[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
One-Third of DDoS Attacks Accompanied By Network Breach
\nAccording to respondents in a survey by Kaspersky Lab, 32% of serious DDoS attacks coincided with a network intrusion.
\nAlthough it is hard to trace two different attacks to a single source, survey results provide evidence that DDoS attacks may lead to additional damage, including loss or theft of sensitive data.
\nSmall businesses were most likely to lose data as a result of a DDoS attack\u201431% of SMBs reported data loss, compared with 22% of enterprises.
\nWhile 20% of businesses with 50 or more employees have suffered at least one DDoS attack, with enterprises being the most affected (24%), the small and medium-sized business (SMB) segment should be particularly wary.
\nThe report shows that DDoS is the fourth most expensive type of security breach faced by SMBs.
\nOn average, a DDoS attack costs SMBs more than $50,000 in recovery bills, which is significantly more than the typical costs they face recovering from other types of attack.
\nEnterprises spend a lot to recover from a third-party failure or cyber-espionage attack, but a typical financial loss for enterprises from a DDoS attack is $417,000, below average compared to recovery from other types of attacks.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a4fba5a948&e=20056c7556<\/p>\n
IT metrics for security services
\nBeing analytical engineers, we always like to specify what is being provided (the services), to establish the delivery objectives and targets (the service level objectives), and then to measure (and report on) how well the system worked.
\nSecurity overlaps and impacts almost all other IT functions in one way or another, so it is often difficult to separate what the security functions do and what they deliver.
\nI like to think that metrics are meta-measurements: they specify what is to be measured, what measurement methods are appropriate, and how the measurement is to be captured.
\nA measurement is an instance of a metric.
\nAnother more general definition is provided here.
\nA draft document from NIST (National Institute of Standards and Technology) in the USA, Special Publication 500-307, addresses the topic of Cloud Services Metrics Description.
\nAn emerging ISO standard, ISO\/IEC 19086-1, which provides a framework and terminology for cloud computing service level agreements, also includes a definition for metrics.
\nAs is illustrated by the diagram above, metrics can be defined at three levels:
\n– Service elements
\n– Services
\n-Solution
\nIn summary, it should now be clear that establishing your own set of security metrics won\u2019t be as easy as it might seem at first!
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b2dfd68e17&e=20056c7556<\/p>\n
Cyber-risk Knowledge Gap Widens Between C-Suite and IT
\nAccording to Auriga Consulting, the problem starts with the monopolization of the risk management function by IT and security consultants.
\nAccording to a survey of large and medium-sized businesses in the UK, board level ownership of cyber risk numbers just 19.4 percent, and only 16.6 percent place cyber risk in the top five on the risk register, despite the severity a realization of cyber risk poses.
\nThis means that communication from the IT team to the board is essential in ensuring that risk is understood, managed and acted upon effectively.
\nBut compounding the problem is poor knowledge transference (especially the aforementioned use of jargon, acronyms and buzzwords).
\nThis misinterpretation of risk is endangering the decision making process and ultimately future economic development.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bd81ce7e1d&e=20056c7556<\/p>\n
Windows devices account for 80% of malware infections transmitted via mobile networks
\nAccording to a Wednesday report from Alcatel-Lucent’s Motive Security Lab, in June Windows devices accounted for 80% of the infections spotted on hardware that relied on mobile networks for Internet connectivity.
\nMeanwhile, Android’s share of the total infection count dropped to about 20% after long hovering at the 50% mark.
\nThe data was generated from scans by Alcatel-Lucent’s Motive Security Guardian technology, which is deployed worldwide by both mobile and fixed-line networks, and monitors traffic from more than 100 million devices.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c0ae788bcc&e=20056c7556<\/p>\n
SECs 2nd Push on Cyber Security Focuses on Risk Assessment
\nOn Tuesday, September 15th, the SECs Office of Compliance Inspections and Examinations (OCIE) issued a risk alert as they ramp up their second phase of examinations designed to bolster cyber security in the financial industries.
\nThe first phase kicked off in In April 2014, when OCIE published their initial announcement on the program as part of their vision for improving cyber security for the securities and financial markets.
