[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
* These 5 Facts Explain the Increasingly Tense Geopolitics in Asia
* Army app invites public to thwart terrorism
* Avoid Key Cloud Services Mistakes
* TeslaCrypt ransomware now impossible to crack, researchers say
* XO Communications research reveals that 56 percent of businesses worry about cloud data security
* “Dizzying” threat-analytics growth reflects demand for high-speed, hybrid security tools: Arbor exec
* Merchants Ask Court for Relief from EMV Liability Shift
* LinkedIn being used as a ‘front door’ to phishing attacks
* Cert-RO sees rise in malware
* Sverdis Offers Businesses Free 14-Step Ransomeware Protection Plan for a Limited Time
* Cyphort and Ponemon Institute Study Reveals Alarming Number of CEOs Still in the Dark About Cyber Threats and Companies Spend Majority of Time Chasing False Positives
* Attackers Continue to Access Valuable, Sensitive Data According to SANS Endpoint Security Survey
* Rethinking branch IT in the new age of security
* BAE Profiles ‘World’s Most Dangerous Cybercriminals’
* Why the next wave of cybersecurity talent won’t have a ‘security’ job title
* Top U.S. Cybersecurity Salaries Hit $420,000
* Mitre Takes On Critics, Set To Revamp CVE Vulnerability Reporting
* Security On-Demand Partners with National University to Launch Cybersecurity Internship Program
These 5 Facts Explain the Increasingly Tense Geopolitics in Asia
The Middle East gets all the attention, but Asia is a major security concern for the U.S.
And the situation is getting more tense
While the geopolitics of Asia look relatively stable in 2016—especially compared to other hot spots—there’s no shortage of conflicts simmering beneath the surface.
These five facts detail what you need to know about Asia’s fluid security situation:
t’s a very large ocean away, but the U.S. is still Asia’s dominant military presence.
With the Trans-Pacific Partnership trade deal on the horizon, the U.S. will have even more incentive to maintain a strong military presence in the region.
China is less than thrilled by that prospect.
As its economy has soared in recent decades, so has its military spending.
Exhibit A: the South China Sea.
Disputes among China, Vietnam, Malaysia, Brunei, Taiwan and the Philippines over who controls these waters have raged for more than a century.
At stake is a deep reservoir of oil and natural gas, and control of one of the world’s most important trading channels.
Roughly 30 percent of all maritime trade travels through the South China Sea every year.
Since the end of World War II, Japan has pursued a purely defensive military strategy, outsourcing its security to Washington.
But Japan doubts America’s longer term staying power in Asia, and Tokyo fears that conflicts in the South China Sea will set a dangerous precedent for its maritime disputes with China in the East China Sea.
The flare-up in the East China Sea a few years ago caused Japanese shipments to China to fall 14.1 percent from a year earlier after Chinese began boycotts.
The Democratic People’s Republic of Korea is the black box of international politics.
Even traditional ally China can’t be certain what’s going on there.
Beijing understands that North Korea’s belligerence keeps thousands of U.S. troops in South Korea.
But to avoid regime collapse and a flood of North Korean refugees—as many as 200,000 of them—China continues to prop up Kim Jong-un.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8ecd3b86c0&e=20056c7556
Army app invites public to thwart terrorism
The latest app from the Army is all about safety and security.
Redstone Arsenal leaders now calling on the public to thwart terrorist activity.
It’s called iWatch.
It’s the latest in Redstone Arsenal’s anti-terrorism efforts.
Users can choose to receive messages, such as emergency notifications and Amber alerts.
You can find the app by searching with the term iWatch Army.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b3e902cd92&e=20056c7556
Avoid Key Cloud Services Mistakes
This first of a three-article series on the cloud takes a look at where the security industry was coming from 10 years ago, and contrasts that with where the industry is now with regard to cloud adoption.
A lot of mistakes have been made to date in the adoption of information technology, which makes it likely that mistakes will be made with regard to security industry cloud services.
The primary challenge for security industry manufacturers is to keep up with information technology developments when technology advancement continues to accelerate at a pace that is hard to imagine.
Right now many security industry companies are working hard to catch up, a challenge that is very much like running up a down escalator that keeps moving faster and faster.
