystem Packs a Punch – 65 Partners and Growing
  •  
  •  
  • Network Security Market: Global Industry Analysis and Forecast 2016 - 2026

http://www.marketwatch.com/favicon.ico Onapsis Joins IBM Security App Exchange Community
BOSTON, Dec 07, 2016 (BUSINESS WIRE)—Onapsis, a global expert in business-critical application security, today announced that the Onapsis Security Platform integrates with IBM security intelligence technology to provide customers with improved visibility into their network security.
Utilizing QRadar to consolidate different sources of network security, this integration with the Onapsis Security Platform (OSP) will extend the existing visibility of QRadar, as well as security process and workflows to include results from OSP.
Leveraging QRadar’s new open application programming interfaces (API), the Onapsis Security Platform allows Onapsis and IBM customers to have extended coverage for real-time monitoring and reporting of advanced tacks targeting SAP business systems.
Link: http://www.marketwatch.com/story/onapsis-joins-ibm-security-app-exchange-community-2016-12-07

http://www.channelpronetwork.com/favicon.ico Above Security and Hitachi Data Systems launch information security service offering across North America to fight cybercrime
Montreal, QC and Santa Clara, CA – December 6, 2016 – Above Security – A Hitachi Group Company and global IT security service provider, and Hitachi Data Systems, a wholly owned subsidiary of Hitachi, Ltd., today announced their partnership to deliver information security consulting services in North America.
The joint service is structured around a unified governance, risk and compliance (GRC) framework that reflects a human approach.
Based on their combined security service capabilities, Above Security and Hitachi Data Systems tackle security issues through deeply collaborative partnerships with their customers, rather than quick-fix technology solutions that can overwhelm and confuse corporate IT teams.
Security experts from Above Security and Hitachi Data Systems work with companies to learn how they operate and how much risk they can tolerate.
Using industry-leading control frameworks such as ISO and NIST, the team then assesses control maturity and gaps.
Based on the results, Above Security and Hitachi Data Systems provide services to defend against cybercrime and data theft, including security program reviews and designs, IT security governance consulting, risk and control assessments, PCI compliance consulting, vulnerability and application assessments and penetration testing.
Link: http://www.channelpronetwork.com/news/above-security-and-hitachi-data-systems-launch-information-security-service-offering-across

http://www.sfgate.com/favicon.ico 5nine Software Simplifies Hyper-V Network Configuration Best Practices with New Version of Manager
5nine Software, a Microsoft Gold Partner and the leading provider of Hyper-V security and management solutions, today released 5nine Manager v9.3.
5nine Manager is a centralized, GUI-based management and monitoring solution for Microsoft Hyper-V, including Server Core and Nano Server.
Its easy-to-use interface, powerful feature set and lightweight implementation simplify the process of managing and configuring virtualized environments.
The latest version of 5nine Manager introduces the ability to create and manage Hyper-V Converged Fabric from its easy-to-use console, enabling administrators without PowerShell expertise to take advantage of this functionality.
Now administrators can create virtual network interface cards (vNICs), with the ability to configure bandwidth minimums, maximums and weights for Converged Fabric.
They can also see a list of the host’s physical adapters and their status.
Link: http://www.sfgate.com/business/press-releases/article/5nine-Software-Simplifies-Hyper-V-Network-10779844.php

Tyco Security Launches Shooter Detection System Integration
WESTFORD, Mass. — Tyco Security Products announced that Software House C•CURE 9000 now integrates with Guardian Indoor Active Shooter Detection System by Shooter Detection Systems.
The Guardian Indoor Active Shooter Detection System combines an acoustic gunshot identification software with infrared camera gunfire flash detection.
Link: http://www.securitysales.com/article/tyco_security_launches_shooter_detection_system_integration

