admini – Page 77 – CyberSecurity Institute

Thailand revising cybercrime law for balance, better security

Posted on April 24, 2013December 30, 2021 by admini

Surangkana also explained the law left gaps in the cybercrime and the cyber environment, so people are still concerned about the balance between freedom of speech and the exercise of authority to maintain the right to privacy.

Meanwhile, other countries’ governments have better realisation and awareness on information security, which is a sensitive issue involving a balance between security and the liberty of people as a whole,” Surangkana said.

The draft revision of the computer crime law is expected to be completed in the next six months, following which, the ETDA will then conduct a further public hearing before submitting the draft for the Cabinet’s approval.

She said that the agency had established focus groups covering five areas–freedom of speech, law enforcement, consumers and victims, hardcore security versus professional security, and evaluation and revision of computer crime law–to balance and develop the law to protect against threats, the country and all those in the cyber-security environment.

However, the overall revision of computer crime law is expected to take three years, and will include the development of best practices and a code of conduct to encourage the law’s use against new threats and cybercrime from the Internet. For example, it will cover the rights of Internet users, especially students who develop their own blogs and websites to disclose private information, a practice which open to abuse and often risky online.

Link: http://www.zdnet.com/th/thailand-revising-cybercrime-law-for-balance-better-security-7000014389/

BAE Systems Detica unveils CyberReveal security alert service for private firms

Posted on April 22, 2013December 30, 2021 by admini

The new CyberReveal analytics and investigation product is designed to give internal IT security analysts a single view of existing cyber threats so they can protect intellectual property and sensitive commercial or customer banking data information from being stolen or compromised and to cut investigation times by up to 75%, claims BAE Systems Detica.

It gives internal anti-fraud bank analysts and other end users a single view of network activity across their whole IT estate, detecting attacks by their behaviour – not just by the signatures of previous attacks – so that distributed denial of service (DDOS) attacks can be prevented or customer data protected from identity threat attempts.

It is designed to help analysts protect their FS organisation faster, driving more value by integrating with existing infrastructure and security systems, with plug-in analytics packs also providing cost-effective protection to combat evolving threats and new threat vectors.

Commenting on the new launch, Martin Sutherland, managing director of BAE Systems Detica, said: “Commercial organisations are growing ever more concerned about securing their most valuable [data] assets – the larger the organisation, the greater the number of avenues for cyber attackers to exploit. CyberReveal addresses four key areas where traditional approaches are proving ineffective against the modern cyber threat – it helps analysts to prioritise the incidents they investigate, manage huge data volumes, evolve their defences, and enable quicker, more informed decision-making.”

Link: http://www.bobsguide.com/guide/news/2013/Apr/22/bae-systems-detica-unveils-cyberreveal-security-alert-service-for-private-firms.html

The CISO’s Guide to Advanced Attackers: Mining for Indicators

Posted on April 22, 2013December 30, 2021 by admini

Forensics folks have been doing this for years during investigations, but proactive continuous full packet capture – for the inevitable incident responses which haven’t even started yet – is still an early market. That’s a start, but you will likely require some kind of Big Data thing, which should be clear after we discuss what we need this detection platform to do.

We spent a time early in this process on sizing up the adversary for some insight into what is likely to be attacked, and perhaps even how. But once you do the work to model the likely attacks on your key information, and then enumerate those attack patterns in your tool, you can get tremendous value.

We have already listed a number of different threat intelligence feeds, which can be used to search for specific malware files, command and control traffic, DNS request patterns, and a variety of other indicators.

So you can search your security data infrastructure for almost anything you are collecting – or even better, for a series of events and/or files within your environment – quickly and accurately to narrow down your searches to the most likely attacks.

We have every confidence that big data holds promise for security intelligence, both because we have witnessed attacker behavior captured in event data just waiting to be pulled out, and because we have also seen miraculous ideas sprout from people just playing around with database queries.

You are clearly constrained in terms of internal capabilities (you will be looking for a lot of data scientists over the next few years), as well as the lack of maturity of technologies such as Hadoop, MapReduce, Pig, Hive, and a variety of others in the security context.