The first mistake on the part of industry manufacturers was due to confusion about what was meant by the term “cloud service” or “cloud system.” The mistake was thinking that a “cloud system” was any kind of server or system connected to the Internet.
This came about because companies — not just in the security industry — provided “hosted systems,” which were client-server systems that customers could connect to over the Internet.
They came to think that “cloud” was just a new name for what they already had in place.
Cloud services can be much more secure than systems deployed on customer premises.
This is because the cost of security is shared by many customers, all of whom benefit equally from the security controls that are in place.
This is why security can be better — including system redundancy in multiple geographic locations — and still cost less for each customer than the customer’s own security controls would cost, for both physical and electronic security measures.
Cloud service providers can staff top-notch system security teams, the equivalent to which would be cost-prohibitive for a customer to establish.
Documentation for a cloud service is important — and on a positive note, many security industry companies generally do a good job on product and system documentation.
However, it is not just cloud system architecture design information that is needed.
Where and how data is stored, including backups and redundant system elements must be provided; along with the lifecycle of backed up data, the standard to which data erasure is performed and encryption details.
There are legal considerations having to do with privacy protection that vary from country to country, and must be taken into account.
Some countries require that data of private citizens not leave the country.
Note: The next two articles in this series will cover evaluating cloud services — including cloud services architecture from the National Institute of Standards and Technology, and security guidance from the Cloud Security Alliance — and providing value-add components to cloud services that integrators provide to their customers.
Look for them in upcoming issues of SD&I.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=75375426a0&e=20056c7556
TeslaCrypt ransomware now impossible to crack, researchers say
The latest version of the TeslaCrypt ransomware has tidied up a weakness in previous versions that in some cases allowed victims to recover their files without paying a ransom.
Cisco’s Talos research group found that TeslaCrypt 3.0.1 has improved its implementation of a cryptographic algorithm making it impossible now to decrypt files.
Weaknesses in versions of TeslaCrypt allowed researchers to create tools including TeslaCrack, Tesladecrypt and TeslaDecoder for people to decrypt their files without paying a ransom.
That encryption weakness has now been closed.
Backing up files is the best defense, but the FBI warned last month that cybercriminals are increasingly aiming “to infect whole networks with ransomware and use persistent access to locate and delete network backups,” according to the Security Ledger.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7b9a8df94c&e=20056c7556
XO Communications research reveals that 56 percent of businesses worry about cloud data security
Fifty-six percent of businesses are concerned that security gaps at the connection point between their Wide Area Network (WAN) and public cloud service providers may compromise their data used in the cloud, according to a recent XO Communications-commissioned study.
XO Communications (XO) commissioned IDG to conduct research regarding business concerns about the security and visibility of wide area network (WAN) connection points with the public cloud.
The survey respondents were employees at organizations that plan to connect their WAN to a public cloud services provider.
The results were published in a whitepaper entitled Where Cloud Meets WAN.
Visibility and management of the connection between the WAN and the public cloud provider is a growing challenge that many IT departments are now facing.
According to the XO study, only thirty-eight percent of respondents have excellent or very good visibility into their WAN cloud connection points.
This lack of visibility has led many organizations to deploy or investigate a solution to protect network traffic.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a71a639280&e=20056c7556
“Dizzying” threat-analytics growth reflects demand for high-speed, hybrid security tools: Arbor exec
Recent rapid growth in the market for threat-analytics tools has been “a little bit dizzying” but new approaches to network security are compensating for limitations on “overwhelmed” security incident and event management (SIEM) tools, according to an Arbor Networks senior executive who has been pleasantly surprised with the strong response to the company’s high-speed security technology.
Arbor Networks, which has built out a suite of products and services focused on detecting and blocking distributed denial of service (DDoS) attacks, joined Cisco a year ago to integrate its anti-DDoS technology with Cisco’s modular Aggregation Services Router 9000 (ASR-9000) product.
“In Spectrum we’ve got a technology that looks at the packets, understands what’s going on and can help stitch together very quickly and accurately, things that can be very nefarious in nature,” he said. “Ultimately we can avoid where you have to go into that full postmortem cleanup.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2ec9120dd4&e=20056c7556
Merchants Ask Court for Relief from EMV Liability Shift
In an anti-trust complaint, two small merchants in Florida say they, and many other retailers, are unfairly being forced to pay fraud-related expenses as a result of the EMV liability shift even though they converted to EMV technology by the card brands’ deadline.
