Category: News

In 2012, Cisco added 11,000 smartphones and tablets companywide and has nearing an equal ratio of mobile devices to staff. “At the end of 2012, there were nearly 60,000 smartphones and tablets in use in the organisation—including just under 14,000 iPads—and all of them were Bring Your Own (BYO).” Cisco execs have been giving regular updates about its BYOD program in recent times, no doubt because it sells UTM appliances, identity management and other services against the trend.

SAP/Sybase blogger Eric Lai, who has been tracking large iPad deployments, noted from a conference in early May last year that Cisco had 21,000 iPhones, 8,144 iPads and 2,000 Cius tablets (it killed the device later that month). Outside a 5,000 device BYOD program, SAP offers staff a range of 10 smart devices and under that program manages 20,000 iPads, 20,000 iPhones, 4,000 Samsung Android devices, and a smaller number of BlackBerry and Windows Phone devices.

Link: http://www.cso.com.au/article/452398/cisco_has_14k_byod_ipads_says_android_malware_big_threat/

Schmidt flagged the need to declassify data during his years at the White House and said progress had been made prior to his resignation from the job in May last year. For Schmidt, the suppression of information denies organisations the ability to defend themselves from attack, noting that it can take months for information to be declassified.

From the time the FBI was notified, DHS (Department of Homeland Security) and the Department of Defense all responded [but] it took 102 days from the time it was reported to the time they went out to industry members. If the declassification effort fails — and it is thought to have stalled amid the recent US Congress reshuffle — then Schmidt said the private sector should take charge and share vulnerability and threat data.

In recent years, security researchers have discovered and extensively detailed malware thought to have been developed by nation-states to launch attacks and conduct espionage against foreign interests.

Schmidt said it is also reckless because such attacks can cause collateral damage against critical private infrastructure, and the malware can be reverse-engineered and re-appropriated for further attacks.

Link: http://www.scmagazine.com.au/News/330685,five-eyes-push-to-declassify-security-vulnerability-data.aspx?utm_source=feed&utm_medium=rss&utm_campaign=SC+Magazine+News+feed

This is because the financial sector has always been a favorite target for hackers and will more likely be able to adopt active defense strategies, Eric Chan, regional technical director of Fortinet Southeast Asia and Hong Kong, explained. They also have high IT security budgets and are risk-averse, so they will be likely to consider them, he said.

However, among the enterprises that have the resources to dedicate to robust and complex defenses, there is a gradual move from honeypots to using more sophisticated active defense methods, Steinberg noted. Such methods include developing new technologies that mislead hackers, or coming up with false information to lure hackers down dead ends and away from organization’s critical information, he explained.

Other than in India, the technology, called Intrusion Deception software, has already been adopted by many private and government organizations worldwide, according to David Koretz, vice president and general manager of Mykonos Software, which Juniper Networks had bought for US$80 million in February last year. “In real life, almost every government has a traditional military defense like Army, Air Force and Navy, but there is also a secretive, deceptive group of spies and undercover organizations thwarting attacks before they are ever launched…. In real life, almost every government has a traditional military defense like Army, Air Force and Navy, but there is also a secretive, deceptive group of spies and undercover organizations thwarting attacks before they are ever launched,” Koretz said.

Moving forward, Steinberg expects more sophisticated active defense methods to be adopted by organizations and the move away from honeypots. Honeypots are merely “bait”, but enterprises today want to feel like they are able to fight back against hackers instead of passively defending themselves, he said. “they can start with low-interaction honeypots, such as a facade, which is a lightweight form of honeypot and most often implemented as a software emulation of a target service or application.”

In order for companies to effectively adopt active defenses, they should combine the use of both “the bait and the strategy”, Steinberg pointed out. Both honeypots, new technologies to mislead hackers and new strategies should be used together for a complete strategy, he explained.

Link: http://www.zdnet.com/enterprises-using-new-tech-to-deceive-hackers-7000010403/

“Cyberspace must be secure and reliable so that it is trusted as a medium for doing business but at the same time free and open to evolve and innovate naturally,” he added.

Cabinet Office minister for cyber security, Francis Maude, commented that by sharing the UK’s expertise with other nations all organisations will benefit from greater protection from cyber attacks. Maude has previously earmarked £650 million for the UK’s fight against cyber crime, and last month heralded the success of the UK’s Cyber Security Strategy, claiming that “a great deal has already been accomplished”.

The EU also made moves to create a more cohesive strategy to combat the “borderless” nature of cyber criminals, announcing the opening of a European Cybercrime Centre earlier this month, enabling greater colloboration between authorities in member states. However, the discovery of the Red October threat by Kaspersky Lab last week highlighted the extent of the challenge that faces businesses and government authorities in stemming the tide of increasingly sophisticated cyber attacks.

Link: http://www.cso.com.au/article/452001/uk_signs_up_world_economic_forum_cyber_crime_initiative/