[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.
* Big data is changing the game for backup and recovery
* A Hybrid Approach Is the Future of MSSPs
* State Names New ‘Cyberczar’ to Help Protect Its Networks Against Hackers
* [Australian] Government’s $230 million bid to fight cyber crime will fail without specialists, industry warns
* Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months
* Malware infections by Locky, Dridex, and Angler drop — but why?
* What government’s CISOs think about security in Digital India – See more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=305c2479f8&e=20056c7556
* Is the CEO really to blame for cyber attacks & data breaches?
* How to assess your stakeholder matrix as part of a cloud security strategy
* Why a global threat sharing program is vital to protect global infrastructure
* USB devices still represent a major security threat for enterprises
* The Poisoned Archives
* Cyber threats leap to top of manufacturers’ list of risks
* Majority of American Business Owners Unlikely to Pay Off Cybercriminals in Ransomware Attack, Yet Lack Resources to Overcome Attack
Big data is changing the game for backup and recovery
It’s well-known in IT that when you change one part of the software stack, there’s a good chance you’ll have to change another.
For a shining example, look no further than big data.
“Traditional backup products have challenges with very large amounts of data,” said Dave Russell, a vice president with Gartner. “The scale-out nature of the architecture can also be difficult for traditional backup applications to handle.”
Today’s horizontally scalable databases do include some capabilities for availability and recovery, but typically they’re not as robust as those IT users have become accustomed to, Russell added.
“If you need scalability, you need to give up consistency — you have to give up one or the other,” Thakur said.
That makes it tough to get a reliable snapshot of the big picture for point-in-time recovery.
Not only is it more difficult to track which data might have moved where in a distributed database at any given moment, but the resiliency features that often come “baked” into newer distributed databases — replication, for example — won’t protect you if data gets corrupted, said Simon Robinson, a research vice president with 451 Research.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a130243b0d&e=20056c7556
A Hybrid Approach Is the Future of MSSPs
Why a Hybrid Approach Is the Future of MSSPsBeyond the troubling data breach statistics, businesses of all sizes face a serious cyber security issue—a cyber skills shortage and the cost of hiring rare security network experts.
The level of difficulty to build an expert in-house security operations center is leading companies across all industries to consider other means of improving cyber security.
One approach is to hire a third-party managed security service provider (MSSP).
According to IBM’s Senior Manager of Security Services, Michael Sanders, the functions shared between your internal security operations team and an external MSSP include:
– Rule and device administration
– Real-time collection and analysis of activities that impact IT security
– Sweeping for incidents
– Threat monitoring
– Threat analysis
– Incident response management
– Emergency incident response planning
However, even the greatest communication between your in-house security team and your MSSP can be hindered by improper network architecture.
Always ensure that your in-line security appliances and out-of-band monitoring devices are connected via proper networks TAPs.
With network TAPs in place, you know that you have guaranteed visibility into every bit, byte and packet® of network traffic allowing the security tools to do their job while maintaining 100% network uptime, even when the appliance requires updates or trouble-shooting.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2e5ff7d007&e=20056c7556
State Names New ‘Cyberczar’ to Help Protect Its Networks Against Hackers
As NJ becomes increasingly reliant on computer networks, it grows correspondingly more vulnerable to expensive, intrusive cyber attacks
To that end, Gov.
Chris Christie announced yesterday that he’s stepping up the state’s cybersecurity efforts by creating a cabinet-level technology officer and naming David Weinstein, the top cybersecurity expert from the state Office of Homeland Security, to fill the new job.
A top state lawmaker also called yesterday for the creation of a new legislative committee to advance laws combatting cyberattacks.
Christie said yesterday that Weinstein’s elevation to a $141,000-a-year cabinet-level position will help better protect New Jersey’s government servers against threats posed by aggressive hackers.
Weinstein will be in charge of the state’s day-to-day cybersecurity operations and intelligence analysis.
He will also work closely with the state Office of Homeland Security, Christie said.
Christie said the new $10 million allocation for cybersecurity will come out of funds in the state’s current, $34 billion fiscal year budget, which is in place until June 30.
The money will be used to harden state government computer systems against sophisticated cyberattacks and to allow for audits of the state’s computer networks and other infrastructure for potential weaknesses.