http://www.einpresswire.com/favicon.ico Big Data and Data Analytics in Homeland Security and Public Safety is Forecast to Reach $11B in 2022, according to a New Research Report from Homeland Security Research Corp.
The use of Big Data and Data Analytics by Homeland Security and Public Safety organizations is on the rise, mostly because the world is becoming more digital and connected.
This trend is creating new opportunities, not only for data collection and storage, but also for intelligence processing, exploitation, dissemination, and analysis.
Big Data and Data Analytics technologies can increase the investigative capabilities of Homeland Security and Public Safety organizations in many relevant aspects, including: war on crime & terror, defense from cyber-attacks, public safety, disaster and mass incident management, and development of predictive capabilities.
Link: http://www.einpresswire.com/article/357065809/big-data-and-data-analytics-in-homeland-security-and-public-safety-is-forecast-to-reach-11b-in-2022-according-to-a-new-research-report-from-homeland

http://www.marketwatch.com/favicon.ico OT and Australian Fintech Start-up Inamo Have Partnered to Introduce Inamo’s Wearable Devices and Platform into the Australian Market
COLOMBES, France, Dec 08, 2016 (BUSINESS WIRE)—OT (Oberthur Technologies), a leading global provider of embedded security software products, services and solutions, has today signed an agreement to provide its digital payment enablement technology to Inamo’s wearable solutions, starting with the CURL which is being launched in Australia today.
The CURL is a multi-functional wearable that will initially enable consumers to make payments by simply tapping their device to any point of sale terminal where Visa payWave is accepted.
The action would be the same as with a credit or debit card.
What makes this different from smart phones, smart watches and other wearables is that the CURL is rugged, waterproof and will not need any power to facilitate payment.
So there would be no fears of bringing it for water sports or of low battery conditions preventing payment when it is most needed.
In addition to contactless payments, over the next 18 months the CURL will also be available to use for payment on public transport, building access, ticketing for festivals, and gym membership.
In effect this can combine the functions of multiple products into one multi-purpose wearable device and continues the trend of device / technology convergence.
Under the terms of the agreement, Inamo will provide a full consumer solution which will leverage its own platform and OT’s next generation digital payment enablement solution.
The CURL will be sold for $19.99, plus an account keeping fee of $5 per month.
An initial, limited allotment of the product will be available in January; pre-orders can be made via Inamo’s website at http://www.inamo.com.
Link: http://www.marketwatch.com/story/ot-and-australian-fintech-start-up-inamo-have-partnered-to-introduce-inamos-wearable-devices-and-platform-into-the-australian-market-2016-12-08

OpenVPN will be audited for security flaws
Lucian Constantin
The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well-known cryptography expert.
The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business.
The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code.
The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business.
The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code.
Link: http://www.itnews.com/article/3148316/security/openvpn-will-be-audited-for-security-flaws.html?idg_eid=98c39854eed91988bc1642a456a668a1&token=%23tk.ITN_nlt_ITnews_Daily_2016-12-08&utm_source=Sailthru&

http://www.computerworld.com/favicon.ico AWS tries to protect its customers from DDoS attacks with new service
Blair Hanley Frank
Amazon Web Services is trying to help protect its customers with a new service aimed at mitigating DDoS impacts.
It’s called Shield, and the free entry-level tier is enabled by default for all web applications running on AWS, starting on Wednesday.
Werner Vogels, the CTO of Amazon.com, unveiled the service at AWS’ re:Invent conference in Las Vegas.
Automatically protecting its customers may help encourage businesses to pick Amazon’s cloud over others, or persuade businesses to migrate their web applications to the cloud.
It’s also a strike against companies like Cloudflare and Akamai, which offer DDoS mitigation services.
Shield Standard is aimed at protecting web apps from the overwhelming majority of common DDoS attacks at no extra cost. (Vogels also said that it would block volumetric attacks like NTP reflection attacks, and many state exhaustion attacks.)
Link: http://www.computerworld.com/article/3145661/cloud-computing/aws-tries-to-protect-its-customers-from-ddos-attacks-with-new-service.html?idg_eid=d5d8326c323742a4ed7bf4fd3dac54c4&token=%23tk.CTWNLE_nlt_