The merchants claim that, despite their timely efforts to purchase and install EMV-compliant point-of-sale equipment, as well as train staff about the shift from magnetic-stripe transactions to EMV chip payments, the card brands and issuing banks failed to ensure those terminals were certified EMV-ready by the Oct. 1, 2015, liability shift date.
As a result, the merchants claim they have racked up combined total expenses of more than $10,000 to cover fraudulent transactions and fees from Oct. 1 through Feb. 15.
Among other things, the lawsuit is asking the court to order that the card brands and banks pay affected merchants damages to compensate for fraud expenses that have been shifted back.
Additionally, the suit asks that the card brands pay merchants for so-called “overcharges,” or their perceived overpayment for fraud, because the interchange fees they pay the card networks to process transactions are, in part, set up to cover fraud losses.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=23f05fa40a&e=20056c7556
LinkedIn being used as a ‘front door’ to phishing attacks
LinkedIn is now being used by hackers to make contact with potential victims, in order to encourage them to open their malicious emails, and click on their links.
“We have had both via an email and telephone an attempt to extort money by someone purporting to be the CFO.
It was intercepted both times because we have some very vigilant people trained to spot things that don’t look right.
We had one this week, a scam email passed to me by a partner, and the person who sent [the scam mail] had connected with the partner on LinkedIn prior to sending the email.
Ewan gave the example of a fake email which purported to come from vehicle registration and licensing body the DVLA, which appeared at BLM recently.
“One day we had 2,500 copies of same email in 10 minutes, which purported to come from the DVLA.
The email had a specific car registration number, and people still clicked on it [despite the registration number listed not being their own].
One person clicked who didn’t even have a car.
It’s because people are very busy, and the default is to click on things.”
“We now sandbox all attachments, and we receive around 35,000 per week, and we check all URLs that come in.
We see between five and 10 malicious attachments per week.
Of the 6,500 URLs clicked per week, about 10 go to malicious sites.
It’s interesting to see how messy the internal environment would be if we didn’t have that protection,” she concluded.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9cc8adb45f&e=20056c7556
Cert-RO sees rise in malware
Romania’s National Centre for Cyber Security Incident Response (Cert-RO) has presented its annual report for 2015 and plans for 2016.
Last year the centre received and processed over 68.2 million incident reports.
In total, over 2.3 million unique IP addresses were involved.
The majority of alerts (78%) were about vulnerable systems, that were not secure or improperly protected.
Just over one in five alerts involved forms of malware, and around 6 percent were related to botnet systems.
Towards the end of the year, Cert-RO said it saw an increasing number of incidents affecting local government bodies, including cases of ransomware, and it expects the latter problem to increase in 2016.
This year it plans, in cooperation with the communications ministry, to conduct a cyber security exercise involving the public and private sector.
It will also help set up the new Centre for Innovation in Cyber Security and start projects on a early warning and real-time information system and education for students on cyber security.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3cc0156c37&e=20056c7556
Sverdis Offers Businesses Free 14-Step Ransomeware Protection Plan for a Limited Time
The guide, which can be found at http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1367bbf3c8&e=20056c7556 offers a cyber security expert’s guidelines on how to prevent a malware or ransomware attack from unscrupulous terrorists who now have the talent and finances to create malware that fools even the most vigilant of users.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=901817a720&e=20056c7556
Cyphort and Ponemon Institute Study Reveals Alarming Number of CEOs Still in the Dark About Cyber Threats and Companies Spend Majority of Time Chasing False Positives
SANTA CLARA, Calif.–(BUSINESS WIRE)–Cyphort, the next generation Advanced Persistent Threat (APT) defense company, today announced the results of a Ponemon Institute survey titled The State of Malware Detection & Prevention.
According to the study, 34 percent of CEOs and other C-level executives are completely in the dark about cyber-attacks against their companies.
This is despite the fact that 63 percent of respondents admitted that their companies had been the victims of one or more advanced attacks during the past 12 months.