All state departments will also undergo a cyberthreat evaluation, the governor’s office said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e8a7e79511&e=20056c7556
[Australian] Government’s $230 million bid to fight cyber crime will fail without specialists, industry warns
The professional association for Australia’s ICT industry has warned there are not enough specialists to deliver the federal government’s $230 million cyber security strategy.
Australian Computer Society president Anthony Wong said the government faced a shortfall of up to 100,000 ICT professionals by 2020 and urgent action was needed to expand the workforce.
Earlier this year, the government announced it was prepared to strike back against foreign cyber attacks with funds to be spent recruiting hundreds of police and cyber security specialists.
The funding boost comes after another $400 million was allocated to pay for staff with hacking experience to work for the Australian Signals Directorate, a key intelligence agency.
But consultants have warned a recruitment drive for close to 900 positions will cause headaches for the government in coming years.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4d4cb16db6&e=20056c7556
Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months
Total number of Business Email Compromise (BEC) related crimes have reached epidemic levels, at nearly $3.1 billion in losses and involving 22,143 victims worldwide since January 2015, according to a new FBI report.
Most victims, according to reports to FBI, “use wire transfers as a common method of transferring funds for business purposes; however, some victims report using checks as a common method of payment.
The fraudsters will use the method most commonly associated with their victim’s normal business practices.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3708d6d99d&e=20056c7556
Malware infections by Locky, Dridex, and Angler drop — but why?
Malware infections by Locky, Dridex, and Angler drop — but why?Malware infections by Locky, Dridex, and Angler drop — but why?Why have these infamous and prolific malware infections suddenly dropped off the radar so quickly.
Researchers point out the decline follows the arrest of 50 people in Russia who are accused of using malware to steal over $25m, reportedly by the malicious Lurk Trojan infecting victims’ PCs and stealing bank account details.
Given that the threats from Locky and Dridex haven’t disappeared completely, it’s thought that these malware campaigns aren’t directly linked to those responsible for using Lurk.
However, Symantec researchers suggest that the arrests may have resulted in the shutdown of networks used to host campaigns by other hacking and cybercriminal groups.
While that’s slowed activity for now, it’s probably only a matter of time before Locky, Dridex, and other forms of malware are on the rise again — because cybercriminals know this form of malicious activity is an easy way to exploit victims for ransom money.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cf7e631ee6&e=20056c7556
What government’s CISOs think about security in Digital India – See more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=39679a4cc0&e=20056c7556
With the focus on the Digital India programme, the number of e-governance projects have increased across all the government departments.
Most of these projects are executed either through tender or public private partnership (PPP) mode.
Therefore, it is essential to have proper information security strategy in place to secure the data.
And, this is what government’s technology heads are gearing up to safeguard by creating an integrated framework to address the challenge of heterogeneity and complexity in managing cyber security for government projects.
With the success of some of the e-governance projects like passport seva, Aadhar, government has realised that technology can help them in improving governance.
And, now the Digital India project is taking these things to the next level by not only focusing on its nine-pillars, but also strengthening the back-end platform and process.
Most of the government services are getting digitised.
But having achieved these objectives, the government now has to ensure that the information collected remains secure.
To fight the challenge, the government has taken number of steps.
The MHA has recently issued a National Information Security Policy & Guidelines that could be taken as reference by all the central ministries, state governments and public sector units (PSUs) for developing their own information security and control mechanism.
But beyond the guidelines, it is essential that for framing a policy which really serve the purpose, government organisations must understand their requirements, their processes and functions.
Along with the policy guidelines, they can refer to standards like ISO 27001, COBIT framework etc.
An ideal cyber security framework is also constrained by the fact that across the world the concept of security is changing.
Security is moving beyond firewalls.
The old rule of anything inside firewall is good and outside is bad, and network as a perimeter are now diminishing.
Organisations are now focusing on continuous monitoring of the cyber infrastructure for predicting things in advance.
In addition to a technology partners for e-governance projects, most of the government departments involve a consultant for the project management.
This increases the number of stakeholders and the risk for the data breach.
That is why Rudramurthy of MHA, says that the security measures should be part of the contract itself.
Service provider must be completely checked prior to onboarding and they must also be monitored on a continuous basis during the execution. “In addition, government departments need to have complete clarity around intellectual property rights, data protection rights and technology retention rights,” says Rudramurthy, adding that the controls generally does not need to be only liquidated damage, one should consider proactive, corrective and reactive mechanism.
