[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Spotlight on the i2 Summit for a Safer Planet
\nThe IBM i2 Summit for a Safer Planet brought personnel in law enforcement, emergency management, defense\/national security, cyber threat intelligence and counter fraud together for two days of insights and knowledge sharing.
\nAccess these useful blogs to get a glimpse of the two action packed days at the event.
\nHighlights from Day 1
\nHighlights from Day 2
\nThere was so much more going at the i2 Summit and if you’d like to see it all, please check out the #i2Summit feed.
\nFor more info on the solutions featured, please visit the IBM Safer Planet page.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7146090e10&e=20056c7556<\/p>\n
The new art of war: How trolls, hackers and spies are rewriting the rules of conflict
\nThe Cooperative Cyber Defence Centre of Excellence (CDCOE) was established the year after the attacks took place as an institution created to figure out how to improve the digital defences of NATO members and what cyberwarfare would actually look like.
\nAs well as the cyber defence exercises it conducts annually, probably the centre’s most important work so far appeared in 2013: the Tallinn Manual on the International Law Applicable to Cyber Warfare, known simply as the Tallinn Manual.
\nThe manual also delves into some of the trickier questions of cyber war: would Country A be justified in launching a pre-emptive military strike against a Country B if it knew Country B planned to blow up Country A’s main oil pipeline by hacking the microcontrollers managing its pipeline pressure? (Answer: probably yes.)
\nAn expanded Tallinn Manual 2.0 is due to be published next year looking at how international law addresses malicious cyber operations by state (and non-state) actors during peacetime.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0cadda5e94&e=20056c7556<\/p>\n
When restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions. One group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires.
\nWhen restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions.
\nOne group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires.
\nhttp:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c8474d82cf&e=20056c7556
\nWith regard to the security task, he says, \u201csecurity is moving at a pace that\u2019s outpacing even agile at this point based on the cyber threats that are quickly emerging.\u201d As a result, security has become a foundational function, \u201cso security is embedded in every aspect of our lifecycle from the beginning, so we design our solutions for performance and security and functionality and that\u2019s the only way we\u2019re going to be successful with it.\u201d
\nIt\u2019s easier to maintain security when you\u2019re more centralized.
\nIt sort of bakes into the way you do these processes when you\u2019re centralized,\u201d Meilen says.
\nAlthough Meilen says there seems to be a natural split.
\nHe says he uses that for planning and tracking purposes, but he doesn\u2019t anticipate drawing a stronger line between the two.
\n\u201cWe don\u2019t have a formal separation, but in the past two years we\u2019ve been talking more about the different focus of those two areas,\u201d he says, noting that the company is beginning to review how it budgets and allocates resources to reflect those two IT functions.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3ef76e6694&e=20056c7556<\/p>\n
Chief risk and compliance officer makes rare move to CIO
\nE. Scott Gilbert, formerly chief risk and compliance officer of Marsh & McLennan Companies, has been named CIO of the $13 billion professional services firm.
\nIn his new role, which he started last Wednesday, Gilbert will continue reporting to CEO Dan Glaser as a member of the company’s executive management committee.
\nHe will also lead the company’s Dublin-based innovation center.
\nElevations of chief risk and compliance officers to CIO roles are rare.
\nYet such promotions could become more prevalent as companies continue to combat cybersecurity attacks and competitive threats, and other concerns that could impact their businesses.
\nIn this case, Gilbert comes with IT experience, having in his prior role overseen the company’s technology infrastructure, including business resiliency and security.
\nMarsh & McLennan operates under a shared services model, in which the technology infrastructure, led by CTO Dave Fike, supported applications for the company’s properties.
\nFike will continue reporting to Gilbert.
\nMarsh & McLennan said it has also appointed Carey Roberts, who joined the company last year as deputy general counsel and corporate secretary, as chief compliance officer to fulfill some of the tasks overseen by Gilbert.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8923b0550a&e=20056c7556<\/p>\n
Survey Cites Lack of Visibility As Number One Cloud Security Issue
\n“Overall, lack of visibility into cloud provider operations and controls stands as the largest issue respondents experienced with their providers,” noted report author and SANS analyst Dave Shackleford.
\nLack of visibility and control plays a major role in other pain points cited in the survey results, including deficient incident response support (with lack of visibility cited), selected by 48% of respondents; lack of virtual machine and workload visibility, selected by 46%; and provider-introduced vulnerabilities resulting in a breach or incident, experienced by 26%.
\nThe “Orchestrating Security in the Cloud” survey also found that hybrid cloud architectures are now the most favored, with 40% currently using them and 43% planning to move in that direction in the next 12 months.
\nPrivate cloud implementations are the second most used at 38%, while only 12% of respondents indicated their organizations use public cloud implementations.
\nOther key findings include:
\nThe full survey results will be published at www.cloudpassage.com on September 23, 2015, and there will be a webinar on the same day with a detailed discussion of the findings (SponsorWebcast, 1:00 PM EDT).
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e601655fb8&e=20056c7556<\/p>\n
IT security analytics on the up as overall security spending reaches all-time high
\nIn a statement ahead of its Security and Risk Management Summit taking place in Dubai in November, Gartner said that organisations are having to navigate an increasingly complex buying market when it comes to security.
