[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Survey Reveals Spear Phishing as a Top Security Concern to Enterprises
\nAccording to the survey, released today, almost two thirds of IT decision makers interviewed say spear phishing ranks as either their organization\u2019s top security concern (20 percent) or among their organization\u2019s top three (42 percent) security concerns.
\nIt is clear that IT security professionals recognize that spear phishing is a primary avenue of risk and vulnerability facing organizations today.
\nRespondents said that in the past 12 months 84 percent reported that a spear phishing attack had penetrated their security defenses.
\nThese statistics point to a widespread inability to defend against these attacks.
\nIn addition, the respondents said that spear phishing was responsible for 38 percent of cyberattacks on their enterprises.
\nThese attacks are costly.
\nRespondents reported that the average cost of an attack across all companies from a spear phishing attack was $1.6 million.
\nOne in six companies reported a decrease in stock price as the result of a spear phishing attack.
\nEmail remains the most popular spear phishing medium, respondents said, with 90 percent reporting spear phishing attacks against their company via email.
\nSpear phishing on mobile platforms was the second most likely with 48 percent of respondents reporting this method.
\nThird most likely was social networks, with 40 percent.
\nRemovable media was reported by respondents as being targeted by 30 percent of spear phishing attacks.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d6623b132a&e=20056c7556<\/p>\n
Rapid7 Research Study Finds Compromised Credentials a Top Concern for 90 Percent of Security Professionals
\nBOSTON, Jan. 13, 2016 (GLOBE NEWSWIRE) — Rapid7, Inc. (NASDAQ:RPD), a leading provider of security data and analytics solutions, today released the results of its 2015 Incident Detection and Response Survey.
\nThe survey includes findings from hundreds of security professionals at organizations of varied sizes across the globe on their biggest security concerns and planned initiatives for 2016.
\nPunctuating the results were two key points: (1) 90% of organizations are worried about compromised credentials, though 60% say they cannot catch these types of attacks today; and (2) 62% of organizations are receiving more alerts than they can feasibly investigate.
\nIn an effort to better monitor their IT environments, security teams are investing further in incident detection and response solutions to detect and contain compromise when it occurs.
\nHowever, while 55% of organizations say they are using a SIEM (Security Information and Event Management) to aid with incident detection and response, alarmingly, 62% of these organizations report receiving more alerts than they can handle.
\nIn addition, SIEMs are not being used to monitor cloud services in use, leaving organizations blind to this important part of modern IT environments.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6609601a36&e=20056c7556<\/p>\n
Speak management\u2019s language to secure your 2016 cybersecurity budget
\nIf you prepare a well-explained justification for your cybersecurity budget using terminology and language understandable by management, your chances of getting the budget approved without modifications will at minimum double.
\nFor example, let\u2019s take a budget required to protect the front-end of a midsize e-commerce website.
\nTo stay simple, we will not calculate the risks of chained attacks, such as Advanced Persistent Threats.
\nInstead, we will base our ROI calculations on direct financial loss prevention: if by spending \u00a310 you can prevent a highly probable annual loss of \u00a3100, your management will happily allocate the \u00a310.
\nOften, the problem is to prove that you really need \u00a310 (and not just \u00a37 or \u00a38) and that the risk(s) mitigated by the \u00a310 spend really do cause a highly probable \u00a3100 direct loss to the organisation.
\nPotential financial loss per incident is a bit trickier, as it consists of numerous factors and sub-factors.
\nCyber threats will now affect Moody\u2019s ratings, however it\u2019s a very subjective impact as it\u2019s almost impossible to predict if a particular data breach will impact the rating.
\nThe same difficulty applies for reputational losses, stock options drop, and all other high-profile losses related to a data breach.
\nEven if such a huge ROI may be subjective from a purely technical point of view, it will definitely convince your management better than a long saga about the dangers of blind XSS attacks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=535dc75a57&e=20056c7556<\/p>\n
Will FFIEC Revamp Cyber Assessment Tool?