\nThe main topics highlighted in the alert are:
\n– Governance and Risk Assessment
\n– Access Rights and Controls
\n– Data Loss Prevention
\n– Vendor Management
\n– Training
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=35e893a020&e=20056c7556<\/p>\n
Cloud contracts and security considerations: 5 questions to ask
\nResearchers at Malwarebytes spotted an email phishing scam on Wednesday that targets Amazon’s UK users.
\nThe emails, purporting to be from Amazon customer service, falsely state that a small number of accounts were breached last month.
\nThe scammers tell the victims they are required to complete a \u201cverification process\u201d or run the risk of having restrictions placed on their account.
\nUpon clicking the link to verify their accounts, users are redirected to a page designed to mimic the Amazon UK site.
\nHere victims are instructed to provide login credentials, personal identifiable information, payment card details and security details.
\nWithout a clear understanding of each party\u2019s responsibilities, agencies can find themselves in an unfortunate situation, including having limited access to their own data and little or no recourse for poor performance.
\nSo if your agency is considering moving data to the cloud, here are five things to ask the cloud service provider when evaluating its agreement:
\n1. Where will the agency\u2019s data reside?
\n2. Who can access the agency\u2019s data?
\n3. Does the cloud provider have key certifications?
\n4. What can an agency expect if there\u2019s a security incident or outage?
\n5. What protections should an agency request?
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7a6cf9ad98&e=20056c7556<\/p>\n
Why Is Endpoint Security Failing?
\nIt should come as no surprise that the next major battle in IT security is focused on endpoints.
\nMobility and BYOD have made it possible for users to remotely access just about any business resource.
\nThe adoption of cloud-delivered services enables workloads to move to a shared environment bypassing on-premises, layered security defenses and directly accessible by the mobile workforce.
\nWhat can you do to effectively fight the endpoint battle.
\nTip #1: Illuminate Hidden Endpoints
\nTip #2: Identify Weaknesses
\nTip #3: Routinely Check For Compromise
\nTip #4: Measure Endpoint Security Effectiveness
\nEndpoint security assurance is not just about detecting threats, but about building a more effective endpoint security program — one that proactively detects known and unknown endpoints, helps identify what is critically vulnerable to attacks, what weaknesses exist in your environment, and how effective you are at identifying threats and remediating them.
\nIf you are clearly able to answer the question \u201cHow secure are we?\u201d and demonstrate this throughout the organization, you are already on your way to a successful endpoint security program.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7401c34657&e=20056c7556<\/p>\n
Marketing plus security equals profit – Disney’s anti-counterfeiting strategy
\nIn 2006, Disney had a problem.
\nTheir licensed products were being counterfeited on a massive scale.
\nThey were losing money and junk products were damaging their reputation.
\nEven worse, licensed products were virtually the only viable product for Disney to sell in China.
\nVideos were pirated and most TV programming and movies were not allowed.
\nTheir goal was to maximize revenue, not punish pirates.
\nSo, they started a marketing campaign.
\nDisney put holographic tags on all of their legitimate products and announced a promotion.
\nCustomers could fill out an entry form and provide the holographic “proof of purchase” label for the chance to win big prizes.
\nWhile the final effect on piracy is unknown, the program paid for itself.
\nMore legitimate products sold.
\nDirect relationship opened with a quarter of a million customers.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7c0f61466b&e=20056c7556<\/p>\n
Three Ways To Avoid Being Visually Hacked
\nVisual hacking is the act of viewing or capturing sensitive, confidential or private information for unauthorized use on a device screen, workspace or copier and the like.
\nThe growing sophistication of smartphone cameras and inconspicuous wearable technology is only making visual hacking easier to pull off and harder to detect.
\n1. Use privacy filters.
\n3. Secure your workspace.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e61fbe8aa5&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage1.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=b264f88ee0)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: One-Third of DDoS Attacks Accompanied By Network Breach According to respondents in a survey by Kaspersky Lab, 32% of serious DDoS attacks coincided with a network intrusion. Although…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1150","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1150"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1150\/revisions"}],"predecessor-version":[{"id":3637,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1150\/revisions\/3637"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}