Now is the time to consider dismantling the barriers that often exist between IT and physical security teams, so that evolving cyber risks can be tackled more effectivelyFor example, Verizon’s 2012 data breach investigations report found that ten per cent of breaches involve some form of physical attack, while a…
Month: May 2013
Sailing the Seven Cs of Security Monitoring
- Consistency
- Continuous
- Correlation
- Contextual
- Compliant
- Centralization
- Cloud
In this case, our working definition of “continuous” is unique for every organization and needs to be commensurate with their risk and resources.
Correlation: In the modern enterprise, there are simply too many silos of information, too many endpoints for access, too many variables of risk and not enough visibility or resources to properly protect all the assets of an enterprise. Correlation needs to tie together the cooperative capabilities of such tools as SIEM, Log Management, Identity and Access Management, malware scanning, etc… If security is about maintaining visibility, correlation would be its magnifying glass.
Compliance: The common thread for the alphabet soup that is compliance (HIPAA, PCI, FISMA, FFIEC, CIP, SOX, etc…) is the need to know who is logging in, accessing what assets and ensuring only the appropriately credentialed users can do those things. When you are dealing with sensitive information like credit card numbers, social security numbers, patient history/records, and the like, the need to have a strong and continuous monitoring initiative is not just a driving force to avoid fines, but it is the basis of good and trustworthy operation.
So much has been written about compliance and network security, so that all I will add is understand the responsibility you have towards customers, partners, employees, users, accurately calculate the risk in maintaining their information and vigilantly maintain the monitoring process that makes you a good steward of their trust.
The continual increase in daily network threats and attacks makes it challenging to maintain not only a complex heterogeneous environment but to also ensure compliancy by deploying network-wide security policies.
Addressing the issue from the cloud solves several pressing issues while providing the necessary heft to create the visibility to govern credentialing policies, remediate threats and satisfy compliance requirements across any sized enterprise. What’s more, all the solutions noted from above – from SIEM to Access Management—are available from the cloud.
Hackers hijack US government website to spread malware
That backdoor communicates with a malicious server and the attackers can actually send orders to the system such as uploading and downloading files, executing commands, installing new malware,” he explained. The attack sends the hackers useful information like what security programmes the infected system has, what Java and Flash version is being used.
This reached new heights earlier this year when security firm Mandiant reported linking an advanced cyber campaign targeting the US government to a Chinese military unit.
More recently, Verizon claimed Chinese hackers are responsible for 96 percent of the world’s active cyber espionage campaigns in its Data Breach Investigations Report 2013.