This lack of senior executive awareness parallels the fact that 39 percent of respondents don’t believe their company has the necessary intelligence to make a convincing case to the C-suite about the threats facing their company.
Other key survey findings include:
– There is good and bad news regarding advanced attacks against the surveyed companies.
– The Bad: 21 percent of respondents took anywhere from 1-2+ years to detect the attack.
– Getting malware attacks under control continues to be a challenge for companies.
– Thirteen percent of companies expect their 2016 security budget to decrease.
– You Can’t Stop What You Can’t See.
– Investigations of malware alerts often are false positives.
– Organizations reimage endpoints based on malware detected in the network.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=df960bb46a&e=20056c7556
Attackers Continue to Access Valuable, Sensitive Data According to SANS Endpoint Security Survey
PASADENA, Calif.–(BUSINESS WIRE)–Cyber attackers are gaining access to valuable, sensitive data, such as login and access credentials, according to the 3rd Annual SANS Endpoint Security Survey conducted by SANS Institute and co-sponsored by Guidance Software.
This data can be used to further compromise networks and gain access to sensitive information on employees, customers and company intellectual property and trade secrets.
Other highly compromised data included email files (28 percent) and sensitive customer or employee data (17 percent).
The survey results highlight the need for a more proactive approach to detecting threats and compromises.
While 44 percent of respondents said that their endpoint systems have been compromised within the last 24 months, 15 percent reported that they didn’t know how many threats were detected through proactive hunting.
For the second year in a row, more than a quarter of respondents were notified of a breach by a third party.
The complete survey results will be discussed in greater detail in a two-part webcast titled, “SANS 2016 Endpoint Security Survey Part 2: Can We Say Next-Gen Yet?” on Friday, March 18 at 1 p.m.
ET. “How Close We Are to Having Next-Gen Capabilities” will be covered on March 19 at 1 p.m.
ET.
For more information and to register, please visit: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9ca9c6e1b8&e=20056c7556.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=deb831f3e1&e=20056c7556
Rethinking branch IT in the new age of security
consider this: as of now, nearly 50% of enterprise data is stored in branch offices and remote locations – far from a secure datacenter — an average of 50% of employees are located in branch offices, and nearly 50% of IT’s budget is dedicated to supporting branch and remote locations.
This in itself is not surprising given that branch offices are the revenue-generating front lines of business.
But if we’ve learned anything from recent events, it’s that storing sensitive data in remote locations can be very bad news.
This should raise a red flag, because if there’s anywhere in your organization where you need to improve operations and application performance, it’s at your branch offices.
Companies have on average 55 remote IT facilities for every large datacenter. (Source: IDC 2013 Enhancing Business Value with an Edge-Optimized Virtual Server and Storage Delivery Solution.)
The solution may seem radically counter-intuitive: eliminate traditional server, storage and backup systems at each branch office; instead rethink branch IT and create a “Zero Branch IT” model comprised of a hyper-converged infrastructure that dynamically projects apps and data from the centralized datacenter, dramatically reducing corporate risk with no compromise to performance at remote locations – regardless of distance from the datacenter.
Implementing a Zero Branch IT model enables CIOs to escape this cycle by extending the security, resilience and flexibility of the datacenter out to the edge of the distributed enterprise.
The technology exists now to deliver new services and applications to each and every branch location quickly and easily as creating new virtual machines in your datacenter.
In fact, the technology exists now to deploy entirely new branch locations faster than the physical location being ready for business.
CIOs should look for best-practice approaches to managing business-critical branches and remote sites that integrates proven virtualization, storage and WAN optimization technologies, ensuring superior application performance regardless of distance, and for all types of branch applications, whether they’re traditionally run locally at the branch, served from on-premises datacenters, or delivered from private or public clouds.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=53bc4954f1&e=20056c7556
BAE Profiles ‘World’s Most Dangerous Cybercriminals’
BAE Systems, the London-based, multinational security company, recently released profiles of “six prominent types of cybercriminals” and detailed how they could hurt companies around the globe, officials say.
