[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So Im going to be working on a table of contents for the top so look out for that. Im the meantime,
So onto the news:
Google expands Chrome’s Safe Browsing defenses to sniff out ad scams
Google today said it is expanding its Safe Browsing technology to take into account online ads that try to scam users into divulging personal information or downloading malware masquerading as name-brand software in need of an update.
Ads that Google considers “deceptive” will trigger a warning in Chrome — a bright red screen with text that starts, “Deceptive site ahead” — said Ballard.
Google’s broad definition of “deceptive” includes any ad that “pretends to act or look and feel, like a trusted entity,” or one that tries to “trick you into doing something you’d only do for a trusted entity.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a65d0d00b6&e=20056c7556
5 New Rules to Make Escalations More Effective and Efficient
There is a new adage in the security world: donât assume you will be hacked, but assume you have already been hacked.
This forces security professionals to re-examine the validity of the Cyber Kill Chain modelâwhich reinforces traditional, perimeter-focused, malware-prevention thinkingâand develop new strategies to deal with persistent and smart attackers, including insider threats.
These factors make escalation of cyber incidents a huge problem for security staff.
To this, here are 5 new rules organizations can enforce to make (inevitable) escalations more effective and efficient.
1) Always full cycle, full stack.
If application developers or DevOps teams can build security practices and software into applications, it reduces vulnerabilities later and provides critical information to response teams trying to track down the source or movement of a breach.
2) Shrink your âattack surface.â
New approaches such as âringfencingâ or microsegmentation of applications and workload mean security teams not only shrink the connections among compromised and uncompromised workloads, they shrink the number of places security investigators must look for incidents.
3) Gain visibility.
You cannot stop what you cannot see.
4) Increase the speed to quarantine.
Time to discovery and remediation of compromised computing is one of the most critical factors in limiting the scope of damage of an attack.
5) Reduce the human middleware.
Increasingly, software intelligence that is based on algorithms and machine intelligence will play a huge role in dealing with the speed and scope of escalations.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0825a85336&e=20056c7556
Cisco sees eight-fold increase in mobile data by 2020
The increase will have a dramatic impact on businesses, as IT managers struggle to securely support mobile workers with wearables and other smart devices that increasingly rely on mobile video.
Cisco said that smartphones alone will account for 81% of global mobile traffic by 2020.
In 2020, mobile data traffic will reach 367 exabytes, up from 44 exabytes in 2015, Cisco said.
The 2020 forecast number is equivalent to 81 trillion images on MMS, or 28 daily images per person on earth for a year.
It is also equivalent to 7 trillion video clips, like those on YouTube, which is more than 2.5 daily video clips per person on the planet per year.
Meanwhile, a separate survey — also released Wednesday — of 500 U.S.-based IT managers shows that companies already spend an average of $1,840 to support each employee’s mobile device every year.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ff6f949c7b&e=20056c7556
Security flaws not so critical if admin rights are taken away
Patching software is important, but there are often good reasons why it can’t happen right away.
A recent analysis of Microsoft’s 2015 security bulletins shows that restricting account privileges effectively mitigates a majority of the issues.
Privilege management can protect users while buying time for IT to test and deploy patches.
Overall, 63 percent of all vulnerabilities Microsoft patched in 2015 could have been mitigated by removing administrator rights from user accounts, the company found.
The figure jumps when narrowing the focus to only critical vulnerabilities.
A little less than half, or 48 percent, of the 2015 patches were rated as critical, but Avecto found that 86 percent of critical flaws could have been mitigated by removing administrator rights.
Microsoft may call Windows 10 the “most secure Windows ever,” but Avecto found the same pattern for Windows 10.
Over a quarter of critical vulnerabilities Microsoft fixed in 2015 affected Windows 10, and 82 percent of vulnerabilities that affected Windows 10 could have been mitigated.
Server operating systems weren’t exempt from this analysis either, since Avecto found that 85 percent of critical vulnerabilities affecting Windows Server could be mitigated just by paying attention to the user privileges.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d6256e9f18&e=20056c7556
Bouygues forms IoT subsidiary Objenious
French operator Bouygues Telecom has formed IoT subsidiary Objenious.
The new connected objects division is headed by Stephane Allaire, with around 20 staff members.
Objenious will use the LoRa network Bouygues Telecom is deploying to connect millions of objects.
The network is already in place in fifteen metro areas and is expected to cover half of the French population by the middle of the year.
It will be activated with the first 4,000 antennas at the end of the year.
Bouygues is working with partners such as Watteco, Eolane and Finsecure to address its clientsâ different requirements.
The cloud service is based on HP Enterpriseâs IoT platform (HPE IoT Platform).
Ingenious will provide connectivity and secure data centre storage, data collection and network visualisation to industry standards.
