[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
* Think tanks mull Geneva Convention for cybercrime
* IT Governance urges law firms to adopt information security practices to avoid surge in ransomware attacks
* Rising cybercrime costing companies millions
* Hackers would like to join your LinkedIn network – and you’d probably accept them
* Five Security Threats to Watch Out for This Summer
* No-Brainer Ransomware Defenses
* The number of corporate users hit by crypto ransomware is skyrocketing
* Five Reasons Why Classification Is the First Step to Successful Data-Loss Prevention
* Cybersecurity: Why do we spend more but get less?
* Metadata as a Divining Rod for Security
* The SEC Makes Clear There is No Room For Error in Cybersecurity
* Vulnerability Spotlight: Pidgin Vulnerabilities
* Where does your cloud data live? 3 questions to ask
* Supporting the IT edge is expensive, full of potential security risks
* VoIP Vulnerabilities: Protecting Against Evolving Threats
Think tanks mull Geneva Convention for cybercrime
A Geneva Convention on cyberwar: That’s how a panel of experts proposes to deal with the growing threat to critical infrastructure posed by the possibility of cyberattack.
While a gentleman’s agreement might not seem like much protection, for a nation to break such a taboo would be to risk an all-out attack in retaliation, the commission suggested in “One Internet,” a new report on the future of the Internet.
An agreement won’t eliminate all risks of cyberattack for civilian infrastructure, of course: Just as with the protection afforded hospitals and the like under the existing Geneva Conventions, there will always be those willing to ignore the rules.
The report is not just about cyberwar.
Its whistle-stop tour of Internet ethics also takes in surveillance, privacy, anonymity, censorship and child protection, with additional chapters on reducing online crime and the threat that blockchain technologies pose to the established order.
The Global Commission on Internet Governance is chaired by former Swedish Prime Minister Carl Bildt and was set up by two think tanks: Chatham House in the U.K. and the Centre for International Governance Innovation in Canada.
CIGI was founded by former BlackBerry co-CEO Jim Balsillie.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=297c878906&e=20056c7556
IT Governance urges law firms to adopt information security practices to avoid surge in ransomware attacks
ELY, CAMBRIDGESHIRE, UNITED KINGDOM, June 22, 2016 /EINPresswire.com/ — IT Governance, the global provider of cyber security, IT governance, risk management and compliance expertise, is urging organisations within the legal sector to adopt information security best practice to avoid falling victim to a ransomware attack.
Alan Calder, the founder and executive chairman of IT Governance, says: “Law firms have notoriously been targets for cyber criminals because of the sensitive information they possess such as financial data, mergers and acquisition intelligence, and other sensitive information.
Like any other business, law firms often do not discover a data breach or ransomware attack until long after they’ve started.
The scale and devastation of ransomware and cyber breaches means that law firms urgently need to adopt stronger cyber security safeguards.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1363cee07e&e=20056c7556
Rising cybercrime costing companies millions
KUALA LUMPUR: An independent Global Economic Crime Survey revealed that more and more local companies are falling prey to hackers and cybercrime costing them millions in losses annually.
PwC Consulting Services Associates (M) Sdn Bhd’s senior executive director and forensic lead Alex Tan said the results were based on a survey of 17 industries from from the private sector, government and state enterprises.
“The survey showed that cybercrime had dropped from 31% in 2014 to 30% this year.
“However, what we have to realise is that, if we go back to 2012, it was only 5% and this is a huge jump,” he told reporters at a press conference when announcing the findings carried out by PricewaterhouseCoopers (PwC) here on Thursday.
Based on the survey, Tan said males between 31 and 40 years old with university or college education and have worked with the company for between three and five years are likely to commit fraud or cybercrime against their own company.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9c837b289f&e=20056c7556
Hackers would like to join your LinkedIn network – and you’d probably accept them
In fact, according to a survey of 2,000 people by cybersecurity researchers at Intel Security, nearly one quarter (24 percent) say they’ve connected to someone they don’t know on LinkedIn, thus potentially allowing hackers to access to a wealth of information which could be used for spear-phishing, malware drops, and other nefarious means.
