[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
3 Positive Signs for Better Security in Cloud Computing
Whether youâre a large corporation, a nonprofit organization, or an everyday person who wants to share your data with others, youâve probably jumped on the cloud phenomenon already.
Like many forms of cognitive computing, cognitive security can self-learn and adapt from previous experiences based on new data itâs presented with.
Once itâs fed this data, it will mine it for information and isolate patterns that should be followed in the future, just as iPhoneâs Siri can learn from its userâs vocabulary and habits to focus its service.
Another method employed to boost cloud security involves creating more stringent access points, where users are sent through a very particular gateway that will analyze the validity and intentions of their entrance.
This has the aim of catching hackers and viruses before they ever reach the cloud.
Products like these would be able to authenticate users, enforce data protection policies, and even control the way users can access applications and share information, which would allow the security system to monitor it tightly.
The IBM Cloud Security Enforcer takes on a similar tactic to the gateways by monitoring what actions are being taken in the cloud with an extreme level of detail.
By approving certain applications, the Enforcer only allows a user access after strictly checking their authenticity and collecting data on their habits within the cloud.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b33ece50dd&e=20056c7556
Trend Micro: Lessons learned from 2015 cyber attacks
Following an onslaught year of massive breaches, 2016 promises to usher in more of the same, but with each breach there was a lesson to be learned, according to a Trend Micro report.
Trend Micro suggested organizations implement the following remedial measures:
⢠Advanced sandboxing capabilities to detect malware in spear phishing emails
⢠File integrity monitoring and log inspection to improve situational awareness of unusual network behavior and lateral movements
⢠Intrusion detection/prevention to shield unpatched vulnerabilities
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c05845e524&e=20056c7556
What is âinfrastructure as codeâ and why should you embrace it?
IAC is a type of IT infrastructure provisioning process where systems are automatically built, managed and provisioned through code, rather than less flexible scripting or a manual process.
That’s why IAC is sometimes referred to as programmable infrastructure.
It makes the process faster and eliminates human error, once you get your code solid.
By using code to automate the process of setting up and configuring a virtual machine or container, you have a fast and repeatable method for replicating the process.
So if you build a virtual environment for the development of application, once you are ready to deploy you can repeat the process of creating that VM simply by running the same code.
The first thing to remember is that IAC is not a product, it’s a methodology.
It’s a process to an end, which is the rapid deployment of a virtual environment.
Agile is necessary because IAC is all about speed. “One of the big things is your development team will move fast.
They are embracing new approaches to software development using agile.
Actually, their sprints are much faster, so waterfall concepts are going out the window,” Riley says.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9659461563&e=20056c7556
Using surveys to gauge employees’ security perceptions
In-house critics of security-related surveys say that once we get this type of information, the organization or the facility is somehow “put on notice” and will have to take immediate steps to correct every single deficiency before they can open the doors again.
This is an overreaction.
The truth is that every public or private facility is already at a high watermark for liability anyway.
We will always be questioned by outsiders (or plaintiffâs lawyers) as to the safety and security of our entire building: from slip and falls in a wet restroom; to an attack by a mentally-ill homeless person against a city employee; to a cyber-attack on our private customer list; car thefts in the employee lot; to a current or former employee active shooter situation.
Consider the following survey for your employees.
You can modify these questions (just a bit) to fit your specific organization, but be careful not to change the meaning too much just because you might be wary of the answers.
You should tell all employees that your first step is to gather their opinions, analyze and prioritize their concerns, give them an overview of what you heard from them, and then discuss what you plan to do going forward.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f2723a0fbc&e=20056c7556
Feds eye new IT security suite to prevent attacks, block websites
In-house critics of security-related surveys say that once we get this type of information, the organization or the facility is somehow “put on notice” and will have to take immediate steps to correct every single deficiency before they can open the doors again.
This is an overreaction.
The truth is that every public or private facility is already at a high watermark for liability anyway.
We will always be questioned by outsiders (or plaintiffâs lawyers) as to the safety and security of our entire building: from slip and falls in a wet restroom; to an attack by a mentally-ill homeless person against a city employee; to a cyber-attack on our private customer list; car thefts in the employee lot; to a current or former employee active shooter situation.
Consider the following survey for your employees.
You can modify these questions (just a bit) to fit your specific organization, but be careful not to change the meaning too much just because you might be wary of the answers.
You should tell all employees that your first step is to gather their opinions, analyze and prioritize their concerns, give them an overview of what you heard from them, and then discuss what you plan to do going forward.
Bureaucrats considering a little online shopping or Internet poker during business hours beware: Shared Services Canada is looking to stop you.
The federal governmentâs central IT department is looking for a new unified security platform to do everything from pinpointing individual Internet usage, to preventing malicious actors from intruding on government networks, to blocking pornography and online gaming sites.