Atos subsidiary Bull is supplying its KMS security software tp deliver end-to-end encryption.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=30485362f9&e=20056c7556
Allot MobileTrends Report Reveals Mobile Business Users Incur Highest Malware Risk
HOD HASHARON, Israel, Feb. 3, 2016 /PRNewswire/ — Allot Communications Ltd. (NASDAQ, TASE: ALLT), a leading global provider of security and monetization solutions that enable service providers to protect and personalize the digital experience, together with Kaspersky Lab announced today the release of Allot MobileTrends Report H1 2016, Mobile Users at Risk.
Using a range of behavioral profiles, the report analyzes the correlation between mobile apps and URLs usage and user potential for malware risk.
Findings show that individual behavior is a significant and even decisive indicator of malware risk.
The report goes on to suggest that communication service providers (CSPs) are uniquely positioned to safeguard mobile users at risk with targeted Security-as-a-Service delivered from their network or cloud.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=aa4b8a1bb1&e=20056c7556
Cyber Crime Forensics, LLC Unveils Cybercrime Forensics Training Center to Train New Breed of Cyber Professionals
BOISE, Idaho, Feb. 3, 2016 /PRNewswire/ — Cybercrime is the fastest growing area of crime in the world.
The demand for cyber security professionals is higher than ever.
To help solve these critical issues, Richard Plummer, CEO of Cyber Crime Forensics, LLC is launching the Cybercrime Forensics Training Center in Boise Idaho, to train a new breed of cyber warriors.
CCFTC provides the world’s best digital forensics and cyber security training to produce the most advanced digital forensics experts in computer forensics, incident response and media exploitation.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bb2c96e6e6&e=20056c7556
New Ponemon Institute Study Reveals Nearly 80 Percent of German Organizations Arenât Prepared for a Cyber Security Incident
The latest research on Cyber Resilience from the prestigious Ponemon Institute shows that 79 percent of security executives reported that they arenât prepared for a cyber security incident.
And only 21 percent have the technology in place to respond to a cyberattack.
This new independent study, The Cyber Resilient Organisation in Germany: Learning to Thrive against Threats, from privacy and information security research firm Ponemon Institute, benchmarks German organisationsâ resilience to cyber threats.
Surprisingly, the German study also revealed that 54 percent rated their cyber resilience as high, suggesting a gap between perceived resilience and reality.
This is the third report in a series of cyber resilient studies, with founding sponsor, Resilient Systems, the leader in incident response management software.
The first study was published in the US last year and the second study was released earlier this week in the UK.
Similar to the UK findings, insufficient planning and preparedness and organisational factors are identified as major barriers to achieving cyber resilience.
Germany is undergoing significant changes to its regulations around cybersecurity.
The Upper House of the German Parliament ratified legislation on the cyber protection of critical infrastructure in July 2015 and German lawmakers have been driving the upcoming EU-wide Network and Information Systems Directive (NISD) and the General Data Protection Regulation (GDPR), which contain mandatory breach reporting requirements and require companies to clearly document their incident response strategies.
79% reported that they have either ad-hoc or no cyber-incident response plans.
The majority of German security leaders reported that the state of cyber resilience in their organisation is high even without a planned or practiced response
Persistent attacks are the greatest threat to cyber resilience
Organisational factors also make cyber resilience difficult to achieve
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6af04e7a49&e=20056c7556
Australian companies ‘open to cyber crime’
Australian companies could risk becoming “low-hanging fruit” for cyber criminals due to a lack of education and an unwillingness to properly deal with threats.
James Nunn-Price, who leads Deloitte’s Asia Pacific Cyber unit, said companies were failing to report ransomware – which locks users out of their computers until they pay a fee – and instead perpetuate the practice by coughing up the cash.
“I’m amazed at how many Australian businesses pay the money … certainly some super funds, insurers and corporates pay the money because it’s just easier to pay a few hundred dollars and then they wonder why six weeks later they get hit again,” Mr Nunn-Price told reporters on Monday.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=83ba65b42b&e=20056c7556
Tripwire Study: Two-Thirds of Energy Sector IT Professionals Lack Visibility into Cyber Attacks That Cause Physical Damage
Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a study conducted for Tripwire by Dimensional Research on the cyber security challenges faced by organizations in the energy sector.
The study was carried out in November 2015, and respondents included over 150 IT professionals in the energy, utilities, and oil and gas industries.
According to Tripwireâs study, eighty-two percent of the respondents said a cyber attack on the operational technology (OT) in their organization could cause physical damage.
However, when asked if their organization has the ability to accurately track all the threats targeting their OT networks, sixty-five percent replied, âno.â
Additional findings from the study include:
More than three out of four respondents (seventy-six percent) believe their organizations are targets for cyber attacks that could cause physical damage.
Seventy-eight percent of respondents said their organizations are potential targets for nation-state cyber attacks.