In fact, according to a survey of 2,000 people by cybersecurity researchers at Intel Security, nearly one quarter (24 percent) say they’ve connected to someone they don’t know on LinkedIn, thus potentially allowing hackers to access to a wealth of information which could be used for spear-phishing, malware drops, and other nefarious means.
He also suggests that the corporate employer has to take some responsibility, especially now that personal and professional online personas are becoming ever more intermixed.
“Explain to people about the types of attacks and what criminals do, how they may go after you personally,” he explained.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2140eb4bb8&e=20056c7556
Five Security Threats to Watch Out for This Summer
Sensationalized political posts for 2016 elections
Phishing emails focused on travel and vacation
Zika virus and other health concerns
Major sporting events
Kids on summer vacation
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=22dd88bf08&e=20056c7556
No-Brainer Ransomware Defenses
“The only effective solution for ransomware is backup … and disaster recovery,” says Mark James, an IT security specialist at security firm ESET.
Even with verified, offline backups to hand, and the ability to rapidly restore systems, organizations may still need to take affected PCs or servers offline for some period of time.
But the alternative, James says, involves the ethically dubious – at best – prospect of paying ransom money to criminals and trusting that they will indeed then share decryption keys for crypto-locked systems (see Please Don’t Pay Ransoms, FBI Urges).
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bc02be28f5&e=20056c7556
The number of corporate users hit by crypto ransomware is skyrocketing
Based on an analysis by security vendor Kaspersky Lab, more than 2.3 million users encountered ransomware between April 2015 and March, a jump of almost 18 percent over the previous 12 months.
This includes programs that only lock the computer’s screen to prevent its use as well as those that hold the data itself hostage by encrypting it — the so-called cryptors.
The rise of cryptors in particular has been significant, accounting for 32 percent of all ransomware attacks last year compared to only 7 percent the year before, according to Kaspersky Lab.
The number of users hit by crypto ransomware during the period studied grew 5.5 times to reach more than 700,000, while the number of corporate users in particular who encountered such threats rose from 27,000 to 159,000 — an almost six-fold increase.
The number of users hit by crypto ransomware during the period studied grew 5.5 times to reach more than 700,000, while the number of corporate users in particular who encountered such threats rose from 27,000 to 159,000 — an almost six-fold increase.
In some countries, like Italy and Germany, crypto-ransomware accounted for around 90 percent of all ransomware attacks last year, whereas the year before it was under 10 percent.
Backing up critical data regularly to offline or offsite locations that are not permanently accessible from endpoint computers is the best way to prevent being extorted by ransomware creators.
Training users on how to recognize phishing emails and keeping software on computers up to date, especially browser plug-ins, is also very important.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fa9a237cd2&e=20056c7556
Five Reasons Why Classification Is the First Step to Successful Data-Loss Prevention
1 Data Security Is a Business Problem That Technology Alone Cannot Solve
2 Classification Fosters a Security Culture
3 DLP Systems Must Know the Data to Know How to Manage It
4 DLP Works Best on Known Threats
5 Additional Benefits of Classification
Although data-loss prevention systems are extremely powerful and useful in the bid to keep private data private, the technology alone won’t guarantee success.
By empowering users to classify their data, it’s possible to foster a culture of security awareness.
Providing classification definitions and clear feedback makes it easy for users to correctly apply the right classification, which helps the DLP to enforce the correct handling policy.
The application of classification markings to the document or email provides an extra reminder to staff, resulting in greater attention to security and fewer errors.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b38bc3e417&e=20056c7556
Cybersecurity: Why do we spend more but get less?
There are two reasons:
We have an archaic view on security.
We are spending money on the wrong things
The problem is that once a threat is past the mouth of the cave, or the castle wall, or our firewall, it is usually free to roam at will without further challenge.
It is a single point of protection and a single point of failure.
Our view of security, i.e. protecting something behind a stronger, higher, thicker wall is flawed.
