Traditional Log Management Is Dead. Long Live Autonomic Analytics! (25 Aug 2014 05:46 GMT) … technical resources or organizational size. Log management technologies need to move beyond … of log management because the inherent complexity is hidden by the log management infrastructure … working smarter, as should your log management…
Category: News
Hackers break into Energy’s computer networks, put employees at risk
In 2011, Energy’s lab went offline for almost two weeks after a cyber attack against the Northwest National Laboratory in Washington state limited Internet access and took down its website.
Auditors said Energy maintained a number of independent, at least partially duplicative, cybersecurity incident management capabilities that created inefficiencies in the process and security of the network.
Since the report, Energy CIO Bob Brese told Federal News Radio in December he’s trying to modernize the agency’s network in layers and start up a new security operations center.
Former Energy Chief Information Security Officer Gil Vega said in April Energy faced a zero day attack earlier this year and responded quickly because of the cyber threat intelligence coming from the coordination center.
Cyber threat well understood but organisations lack ‘intelligence’ to deal with it
Malcolm Marshall, KPMG partner and head of the firm’s Information Protection & Business Resilience team, said: “Increased awareness of cyber security threats is a positive trend, but indications are that organisations now need to focus on putting into place the fundamentals of intelligence management to gain real value from what they know. These revolve around creating an intelligence-led mindset within organisations, implementing an operating model similar to those employed by the intelligence community and building a decision-making process which is centred on a tightly controlled “information gathering programme”.
“Cyber threat: intelligence and lessons from law enforcement” argues that an intelligence-led mindset establishes a direct connection between the threats and vulnerabilities organisations face and the consequences of their compliance or inaction.
The report also goes on to argue that to embed intelligence-led decision-making, business leaders should follow the example set by law enforcement agencies. For example, rather than simply collating data, KPMG’s report urges organisations to set parameters for the type of information being gathered, so that haphazard approaches to analysis and actions can be avoided.
Big banks staged mega-cyberattack drill last Thursday
An employee sitting at his desk might get a prompt saying, “this bank is having integrity issues with money,” or “you cant make trades over this technical system.” The employee then might role-play talking to an FBI agent — likely an actual one enlisted to help with the drill, said Dave Aitel, CEO of the security firm Immunity, who formerly worked as a research scientist for the National Security Agency.
The financial sector is hoping to prepare itself for a massive, disruptive attack — a growing concern lately, as “hacktivists,” organized cybercriminals and government-spnosored attacks become increasingly large and successful. Though still a far-off doomsday scenario, some security industry experts say the financial sector is vulnerable to cyber-terrorists aiming to damage the U.S. economy. That’s because banks and other financial institutions have to do deal with money flows in real time, with markets hanging in the balance.
Though some skeptical security experts dismissed Quantum Dawn as a PR stunt, SIFMA said the first run was useful in uncovering flaws in the industry’s cyberattack protocols. The trade group found that banks were largely good at sharing information with one another, but bad at making real-time critical decisions for mitigating the threats.
Link: http://money.cnn.com/2013/07/18/technology/security/bank-cyberattack/index.html
As cyber attacks detonate, banks gird for battle
JPMorgan and its peers like Bank of America, Citigroup and Wells Fargo have signed up for Thursday’s drill, which is being organized by Wall Street’s biggest trade group, the Securities Industry and Financial Markets Association, or SIFMA.
They’ll monitor a simulated stock exchange for irregular trading and will be pressed to figure out what’s going on and how to react while sharing information with regulators and each other.
But that was before a wave of cyberattacks last fall, when big banks were forced to temporarily shut down their websites after attackers bombarded them with traffic — akin to overwhelming a phone line with too many calls.
“If you went to banks three years ago, and said, ‘What are your top five risks?’, probably none of them would put cyber on there,” said Karl Schimmeck, SIFMA’s vice president for financial services operations.
The Office of the Comptroller of the Currency, which regulates national banks, recently held a call with community bankers to warn them that they’re not free from danger either: Since September, attacks have been increasingly aimed at businesses with fewer than 250 employees, the OCC says. Customers would have to go through certain steps to get their money back, like filing a claim, showing that they weren’t negligently tossing their account information around and giving the bank time to investigate.
A DRILL BY ANY OTHER NAME: As for the title of Thursday’s drill, the one that sounds more appropriate for an action movie than a bank security exercise, it came about during the creation of the original drill in 2011, which was organized by the Financial Services Sector Coordinating Council.
Companeis lack the ‘intelligence’ to deal with cyber threats
Malcolm Marshall, KPMG partner and head of the firm’s Information Protection & Business Resilience team, says: “Increased awareness of cyber security threats is a positive trend, but indications are that organisations now need to focus on putting into place the fundamentals of intelligence management to gain real value from what they know. These revolve around creating an intelligence-led mindset within organisations, implementing an operating model similar to those employed by the intelligence community and building a decision-making process which is centred on a tightly controlled ‘information gathering programme’.
‘Cyber threat: intelligence and lessons from law enforcement’ argues that an intelligence-led mindset establishes a direct connection between the threats and vulnerabilities organisations face and the consequences of their compliance or inaction.
For example, rather than simply collating data, KPMG’s report urges organisations to set parameters for the type of information being gathered, so that haphazard approaches to analysis and actions can be avoided.