One-hundred percent of energy executive respondents believe a kinetic cyber attack on operational technology would cause physical damage.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d77bce16a9&e=20056c7556
What can be done to protect Singapore from cyber attacks?
The Cyber Security Agency was set up in 2015 to work with various sectors to ensure that Singapore stays resilient against cyber attacks.
A new five-year National Cyber Security Masterplan 2018 has also been launched by the Infocomm Development Authority, aimed at strengthening Singaporeâs cyber security efforts.
Last year, global intelligence agency Interpolâs Global Complex for Innovation (IGCI) set up a Digital Crime Centre in Singapore to enable more information sharing between law enforcement agencies and the private sector to combat cyber crimes.
As cyber attacks get more sophisticated, Singapore has even looked beyond its shores to strengthen its cyber defences, partnering with countries such as India and the United States in information sharing in this field.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e4cddedde9&e=20056c7556
Air Force Academy’s Innovation Center has big cyber plans
Academy Superintendent Lt. Gen. Michelle Johnson told a crowd Wednesday at the Rocky Mountain Cyberspace Symposium at The Broadmoor that the Air Force Cyber Innovation Center, being established this year on the campus, will eventually study technical, social and legal problems in the online world.
Johnson spoke to the largest gathering of cybersecurity experts in the region who are in the midst of a three-day conference sponsored by the local chapter of the Armed Forces Communication and Electronics Association that ends Thursday.
The symposium drew 2,000 participants including top military brass and industry leaders.
The academy’s cyber efforts, she said, will be closely tied to work at Air Force Space Command, which is leading Air Force computer warfare efforts.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0aaab8328b&e=20056c7556
Europe, US Cut 11th Hour Safe Harbor Deal
Europe and the United States on Tuesday announced a new Safe Harbor agreement that neutralizes the threat of enforcement actions against domestic companies handling overseas data.
Called the “EU-US Privacy Shield,” the agreement aims to protect the privacy of data belonging to European citizens when it’s handled by U.S. companies.
Without a new Safe Harbor agreement to protect U.S. companies handling the data of European citizens from EU privacy restrictions, enforcement actions would have begun immediately, noted Neil Stelzer, general counsel for Identity Finder.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c1fc89834a&e=20056c7556
Information governance hard to achieve, worth effort to protect data
Information governance (IG) is nearly impossible to achieve, but is a goal worth pursuing to protect the privacy of sensitive data and ensure organizations can meet discovery requests, according to a panel at the LegalTech show in New York.
Chris Sitter, eDiscovery & Digital Forensics Senior manager, Juniper Networks: âIt’s the dream to chase, the ideal,â said Chris Sitter, eDiscovery & digital forensics senior manager at Juniper Networks.
With current tech almost impossible to achieve.â
Allan Hsu, director of eDiscovery/ligitation at Fannie Mae, warned against treating all data the same. âIt creates unneeded complexity and will likely cause non-compliance among your employees,â he said, noting that it’s important to create workable solutions for protecting information.
He pointed to BYOD as an example where employees use personal devices to store and move corporate information. âYou could put them in a container but it’s not efficient,â he said, raising the specter of personal privacy issues. âCan you really collect someone’s personal device.
It’s like going into their house and looking through their drawers.â
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=93a40e46f3&e=20056c7556
Whatâs Worse Than Stolen Data? Altered Data
Attacks that previously were considered advanced threats are commodities today, with sophisticated malware and exploits available for the price of a movie ticket, according to Amit Yoran, president of RSA, the security division of EMC.
And yet, important results due to this evolution seem to be misunderstood; the threats that matter most are attack campaigns that use multiple exploitation methods and backdoors to assure persistence. “Incomplete incident scoping has become a critical and consistent mistake made by security teams,” Yoran said.
This year was also characterized by security vendors claiming to be able to prevent advanced threat breaches when, in fact, they cannot, he said.
Organizations recognized the need to monitor and defend their digital environments differently, but continued to center the security programs on the same technologies and approaches they have always usedâhoping for a different outcome, but not acting differently.
Here are some emerging trends Yoran advises you to prepare for this year.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=18a4bf3aa3&e=20056c7556
U.S. businesses on their own when facing foreign cyber attacks
BOCA RATON, Fla. â Cyber attacks by nation states are a serious threat to U.S. business, and companies should not rely on the government to protect them from the attacks, said Mike Rogers, a former chairman of the House Intelligence Committee.
China, Russia, North Korea and Iran are targeting U.S. businesses, in many cases to steal intellectual property and in other cases to disrupt operations, but privacy laws in the U.S. prevent government security agencies from protecting commercial enterprises from the attacks, said the former Republican congressman from Michigan.
âThe (National Security Agency) is not permitted to be on your networks; it’s against the law of the United States.
The only way they catch an attack coming in is if they catch it overseas first, so every American with your own network, you’re on your own,â he said.