\nIn response to banking institutions’ requests for clarification of the Cybersecurity Assessment Tool, the Federal Financial Institutions Examination Council is taking a preliminary step that could lead to refinements.
\nThe FFIEC recently reopened its comment period for the tool, which was issued in July.
\nIt’s accepting comments through Jan. 15, according to a notice in the Federal Register from the Office of the Comptroller of the Currency, the lead agency for the FFIEC.
\nThe FSSCC wants the FFIEC to clarify how it uses the tool during IT examinations.
\nAlthough the FFIEC originally marketed the tool as a voluntary cyber-risk assessment aid, banking institutions report that regulatory examiners are using the tool as part of their IT examination process, Dalpiaz says.
\nSome banking leaders are concerned that certain recommendations in the tool conflict with the National Institute of Standards and Technology’s cybersecurity framework, which was released in February 2014.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6cb4d9820f&e=20056c7556<\/p>\n
The CSO IoT Survival Guide
\nWhile CSO has been discussing what IoT means for security for a number of years now, the risks are much less hypothetical now, and we are starting to see real world incidents and research, including everything from security systems to automobiles having been shown to be vulnerable to attack.
\nAll of this could prove to be a real security headache as everything from corporate fleets to manufacturing floors to smart buildings become \u201cend-points\u201d CISOs must protect.
\nHow are IoT vendors doing so far.
\nConsider this quote from Marc Blackmer,\u2028 product marketing manager, Industry Solutions, at Cisco from this Q&A with Network World editor in chief John Dix: \u201cIoT is the Wild West right now.
\nWe don\u2019t know what it\u2019s going to look like, where it\u2019s going.
\nWe\u2019re right at the cusp and, while there\u2019s a lot of opportunity, there is an intrinsic vulnerability because too often security is bolted on after the fact.
\nSo what concerns me is a rush to market to take advantage of the opportunities and not building in the necessary security and privacy protections, meaning we have to patch that together down the road,\u201d Blackmer said.
\nSecurity researchers from Hewlett-Packard found 250 security issues when analyzing 10 popular IoT devices
\nThe Internet of Things (IoT) will usher in a new era of network intelligence and automation, but its arrival raises a host of serious security questions.
\nNetwork World Editor in Chief John Dix explores the topic in depth with four experts.
\nSome Democratic senators want new laws that mandate security and privacy measures on the Internet of Things, as concern grows over personal data collected by connected devices.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff19eb4447&e=20056c7556<\/p>\n
UPDATED: The flaw finder has now posted a proof-of-concept. A number of Ubuntu operating system versions are affected by the flaw, among other distros.
\nA major vulnerability has been found and fixed in OpenSSH, an open-source remote connectivity tool using the Secure Shell protocol.
\nThe flaw was the result of an “experimental” feature that allows users to resume connections.<\/p>\n
According to a mailing list disclosing the flaw, a malicious server can trick an affected client to leak client memory, including a client’s private user keys.
\nThe affected code is enabled by default in OpenSSH client versions 5.4 to 7.1.
\nThe matching server code was never shipped, the mailing list said.
\nA security patch — version 7.1p2 — is now available from the project’s website.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3c720ccae6&e=20056c7556<\/p>\n
A quarter of companies would be willing to pay ransom to hackers
\nTo stop cybercriminals from releasing sensitive information, 14% of companies would pay a ransom in excess of $1 million, according to a survey of 209 information technology security professionals worldwide released Wednesday by the nonprofit Cloud Security Alliance.
\nOne factor influencing willingness to pay is whether or not the company has cyber insurance, which would cover the cost, the report says.
\nAbout 28.6% of companies with cyber insurance say they would pay ransom, compared with 22.6% for companies without such insurance policies.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=474c4946f3&e=20056c7556<\/p>\n
Building Threat Analyst Centaurs Using Artificial Intelligence
\nThe reason AI has become such a focal point of attention for both researchers and entrepreneurs during the last few years is that several factors are contributing to a \u201cperfect storm\u201d:
\nNever before has so much information been available in digital form, ready for use.
