Skip to content

CyberSecurity Institute

Security News Curated from across the world

Menu
Menu

From:Reply-To:To:Date:Message-ID:List-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version; i=mail=3Dpaulgdavis.com@mail160.atl101.mcdlv.net;

Posted on September 11, 2016December 30, 2021 by admini

[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:

Demystifying Threat Intelligence
For Forrester, threat intelligence is not a single product or service, but a framework constructed around high-quality information sources and skilled analysts.
In Five Steps to Build an Effective Threat Intelligence Capability, Forrester shows that five distinct focuses need to be combined to harness it effectively: laying the foundation; establishing buy-in; staffing the team; establishing sources; deriving intel.
Gartner defines threat intelligence as, “evidence-based knowledge… about an existing or emerging… hazard to assets that can be used to inform decisions regarding the subject’s response to that… hazard.” At first glance, this could be a definition for a single black-box product, but it’s likely that it would actually need to exist inside a framework in order to contextualize the knowledge that originates from third parties.
In all these definitions, there is one constant: threat intelligence cannot simply be deployed in a way that adds value as a black box system.
There is an explosion of threat intelligence products on the market today, but they can all broadly be split into three groups – feed-, research- and platform-driven products.
While feed and research-driven products have the potential to add value, such as offering an outsourced information gathering or analyst function, they lack the ability to contextualize knowledge with local information.
This dramatically limits their ability to deliver actionable intelligence to organizations.
An alternative would be for a consumer to have direct access to a threat intelligence provider’s backend storage and transform functions so that they could pull out intelligence based on their localized knowledge.
Unfortunately that’s unlikely to be possible when these products deliver generic information to numerous end users rather than harvesting local knowledge about individual environments.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f4c95faf2c&e=20056c7556

Malware Trends and Tactics: 3 Things Companies Need To Do
Malcovery produced 540 reports during the second quarter related to email-based malware and phishing attacks.
In each case, Malcovery’s analyst team dissected the campaign to uncover how it was designed to penetrate your network perimeter.
There are 3 things that companies need to do based on this analysis.

Automate consumption of threat intelligence.
Beware of Microsoft Office attachments.
Review how your team is using third party file sharing services.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=dc06c1be8b&e=20056c7556

The FBI published an alert on the significant increase of the Business Email Scams (BEC), the number of victims is growing such as the financial losses.
… the FBI warned the world that Business Email Scams (BEC) victims are growing, making companies losing money.
The law enforcement highlights that frauds use to start with crooks spoofing communications from high management and executives and deceive them to authorize international wire transfers.
Normally all starts with a phishing email specifically crafted to a company executive, or employees of the targeted company.
The emails look like as a legitimate message sent from a look-alike domain, let’s say that an original company is called Timetolife.com, the crook will send an email to the victim from Timetoolife.com.

Since it is a crafted email, the crooks pay attention to the details so this type of emails will not set off spam traps, because it’s a targeted email.
Crooks compose the emails by using the information on the target company available on open sources on the Internet (i.e. social media, press releases, and news).
The list of successfully Business Email Scams is very long.

Advises to prevent Business Email Scams

Implement two-step authentication to emails
When possible call to the person who sent the email, to verify what is asking
Inform employees not to publish/share job-related activities on social media and forums
Educate your employee, have a security awareness program
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4d41230ee9&e=20056c7556

The seven deadly sins of incident response
The seemingly endless barrage of attacks on government and enterprise networks has made it clear that organizations need to be much more proactive when it comes to security.
Deploying perimeter defences / defences like firewalls and antivirus, and expecting them to keep attackers off of your network, has become just plain foolish in the light of today’s increasingly complex threat landscape.
Security success is no longer just about keeping threats out of your network, but instead about how quickly you can respond and thwart an attack when it happens.
Despite this scenario, many organizations still haven’t gotten it quite right when it comes to incident response.
Here are ‘seven deadly sins’ that Lancope often sees companies committing when attempting to build an incident response function.
1. Not understanding your environment due to a lack of visibility.
2. Not having the right staff.
3. Lacking the appropriate budget.
4. Becoming a headless chicken when breaches occur.
5. Using generic processes not specific to your organization.
6. Improper threat modeling.
7. Not considering your environment and capabilities when tuning devices.
8. Bonus sin! – Not taking advantage of the fruits of an incident investigation.
According to the previously mentioned Ponemon Report, 65 percent of respondents said that threat feeds were one of the most effective tools for helping to detect breaches.
Yet 54 percent said they did not collect threat indicators from their own incidents for use in fighting future attacks.
Organizations need to realize that the information they glean during an incident investigation is far more valuable than a third-party threat feed in determining which types of attacks their network might experience in the future and being better equipped to handle them.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=18eac28815&e=20056c7556

Filling the ranks of Japan’s cyberwarriors in time for 2020 Olympics proves a major challenge
The government has set up new organizations tasked with boosting cybersecurity in the run-up to the 2020 Tokyo Olympic and Paralympic Games — but filling the slots of these cyberwarriors is proving to be an ongoing battle.
The government set up a working team on cybersecurity last October to prepare for the 2020 Games.
Based on the basic law on cybersecurity, which was enacted the following month, the government in January created a cybersecurity strategy team, headed by Chief Cabinet Secretary Yoshihide Suga, and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC).
The headquarters drafted a new strategy paper emphasizing measures for the period up to 2020.
The draft calls for the establishment of a Computer Security Incident Response Team (CSIRT) for the 2020 Olympics and Paralympics.
It would be staffed with dozens of experts from both the public and private sectors whose job would be to minimize damage from cyberattacks.
According to an estimate by the Information-Technology Promotion Agency, Japan, adequate cybersecurity response would require a total workforce of 350,000.
But there are just 265,000 information security engineers in the country, with 160,000 of them needing to be retrained, the agency said.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a53df6b903&e=20056c7556