Buying cyber insurance can help concentrate the minds of executives on cyber security, he said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7304529802&e=20056c7556 (http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=66e4a3fb59&e=20056c7556)
IoT poses one of insurance industry’s biggest underwriting challenges: Rosenbaum
One of the insurance industry’s biggest challenges on the underwriting side is âhow to effectively and profitably transfer cyber risk with respect to machine-to-machine technology,â so-called Internet of Things, Brian Rosenbaum, national director of the Legal and Research Practice at Aon Risk Solutions, said Tuesday during an industry event.
âI really canât overestimate how significant the risks associated with machine-to-machine technology are, despite the tremendous benefits that the Internet of Things will confer,â Rosenbaum told those assembled for the 49th Annual Canadian Insurance Claims Managers Association/ Canadian Independent Adjustersâ Association Ontario Chapter Joint Conference in downtown Toronto.
Reports are that by 2020, billions of machines will be exchanging data on a daily basis, he said. âWhat Iâm concerned about is that the underwriting community is not ready for this.
We donât really appreciate how vulnerable we are to cyber terrorism, extortion, systems breakdown and just plain mischief.â
Indeed, typical cyber policies contain a bodily injury and property exclusion that applies to third-party liability, meaning âthat will lead to a lack of coverage for any of these Internet of Things exposures weâre talking about today,â Rosenbaum said.
The same is true of E&O (errors and omissions) and D&O when they contain the same type of exclusionary language, he said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a0688b62a2&e=20056c7556
CrowdStrike Global Threat Report Analyses the Biggest Cyber Crime and Targeted Intrusion Trends
IRVINE, Calif.–(BUSINESS WIRE)–CrowdStrike Inc., a leader in cloud-delivered next-generation endpoint protection, threat intelligence and response services, today announced the release of its 2015 Global Threat Report.
The report, issued annually, analyzes more than 70 designated adversaries, providing details about their behavior, capabilities, and intentions related to targeted intrusions, e-crime, and hacktivist campaigns.
Notable Highlights of the 2015 Global Threat Report:
Economic, geopolitical and diplomatic events are becoming the driving force behind todayâs cyber threat landscape, the effects of which are being felt by organizations around the world.
Deep dive into the key factors shaping the targeted intrusion campaigns of notable nation-state adversaries, including China, Russia, Iran, North Korea, etc.
The rise of extortion-based criminal operations including use of ransomware, banking trojans, and exploit kits, along with intelligence-powered social engineering scams, phishing campaigns, and more.
Uptick in sophistication and scale of terrorism-related hacktivist groups and online censorship in the Middle East.
Forward-looking predictions about emerging threats, espionage activity, personally identifiable information usage, new e-crime waves, and disruptive attacks that impact businesses globally
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4eed117cbc&e=20056c7556
Target exec joins cybersecurity board
Brad Maiorino, Target senior VP and chief information security officer, is the newest member of the Retail Cyber Intelligence Sharing Center (R-CISC) board of directors.
In addition, R-CISC recently teamed up with Target to host the first Retail Cybersecurity Analyst Hunting Expedition at Targetâs headquarters in Minneapolis.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=081e1fb9f7&e=20056c7556
5 ways analysts can find priority threats
The big question is: How can IT directors ensure that their analysts accomplish these things and, subsequently, pinpoint which threats they should be spending time on.
There are five key tactics that will help directors improve their incident readiness and response and reduce risks early on, which they can then share with their analysts.
1) Clearly define analystsâ roles and responsibilities
2) Enhance training on avoiding advanced threats
3) Formalise response processes and procedures
4) Improve formalised incident response tracking/workflow
5) Focus on Cyber Threat Intelligence
The above procedures are a must-have for organisations in the fight against the growing sophistication of cyber threats.
Itâs imperative that organisations are proactive.
Cyber criminals like to stay on the cutting edge and security analysts must stay right on that edge with them in order to protect sensitive data.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e9189f93e5&e=20056c7556
Europol, a new move against terrorism and money laundering
Since 1 January 2016, Europol has increased the level of integration among the nodes of the decentralised computer network of the European Union Member Statesâ Financial Intelligence Units (FIUs), the FIU.net.
âFIU.NET is a decentralised computer network supporting the FIUs in the European Union in their fight against Money Laundering and Terrorist Financing.
Decentralised meaning, that there is no central database in one specific Member State where all the exchanged data is stored.
When sending the information from one FIU to another, the exchanged data is only and safely stored on the FIU.NET databases at the premises of the FIUs involved in the exchange.â states the description on the website of the FIU network.
This is an important step against crime and terrorism, data from financial intelligence could be integrated with information related criminal intelligence activity conducted by the Europol, an important knowledge sustained with data provided by the Law Enforcement agencies of the EU countries.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=e12dbdb750&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage2.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=bf17584a05)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)