[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Cybercrime: Barclays puts âred teamâ to work
Troels Oerting, who joined as chief information security officer in February, set up a so-called âred teamâ in recent weeks to attack the digital defences of the London-based bank.
His goal is to find any flaws and fix them before thieves, vandals or terrorists can exploit them.
Oerting, a 35-year law-enforcement veteran, is part of a corps of former policemen and spies entering private industry to fend off a barrage of cyberattacks on businesses.
More banks are building in-house teams that âoperate and think like cybercriminalsâ as hackers become increasingly sophisticated, said Sergey Lozhkin, a security researcher at Moscow-based Kaspersky Lab, which has worked on investigations with Interpol and Europol.
Barclays is boosting spending by about 20 percent as part of its new cyber-defence strategy, Oerting said, declining to elaborate.
Oertingâs new team of internal hackers, which will number as many as eight, joins the bankâs staff of 800 information technology security personnel.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=208b6c7d23&e=20056c7556
How CISOs can beat the information security skills-gap
Richard Starnes, CISO at the Kentucky Health Cooperative, believes that relying on SIEMs from vendors is a positive first step for automating security.
âThere is a great deal to be said for the automation of information security, such as in GRC or even outsourcing, particularly in areas like SIEMs,â Starnes told CSO Online.
Quentyn Taylor, head of information security at Canon Europe, adds: âIn the security space automation is the key, from the operational sphere to the investigative sphere, automation is what is needed to ensure that the response and action is timely enough to be effective.
The key point is that for automation to be effective the staff themselves should be part of the design and implementation.â
âDevelop and promote your internal staff,â says Starnes. âCreate a work environment where they are happy and fulfilled.
Keep their remuneration at a sustainable level.
This will reduce your staff churn significantly.
Recruit as you would normally and bring your new staff into this environment.
You will always lose a few, but you will keep many of them and people will want to come work for you on their own.â
âMy first suggestion would be to review hiring role descriptions and cut back on the mandatory skills and qualifications and see what candidates you get.
Many people believe that certification is a substitute for experience or that demanding the right certification will ensure the correct level of experience, but I find this not the case.â
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c9323d2724&e=20056c7556
Infographic: How XSS Attacks Work
XSS stands for Cross-Site Scripting and is a Web-based security vulnerability that’s been around since the birth of modern Web development techniques.
XSS attacks account for 12.75% of all of today’s Web-based attacks, and almost 70% of all reported vulnerabilities are XSS-related.
Almost 90% of all websites have at least one XSS vulnerability.
A Reflected XSS attack occurs when hackers craft malicious URLs which Web servers execute via a single request and response loop.
They are the most common and have a short lifespan, affecting one user at a time.
They are also called first-order XSS, type 1 XSS, or non-persistent XSS.
A Stored XSS attack is the worst of the two, and it involves the attacker crafting a malicious script, which then gets stored on the Web server.
This type of XSS attacks have a broader target, since once saved on the server in the form of a comment or database entry, they then can be displayed to all the users accessing that page without having to make them access a maliciously crafted URL.
This type of attack is also called second-order XSS, type 2 XSS, or persistent XSS.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=adfd9035fb&e=20056c7556
Best practices for ensuring compliance in the age of cloud computing
The first place to start with any security or compliance initiative is visibility.
You canât secure what you canât see.
Once you understand whatâs going on with your infrastructure, applications, data and users, you can begin to understand how to limit your attack surface and better prevent and mitigate attacks.
Manual processes are killing compliance teams, who are typically understaffed and overworked.
he question then turns to âHow do I ensure compliance while still maintaining real-time, agile work flows?â Luckily, there is an emerging set of compliance automation solutions on the market today that take much of the manual process out of the equation.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d143a22c67&e=20056c7556
Continuous monitoring vs Black Hat hackers â which should you rely on to identify web security issues? – See more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fec2620f6a&e=20056c7556
One answer to cyber threats is continuous monitoring, which is becoming a very popular term, both among security vendors and CISOs.
In a constantly changing and hostile network environment where new zero-day exploits appear regularly, continuous monitoring of your organisationâs infrastructure is essential.
The main role of continuous monitoring is to keep your security team constantly aware of newly detected vulnerabilities, weaknesses, missing patches and configuration flaws that appear to be exploitable.
Various products, solutions and services exist today to assure the continuous monitoring process within both large and small organisations.
However, when examining the efficiency of such solutions, businesses should initially try to understand how competitive those solutions are on the market: and not only against other vendorsâ solutions, but with Black Hat hackers.
Sophisticated hacking teams even patch the vulnerabilities after successful exploitation to prevent their competitors from exploiting them.
Yes, there is as tough a competition among cyber gangs as there is among cyber security vendors.
Yes, properly implemented continuous monitoring is not an easy task.
Jan Schreuder (PwC) summarises the challenge for businesses: ‘In our experience the successful implementation of a continuous monitoring program often represents a significant change to the way IT departments operate, and to be successful it requires significant commitment through leadership support, enforcement, and system owner responsibility and accountability.’
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=fed2893fbd&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage2.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=cc4ddd6f53)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)