Chinese giant Tianjin Tianhai closes $6bn Ingram Micro buyout
DH Kass
Ingram Micro has completed its $6bn sale to HNA’s Tianjin Tianhai, the companies announced today.
The deal, which amounts to $38.90 per share in an all-cash transaction, produced an executive shuffle and the disbanding of Ingram’s board in favor of an entirely new board, comprised of a mixture of the distributor’s and HNA’s top execs and two independent directors.
According to an 8-K filing, Ingram Micro CFO William Humes, along with general counsel Larry Boyd will exit the distributor on 16 December, following the earlier departure of Paul Read, Ingram Micro’s former president and COO.
Both Humes and Boyd will serve as new board members.
The Ingram execs will be joined on the board by HNA vice chairman and CEO Adam Tan, who will serve as board chair, Alain Monié, Ingram CEO, Bharat Bhise, president and CEO of Bravia Capital, Dale Laurance, former chairman of Ingram’s board, and Jim McGovern, former under secretary and acting secretary of the US Air Force.
Link: http://www.channelnomics.eu/channelnomics-eu/news/3000807/chinese-giant-tianjin-tianhai-closes-usd6bn-ingram-micro-buyout?utm_medium=email&utm_campaign=CRN.Daily_RL.EU.A.U&utm_source=CRN.DCM.Editors_U

http://www.computerworld.com/favicon.ico Google and Slack deepen partnership in the face of Microsoft Teams
Blair Hanley Frank
Wednesday saw the announcement of several new features aimed at making G Suite, Google’s set of productivity software and services, more useful to people who use Slack.
The functionality resulting from the partnership will make it easier to share and work on files stored in Google Drive using Slack.
In a thoroughly modern turn, Google is building a Drive Bot, which will inform users about changes to a file, and let them approve, reject and settle comments in Slack, rather than opening Google Docs.
It goes along with Slack’s continuing embrace of bots as a key part of the chat service’s vision of productivity.
Link: http://www.computerworld.com/article/3147881/enterprise-applications/google-and-slack-deepen-partnership-in-the-face-of-microsoft-teams.html?idg_eid=d5d8326c323742a4ed7bf4fd3dac54c4&token=%23tk.CTWNLE

http://www.computerworld.com/favicon.ico 4 top disaster recovery packages compared
Four of the top disaster-recovery (DR) software suites are Veeam Backup, Altaro VM Backup, Zerto Virtual Replication and VMware’s Site Recovery Manager (SRM), according to reviews written by users in the IT Central Station community.
There’s arguably no more important IT task than making sure business systems and data can be restored after a disaster.
So we asked system administrators to identify the best features—and what’s missing—in four leading software suites for disaster recovery.
Link: http://www.computerworld.com/article/3147340/disaster-recovery/4-top-disaster-recovery-packages-compared.html?idg_eid=d5d8326c323742a4ed7bf4fd3dac54c4&token=%23tk.CTWNLE_nlt_computerworld_dailynews_20

http://goingconcern.com/favicon.ico Amazon’s Giant Data Transfer Trucks Are an IT Auditor’s Worst Nightmare
Megan Lewczyk
What about when you run out of digital storage space.
Or, on a larger scale, your company decides to ditch the cost and maintenance required for their in-house data center.
Same logic.
Once again, rent a truck and move the crap you can’t bear to (or legally can’t) part with off-site.
I don’t know why the “rent a truck” concept seems so revolutionary.
Maybe it’s the melodramatic music and flashing lights?
As with any precious cargo out for a spin, you worry about its safety.
The suggested internal controls for data transfer still apply.
To refresh your memory, ISACA Journal describes the key control objectives for data transfer:
Security of data being transferred is a critical component of the risk associated with data transfers.
The primary objective here is to ensure that the data intended to be extracted from the originating system are exactly the same data as that recorded/ downloaded in the recipient system, i.e., that the data were protected and secured throughout the transfer process.
The secondary objective is to prevent unauthorized access to the data via interception, malicious activities and other means.
So, what does happen if the truck is commandeered.
It’s still vulnerable even if it isn’t exposed to a network during transport.
A data breach would be a gigantic headache for not only the company with the now compromised data but Amazon too.
Better safe, than sorry.
Snowmobile uses multiple layers of security designed to protect your data including dedicated security personnel, GPS tracking, alarm monitoring, 24/7 video surveillance, and an optional escort security vehicle while in transit.
All data is encrypted with 256-bit encryption keys managed through the AWS Key Management Service (KMS) and designed to ensure both security and full chain-of-custody of your data.
Let’s just hope everything goes according to plan and businesses dodge any run-ins with data theft or cyber extortion.
Link: http://goingconcern.com/post/amazons-giant-data-transfer-trucks-are-it-auditors-worst-nightmare

