[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Spotlight on the i2 Summit for a Safer Planet
The IBM i2 Summit for a Safer Planet brought personnel in law enforcement, emergency management, defense/national security, cyber threat intelligence and counter fraud together for two days of insights and knowledge sharing.
Access these useful blogs to get a glimpse of the two action packed days at the event.
Highlights from Day 1
Highlights from Day 2
There was so much more going at the i2 Summit and if you’d like to see it all, please check out the #i2Summit feed.
For more info on the solutions featured, please visit the IBM Safer Planet page.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7146090e10&e=20056c7556
The new art of war: How trolls, hackers and spies are rewriting the rules of conflict
The Cooperative Cyber Defence Centre of Excellence (CDCOE) was established the year after the attacks took place as an institution created to figure out how to improve the digital defences of NATO members and what cyberwarfare would actually look like.
As well as the cyber defence exercises it conducts annually, probably the centre’s most important work so far appeared in 2013: the Tallinn Manual on the International Law Applicable to Cyber Warfare, known simply as the Tallinn Manual.
The manual also delves into some of the trickier questions of cyber war: would Country A be justified in launching a pre-emptive military strike against a Country B if it knew Country B planned to blow up Country A’s main oil pipeline by hacking the microcontrollers managing its pipeline pressure? (Answer: probably yes.)
An expanded Tallinn Manual 2.0 is due to be published next year looking at how international law addresses malicious cyber operations by state (and non-state) actors during peacetime.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0cadda5e94&e=20056c7556
When restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions. One group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires.
When restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions.
One group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires.
http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c8474d82cf&e=20056c7556
With regard to the security task, he says, âsecurity is moving at a pace thatâs outpacing even agile at this point based on the cyber threats that are quickly emerging.â As a result, security has become a foundational function, âso security is embedded in every aspect of our lifecycle from the beginning, so we design our solutions for performance and security and functionality and thatâs the only way weâre going to be successful with it.â
Itâs easier to maintain security when youâre more centralized.
It sort of bakes into the way you do these processes when youâre centralized,â Meilen says.
Although Meilen says there seems to be a natural split.
He says he uses that for planning and tracking purposes, but he doesnât anticipate drawing a stronger line between the two.
âWe donât have a formal separation, but in the past two years weâve been talking more about the different focus of those two areas,â he says, noting that the company is beginning to review how it budgets and allocates resources to reflect those two IT functions.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3ef76e6694&e=20056c7556
Chief risk and compliance officer makes rare move to CIO
E. Scott Gilbert, formerly chief risk and compliance officer of Marsh & McLennan Companies, has been named CIO of the $13 billion professional services firm.
In his new role, which he started last Wednesday, Gilbert will continue reporting to CEO Dan Glaser as a member of the company’s executive management committee.
He will also lead the company’s Dublin-based innovation center.
Elevations of chief risk and compliance officers to CIO roles are rare.
Yet such promotions could become more prevalent as companies continue to combat cybersecurity attacks and competitive threats, and other concerns that could impact their businesses.
In this case, Gilbert comes with IT experience, having in his prior role overseen the company’s technology infrastructure, including business resiliency and security.
Marsh & McLennan operates under a shared services model, in which the technology infrastructure, led by CTO Dave Fike, supported applications for the company’s properties.
Fike will continue reporting to Gilbert.
Marsh & McLennan said it has also appointed Carey Roberts, who joined the company last year as deputy general counsel and corporate secretary, as chief compliance officer to fulfill some of the tasks overseen by Gilbert.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8923b0550a&e=20056c7556
Survey Cites Lack of Visibility As Number One Cloud Security Issue
“Overall, lack of visibility into cloud provider operations and controls stands as the largest issue respondents experienced with their providers,” noted report author and SANS analyst Dave Shackleford.
Lack of visibility and control plays a major role in other pain points cited in the survey results, including deficient incident response support (with lack of visibility cited), selected by 48% of respondents; lack of virtual machine and workload visibility, selected by 46%; and provider-introduced vulnerabilities resulting in a breach or incident, experienced by 26%.
The “Orchestrating Security in the Cloud” survey also found that hybrid cloud architectures are now the most favored, with 40% currently using them and 43% planning to move in that direction in the next 12 months.
Private cloud implementations are the second most used at 38%, while only 12% of respondents indicated their organizations use public cloud implementations.
Other key findings include:
The full survey results will be published at www.cloudpassage.com on September 23, 2015, and there will be a webinar on the same day with a detailed discussion of the findings (SponsorWebcast, 1:00 PM EDT).