It didn’t work in the Middle Ages.
It didn’t work in Berlin.
It isn’t working in Israel.
It isn’t working on the American-Mexican border, and it doesn’t work for our networks.
The idea is just archaic and it doesn’t work.
Which brings us to the second point.
We are spending money on stronger, thicker, higher walls in the form of better firewalls.
But an analysis of breaches shows us that very few breaches are the fault of a weak firewall.
In fact, the Ponemon Institure 2016 Cost of Data Breach: Global Analysis reveals that 25% of breaches are due to human error.
Someone clicked on a phishing attempt.
Someone left a web session open with admin rights.
Someone inadvertently exposed a record set while doing testing.
The salient point is that each of the preceding examples started with the word “someone”.
The problem is people.
Security is not a technology problem; it is a people problem.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=10e44aa0f6&e=20056c7556
Metadata as a Divining Rod for Security
Metadata is data about data.
Using the telephone network as an analogy, metadata more closely resembles a phone bill than a recording.
It doesn’t allow for continual analysis but can still provide rich detail, as well as summarizing hours of conversation (or data) in just a few lines.
A phone bill can show who’s been talking to whom, at what time, for how long, from where, to where, everything but the content of the phone call itself.
Looking at a phone bill, it’s easy to check for interesting patterns.
For instance, frequent calls to the same number, calls at odd hours or to and from unusual locations, calls that are very long.
Each of these can serve as clues that help to narrow investigations to only the most relevant conversations.
The same principle can be applied to security.
Providing security tools with summary takes of the packet data traversing networks, metadata can become a powerful weapon for enterprises looking to separate signals from noise, reduce time to threat detection, and improve overall security efficacy.
In the future, it simply won’t be possible for security appliances to conduct all of the security functions required to find bad actors moving in high-bandwidth links.
However, the job of the security appliance becomes more manageable if it can focus on analyzing the relevant data and this is where metadata comes in.
This small but mighty as yet unleveraged security super power can help accelerate time to detection and expedite response to breaches by enabling SIEMs, forensic solutions, and other big data security analytics technologies to approximate where in the network data breaches may have occurred.
Summary information or metadata can provide valuable clues to lingering threats inside networks.
Behavioral and security analytics using metadata gives organizations an approximation of the location of hot spots or areas of suspected threat activity – much like a divining rod points its user in the direction of water.
Rather than searching the entire network, security analysts can focus on the identified trouble spots and conduct a more thorough investigation by using traffic or packet analysis.
Consider the example of a DNS request made by a laptop to a suspicious server.
Metadata flags the anomalous request.
Then using tools capable of deep inspection security pros can examine all connectivity to and from that device to ascertain if the endpoint is indeed infected, whether it has forwarded malicious data and what other devices might be implicated.
So in the not too distant future, ensuring that security models and analytic processes are informed by not only lots of data, but the right data, will be key to making threat detection pragmatic and effective in high-bandwidth networks.
Metadata is key to that future of effective security and breach detection because it can expedite behavior base-lining as well as anomaly detection making effective big data security analytics a reality for the masses.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=12b0630b6c&e=20056c7556
The SEC Makes Clear There is No Room For Error in Cybersecurity
The SEC recently agreed to a $1,000,000 settlement of an enforcement action against Morgan Stanley for its failure to have sufficient data security policies and procedures to protect customer data.
The settlement was significant for its amount.
The true noteworthiness here, however, lies not in the end result but the implications of how it was reached: (1) the “reasonableness” of a company’s data security safeguards shall be judged in hindsight, and (2) almost any data breach could give rise to liability.
The SEC has left no room for error in making sure that your cybersecurity procedures and controls actually and always work.
There are some important practical takeaways for companies from this settlement: (1) perform a risk assessment to determine how your organization could suffer from a similar risk (employee transferring corporate information to a personal device); (2) implement an authorization module and other policies and procedures to limit access (and identify unauthorized access) to sensitive information to those who have a legitimate business need; and (3) make sure you audit and test these controls so ensure that they actually work.