\nWhile funds are being made available to invest in security, technology providers are creating a lot of noise over what their products can do, creating confusion, Gartner said.
\n“Breach detection is top of mind for security buyers and the field of security technologies claiming to find breaches or detect advanced attacks is at an all-time noise level,” said Eric Ahlm, research director at Gartner.
\nIndeed, how well a SIEM product can perform automated analytics – compared with user queries and rules – has become an area of differentiation among SIEM providers, Gartner said.
\nGartner said that, as security analytics platforms grow in maturity and accuracy, a driving factor for their innovation is how much data can be brought into the analysis.
\nToday, information about hosts, networks, users and external actors is the most common data brought into an analysis.
\nHowever, the amount of context that can be brought into an analysis is truly boundless and presents an opportunity for owners of interesting data and the security providers looking to increase their effectiveness.
\n“Like other disciplines that have leveraged large data analytics to discover new things or produce new outputs, visualisation of that data will greatly affect adoption of the technology.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=99cdfbb38f&e=20056c7556<\/p>\n
The World Is Now Richer with 21 Million New Types of Malware, 230,000 Each Day
\nAccording to PandaLabs, between April and June of this year, 21 million new strands of malware have been discovered, which comes down to 230,000 per day, 9,500 per hour, 160 per minute, and 2.66 per second.
\nAs PandaLabs researchers point out, most of these new malware types were trojans, which represented 71.16% of the 21 million, while in a distant second came old-school computer viruses, which only amounted to a measly 10.83% of all the Q2 detections.
\nThe majority of these new malware types are simple mutations, represented by basic modifications in the malware’s code so the attackers can avoid detection by antivirus laboratories.
\nMost infected users were recorded in China, with an infection rate of 47.53%, followed by Turkey with 43.11%, Peru with 41.97%, Russia with 41.15%, and Argentina with 40.93%.
\nThe rest of the top 10 is rounded off with Bolivia, Taiwan, Guatemala, El Salvador, and Ecuador.
\nOn the other side of the spectrum, the countries with the lowest malware infection rates were Sweden with 21.57%, Norway with 22.22%, Japan with 23.57%, Switzerland with 24.41%, and the UK with 25.71%.
\nThe rest of the top 10 is completed by Germany, France, Belgium, Portugal, and Holland.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f3dcee378e&e=20056c7556<\/p>\n
As containers take off, so do security concerns
\nAccording to a recent survey sponsored by container data management company Cluster HQ, 73 percent of enterprises are currently using containers for development and testing, but only 39 percent are using them in a production environment.
\nBut this is changing, with 65 percent saying that they plan to use containers in production in the next 12 months, and cited security as their biggest worry.
\nAccording to the survey, just over 60 percent said that security was either a major or a moderate barrier to adoption.
\nThe downside is that containers are less isolated from one another than virtual machines are.
\nIn addition, because containers are an easy way to package and distribute applications, many are doing just that — but not all the containers available on the web can be trusted, and not all libraries and components included in those containers are patched and up-to-date.
\nAccording to a recent Red Hat survey, 67 percent of organizations plan to begin using containers in production environments over the next two years, but 60 percent said that they were concerned about security issues.
\n“Containers do not make a promise of providing resilient, multi-tenant isolation,” he said. “It is possible for malicious code to escape from a container to attack the operation system or the other containers on the machine.”
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c6b939dade&e=20056c7556<\/p>\n
80% increase of malware on Windows devices
\nAlcatel-Lucent estimates that 80 percent of malware infections detected on mobile networks during the first half of 2015 have been traced to Windows-based computers.
\nAdware has also been on the increase, with ads becoming more sinister.
\nAn example is BetterSurf, a moderate-threat contained within software bundles offering free applications or games.
\nWhen installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages.
\nWhile it looks like run-of-the-mill adware, the ads themselves are very dangerous.
\nMany are phishing attempts to install additional malware and engage in fraudulent activity.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=68e3f14c75&e=20056c7556<\/p>\n
FS-ISAC Announces Arrangement with Federal Reserve Banks to Share Threat Intelligence
\nReston, VA \u2013 16 SEPTEMBER 2015 \u2013 The Financial Services Information Sharing and Analysis Center (FS-ISAC) today announced an arrangement with the Federal Reserve Banks to provide direct access to FS-ISAC security threat information to over 10,000 of their financial institution customers.
\nUnder the terms of the agreement, FS-ISAC will allow the Federal Reserve Banks to provide their customers with access to the Weekly Risk Summary report, designed for community institutions and delivering timely and actionable information on significant security threats to board and C-level personnel.
\nThe report provides a high level summary of threats, identifies the risk to community institutions and suggests actions that these organizations can take to remediate the risks.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c4e4adf883&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=1f8eeb749f)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Spotlight on the i2 Summit for a Safer Planet The IBM i2 Summit for a Safer Planet brought personnel in law enforcement, emergency management, defense\/national security, cyber threat…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1149","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1149"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1149\/revisions"}],"predecessor-version":[{"id":3636,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1149\/revisions\/3636"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1149"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}