admini – Page 65 – CyberSecurity Institute

Gartner Says by 2019, 90 Percent of Organizations Will Have Personal Data on IT Systems They Don’t O

Posted on June 12, 2013December 30, 2021 by admini

Many companies have decided to eliminate credit card data from their own systems and completely entrust it to an external service provider,” said Mr. Such decisions are easier if employee performance information is stored in an HR management system, customer information is stored in a CRM system, and financial and business information is stored in an ERP system. Regardless of the specific privacy standard and cross-border transfer mechanism used, the most difficult challenge for organizations is to make such rules binding on all entities involved, including all employees, and accept liability in cases where employees or customers suffer harm. Given that this information can be accessed from the other end of the world in a fraction of a second, the physical location should be increasingly irrelevant. Yet this physical location is still what many regulators insist on, although the legal location should be most relevant from a regulatory perspective. As an example, personal data might be stored in a data center of a U.S. cloud provider, which is operated by a third-party service provider from India.

This report is part of the Gartner Special Report “The Future of Global Information Security” The special report can be viewed at http://www.gartner.com/technology/research/security-risk-management/ and includes links to reports and commentary that explore the major tectonic forces at play that will change how business use of technology will be dramatically changed by rapid escalations in threat, defense and societal demands.

This summit is the premier gathering for senior IT and business executives across IT security and risk management, including privacy, compliance, business continuity management (BCM), IT disaster recovery and business resiliency. The summit offers five role-based programs that delve into the entire spectrum of IT security and risk, including: network and infrastructure security; identity and access management (IAM); compliance; privacy; fraud; BCM; and resilience.

Link: http://bw.newsblaze.com/release/2013061206482800001.bw/topstory.html

Seculert uses big data security analytics to precisely identify APTs and other malware

Posted on June 11, 2013December 30, 2021 by admini

In last week’s newsletter I wrote about new approaches to IT security that utilize big data and security analytics (see “Security analytics will be the next big thing in IT security”).

What’s unique about Swamp is it is automated malware analysis which allows the malware to evolve over time — minutes, hours, or however long it takes to observe and analyze the software’s behavior. By comparison, a typical sandbox malware inspection environment doesn’t allow the malicious software to run more than a few minutes, so a sandbox solution might overlook malware that doesn’t operate in that time frame.

Using results from Swamp, Seculert infects a lab full of its own devices with malware in order to become a member of various botnets so the company can learn exactly who is controlling each botnet. Seculert applies different methods to intercept the botnet traffic and by that they can detect other members of the botnet and also collect the actual traffic that travels within this botnet.

Seculert customers provide identifying keywords such as their IP ranges or Web interface domains, and that information is used to search the data that was collected from the botnet traffic.

Subscribers to the service upload on an ad hoc or ongoing basis months or even years worth of their gateway traffic log data to Seculert’s elastic big data analysis cloud, where it is analyzed against the malware samples from the Swamp module. In addition, Sense applies a wide variety of methodologies — such as malicious traffic correlation from live botnets, domain/IP reputation, DGA detection (domain generation algorithm), machine learning sets and more — to detect suspicious and malicious activity in these Internet traffic logs.

Whenever Seculert Sense identifies malicious activity in any given log source, it will automatically be able to detect similar activities in other sources, even if the logs originate from different vendors’ products.

They can upload log files from existing secure web gateway or proxy solutions (such as Bluecoat, Squid and more) and Seculert Sense will automatically identify previously undetected malware attacks.

Link: http://m.networkworld.com/newsletters/techexec/2013/060713bestpractices.html?page=1

New backdoor ‘KeyBoy’ malware hits Asia with targeted attacks

Posted on June 11, 2013December 30, 2021 by admini

Users from Vietnam, India, China, Taiwan and possibly other countries, were targeted as part of an attack campaign that uses Microsoft Word documents rigged with exploits in order to install a backdoor program that allows attackers to steal information, according to researchers from security firm Rapid7. One of the malicious…

Survey shows 79% of businesses experienced a mobile security incident in past year

Posted on June 10, 2013December 30, 2021 by admini

Mobile security incidents common and costly for large & small firms – 52% of large businesses report mobile security incidents have cost more than $500,000 in the past year, in staff time, legal fees, fines and remediation.

Android has the greatest perceived security risks – Android was cited by 49% of businesses as the platform with greatest perceived security risk (up from 30% last year), compared to Apple, Windows Mobile, and Blackberry.

Lost data is the biggest concern in mobile security incidents – 94% of respondents said lost information was their biggest concern in a mobile security incident; just 10% expressed concern over a compliance violation or fine.

Tomer Teller, security evangelist and researcher at Check Point Software Technologies, said: “Without question, the explosion of BYOD, mobile apps, and cloud services, has created a herculean task to protect corporate information for businesses both large and small.

Link: http://security.cbronline.com/news/survey-shows-79-of-businesses-experienced-a-mobile-security-incident-in-past-year

RSA’s Art Coviello points to Big Data approach to combat cyber security challenges

Posted on June 5, 2013December 30, 2021 by admini

An intelligence-driven security model, on the other hand, leverages Big Data analytics for pervasive monitoring, threat information sharing and intelligent controls and is designed to allow for more rapid detection of attacks and shortening an attacker’s dwell time within a breached enterprise. He said, “The ongoing expansion of the attack surface and the escalation in the threat environment require urgent action, there must be a sense of urgency to understand the security implications in everything we do so that we develop and implement the right security model.”

Create a transformational security strategy – Practitioners must look critically at their budgets and design a plan that transitions the existing infrastructure to an intelligence-driven approach that incorporate Big Data capabilities.

He went on to explain government’s key role of acting as a central repository to exchange pertinent security information about current threats and attacks as well as to set the tone for cooperation internationally.

The security vendors were called upon to help close the technology and skills gap for defending against attacks that has been created as a result of the growing attack surface and the escalating threat environment.

In closing he offered that these approaches can help enable the industry to manage cyber security risk to acceptable levels so that all societies around the world can reap the benefits and meet the goal of a more trusted digital world.

Link: http://www.informationweek.in/security/13-06-05/rsa_s_art_coviello_points_to_big_data_approach_to_combat_cyber_security_challenges.aspx

Targeted attacks on the rise

Posted on June 4, 2013December 30, 2021 by admini

One significant element behind this growth in North America was the return of ‘pump and dump’ spam campaigns, which targeted would-be investors hoping to capitalise on all-time equity market highs.

Each quarter, the McAfee Labs team of more than 500 multidisciplinary researchers in 30 countries monitors the global threat landscape, identifying application vulnerabilities, analysing and correlating risks, and enabling instant remediation to protect enterprises and the public.

Koobface, a worm first discovered in 2008, had been relatively flat for the last year yet it tripled in the first quarter of 2013 to levels never previously seen.

McAfee’s latest analysis of the Citadel Trojan found that criminals have re-purposed the bank account threat to steal personal information from narrowly targeted victims within organisations beyond financial services.

New PC malware samples increased 28 percent, adding 14 million new samples to McAfee’s malware “zoo” of more than 120 million unique malware threats.

Link: http://networking.cbronline.com/news/targeted-attacks-on-the-rise