But companies seriously looking to detect advanced attackers within their environments will be capturing packets to supplement the other data they already collect, and subsequently starting to use Big Data technologies to mine it all.

Link: https://securosis.com/blog/the-cisos-guide-to-advanced-attackers-mining-for-indicators

10 tips to secure funding for a security program

Posted on April 22, 2013December 30, 2021 by admini

In all cases, good communication was the critical ingredient for success and resulted in the necessary funding, over a period of years, to establish and maintain a workable security program. To start the budget discussion, you must stress cost avoidance rather than profits and you will need hard, empirical evidence to depict the business risks and associated costs. Therefore, the best way to approach senior management to fund your cybersecurity program is to cast the expenditures using an ROI approach.

1. Set the foundation for security funding before you need it; and once established, keep it strong.
2. Don’t use scare tactics.

3. Establish your cybersecurity credentials within your organization.

4. Relate your security risks to the business.

5. Outline the need in plain English.

6. Develop a plan that meets the security needs but also considers financial constraints.

7. Once you get the funding, follow the plan you outlined.

8. Provide constant feedback on the security program.

9. Use outside resources to support your request.

10.Always emphasize that cyber security is not an “information technology” issue — it is an organizational risk management issue.

Link: http://www.csoonline.com/article/732053/10-tips-to-secure-funding-for-a-security-program?source=CSONLE_nlt_update_2013-04-21

Hacking collective Anonymous calls for Internet blackout on April 22 to protest CISPA

Posted on April 21, 2013December 30, 2021 by admini

This will not be the first Internet blackout in protest of a government bill. On January 18, 2012, more than 7,000 websites, including Wikipedia, Reddit and Google, protested SOPA (Stop Online Piracy Act) and PIPA (Protect IP Act), which were accused of similar breaches on online privacy.

President Barack Obama has threatened to veto CISPA for failing to adequately address privacy concerns.

Link: http://www.sify.com/news/hacking-collective-anonymous-calls-for-internet-blackout-on-april-22-to-protest-cispa-news-international-nevombfigca.html

Cybercrime dominates federal caseload, Hickton says

Posted on April 21, 2013December 30, 2021 by admini

And Hickton said cybercrime investigators last year solved a string of bomb threats at the University of Pittsburgh and its related hospitals, a case that many thought would go unsolved, but culminated with the arrest of a suspect in Ireland.

The drug trade in western Pennsylvania has been traced to illegal narcotics kingpins in Newark, N.J., Cleveland and Detroit, Hickton said, but his office is seeing a major, deadly new trend emerge: the abuse of prescription pills facilitated by doctors and pharmacists in the region. “A lot of people sit back and say, ‘This is not in my community,’ but Washington County had more than 50 basically synthetic heroin deaths through pill abuse last year.

Attorney’s office has prosecuted some well-publicized cases in Indiana County in recent years, including the guilty pleas and sentencing of three men who admitted burning a cross on the lawn of a multirace family’s home in Robinson, West Wheatfield Township, and the current investigation of the embezzlement of millions of dollars from Falcon Drilling Company in Indiana.

“It will be a large organization of community leaders that’s working on crime prevention councils … beginning with a partnership with the United Way called Be One in a Million, a mentoring program that spins off an existing program called Be a Sixth Grade mentor,” Hickton said.

The components with jobs and with cyber are a part of that, it’s understanding that there may be a connection to make western Pennsylvania the go-to place for cyber like it is a go-to place for Marcellus shale right now,” Hickton explained.

“I have my responsibilities to bring the cases and enforce the law, but in my view, to do this job correctly, you have a broader mission and that is to ensure freedom and justice, by enforcing the law and protecting the public welfare,” he said. And what good do I do, really, if all I do is just hammer criminals and bring drug prosecutions if I don’t recognize that maybe we need to go and find out who are the church leaders and how can they help, who are the dedicated community activists?

Link: http://www.indianagazette.com/news/indiana-news/cybercrime-dominates-federal-caseload-hickton-says,17070503/