[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
How To Convince Management You Need More People
CISOs stand a better chance of getting the resources they need if they establish proper performance metrics that show how information security supports and benefits business objectives and opportunities.
âIt is widely known that more is needed from an information security standpoint to face todayâs challenges.
Yet, many organizations are still reactive, and will boost their staffing only when faced with a breach,â says Paul Calatayud, chief information security officer at Surescripts, which provides a nationwide health information network that connects doctorâs offices, hospitals, pharmacists, and health plans through an integrated and technology-neutral platform.
CISOs can present a convincing argument about the need for more staff by establishing proper operational performance metrics that help demonstrate the resource requirements the security department is facing, says Calatayud. âThese performance metrics should align to the business objectives and benefit business opportunities, as management teams want to see how investments in talent and tools will affect the bottom line.â
Too often there are still disconnects between CISOs and the rest of the C-Suite from both a communication and trust standpoint, Calatayud says.
The need for security managers to have better communication skills appears to be supported by responses in The 2015 (ISC)² Global Information Security Workforce Study, which was conducted by Frost & Sullivan. When reporting how important various skills and competencies are to career success, 77 percent of the respondents said communications skills ranked as the single-most important attribute. âInterestingly, analytical skills, another soft skill, ranked second, ahead of more concrete competencies such as architecture; incident investigation and response; info systems and security operations management; and governance, risk management, and compliance,â according to the report.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2761de0504&e=20056c7556
YARA rules download: The best YARA rules for Malware Analysis and Detection
YARA rules are used to identify specific types of malware, and the use of YARA rules is very simple and straight forward.
The fact that the use of YARA is easy has allowed the community to create hundreds of YARA rules which identify unique malicious binaries and threats.
But here comes the though part, there are tons of sources where you can find and download YARA rules.
A lot of YARA rules can be found on Github, but there are also private environments which share YARA rules.
So, in order to make it easy to keep track of those environments, we have listed down environments where you can find and download YARA rules.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=45f23e1591&e=20056c7556
Data Insecurity: Flawed Technology Or Outdated Business Process?
Are data breaches caused by flawed security or outdated business processes.
If we want to truly shift the momentum in the cybersecurity fight, as an industry we need to drastically change how we conduct business and think about securing business processes first.
Only then can we focus on the IT systems in which they reside.
From swiping your card to getting âapproved,â there are about 16 steps.
Thatâs an amazing number of potential attack vectors for threat actors to exploit.
In todayâs digital environment, a consumer should not be required to carry plastic cards â holding exploitable account numbers â to pay for goods and services at the point of sale.
This technology has outlived its practicality in a modern, hyper-connected world.
Itâs smart, simple, and actual proof that changing the process helped improve security.
The technology (i.e., the phone itself) does not require any additional feature sets to be secure.
The process secures itself.
So instead of getting out your pen to write a multimillion dollar check for the latest big data or artificial intelligence security tool, a smarter play may be to take a precursor step and re-assess your business processes and how they affect or hinder security.
You may find you donât need that complex security tool, but just sound segmentation and role-based access.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6dadaf6cc7&e=20056c7556
Survey: Many stock market pros see ‘significant’ risks from terrorism, global events
Are data breaches caused by flawed security or outdated business processes.
If we want to truly shift the momentum in the cybersecurity fight, as an industry we need to drastically change how we conduct business and think about securing business processes first.
Only then can we focus on the IT systems in which they reside.
From swiping your card to getting âapproved,â there are about 16 steps.
Thatâs an amazing number of potential attack vectors for threat actors to exploit.
In todayâs digital environment, a consumer should not be required to carry plastic cards â holding exploitable account numbers â to pay for goods and services at the point of sale.
This technology has outlived its practicality in a modern, hyper-connected world.
Itâs smart, simple, and actual proof that changing the process helped improve security.
The technology (i.e., the phone itself) does not require any additional feature sets to be secure.
The process secures itself.
So instead of getting out your pen to write a multimillion dollar check for the latest big data or artificial intelligence security tool, a smarter play may be to take a precursor step and re-assess your business processes and how they affect or hinder security.
You may find you donât need that complex security tool, but just sound segmentation and role-based access.
Despite expectations of higher interest rates, our 1st-quarter 2016 Market Mavens survey finds the odds of a bear market next year are relatively low, similar to what we found in previous surveys.
The experts are generally bullish, with just 1 in 4 of the experts saying that the likelihood of a downturn is 50-50 or higher. “There is ample liquidity, and the banks are in solid shape,” notes Michael Farr, president and CEO of Farr, Miller & Washington.
Risks from terror and global events: The Market Mavens were split down the middle when asked whether geopolitical and terrorist threats pose unusually significant risks for financial markets in the year ahead: 50% of the respondents said yes, 50% said no.
Positive on stocks: While individual responses were widely varied, when taken together the outlook for the stock market over the next 12 months is positive.
About 80% of the respondents expect the market to edge higher in 2016.
Bear market chances: If the experts have it right, the bull market that began in March 2009 will remain intact and celebrate its 7th birthday this year.
Growth vs. value stocks: As the U.S. market’s advance has matured, the mavens favor a value approach to investing.
