[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
Most DDoS attacks hiding something more sinister, Neustar warns
Most distributed denial of service (DDoS) attacks now appear to be aimed at distracting IT and security teams, a survey by communications and analysis firm Neustar has revealed.
“DDoS attacks are no longer mainly about taking websites offline by flooding them with requests, but about providing cover for installing malware and stealing data,” Neustar product marketing director Margee Abrams told Computer Weekly.
In launching “low and slow” DDoS attacks, she said, the attacker disrupts operations and distracts security teams, while keeping the target network operational enough to plant malware and exfiltrate data.
In March 2015, a survey published by Neustar revealed that DDoS attacks could expose 40% of businesses in Europe to losses of £100,000 or more an hour at peak times.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7e157a2159&e=20056c7556
4 in 5 Malware Attacks Cause Problems for Users and 1 in 3 Result in Money Loss
New Delhi, India, September 15, 2015: A study conducted by Kaspersky Lab and B2B International has revealed that nearly half of Internet users (45%) encountered malicious software during the last year and in most cases (81%) this had a negative impact on both users and their devices.
Malware was most commonly encountered on Windows computers – 83% of Windows users said they had been affected in the last 12 months.
However, Android and Mac OS X users were not immune, with 13% and 6% citing infections on their devices, respectively.
12% of users believe their device was infected after visiting a suspicious website; someone else’s USB flash drive, another infected device, and installation of a malicious app disguised as a legitimate program were each cited by 8% as the cause of infection.
Yet another 7% of those surveyed said their devices were infected after opening an email attachment.
The greater part of those polled, 13%, could not explain how malware ended up on their device.
Significantly, four out of five infections caused problems for those affected.
Most often (35% of cases) users noticed computer performance slowed down, 30% of respondents experienced obtrusive advertising (e.g. the browser redirected them to unwanted websites) and 20% of those surveyed found unsolicited programs on their devices.
Among the most dangerous results of an infection were changes to the browser or the operating system settings without the user’s knowledge (17%), the loss (10%) or theft (8%) of personal data, unauthorized publications or ‘likes’ on social networking sites (9%) and hacking of a webcam (6%).
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1d84b70425&e=20056c7556
Penn State launches Office of Information Security
On Friday, Penn State announced a new department focused on the strength of the university’s network and data, the Office of Information Security.
According to Provost and Executive Vice President Nick Jones, the new office is distinct and separate from Information Technology Services but will include one of its former components, Security Operations and Services.
It will initially be helmed by College of Information Sciences and Technology Dean Andrew Sears while Penn State looks for a permanent chief information security officer.
“This is an important step for Penn State.
Increasingly, organizations are recognizing the importance of having an office that focuses on information security, which is independent of the group responsible for running the computing infrastructure.
By establishing an independent office, Penn State is better positioned to respond to the increasingly complex challenge of protecting information that has been entrusted to the university.
This also highlights the importance of these issues while emphasizing that this is not just an IT problem,” Sears said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bc8ae8d715&e=20056c7556
Security needs business intelligence
The list of tools in a health organization’s data security armamentarium is long and varied: firewalls, encryption, anti-virus, audit logs, etc.
But a truly risk-based security framework need more than mere protective measures.
It requires awareness.
Ron Mehring, senior director and chief information security officer Texas Health Resources, oversees security architecture and operations at the sprawling 25-hospital system – an organization whose sheer size and name recognition plausibly make it a conspicuous target of any bad actor looking to gain access its huge troves of data.
THR has deployed what’s variously called a “cyber kill chain” or a “threat actor profile,” he says. “We’re improving our technology around how we detect and react to phishing campaigns, whether they’re targeted or broad-based.
We’re starting at that first injection point and then working away through every one of those profile areas.
If they try to get a persistent foothold in the network, how do we detect that?
“We make sure we’re monitoring more on our endpoints, we’re monitoring inside of our data centers to see if we can see that anomalous activity, we’re advancing our security zoning in our enterprise to break apart our network to control data flow,” Mehring adds.
The goal of that last one, if the bad guys were to get in, is to make it “really hard to get to where the most important stuff is at: We’re breaking apart the network to make it more difficult for them, preventing a little of that horizontal movement.”
Analytics such as data loss prevention technology is also aimed at offering visibility into what the bad guys are up to, he says.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a319add682&e=20056c7556
Ben Harknett, VP EMEA, RiskIQ, looks at the evolution of the Chief Information Security Officer.
The CISO role is going through a period of transition.
The number of security breaches that have occurred over the last year is unprecedented and demonstrates a need for stronger security.
The improvements which organisations must make from within will stem from the CISO’s desk.
This represents a shift that will require enterprises to re-examine the role of the CISO.
As the responsibilities of the CISO expand, the role needs to become a more strategic business function.
CISOs need to become dynamic leaders, capable of bridging the gaps between technology and the boardroom.
Successful CISOs will be capable of both building and training effective security teams and communicating security threats as a business risk with non-technical business leaders.
The increase in attention given to information security is long overdue.
With the limelight on the CISO more than ever before, individuals in this role have a unique opportunity to step up as leaders.
The role is changing and with that a demand for security technology that meets modern challenges will increase.
The future of information security will be defined based on the response to evolving threats and the ability of CISOs to step up as business leaders.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0452beaac3&e=20056c7556
Getting Strategic About Security Spending
increased awareness is the beginning of a solid cybersecurity budget.
In the CIO Survey, 82 percent of respondents cited cybersecurity as a high or critical concern for the next 12 months, the highest percentage across all surveyed categories.
Bottom line: It’s time to take stock and develop a threat-focused, risk-based approach to your security strategy.
One of the more challenging aspects of budgeting for cybersecurity is demonstrating the return on investment.
It’s difficult, if not impossible, to accurately depict the ROI from stemming hypothetical attacks.
However, it’s still possible to show value with links to positive results by, for instance, tying the investment to the ability to accelerate the organization’s move to mobile or improved time to market for a new offering.
As security professionals, we need to embrace these new metrics to show value—not just for brand protection but also for new opportunities.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=357d166b90&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage2.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=db41bbbb61)
** Update subscription preferences (http://paulgdavis.us3.list-manage2.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)