The Mule – naive opportunists that may not even realize they work for criminal gangs to launder money;
The Professional – career criminals who work 9-to-5 in the digital shadows;
The Nation State Actor – individuals who work directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities;
The Activist – motivated to change the world via questionable means;
The Getaway – the youthful teenager who can escape a custodial sentence due to their age;
And The Insider – disillusioned, blackmailed or even over-helpful employees operating from within the walls of their own company.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3b7f7b6148&e=20056c7556
Why the next wave of cybersecurity talent won’t have a ‘security’ job title
…
Over the past five years, we’ve witnessed the state of cybersecurity become chaotic – and, quite frankly, grim – across a variety of industries.
Hotels, financial institutions, consumer electronics, hospitals, universities, governments, retail chains, telecom providers, airlines, vehicles.
You name it; it has been hacked.
This talent war, however, has stemmed from companies associating the threat of data loss with malicious hackers or stolen property.
And that is a significant miscalculation on their part.
over the next five years, we will see the next cybersecurity talent war waged over ITAD (IT asset disposition) specialists and managers.
An ITAD manager’s 360-degree view enables companies to not only reduce security risks, but also to meet the increasingly stringent regulatory requirements for asset disposal, and to avoid costly data breaches and fines from industry regulators or environmental agencies, along with other repercussions that could damage customer loyalty, sales or even stock prices.
The next several years will be critical for businesses to wrap their heads around the importance of securing defenses internally, in addition to guarding against external threats.
Those that hire an ITAD manager are ahead of the pack in securing every piece of IT equipment, no matter what stage of the lifecycle it is in.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9c21a99605&e=20056c7556
Top U.S. Cybersecurity Salaries Hit $420,000
It pays to be in cybersecurity, and it pays well if you’re at the top of the corporate ladder.
A new report from SilverBull, a technology recruiting firm, reveals how much Chief Information Security Officers make across the United States.
It’s no surprise that the highest paying gigs correlate with the cost of living in each city.
According to the report, there are currently almost 500 CISO openings across the country.
We all know that there’s a major shortage of cybersecurity professionals, so these salaries will continue to trend upwards.
If you’re not in cybersecurity, now is the perfect time to jump in.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e3ca836ef1&e=20056c7556
Mitre Takes On Critics, Set To Revamp CVE Vulnerability Reporting
Mitre Corporation will introduce a new pilot program for classifying Common Vulnerabilities and Exposures (CVE) in the coming weeks.
The move is in response to a backlash in the security community where some critics contend Mitre is failing to keep pace with a massive influx in the number of reported vulnerabilities to the organization.
The pilot program, called Federated CVE-ID Assignment Process, enlists an unspecified number of Mitre partners.
Mitre says its editorial board, which includes Cisco, Microsoft, Red Hat and Oracle, will determine how many federated groups will be a part of the pilot.
Under the program Mitre gives up central control over receiving reported threats, vetting them and assigning them CVE numbers.
Instead, Mitre would share CVE duties with federated partners and act as the administrator of the program.
For its part, Mitre says it’s working hard to keep pace with a doubling in the number of reported vulnerabilities it has received over the past year.
According to Mitre, the agency received 20,000 reported vulnerabilities in 2015 compared to just under 10,000 in 2014.
Others within the private sector, such as financial institutions and the defense industry, have specialized Information Sharing and Analysis Center (ISAC) groups for tracking latest threats.
Kouns himself oversees the Open Source Vulnerability Database (OSVDB), another third-party database and reporting agency.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6dde84e28e&e=20056c7556
Security On-Demand Partners with National University to Launch Cybersecurity Internship Program
SAN DIEGO, March 17, 2016 /PRNewswire/ — Security On-Demand, a leading provider of next generation managed security services announces the launch of the Cybersecurity Internship Program in partnership with National University, the second-largest private nonprofit university in California.
The program is designed to offer mentorship opportunities with senior security experts and to cultivate careers for students studying cybersecurity.
Over the course of the internship program, students will gain valuable hands-on experience working alongside security analysts in Security On-Demand’s San Diego Security Operations Center.
National University is the first and only university in San Diego to be recognized by the National Security Agency and the Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education. “We are thrilled to be partnering with Security On-Demand to offer our students the real-world experience of working in a Security Operations Center,” said Dr.
John Cicero, Dean of National University’s School of Engineering and Computing.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=98039dd880&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=e82d288bd6)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)