People have been asking how many different mailing newsletter I produce. Here’s a link to page that lists the IT Security Lists I produce, with subscribe links: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=4a9bc271bc&e=20056c7556
Subscribe to any you are interested in.
Regards
Paul
* SAP security breaches are on the rise, so what’s being done about it?
* Your HR policies should help, not hinder, data breach response
* So You Want to Be a Security Researcher?
* IBM promotes bitcoin tech for banks
* Threat Intelligence: The hot topic that makes people hesitant
* Cybercriminals motives more diverse
* A Proactive Approach To Incident Response: 7 Benefits
SAP security breaches are on the rise, so what’s being done about it?
SAP platforms are likely to contain malware: 75% of respondents say it is very likely (33%) or likely (42%) SAP platforms have one or more malware infections.
Breaches can’t be detected immediately: There is little confidence a breach involving the SAP platform would be detected immediately or within one week.
No one is taking responsibility for SAP security: Respondents believe it is the responsibility of SAP, not their company, to ensure the security of its applications and platform, according to 54% of respondents.
No one is accountable if a data breach involving a SAP system: 30% respondents say no one is most accountable
IoT and other new technologies are having a major impact: 59% of respondents believe new technologies and trends such as cloud, mobile, big data and the Internet of Things increases the attack surface of their SAP applications.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8b22e53643&e=20056c7556
Your HR policies should help, not hinder, data breach response
SAP platforms are likely to contain malware: 75% of respondents say it is very likely (33%) or likely (42%) SAP platforms have one or more malware infections.
Breaches can’t be detected immediately: There is little confidence a breach involving the SAP platform would be detected immediately or within one week.
I
No one is taking responsibility for SAP security: Respondents believe it is the responsibility of SAP, not their company, to ensure the security of its applications and platform, according to 54% of respondents.
No one is accountable if a data breach involving a SAP system: 30% respondents say no one is most accountable
IoT and other new technologies are having a major impact: 59% of respondents believe new technologies and trends such as cloud, mobile, big data and the Internet of Things increases the attack surface of their SAP applications.
HR policies should impose a duty on employees to promptly report any circumstances that may give rise to a data breach, such as the loss or theft of devices containing protected information, and to cooperate in any ensuing investigation.
In response to a data security incident, your company will need the ability to access and forensically investigate its own computer systems and devices, including information created and stored by employees.
In some incident scenarios, particularly for companies with a Bring Your Own Device (BYOD) policy or practice, incident response may require investigation of smartphones and other data storage devices owned by employees.
If a mobile device containing protected information (whether or not encrypted) has gone missing or has been stolen, it is invaluable for the company to have the ability to geolocate the device, to remotely lock or “kill” the device, or otherwise make its data inaccessible.
In other incidents, a physical search of company premises may be needed, such as to account for missing data storage devices, or in a rogue employee scenario.
Companies must be cognizant of how these provisions interact with other policies in their employee handbook, and with workplace laws.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7197f4f3cd&e=20056c7556
So You Want to Be a Security Researcher?
Security research includes a wide spectrum of tasks, says James Treinen, vice president of security research at ProtectWise, developer of a cloud-based platform that uses a virtual camera to record everything on an organization’s network, letting security personnel see threats in real- time.
Security researchers take apart malware to see what vulnerabilities the malicious software is exploiting and glean intelligence out of the malware – how it communicates and how it is structured.
They use that information to track adversaries and groups by the attack methods they have deployed.
Among other things, they then build behavior profiles so security analysts and incident responders can find future instances of the malicious software.
Automated tools let security analysts drill down to the malware’s bits and assemble code to determine how it executed an attack.
This is a different end of the security research spectrum.
Other security researchers’ tasks might include building and hardening operating systems and networks, Treinen says.
A person looking to move into security research has to be immersed in technology with a desire to understand the workings of malware, encryption, and network forensics and web applications because they are all intertwined.
Plus, as a security researcher, you are not going do the same thing each day.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=03a8b3bda1&e=20056c7556
IBM promotes bitcoin tech for banks
MUMBAI: Tech giant IBM is seeing several uses for Blockchain – the technology behind Bitcoin cryptocurrency – in the financial sector.
Besides identifying it as a cost-efficient method of conducting transactions, IBM sees this as an alternative to one-time passwords in the long run.
“We are committed to Blockchain technology.
Releasing the code and making it available on the Linux platform is a start for us.
Once developers take it on, then you will have use cases identified.
Once the ecosystem is in place, then we expect that some of the players involved with clearing transactions will be the first to take it on,” said Vaibhav Khandelwal, Trusteer leader, IBM.
Trusteer is a security software firm founded in Israel and acquired by IBM in 2013.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=062d6d078f&e=20056c7556
Threat Intelligence: The hot topic that makes people hesitant
SAN FRANCISCO – All this week, Salted Hash will be walking the halls of the RSA Conference in California.
The running theme this week is threat intelligence; what it is and what it isn’t, the vendors who produce it, and the people who use it.
For two weeks, Salted Hash attempted to locate security practitioners in various market segments to talk about threat intelligence, incident response, and how the two areas overlap.
It wasn’t easy.
First, while most were willing to share their experiences, they wouldn’t or couldn’t share proof of those experiences, such as redacted screenshots of the product, or anything that would confirm they were a customer of a given vendor.
Second, there was another segment of people willing to talk, but only in a general sense, because the threat intelligence vendor was holding non-disclosure agreements over their heads.
FireEye was one of the vendors where customers stated they couldn’t speak due to a non-disclosure agreement.
As it turns out, FireEye customers are in fact free to talk about their experiences, they just can’t share content.
Maybe the entire notion of a vendor forcing non-disclosure agreements needs to be examined.
Is it useful.
Sure, keeping the sauce a secret has advantages, but how far is too far?
The issue with false positives, too many alerts, and a lack of clear context will come up several times this week.
It’s one of the largest sources of pain for practitioners working with threat intelligence feeds and platforms.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b9d731adb7&e=20056c7556
Cybercriminals motives more diverse
This is one of the key findings from the sixth annual Mandiant M-Trends report (registration required for a free report), which was compiled from advanced threat investigations conducted by Mandiant consultants in 2015.
Kevin Mandia, SVP, and president at FireEye said disruptive attacks had increased last year and were designed to cause either public or financial harm and were typically carried out by financially motivated attackers or hacktivist groups with political or social agendas.
The report also found that organisations are discovering breaches sooner.
In 2015, the median number of days’ attackers were present on a victim’s network before being discovered dropped to 146 days from 205 days in 2014; while this number is getting better, it’s clear there is still room for improvement.
Whereas in years gone by attackers tended to stay silent in networks for as long as possible, the report found the rise of extortion and more disruptive attacks means an organisation may discover it has been breached by the culprit themselves.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=59512c7735&e=20056c7556
A Proactive Approach To Incident Response: 7 Benefits
Here are six examples of how digital forensic readiness can enhance an organization’s proactive approach to incident response.
Benefit 1: Lower Investigative Costs
Benefit 2: Targeted Security Monitoring
Benefit 3: Crime Deterrence
Benefit 4: Investor Confidence
Benefit 5: Enhanced eDiscovery
Benefit 6: Fast Disclosure & Penalty Avoidance
Benefit 7: You’re Probably Already Doing It
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=71f8c707f3&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage1.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=02af41a0b8)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)