[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
20% of IT professionals have witnessed a security breach cover-up<\/p>\n
Research conducted by AlienVault has shown that 20% of IT security professionals have witnessed a breach being hidden or covered up. The survey also found that in the event of a breach, only 25% of professionals would see the best course of action as telling the regulator and paying the fine.<\/p>\n
The survey also showed that 66% of those surveyed view a breach as an opportunity to increase the funding for their security departments. According to Malik, this shows that \u201cdespite the raised profile of security, it still takes an incident to obtain budgets and raise security.\u201d<\/p>\n
It is these kinds of attitudes which Malik says needs to be remedied, or he fears \u201csecurity professionals will find themselves under more pressure to cut corners and bend rules in order to keep the show on the road.\u201d He suggests the culture of the industry should change to one that \u201caccepts, fixes and moves along when they [breaches] do occur.\u201d<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=76b7a6b21c&e=20056c7556<\/p>\n
Cyber risk now seen as a top 10 global threat to businesses<\/p>\n
The Aon Global Risk Management Survey questioned 1,400 chief executives, chief financial offers and risk managers, and said damage to brand and reputation ranked as a top concern across almost all regions and industries, with increasing competition a driving factor.<\/p>\n
Financial and economic risks including commodity price risk, economic slowdown and technology failure were seen as damaging at senior executive level, with risk managers focused on liability-related risks such as cyber, property damage and third party liability.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c34ad3d37f&e=20056c7556<\/p>\n
Incorporating Threat Intelligence Into Cyber Risk Scoring<\/p>\n
Most approaches to cyber security risk scoring are based on findings on assets against various defect checks, e.g. vulnerabilities, compliance, configurations, etc. With the growing availability of threat intelligence, this risk scoring should be enhanced to incorporate threat intelligence so that known threats can be taken into account. The diagram above shows the relationship between findings and threat intelligence. Threat campaigns employ various TTPs that utilize a certain set of exploit targets. These exploit targets can be any combination of vulnerabilities, weaknesses or misconfigurations, i.e. the defect checks that are assessed in the findings. Thus, each defect check or finding should be scored to take into account known threats that utilize the weakness, vulnerability or misconfiguration in each finding as exploit targets. A few colleagues and I have come up with the following formula to do this<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1d8f5f753d&e=20056c7556<\/p>\n
Stripping back security with \u2018less is more\u2019 approach<\/p>\n
Today\u2019s businesses have never spent more on cyber security, yet they\u2019ve never been less protected. While the global security spend races towards $30 billion, breaches in UK businesses alone have shot up by almost 25 per cent in the past three years.<\/p>\n
It\u2019s time for a smarter approach to cyber security where \u2018less is more\u2019. You don\u2019t need detailed information on every threat, or a product for every problem; you need to hone in on the tiny percentage of threats that really matter to you.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6ad0dff6f6&e=20056c7556<\/p>\n
New Uptime assessment scores your IT efficiency<\/p>\n
The focus on eliminating comatose servers in the data center comes as Uptime — known for its Tier certifications — introduced the Efficient IT Stamp of Approval. It allows data centers to get certified using a numerical scores based on factors that look at the data center’s leadership, operations and design that combines to provide what Uptime says is the first holistic, third-party assessment for IT efficiency and sustainability.<\/p>\n
It benchmarks a company’s achievements in terms of planning, decision making, actions, and monitoring to improve asset use and extend lifecycles across compute, storage, networks, and the entire data center, according to Uptime.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5713766f70&e=20056c7556<\/p>\n
Slight uptick in buying cyber insurance, but still very low at 8%<\/p>\n
There has been a slight uptick in organizations buying cyber insurance, but with that level still far below where it should be, industry partners should consider focusing on prevention and mitigation to raise awareness and illustrate need among clients, it was suggested at ARC Group Canada Spring Seminar 2015.<\/p>\n
Chief executive officers, chief financial officers and chief information officers are currently saying they are looking not so much for insurance, but rather how best to mitigate cyber risk, reported Eileen Greene, vice president and partner at Hub International, who took part in a four-member panel at the seminar.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8724a5aedc&e=20056c7556<\/p>\n
New Point-of-Sale Malware NitlovePoS Sends Card Data via Encrypted Connection<\/p>\n
The threat, dubbed NitlovePoS by security researchers at FireEye, is delivered discriminately, from a server hosting a herd of malware, after cybercriminals first identify the nature of the victim.<\/p>\n
The infection starts with a spam email that purports to come from someone looking for a job, who delivers a Word document rigged with a malicious macro script, whose support is disabled by default in Microsoft Office components.<\/p>\n
To trick the recipient into enabling the functionality, the document claims to be protected and offers instruction on how its content can be revealed. Once the macro script feature becomes active, a malware downloader is automatically funneled in and installed.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f9c8c35725&e=20056c7556<\/p>\n
Bank-heist malware’s servers phone home to Russian spookhaus<\/p>\n
Trend Micro researcher Maxim Goncharov says one of the world’s most sophisticated and dangerous bank-robbing trojans is now pointing to Russia’s Federal Security Service (FSB).<\/p>\n
Goncharov says the Carbanak trojan’s command and control servers now point to the FSB in what could be a joke or gaffe by malware authors.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ab03a862eb&e=20056c7556<\/p>\n
Malware tricks users to elevate privileges, pwnage via Windows User Access Control<\/p>\n
Microsoft described the Windows User Account Control (UAC) security feature as helping \u201cdefend your PC against hackers and malicious software. Any time a program wants to make a major change to your computer, UAC lets you know and asks for permission.\u201d But when the UAC box pops up, prompting you to choose if you will allow a program to make changes on your computer, do you click on \u201cShow details\u201d before selecting \u201cYes\u201d or \u201cNo\u201d? Like most decisions in life, the devil is in the details.<\/p>\n
On the Cylance security firm blog, Derek Soeder discussed ShameOnUAC, a proof of concept malware that attacks Windows Explorer. It was developed by the Cylance SPEAR Team when the group was looking at the potential to subvert programs during privilege elevation through UAC.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=993d7e8687&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=439708380b)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage2.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: 20% of IT professionals have witnessed a security breach cover-up Research conducted by AlienVault has shown that 20% of IT security professionals have witnessed a breach being hidden…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1081","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1081","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1081"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1081\/revisions"}],"predecessor-version":[{"id":3568,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1081\/revisions\/3568"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1081"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1081"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}