However, the right flow and the direction will come when there is right talent.
Therefore, the time has come for the top of the government to scale up, in terms of the human resource talent and its technical expertise to understand the nitty–gritty of the scope of the work given to service provider.
This will help them to understand – what is expected during the implementation and how to get the work done within time.
Right now, most of these controls are in administrative hands but ideally it should be taken care by a technical person.
But very few talented person are interested in working under the programme management unit (PMU) set-up due to unpredictable future and weak appraisal system.
Above all the challenges, the good news is that in recent past, the awareness about cyber security has increased.
Everybody, be it political leaders, bureaucrats, RBI, SEBI or corporate, are talking about it.
Thanks to some of the notable data breaches and Edward Joseph Snowden, whose disclosure on numerous global surveillance programs run by different governments has led to an intense debate on data security and privacy, which has finally catalysed the concept of data localisation, leading to different government departments taking steps to beef-up their cyber security mechanism. “The awareness level has increased but on the technical front, lot of maturity is needed,” says Rajiv Prakash Saxena, ex-deputy director general, National Informatics Centre (NIC).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e89a5a570a&e=20056c7556
Is the CEO really to blame for cyber attacks & data breaches?
MPs have this week set out a series of recommendations for companies who fail to guard against cyber attacks and data breaches.
One of the most talked about recommendations from the Culture, Media and Sport Committee concerned the salary of CEOs, specifically that salaries of the top brass should be linked to effective cyber security.
This move by the government to enforce a firmer hand in cyber security has been generally welcomed by the security industry, with all but some agreeing that the buck stops at the CEO.
They are the leader, the one at the top, after all.
However, the issue of penalties and salaries linked to cyber security has divided the security industry.
While others, like Javvad Malik, Security Advocate at AlienVault, believe it is wrong to blame one individual for security failings, saying:
“I feel it’s wrong to simply attribute a single security incident to a CEO and impose financial penalties upon the individual.”
Ultimately, are CEO’s to blame for cyber security failings.
Yes and no.
A CEO cannot be blamed for a cyber attack hitting a company, but they can be blamed for not having the right personnel, expertise, technology, strategy and company-wide education in place to deter and minimise the impact of an attack or data breach.
For Mark James, Security Specialist at ESET, the question of who to blame should not even be asked at all.
“However, the question should be “have they taken enough preventative measures?” not “who’s to blame?” Finding out what went wrong, how it can be stopped in future and finding ways to better protect us, the users, are the key points that need addressing.”
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fcac37cd73&e=20056c7556
How to assess your stakeholder matrix as part of a cloud security strategy
IT teams have a difficult or impossible time cobbling together a full picture of what their cloud security looks like at any point in time, and other stakeholders in the organization are effectively blind to what is happening in their cloud environment.
This can result in gaping holes in cloud security and compliance postures, frustration, and perhaps even more serious consequences, should an attacker see an opportunity to take advantage.
This is why cloud security needs to take a strategy-first approach, where every tool purchased and solution leveraged fits into a bigger strategy that meets the needs of each stakeholder within the organization.
Understanding the needs of everyone within the cloud security stakeholder matrix will not only lead to a strong security strategy, where the objectives outlined, tactics taken, and technologies employed meet the security needs of the business, but will also bring together leaders at every level, creating champions for its execution across an entire organization.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=77caa16628&e=20056c7556
Why a global threat sharing program is vital to protect global infrastructure
We live in a time where the global sharing of threat intelligence is not only possible; it’s vital to the security of our global infrastructure, and the public and private sectors have been working tirelessly to create these programs.
Today, thanks to the Cybersecurity Information Sharing Act of 2015 (CISA), enterprises now have the ability to share threat data with the Department of Homeland Security in a legal framework that protects good samaritans.
To address the high-level technological needs of this endeavor, the DHS recently partnered with OASIS to revamp, standardize, lower the cost, and expand the reach of STIX and TAXII — data-sharing frameworks that now allow both humans and machines to exchange threat intelligence across borders in an automated fashion.
Further, the U.S. government is also calling for more Information Sharing and Analysis Organizations (ISAOs) to be developed — diverse communities of private-sector companies that collaborate to share intelligence and help thwart cyber attacks.