A resounding 68% of the market pros choose value over growth for the next 12 months.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c4b00f57af&e=20056c7556
Half of UK banks have insecure SSL
International security firm Xiphos Research has revealed that half of the UKâs retail banks have insecure instances of SSL, which could make it easier for cyber criminals to cause damage.
Xiphos Research looked at the SSL certificate instances associated with the secure login functions for some UK-based banks by anonymously submitting associated URLs to the SSL Labs service provided by Qualys.
The research, conducted in November 2015, revealed that 11 out of the 22 UK retail banks tested had insecure SSL instances, as did 18 out of 25 foreign banks in the UK.
It also tested 37 UK building societies, with just over half found to have insecure SSL instances.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=18fa4fef60&e=20056c7556
Relationships: Critical to the Security Posture of Your Organization
The best security professionals always keep the lines of communication open and warm, even when they donât need anything.
They donât exploit, deceive, or cheat people.
They understand that security is a profession built upon trust.
Trust that is built on relationships.
Furthermore, they understand that there are some things that money just cannot buy.
Relationships matter, and beyond that, they hold high value for us professionally, whether we realize it or not.
I donât care who you are.
People make time for things that are important to them.
If you think you donât have the time to keep the lines of communication warm with people, youâre doing it wrong.
Make the investment in relationships.
It will be good for you, and it will also be good for the security posture of your organization.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fea3ab7870&e=20056c7556
Experts predict more attacks on universities
Attacks on major state universities will continue in 2016, according to a non-profit cybersecurity readiness organization that specializes in the public sector.
âThe universities are home to an awful lot of valuable intellectual property, so a lot of the major research universities are prime targets for attackers,â said Thomas Duffy, chair of the Multi-State Information Sharing and Analysis Center (MS-ISAC) that’s operated by CIS.
He was quoted by Fedscoop, writing about threats for states and localities.
In the U.S, good security intentions are there, but money is the big issue, reckons CISâs MS-ISAC, in a recent presentation.
Almost half (46.8%) of states have only 1-2% of the IT budget for cybersecurity.
Thatâs no increase on the previous year.
Advanced anti-malware for extortion attacks are âa must haveâ too, Avakian says, as is real-time correlation of security analytics; database firewalls; identity and access management along with multi-factor authentication.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2e07d2b7ca&e=20056c7556
Rip and replace can create security issues
How secure a replacement system is depends in part on whether organizations go it alone with rip and replace efforts; or, if a solutions provider is involved, which parts of the project they manage.
Chances are that the organization doesnât have many staff trained on the new system, and internal IT will have all it can do just to keep up with the implementation.
Asking those right questions up front and mapping out security from the outset is probably the most important role the CSO can play here.
The development team probably has too much on their plate already to make security a top priority.
Duggan also cautions that a vendor team doesnât have the benefit of âtribal knowledgeâ about the client, as Duggan terms it.
Security measures recommended by the vendor may not address important aspects of how the business actually works and employees go about their jobs.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3c47a02092&e=20056c7556
âBanking Trojans are growing smarter. But will banks keep up?
Infection rates of banking Trojans continue to run high, despite the best efforts of financial institutions and security companies to keep this type of malware in check.
According to Morten Kjaersgaard, CEO of Danish security specialist Heimdal, the number of campaigns involving the Dyreza Trojan, also known as Dyre, has spiked while Tinba remains the most common piece of banking malware.
Dyreza, also referred to as Dyzap by others, notably Microsoft, hooks into browser processes and then monitors for connections to specific domains, collecting credentials as the victim types them, in a style of attack known as ‘man in the browser’.
The firm described Tinba as the smallest banking Trojan it had encountered, at about 20KB in size, including config and webinjects.
Hence the malware’s name: Tinba, which means ‘tiny banker’.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=75c94f9e53&e=20056c7556
Blog: DNI Clapper Names Leaders of Cyber Threat Intelligence Integration Center – See more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fc4f1b5cc8&e=20056c7556
Director of National Intelligence, James Clapper, today announced the leaders of the Cyber Threat Intelligence Integration Center (CTIIC).
Director Tonya Ugoretz will lead the center, with Maurice Bland as deputy and Office of the Director of National Intelligence (ODNI) Research Director Thomas Donahue as part of the team. – See more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2b3455a204&e=20056c7556
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ca2bfa8b4b&e=20056c7556
Hackers are now offering ‘customer support’ to the victims they extort money from
Ransomware is a type of virus that infects a userâs machine and encrypts the files on it, leaving them inaccessible unless the victim pays for the decryption key.
Ransoms typically range from $300 to $500, sometimes with a limited time before the price is raised or before the chance to pay is withdrawn completely.
The idea behind ransomware authors extending an olive branch to victims is simple: the victim has to trust that paying up will actually restore their files.
If they donât trust the legitimacy of the service, they are less likely to pay.
Williams said that nearly all ransomware will change the userâs background to a ransom note explaining how to pay.
âThese instructions are written in such a way that [the attackers] are able to get money from [their victims], which I think in itself is a feat.â
Ransomware authors will take extra measures to ensure payment.
Some will offer alternative methods of payment.
Others offer the free decryption of a single file to prove that they do in fact possess the key.
Many services even use the names of better known viruses in order to piggy-back on their name recognition and reputation for actually providing decryption keys.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1582d548a4&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=9cd8a462d8)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)