Lisa Ropple joins Jones Day’s Boston Office
The global law firm Jones Day has announced that Lisa M.
Ropple has joined the Firm’s Boston Office as a partner in its Cybersecurity, Privacy & Data Protection and Government Regulation practices.
At Jones Day, Ms.
Ropple will continue to assist client companies in investigating and responding to data security incidents and addressing the wide range of legal challenges they can present.
Link: http://www.metrocorpcounsel.com/news/34458/lisa-ropple-joins-jones-days-boston-office

Frost & Sullivan Acclaims FireEye’s Dominance of the Global Advanced Malware Sandbox Market
MOUNTAIN VIEW, Calif., Dec. 7, 2016 /PRNewswire/—Based on its recent analysis of the advanced malware sandbox market, Frost & Sullivan recognizes FireEye with its 2016 Global Market Leadership Award.
As a pioneer of the advanced malware sandbox as a critical enterprise security solution, FireEye leveraged its first-mover advantage to claim 56% of global revenue in 2015, propelling the company’s revenue to $623.0 million for 2015, which is a year-on-year increase of 46%.
Its market dominance is largely due to the quality of its Threat Management Platform, which is a complete portfolio of advanced threat protection products.
Link: http://www.prnewswire.com/news-releases/frost—sullivan-acclaims-fireeyes-dominance-of-the-global-advanced-malware-sandbox-market-300374111.html

https://www.finextra.com/favicon.ico OwlDetect scans the Dark Web for stolen data
OwlDetect gives you the power to scan the ‘Dark Web’ - the anonymous collection of encrypted websites most commonly used for illegal trading - for almost any piece of personal data that might have been leaked or stolen during a cyber-attack.
This includes email addresses, debit or credit cards, bank details and even passport numbers.
Available as a subscription service, OwlDetect costs just £3.50 per month.
First-time users will be provided with a backdated check for their information, followed by ongoing alerts if any of their personal details are found to be compromised online.
The service will also offer vital advice on the steps users should take to resolve any issues found, and how to be better protected in future.
Link: https://www.finextra.com/pressarticle/67355/owldetect-scans-the-dark-web-for-stolen-data

Cloud Security Market to Cross $10 Billion by 2021: TechSci Research Report
According to TechSci Research report, “Global Cloud Security Market By Service Type, By Deployment Mode, By End User, By Region, Competition Forecast and Opportunities, 2011 - 2021”, global cloud security market is projected to cross $10 Billion by 2021, on account of increasing adoption of cloud computing, rising demand for managed security services, increasing smartphone user base and growing number of data breach incidents.
Further, number of internet users across the globe stood at 3.14 billion in 2015 and this is estimated to reach 3.29 billion by 2016.
This has fueled need for virtual storage infrastructure such as cloud.
Moreover, in 2015, number of smartphone users across the globe stood at 1.89 billion and is estimated to reach 2.12 billion by 2016.
IT & telecom witnessed an increase in the number of cyber attacks and data breaches incidents aimed at gaining access to financial data, identity theft, etc.
Due to such instances IT & telecom companies across the globe are focusing on adoption of cloud security services.
Additionally, growing e-commerce industry, emergence of various e-commerce mobile applications and growing tie-ups of various advertising companies, etc., is increasing data security breaches.
Further, growth in ecommerce sector is generating large volumes of data and this is fueling use of cloud infrastructure for storage of this data.
Thus, retail companies are adopting cloud security solutions to safeguard data from hackers and this is projected to propel demand for cloud security solutions from various end user industries across the globe during the forecast period.
Link: http://www.prnewswire.com/news-releases/cloud-security-market-to-cross-10-billion-by-2021-techsci-research-report-605231166.html