Once a global sharing program hits its stride, companies can rest assured that hackers will face more resistance than ever.
For example, if Nike experiences an attempted breach, it can use STIX and TAXII to immediately report all the relevant details to the rest of the sharing ecosystem, and businesses across the globe will instantaneously have the ability to strengthen their defenses.
If these same hackers try again at another location later on, they’ll have no such luck.
The industrial internet has the potential to create better, stronger, more innovative companies across all industries — which would undeniably improve the world as a whole.
But, Industry 4.0 will only reach this lofty potential if businesses feel confident that their data is secure — and a crucial part of making that happen is encouraging widespread participation in a global threat sharing program.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e0b2561bce&e=20056c7556
USB devices still represent a major security threat for enterprises
The survey of 2016 Infosecurity Europe visitors looks at the use of USB storage devices in the enterprise and the policies governing them.
The research found that 74 percent of respondents’ organizations allow employees to use USB devices in their networks, yet only 35 percent of companies force employees to use encrypted USB devices.
What’s surprising in the age of cloud is that 65 percent of employees still use USB devices to transfer company data. “This is a significant percentage and, in correlation to the 74 percent that are allowed to connect USB devices to their computers, and with the fact that USB thumb drives are constantly improved with bigger storage capacity and higher transfer speeds, makes them vulnerability for data security and exposes organizations to potential data leakage and data loss,” says Roman Foeckl, CoSoSys CEO and founder.
You can find out more about the survey findings on the CoSoSys blog.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=28dcc11cf6&e=20056c7556
The Poisoned Archives
libarchive is an open-source library that provides access to a variety of different file archive formats, and it’s used just about everywhere.
Cisco Talos has recently worked with the maintainers of libarchive to patch three rather severe bugs in the library.
Because of the number of products that include libarchive in their handling of compressed files, Talos urges all users to patch/upgrade related, vulnerable software.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a17df3a9c0&e=20056c7556
Cyber threats leap to top of manufacturers’ list of risks
Cyber security is the top concern for more than nine out of 10 manufacturers surveyed, BDO USA L.L.P. said Tuesday, up 44% from 2013 and marking the first time cyber risk cracked the list of top 10 risk factors.
More than 92% of manufacturers in BDO’s 2016 Manufacturing RiskFactor Report cited cyber security concerns in their disclosures to the U.S.
Securities and Exchange Commission this year.
The report, which analyzes the latest 10-K filings from the largest 100 publicly traded U.S. manufacturers across five subsectors, found that 91% also named operational infrastructure risk, including information systems and implementation of new systems and maintenance.
Other top concerns include federal, state and or local regulations; labor concerns or underfunded pensions; competition and consolidation in manufacturing; and commodity or raw material prices.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3c0a3c6496&e=20056c7556
Majority of American Business Owners Unlikely to Pay Off Cybercriminals in Ransomware Attack, Yet Lack Resources to Overcome Attack
SCOTTSDALE, Ariz., June 21, 2016 /PRNewswire/ — Business owners in the U.S. recognize the severity of ransomware and the potential disruption to business operations, yet 84 percent say they would not pay in the event of an attack, according to a new survey by IDT911™, a leading data security and identity theft protection firm.
Of these business owners, some routinely back-up their business files and could therefore restore processes, whereas others simply wouldn’t pay cybercriminals—even if it meant not recovering information.
While such interference is detrimental to organizations of all sizes, every minute a business is forced to spend offline, is particularly damaging to revenue streams.
More than half (60 percent) of business owners acknowledge this vulnerability and agree that they would immediately report the attack to law enforcement authorities, as one out of three respondents (33 percent) say they could not go without access to critical business systems for any length of time.
Additional key findings include:
Only three percent say they would pay $10,000 or more in a ransomware attack, whereas 10 percent would pay between $1 and $100.
Nearly a quarter of business owners (22 percent) say they are unsure how to, or were not aware of the need to, back up their system and files.
A mere five percent of business owners currently set aside funds in case of ransomware attacks.
Female business owners are more likely than men to report ransomware attacks to authorities right away.
Millennials (ages 18 to 34) are more likely to have cyber insurance protecting their business than those respondents aged 35 to 44.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4e39b642d8&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=f46b76716d)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)