[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Most DDoS attacks hiding something more sinister, Neustar warns
\nMost distributed denial of service (DDoS) attacks now appear to be aimed at distracting IT and security teams, a survey by communications and analysis firm Neustar has revealed.
\n\u201cDDoS attacks are no longer mainly about taking websites offline by flooding them with requests, but about providing cover for installing malware and stealing data,\u201d Neustar product marketing director Margee Abrams told Computer Weekly.
\nIn launching \u201clow and slow\u201d DDoS attacks, she said, the attacker disrupts operations and distracts security teams, while keeping the target network operational enough to plant malware and exfiltrate data.
\nIn March 2015, a survey published by Neustar revealed that DDoS attacks could expose 40% of businesses in Europe to losses of \u00a3100,000 or more an hour at peak times.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7e157a2159&e=20056c7556<\/p>\n
4 in 5 Malware Attacks Cause Problems for Users and 1 in 3 Result in Money Loss
\nNew Delhi, India, September 15, 2015: A study conducted by Kaspersky Lab and B2B International has revealed that nearly half of Internet users (45%) encountered malicious software during the last year and in most cases (81%) this had a negative impact on both users and their devices.
\nMalware was most commonly encountered on Windows computers \u2013 83% of Windows users said they had been affected in the last 12 months.
\nHowever, Android and Mac OS X users were not immune, with 13% and 6% citing infections on their devices, respectively.
\n12% of users believe their device was infected after visiting a suspicious website; someone else\u2019s USB flash drive, another infected device, and installation of a malicious app disguised as a legitimate program were each cited by 8% as the cause of infection.
\nYet another 7% of those surveyed said their devices were infected after opening an email attachment.
\nThe greater part of those polled, 13%, could not explain how malware ended up on their device.
\nSignificantly, four out of five infections caused problems for those affected.
\nMost often (35% of cases) users noticed computer performance slowed down, 30% of respondents experienced obtrusive advertising (e.g. the browser redirected them to unwanted websites) and 20% of those surveyed found unsolicited programs on their devices.
\nAmong the most dangerous results of an infection were changes to the browser or the operating system settings without the user\u2019s knowledge (17%), the loss (10%) or theft (8%) of personal data, unauthorized publications or \u2018likes\u2019 on social networking sites (9%) and hacking of a webcam (6%).
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1d84b70425&e=20056c7556<\/p>\n
Penn State launches Office of Information Security
\nOn Friday, Penn State announced a new department focused on the strength of the university\u2019s network and data, the Office of Information Security.
\nAccording to Provost and Executive Vice President Nick Jones, the new office is distinct and separate from Information Technology Services but will include one of its former components, Security Operations and Services.
\nIt will initially be helmed by College of Information Sciences and Technology Dean Andrew Sears while Penn State looks for a permanent chief information security officer.
\n\u201cThis is an important step for Penn State.
\nIncreasingly, organizations are recognizing the importance of having an office that focuses on information security, which is independent of the group responsible for running the computing infrastructure.
\nBy establishing an independent office, Penn State is better positioned to respond to the increasingly complex challenge of protecting information that has been entrusted to the university.
\nThis also highlights the importance of these issues while emphasizing that this is not just an IT problem,\u201d Sears said.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bc8ae8d715&e=20056c7556<\/p>\n
Security needs business intelligence
\nThe list of tools in a health organization’s data security armamentarium is long and varied: firewalls, encryption, anti-virus, audit logs, etc.
\nBut a truly risk-based security framework need more than mere protective measures.
\nIt requires awareness.
\nRon Mehring, senior director and chief information security officer Texas Health Resources, oversees security architecture and operations at the sprawling 25-hospital system \u2013 an organization whose sheer size and name recognition plausibly make it a conspicuous target of any bad actor looking to gain access its huge troves of data.
\nTHR has deployed what’s variously called a “cyber kill chain” or a “threat actor profile,” he says. “We’re improving our technology around how we detect and react to phishing campaigns, whether they’re targeted or broad-based.
\nWe’re starting at that first injection point and then working away through every one of those profile areas.
\nIf they try to get a persistent foothold in the network, how do we detect that?
\n“We make sure we’re monitoring more on our endpoints, we’re monitoring inside of our data centers to see if we can see that anomalous activity, we’re advancing our security zoning in our enterprise to break apart our network to control data flow,” Mehring adds.
\nThe goal of that last one, if the bad guys were to get in, is to make it “really hard to get to where the most important stuff is at: We’re breaking apart the network to make it more difficult for them, preventing a little of that horizontal movement.”
\nAnalytics such as data loss prevention technology is also aimed at offering visibility into what the bad guys are up to, he says.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a319add682&e=20056c7556<\/p>\n
Ben Harknett, VP EMEA, RiskIQ, looks at the evolution of the Chief Information Security Officer.
\nThe CISO role is going through a period of transition.
\nThe number of security breaches that have occurred over the last year is unprecedented and demonstrates a need for stronger security.
\nThe improvements which organisations must make from within will stem from the CISO’s desk.
\nThis represents a shift that will require enterprises to re-examine the role of the CISO.
\nAs the responsibilities of the CISO expand, the role needs to become a more strategic business function.
\nCISOs need to become dynamic leaders, capable of bridging the gaps between technology and the boardroom.
\nSuccessful CISOs will be capable of both building and training effective security teams and communicating security threats as a business risk with non-technical business leaders.
\nThe increase in attention given to information security is long overdue.
\nWith the limelight on the CISO more than ever before, individuals in this role have a unique opportunity to step up as leaders.
\nThe role is changing and with that a demand for security technology that meets modern challenges will increase.
\nThe future of information security will be defined based on the response to evolving threats and the ability of CISOs to step up as business leaders.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0452beaac3&e=20056c7556<\/p>\n
Getting Strategic About Security Spending
\nincreased awareness is the beginning of a solid cybersecurity budget.
\nIn the CIO Survey, 82 percent of respondents cited cybersecurity as a high or critical concern for the next 12 months, the highest percentage across all surveyed categories.
\nBottom line: It\u2019s time to take stock and develop a threat-focused, risk-based approach to your security strategy.
\nOne of the more challenging aspects of budgeting for cybersecurity is demonstrating the return on investment.
\nIt\u2019s difficult, if not impossible, to accurately depict the ROI from stemming hypothetical attacks.
\nHowever, it\u2019s still possible to show value with links to positive results by, for instance, tying the investment to the ability to accelerate the organization\u2019s move to mobile or improved time to market for a new offering.
\nAs security professionals, we need to embrace these new metrics to show value\u2014not just for brand protection but also for new opportunities.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=357d166b90&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage2.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=db41bbbb61)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage2.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Most DDoS attacks hiding something more sinister, Neustar warns Most distributed denial of service (DDoS) attacks now appear to be aimed at distracting IT and security teams, a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1148","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1148"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1148\/revisions"}],"predecessor-version":[{"id":3635,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1148\/revisions\/3635"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}