Cisco Talos: Zeus spawn “Floki bot” malware gaining use, cyber-underworld notoriety
Michael Cooney
Cisco’s Talos security group this week warned that a variant of trojan monster Zeus has begun to garner a following in the cyber-underworld as a hard-to-detect attack mechanism.
“[Floki bot] is based on the same codebase that was used by the infamous Zeus trojan, the source code of which was leaked in 2011.
Rather than simply copying the features that were present within the Zeus trojan ‘as-is’, Floki Bot claims to feature several new capabilities making it an attractive tool for criminals,” Talos wrote.
Link: http://www.networkworld.com/article/3148785/security/cisco-talos-zeus-spawn-floki-bot-malware-gaining-use-cyber-underworld-notoriety.html

http://blogs.cisco.com/favicon.ico Cisco Signs on with Privacy Shield
Michelle Dennedy
Cisco supports protecting and enabling the international flow of personal data that furthers a progressive economy.
To that end, we received official word that we are loud, proud, and on the list for the Privacy Shield – the voluntary, self-certification framework for EU-US data transfer.
Why is Cisco participating.
Isn’t Privacy Shield being challenged along with the rest of the data transfer mechanisms.
Although there have been challenges testing the effectiveness of our transatlantic partnership, we have seen that data privacy matters to Cisco employees and customers.
Privacy is the authorized processing of personally identifiable information according to moral, legal, ethical, and sustainable fair principles.
Privacy Shield provides EU-like data protection for personal data processed in the United States.
Complying with Privacy Shield signals that Cisco takes privacy concerns very seriously, because it is the right thing to do for individuals and businesses.
Ultimately, it drives trust in business and confidence with regulators and citizens alike, which is good for Cisco and our customers.
So, we signed up and will keep striving to make our products and processes even better every day.
Link: http://blogs.cisco.com/security/cisco-signs-on-with-privacy-shield

Cisco whacks its Secure Access Control System
Michael Cooney
Cisco this week this week announced the death of its Secure Access Control System – a package customers use to manage access to network resources.
Cisco said the last day customers can order the system is August 30, 2017.
For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers’ service contract the company said.
The last date that Cisco Engineering will release any final software maintenance releases or bug fixes is Aug. 30, 2018.
After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software, the company said.
“The Cisco Secure Access Control System (ACS) product functionality has been implemented in the Cisco Identity Services Engine (ISE) product line.
Customers with only Access Control System installations interested in migrating to ISE may purchase a migration bundle with product part number ACS-ISE-MIG-M or ACS-ISE-MIG-S, on sale until August 31, 2017.
Customers who have maintained parallel installations of both ACS and ISE are able to simplify their security solution by using the functionality of their ISE installment.
Customers with both ACS and ISE installations are not eligible for the migration bundles,” Cisco wrote in an announcement of the product’s end of life.
Link: http://www.networkworld.com/article/3147842/cisco-subnet/cisco-whacks-its-secure-access-control-system.html