\nComputing power and storage capacity continue to grow exponentially, and the cost for accessing these resources in the cloud are continuously decreasing.
\nResearch in algorithms has taken huge strides in giving us the ability to use these new computing resources on the massive data sets now available.
\n– At the heart of Recorded Future is a structured representation of the world, separated into two parts: ontologies and events.
\n– Natural language processing (NLP) transforms an unstructured, natural language text into a structured, language-independent representation.
\nIn our system, this means identifying entities, events, and time associated with those events.
\nThere are several steps in this, using different AI techniques:
\n– The third area where AI techniques are used is for classification of entities and events.
\nAnother application of machine learning is to generate predictive models that can be used to forecast events or classify entities.
\nWe have, for example, created models to predict future risk of social unrest, the likelihood of product vulnerabilities being exploited, and to assess the risk that an IP address will behave maliciously in the future, even though no such activity has yet been observed.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=156fa6c95d&e=20056c7556<\/p>\n
22,000 USB sticks go to the dry cleaners
\nEvery year, 22,266 USB sticks and 973 mobiles phones go to the dry cleaners in pockets.
\nOnly 53% of memory sticks get returned to their owners.
\nThe figures come from a survey by security software firm ESET.
\nESET surveyed more than 500 UK dry cleaners and launderettes November 2015 and extrapolated results to the 5,839 dry cleaners in the UK.
\nAlong with USB sticks and phones were found: \u00a31,600 in cash, dentures, viagra pills, condoms, one dead rat, and lasagne and chips, said ESET.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=24298a21cd&e=20056c7556<\/p>\n
U.S. official sees more cyber attacks on industrial control systems
\nMIAMI (Reuters) – A U.S. government cyber security official warned that authorities have seen an increase in attacks that penetrate industrial control system networks over the past year, and said they are vulnerable because they are exposed to the Internet.
\n\u201cWe see more and more that are gaining access to that control system layer,” said Marty Edwards, who runs the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=58a51c1974&e=20056c7556<\/p>\n
FSC Checks Financial Institution’s Readiness for N. Korea’s Cyber Attacks
\nThe Financial Services Commission (FSC) has held a meeting to check the security readiness of South Korean financial institutions against cyber attacks by North Korea.
\nThe FSC plans to conduct an on-site security inspection this month of the country\u2019s critical financial infrastructure including the Korean Exchange and the Korea Financial Telecommunications and Clearing Institute.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f4fef63e4a&e=20056c7556<\/p>\n
\u2018Dark DDoS\u2019 \u2013 a growing cyber security threat for 2016
\nToday\u2019s DDoS attacks are almost unrecognizable from the simple volumetric attacks that gave the technique its name.
\nThese attacks are far more sophisticated, deceptive and frequent.
\nThey are no longer designed simply to deny service, but to deny security, by acting as a camouflage to mask more sinister activities \u2013 usually data theft and network infiltration.
\nWe call this kind of attack \u2018Dark DDoS\u2019 because it acts as a smokescreen to distract IT teams from the real breach that\u2019s taking place, which could see data being exfiltrated, networks being mapped for vulnerabilities, or a whole host of other potential risks manifesting themselves due to the hackers\u2019 actions.
\nDark DDoS is a unique tool in the hacker\u2019s toolkit since it evades many of the DDoS scrubbing center legacy solutions that are still widely adopted today.
\nBefore hackers flood a network with traffic, they tend to search a network for vulnerabilities and find pathways to steal sensitive data.
\nThe vast majority of DDoS attacks experienced by Corero customers during 2015 were less than 1Gbps, with more than 95% of these attacks being just 30 minutes or less in duration.
\nA traditional scrubbing center approach would miss these attacks entirely, leaving security teams clueless and unprepared in the event of an attack.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=59fea75006&e=20056c7556<\/p>\n
Accenture: Firms Must Improve \u2018Digital Stewardship\u2019
\nBusinesses need to improve \u2018digital stewardship\u2019 and transparency and provide a clear \u2018data dividend\u2019 if they\u2019re to win back trust from consumers to use their personal data, according to a new report from Accenture.