Additionally, CISOs, compliance officers, and in house counsel would be well served to ensure that the story of this enforcement action becomes part of their organization’s data security training as part of the onboarding and annual training process.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=65aedeced0&e=20056c7556
Vulnerability Spotlight: Pidgin Vulnerabilities
These vulnerabilities were discovered by Yves Younan.
Talos has identified multiple vulnerabilities in the way Pidgin handles the MXit protocol.
These vulnerabilities fall into the following four categories.
– Information Leakage
– Denial Of Service
– Directory Traversal
– Buffer Overflow
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=63189c2ae1&e=20056c7556
Where does your cloud data live? 3 questions to ask
cloud data liveThere’s a common thread behind every security pro’s cloud-related fears: control.
Whether your company’s infrastructure revolves around a cloud-centric strategy or regulates cloud projects to a minor scale, the same security concerns dominate every interaction an organization could have with cloud services.
Once your data is sent to a cloud provider, or an SaaS vendor using a cloud-hosted application, that company owns your information – on your end, good faith is all that can ensure its security.
Recently, a report from Blue Coat Systems’ Elastica Cloud Threat Labs examined data from 63 million documents stored in major cloud applications, such as Microsoft Office 365, Google Drive, Salesforce and Box.
The team found that one in 10 of the documents contained sensitive data – such as personally identifiable information, source code, health and financial information, and more.
The report also highlighted the top three security threats facing organizations that use cloud apps: data theft, data destruction and account takeovers.
Organizations using the cloud in any capacity can use the above findings as a guide for protecting data.
To begin, ask the below questions at the start of any new cloud project.
1- Can my SaaS provider destroy sensitive data?
2- Are we overlooking sensitive information in our data?
3- Will my cloud provider’s security measures negate the intended cost savings of the cloud?
There’s no reason to fear the cloud – but there’s also no reason to dive into a cloud project with the intention of cutting IT costs, only to sacrifice the security or privacy of your data.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9f369627d8&e=20056c7556
Supporting the IT edge is expensive, full of potential security risks
Organizations are facing multiple challenges when managing the IT edge – at remote and branch offices.
A Riverbed survey asked IT professionals about the various challenges they face in provisioning and managing remote and branch offices (ROBOs) and found supporting the IT edge was expensive, resource-intensive and full of potential data security risks.
The top three challenges of managing ROBOs in order of importance are:
1- Handling ROBO disaster recovery (54%)
2- High costs of providing ROBO IT (46%)
3- Providing adequate IT staff to support ROBOs (46%)
The survey also found that respondents would like alternative options to storing data generated at remote office locations locally in the ROBO.
When data is stored locally on physical servers in remote facilities or branch offices, it is especially susceptible to security risks, such as theft, human error or natural disasters.
Not surprisingly, three quarters (75%) of respondents said that it would be “somewhat to extremely desirable” to store their remote data in the data center or in the cloud.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=82361afb59&e=20056c7556
VoIP Vulnerabilities: Protecting Against Evolving Threats
Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
In addition, the use of cloud-based communications is growing rapidly, but according to the a 2015 PwC global information security survey, only 50% of businesses have a security strategy in place for cloud computing.
This same research showed that information security incidents increased 45% over the previous year.
As cyberattacks evolve, organizations must fully understand the different types of threats in order to combat them effectively.
Modern threats fall into four main categories.
Data predators are crafty, but not completely original, and they utilize one or more of these methods of attack.
– Call Fraud
– Malware & Viruses
– Denial of Service (DoS)
– Call Hijacking & VoIP Tampering
Network security threats are constantly evolving and protection measures must advance similarly.
Safeguarding proprietary business information and sensitive customer data should always remain paramount.
Customer, employee, and internal records data remain top targets of cyberattacks, and the damage to brand reputation climbed 81%, as PwC reported.
Businesses must be vigilant in order to avoid costly and inconvenient security breaches.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=de1e2b1c10&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=4161783f11)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)