To that end, Shared Services Canada is considering buying a âunified threat managementâ (UTM) program â a single platform to provide firewalls, virus scanning, intrusion detection, web filtering, and virtual private networking to allow secure connections for public servants working remotely.
The system envisioned by the central IT agency includes the ability to monitor government networks in real-time, from individual web traffic to department-wide analysis.
The UTM would need to cover everyone from bureaucrats working from home to massive public offices in Ottawa.
Shared Services hopes that the proposed security platform could help prevent future DDoS attacks, by identifying the unique communication patterns botnets produce.
The platform is also expected to detect and prevent damage from malware downloaded through emails or from Internet sites.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=16af01ced8&e=20056c7556
Cyber security incidents on the rise in Indian enterprises, but information security function not keeping pace
According to EYâs Global Information Security Survey (GISS) 2015, which involved more than 200 Indian CIOs and CISOs, approximately 20% of respondents reported financial damages up to INR15 million due to information security incidents over the past year.
More importantly, 27% of the respondents reported that they were unaware of the extent of financial damage due to information security incidents.
This combined with the fact that close to 40% of respondents reported that their Security Operations Center (SOC) takes more than four hours to initiate an investigation on discovered/alerted incidents, highlights the vulnerability of Indian organizations to security incidents.
Cyber-attacks originate from a multitude of sources, including but not limited to criminal syndicates, hacktivists, lone wolves, and external contractors among others.
The Global Information Security Survey found that 70% respondents considered hacktivists and 55% considered criminal syndicates as the most likely source of attack.
Budgetary constraints and lack of skilled resources are the major reasons which impact the contribution and value that information security function provides to the organization, indicating that the situation is deteriorating, rather than improving.
The digital world does not allow any organization to feel comfortable in the area of cybersecurity threats and vulnerabilities.
As the saying by Sun Tzu goes, âThe more we sweat in peace, the less we bleed in warâ, organizations will have to be on constant guard to respond to the evolving threat landscape.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e6ab9ff477&e=20056c7556
Cybersecurity incident response: Planning is just the beginning
According to the 2015 U.S.
Cost of a Data Breach Study1 by the Ponemon Institute, last year there was an 11% increase in the total cost of a data breach, to a $217 average per lost or stolen record.
Key findings include:
Simply having a cybersecurity incident response (IR) plan is not enough.
It must be reviewed and updated regularly as part of a comprehensive cybersecurity incident response program.
Regular training and exercises are important in keeping the IR plan effective.
Employees can be a critical line of defense.
Board involvement is crucial.
Senior management and the board need to have open dialogue about expectations regarding risk tolerances, budget considerations, IR planning and breach response.
General liability insurance and directorâs insurance most likely will not cover a cybersecurity incident.
A full review of insurance should be an integral part of cyberrisk management.
The risks of cyberattacks span functions and business units, companies and customers.
Given the stakes and the challenging circumstances related to becoming cyberresilient, making the decisions necessary can only be achieved with active engagement from the CEO and other members of the senior management team.8 Cybersecurity is not a check-the-box-and-youâre-done issue.
It requires a commitment of time and resources.
Itâs too late to start planning for a breach once a breach has taken place.
Start planning now; best practices begin with a cybersecurity incident response plan as part of a comprehensive IR program.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d2386cea73&e=20056c7556
Tor Project to launch bug bounty program in 2016
he program, which has the Tor Project partnering with HackerOne, initially would âstart out invite-only so we can get used to flow and scale up.â The program will be made public âlater in the year to basically provide people with incentive to review our code to look for vulnerabilities that might be specific to our applications,â he said.
Perry and his team have had a challenging year âkeeping up with Firefox release treadmill,â ensuring that âtheir features adhere to our privacy modelsâ and that the Tor releases come out same day as the Mozilla releases so that no vulnerability is left exposed.
He said there was a âsolid three-to-four months where we felt like we were doing a release every two weeks.â
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e57eabf1cb&e=20056c7556
Ransomware, attacks on wearables: Intel McAfee Labsâ top security predictions for 2016
Intel Security has released its McAfee Labs Threats Predictions report, which enlists key security threats in 2016 till 2020.
The report includes an overview of cyber-attacks and threats on hardware, wearables, cloud services, etc and the possible response of IT security industry to them.
Predictions through 2016
Hardware
Hardware
Wearables
Attacks through employee systems
Cloud services
Automobiles
Warehouses of stolen data
Integrity attacks
Sharing threat intelligence
Predictions through 2020
Below-the-OS attacks
Detection evasion
New devices, new attack surfaces
Cyberespionage goes corporate
Privacy challenges, opportunities
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4cdec16d91&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=76f6e1bc1f)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)