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e601655fb8&e=20056c7556
IT security analytics on the up as overall security spending reaches all-time high
In a statement ahead of its Security and Risk Management Summit taking place in Dubai in November, Gartner said that organisations are having to navigate an increasingly complex buying market when it comes to security.
While funds are being made available to invest in security, technology providers are creating a lot of noise over what their products can do, creating confusion, Gartner said.
“Breach detection is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level,” said Eric Ahlm, research director at Gartner.
Indeed, how well a SIEM product can perform automated analytics – compared with user queries and rules – has become an area of differentiation among SIEM providers, Gartner said.
Gartner said that, as security analytics platforms grow in maturity and accuracy, a driving factor for their innovation is how much data can be brought into the analysis.
Today, information about hosts, networks, users and external actors is the most common data brought into an analysis.
However, the amount of context that can be brought into an analysis is truly boundless and presents an opportunity for owners of interesting data and the security providers looking to increase their effectiveness.
“Like other disciplines that have leveraged large data analytics to discover new things or produce new outputs, visualisation of that data will greatly affect adoption of the technology.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=99cdfbb38f&e=20056c7556
The World Is Now Richer with 21 Million New Types of Malware, 230,000 Each Day
According to PandaLabs, between April and June of this year, 21 million new strands of malware have been discovered, which comes down to 230,000 per day, 9,500 per hour, 160 per minute, and 2.66 per second.
As PandaLabs researchers point out, most of these new malware types were trojans, which represented 71.16% of the 21 million, while in a distant second came old-school computer viruses, which only amounted to a measly 10.83% of all the Q2 detections.
The majority of these new malware types are simple mutations, represented by basic modifications in the malware’s code so the attackers can avoid detection by antivirus laboratories.
Most infected users were recorded in China, with an infection rate of 47.53%, followed by Turkey with 43.11%, Peru with 41.97%, Russia with 41.15%, and Argentina with 40.93%.
The rest of the top 10 is rounded off with Bolivia, Taiwan, Guatemala, El Salvador, and Ecuador.
On the other side of the spectrum, the countries with the lowest malware infection rates were Sweden with 21.57%, Norway with 22.22%, Japan with 23.57%, Switzerland with 24.41%, and the UK with 25.71%.
The rest of the top 10 is completed by Germany, France, Belgium, Portugal, and Holland.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f3dcee378e&e=20056c7556
As containers take off, so do security concerns
According to a recent survey sponsored by container data management company Cluster HQ, 73 percent of enterprises are currently using containers for development and testing, but only 39 percent are using them in a production environment.
But this is changing, with 65 percent saying that they plan to use containers in production in the next 12 months, and cited security as their biggest worry.
According to the survey, just over 60 percent said that security was either a major or a moderate barrier to adoption.
The downside is that containers are less isolated from one another than virtual machines are.
In addition, because containers are an easy way to package and distribute applications, many are doing just that — but not all the containers available on the web can be trusted, and not all libraries and components included in those containers are patched and up-to-date.
According to a recent Red Hat survey, 67 percent of organizations plan to begin using containers in production environments over the next two years, but 60 percent said that they were concerned about security issues.
“Containers do not make a promise of providing resilient, multi-tenant isolation,” he said. “It is possible for malicious code to escape from a container to attack the operation system or the other containers on the machine.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c6b939dade&e=20056c7556
80% increase of malware on Windows devices
Alcatel-Lucent estimates that 80 percent of malware infections detected on mobile networks during the first half of 2015 have been traced to Windows-based computers.
Adware has also been on the increase, with ads becoming more sinister.
An example is BetterSurf, a moderate-threat contained within software bundles offering free applications or games.
When installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages.
While it looks like run-of-the-mill adware, the ads themselves are very dangerous.
Many are phishing attempts to install additional malware and engage in fraudulent activity.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=68e3f14c75&e=20056c7556
FS-ISAC Announces Arrangement with Federal Reserve Banks to Share Threat Intelligence
Reston, VA â 16 SEPTEMBER 2015 â The Financial Services Information Sharing and Analysis Center (FS-ISAC) today announced an arrangement with the Federal Reserve Banks to provide direct access to FS-ISAC security threat information to over 10,000 of their financial institution customers.
Under the terms of the agreement, FS-ISAC will allow the Federal Reserve Banks to provide their customers with access to the Weekly Risk Summary report, designed for community institutions and delivering timely and actionable information on significant security threats to board and C-level personnel.
The report provides a high level summary of threats, identifies the risk to community institutions and suggests actions that these organizations can take to remediate the risks.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c4e4adf883&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=1f8eeb749f)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)