To Battle Cyber Attacks, CEOs Need To Act More Like The Military
A recent survey by Oxford University and the U.K.’s Centre for the Protection of the National Infrastructure found that concern for cyber security was significantly lower among managers inside the C-suite than among managers outside it. “Such shortsightedness at the top is a serious problem,” said David Upton, American Standard Companies Professor of Operations Management at Saïd Business School, University of Oxford.
‘The reality is that if CEOs don’t take cyber security threats seriously, their organisations won’t either … They must marshal their entire leadership team – technical and line management, and human resources – to make people, principles, and IT systems work together.”
Upton is one of the authors of a new study, published in the Harvard Business Review, that sets out to explain how organizations can be more effective in this area.
The other authors are James A.
Winnefeld Jr and Christopher Kirchhoff, respectively the ninth vice-chairman of the U.S.
Joint Chiefs of Staff and an admiral in the U.S.
Navy until his retirement this month, and a special assistant to the chairman of the Joint Chiefs of Staff.
In the HBR article, entitled “Cybersecurity’s Human Factor: Lessons from the Pentagon,” they add:

One key lesson of the military’s experience is that while technical upgrades are important, minimizing human error is even more crucial.
Mistakes by network administrators and users—failures to patch vulnerabilities in legacy systems, misconfigured settings, violations of standard procedures—open the door to the overwhelming majority of successful attacks.

They believe there are measures that leaders of any sort of organization can take to ensure such principles are part of employees’ everyday routines.
They are:
1. Take charge
2. Make everyone accountable.
3. Institute uniform standards and centrally-managed training and certification.
4. Couple formality with forceful back-up.
5. Check up on your defenses.
6. Eliminate fear of honesty and increase the consequences of dishonesty.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4a6602c0ca&e=20056c7556

Risks vs. Benefits of Security Investments
Being able to determine the ROI of security investments is a complex, albeit necessary, task when organizations make security investments.
Simply put, the goal is to demonstrate how the benefits of the organization’s security strategy outweigh the risk of not investing.
The primary issue CISOs need to address is how much of an investment is enough.
After all, even an infinite budget will not prevent every last breach or incident.
A prudent CISO will communicate the current risk posture including any policies, procedures and controls in place to help protect the organization from threats, whether internal or external.
The CISO ultimately needs to explain that risk exists regardless of investment, and then effectively outline the goal of reducing risk without impacting business operations.
Bottom line, the days of a moat around the castle no longer exist.
The challenge here is that most non-security executives feel safe and secure because they simply don’t know what they don’t know.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7497228dbc&e=20056c7556

Cisco Predicts ‘Second Wave’ Of Cloud Adoption
However, the research – which was commissioned by Cisco – also revealed that nearly three quarters of the 3,000-plus organisations surveyed don’t have a solid cloud strategy.
Cisco Systems Inc. sees a growing second wave of businesses adopting cloud-computing platforms, and it’s eager to help them optimize their cloud strategies.
In the study, IDC identifies five levels of cloud maturity: ad hoc, opportunistic, repeatable, managed and optimised.
They are also achieving $1.2m in cost reduction per cloud-based application.
The manufacturing industry was found to have the largest cloud adoption rate, with 33 percent of companies having a developed strategy, followed by IT (30 percent), finance (29 percent), and healthcare (28 percent).
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d91e0e52c5&e=20056c7556

============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)

If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)

** Unsubscribe from this list (http://paulgdavis.us3.list-manage2.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=d5422b77fe)

** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)

Leave a Reply

You must be logged in to post a comment.

Recent Posts

  • AI/ML News – 2024-04-14
  • Incident Response and Security Operations -2024-04-14
  • CSO News – 2024-04-15
  • IT Security News – 2023-09-25
  • IT Security News – 2023-09-20

Archives

  • April 2024
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • April 2023
  • March 2023
  • February 2022
  • January 2022
  • December 2021
  • September 2020
  • October 2019
  • August 2019
  • July 2019
  • December 2018
  • April 2018
  • December 2016
  • September 2016
  • August 2016
  • July 2016
  • April 2015
  • March 2015
  • August 2014
  • March 2014
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • October 2012
  • September 2012
  • August 2012
  • February 2012
  • October 2011
  • August 2011
  • June 2011
  • May 2011
  • April 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • June 2009
  • May 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • July 2004
  • June 2004
  • May 2004
  • April 2004
  • March 2004
  • February 2004
  • January 2004
  • December 2003
  • November 2003
  • October 2003
  • September 2003

Categories

  • AI-ML
  • Augment / Virtual Reality
  • Blogging
  • Cloud
  • DR/Crisis Response/Crisis Management
  • Editorial
  • Financial
  • Make You Smile
  • Malware
  • Mobility
  • Motor Industry
  • News
  • OTT Video
  • Pending Review
  • Personal
  • Product
  • Regulations
  • Secure
  • Security Industry News
  • Security Operations
  • Statistics
  • Threat Intel
  • Trends
  • Uncategorized
  • Warnings
  • WebSite News
  • Zero Trust

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
© 2025 CyberSecurity Institute | Powered by Superbs Personal Blog theme