http://sports.yahoo.com/favicon.ico Symmetry and Sage Solutions Consulting to Bring World Class Security and Compliance for Mission Critical SAP Environments
JACKSONVILLE, FL and MILWAUKEE, WI—(Marketwired - Dec 7, 2016) - Responding to continued market demand for comprehensive SAP security and audit readiness services, Sage Solutions Consulting, an SAP consulting services provider, and Symmetry, a leading enterprise application management, hybrid cloud hosting and award-winning GRC software solutions provider, today announced a partnership agreement focused on providing world-class security and GRC solutions for enterprise SAP IT environments.
This newly formed partnership enables Sage Solutions Consulting to include the award-winning ControlPanelGRC® software suite into their arsenal of solutions for their customers.
ControlPanelGRC® is a powerful yet simple governance, risk and compliance (GRC) platform that automates compliance and audit-relevant tasks-achieving dramatic time and cost savings in the process.
It features capabilities that address the major areas of SOX compliance at every level for SAP environments, including those in heavily regulated industries.
ControlPanelGRC® is built, implemented and supported by SAP technology and compliance subject matter experts who have years of experience in deploying, managing, and auditing this mission critical environment.
Link: http://sports.yahoo.com/news/symmetry-sage-solutions-consulting-bring-115500283.html

http://www.businesswire.com/favicon.ico LookingGlass Announces New Program for Managed Security Services Providers (MSSPs)
RESTON, Va.—(BUSINESS WIRE)—LookingGlass Cyber Solutions™, a leader in threat intelligence driven security, today announced the Cyber Guardian Network partner program has expanded to include Managed Security Services Providers (MSSPs).
MSSPs can now readily supplement their existing security services portfolio to initiate new revenue streams and enhance their profitability.
By leveraging LookingGlass’ MSSP program, partners have the ability to offer standardized threat intelligence services for quick adoption, and highly customizable services that will allow them to differentiate their offerings.
Link: http://www.businesswire.com/news/home/20161207005273/en/LookingGlass-Announces-Program-Managed-Security-Services-Providers

http://www.marketwired.com/favicon.ico Kenna Security Closes $15 Million Series B Funding
SAN FRANCISCO, CA—(Marketwired - Dec 7, 2016) - Kenna, a vulnerability and risk intelligence platform that enables organizations to measure and monitor their exposure to risk, today announced it has closed a $15 million Series B funding round led by PeakSpan Capital.
New investor OurCrowd and previous investors U.S.
Venture Partners (USVP), Costanoa Venture Capital, and Hyde Park Angels also participated in the round, bringing the company’s total funding to $25 million.
The capital will be used to power Kenna’s engineering roadmap as well as scale sales, marketing, and customer success to meet increasing market demand.
Link: http://www.marketwired.com/press-release/kenna-security-closes-15-million-series-b-funding-2181297.htm

http://news.thewindowsclub.com/favicon.ico Threat intelligence feeds are, at best, uneven in quality, says Microsoft
Anand Khanse
According to analysis by top information security professionals, almost 70% of these threat intelligence feeds are sketchy and not dependable in terms of quality.
They claim that only 31% of the entire spectrum is accessible and accurate.
This low success rate means that IT staff will have to focus on manual vetting and shuffling of the data.
With more than 17,000 malware threats detected every week, this unnecessary process takes up majority of the time of most IT professionals.
This component of Microsoft’s risk analysis department gathers data from across all of the company’s products and services.
In addition to this, between their Digital Crimes Unit (DCU), Cyber Defense Operations Command Center (CDOC), and the entire organisation, Microsoft employs thousands of the smartest security experts to protect sensitive products like Azure and Office 365.
Link: http://news.thewindowsclub.com/threat-intelligence-feeds-microsoft-87514/

https://www.yahoo.com/favicon.ico SANS Announces Winners of the 2016 Difference Makers Award
BETHESDA, Md., Dec. 8, 2016 /PRNewswire-USNewswire/—SANS Institute is pleased to announce the winners of the SANS 2016 Difference Makers Award which celebrates those individuals whose innovation, skill and hard work have resulted in real increases in information security.
While there is no shortage of publicity around failures in security, there are many organizations who aren’t in the news because their security staff have found ways to meet business needs and protect customer and business data from attackers.
The SANS Difference Makers Award was formed to honor these individuals who are quietly succeeding and making breakthroughs in advancing security.
Chris Burrows, CISO Oakland County MI
Eric Alexander, Senior Network and Security Engineer, BI Inc
Jon Homer, DHS
John Martin, Boeing
Joseph Roundy, Cybersecurity Program Manager, Montgomery College
Elayne Starkey, CISO, State of Delaware
Jeff Hobday, Chief, Defensive Cyber Operations Branch, 442nd Signal Battalion at Fort Gordon, GA
Lisa Wiswell, OSD Defense Digital Service; Charley Snyder, OSD Cyber Policy; Alex Romero, Defense Media Activity: Hack the Pentagon
Maj Gen Earl D.
Matthews (USAF, Ret), Vice President, Enterprise Security Solutions, HP Enterprise
Joanne McNabb, Director of Privacy Education and Policy in the Office of the California Attorney General
GySgt Johnathan Norris, JCU Cyber Troop, Ft.
Bragg, NC
Lighthouse Award Winner: Howard Schmidt
Link: https://www.yahoo.com/tech/sans-announces-winners-2016-difference-makers-award-191500562.html

http://blogs.cisco.com/favicon.ico Cisco ACI Partner Ecosystem Packs a Punch – 65 Partners and Growing
Ravi Balakrishnan
When it comes to leadership in the SDN marketplace, clearly there is one winner.
And that is, Cisco ACI.
The proof is in customer momentum numbers.
Cisco ACI has 2700+ ACI customers and a rapidly growing ecosystem of 65 technology partners.
ACI ecosystem partners come from a broad spectrum of L4/L7, Security Management and Orchestration, Analytics, Operations Monitoring and Compliance, Service delivery, and other categories addressing a broad set of use-cases and buying center requirements.
In this blog, I intend to give an overview of our major L4-7 ecosystem partner solutions, the new innovations, a quick discussion on what to look forward to in 2017, and how customers can benefit deploying the solution.
In 2017, we’ll add support for additional use cases with Rapid Threat Containment for ACI and will improve policy automation and simplicity by allowing FirePOWER/Firepower Threat Defense policy to be defined using ACI constructs like EPGs.
Link: http://blogs.cisco.com/datacenter/cisco-aci-partner-ecosystem-packs-a-punch-65-partners-and-growing

http://www.digitaljournal.com/favicon.ico Network Security Market: Global Industry Analysis and Forecast 2016 - 2026
Persistence Market Research which analyzes the Network Security Market and identifies key market drivers and factors impacting growth during the forecast period
New York, NY—(SBWIRE)—12/08/2016—The introduction of virtualization technologies and growing usage of web-based applications are some of the factors that are supporting Network Security market to grow.
Network security helps enterprises in securing communication pathway from unauthorized access and data misuse.
There is increasing demand for advanced security services and integration of network security solutions with other security services to mitigate the risk of cyber-attacks.
The major factor driving Network security market is the growing need of security solutions for cloud technology.
Due to heavy use of virtualization, threats such as malware or defective process are reducing the efficiency of the hypervisor.
This has encouraged Network security solution providers to offer advanced Network security solutions such as Firewall to scan every byte of each packet on all the network traffic.
This Network security solution strengthens cloud-based security by providing additional benefits such as malware protection, detection of intrusion, policy violation data theft and other security measures.
The key challenge in the Network security market is the rising demand for solutions that can support BYOD approach.
With the introduction of BYOD policy companies allow their employees to access business information through their personal devices and to follows open and interconnected network policy.
This creates difficulty for network security solution to understand if the action has been taken up by the device, machine or human.
Many network security solution providers are working towards the development of intelligent security solution that can secure information not only the device or communication pathway.
Another restraint in Network security is the vulnerability to cyber-attack.
This has badly affected operating system of the companies as many organizations are running their network connected devices without network security updates, faces the problem of vulnerability to viruses, theft and data loss along with cloud Integration and connectivity.
This have given hackers and cyber-attackers an easy access to the organization’s network.
To secure network, timely detection, removal of viruses and control is needed.
It is necessary to identify and fix the issues related to network performance and reliability.
Link: http://www.digitaljournal.com/pr/3169770

 

Posted on 12/09
NewsPermalink