\nTrust in firms\u2019 ability to handle this data securely is at an all-time low, and customers are increasingly being proactive in protecting that data, helped by new privacy-enhancing technologies, Accenture claimed.
\nAnd customers now want something in exchange if they\u2019re going to hand over their data.
\nAlmost 60% of respondents to the study from products and manufacturing companies said their customers were proactively monetizing this data.
\n… with the General Data Protection Regulation set to land in a couple of years.
\nThis will force some larger firms to meet strict \u201cright to be forgotten\u201d and \u201cright to data portability\u201d rules, whilst mandating breach notification for serious data breaches and levying fines of up to 4% of global annual turnover for serious infringements.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b7e5e3a8ea&e=20056c7556<\/p>\n
Business Confidence in Cloud Security Grows
\nAccording to a Cloud Security Alliance (CSA) survey, 64.9% of IT leaders think the cloud is as secure or more secure than on-premises software.
\nThis could be the result of the fact that 71.2% of companies now have a formal process for users to request new cloud services.
\nAlso, the volume of those requests is up: Security professionals indicated receiving, on average, 10.6 requests each month for new cloud services.
\nCustomer relationship management (CRM) is the most widely used cloud-based system of record today, but companies have plans to move other systems to the cloud, including sales and HR.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=36b5b78d16&e=20056c7556<\/p>\n
Deloitte Analytics: Cybersecurity and a One Million Data Scientist Shortfall Are Trends Shaping Business in 2016
\nNEW YORK, Jan. 13, 2016 \/PRNewswire\/ — Organizations are no longer satisfied with simply “locking the doors” where cybersecurity is concerned and are instead going on the offensive by employing more predictive approaches to threat intelligence and monitoring, according to the “2016 Deloitte Analytics Trends” report.
\nThis, along with five other trends detailed in the report, are driving significant changes in the types of investments the C-suite is making to support business priorities.
\n“Business leaders continue to face many varying challenges and opportunities, and staying ahead of these trends will have a lasting impact on how their organizations will operate in the future,” said John Lucker, principal, Deloitte Consulting LLP. “By going on the offensive with issues such as cybersecurity, organizations are making a strategic shift in the way they operate.
\nConcurrently, the widening data scientist talent gap could be a business growth barrier.
\nOne thing is certain: effectively using analytics is essential in delivering insights that help achieve new levels of innovation and value.”
\nFollowing are the six major trends most likely to significantly impact business in the coming year:
\n– Cyber security: Offense can be the best defense
\n– Companies struggle to bridge the data talent chasm
\n– Man\/machine partnerships are getting stronger
\n– The Internet of Things, and people, too
\n– Triumph of the scientists
\n– The rise of the insight-driven organization: Analytics expands across the enterprise
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a77b970bdb&e=20056c7556<\/p>\n
Bromium 2015 Threat Report Highlights Vulnerabilities and Exploits for Popular Applications
\nTomorrow, Bromium\u00ae, Inc., the pioneer of threat isolation to prevent data breaches, will officially announce the publication of \u201cEndpoint Exploitation Trends 2015,\u201d a Bromium Labs research report that analyses the ongoing security risk of popular websites and software.
\nThe report highlights that software vulnerabilities and exploits in popular applications spiked in 2015 with vulnerabilities increasing nearly 60 percent and Flash exploits increasing 200 percent.
\nThe report also highlights common attack trends, including the resurgence of macro malware, the continuous growth of ransomware and the ubiquitous presence of malvertising.
\nKey findings from \u201cEndpoint Exploitation Trends 2015\u201d include:
\nVulnerabilities and Exploits Spiked in 2015
\nMacro Malware Makes a Resurgence
\nAngler Exploit Kit Most Popular
\nRansomware Doubled in 2015
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ce17c5eb37&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage2.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=9c690b361a)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage2.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Survey Reveals Spear Phishing as a Top Security Concern to Enterprises According to the survey, released today, almost two thirds of IT decision makers interviewed say spear phishing…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1187","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1187"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1187\/revisions"}],"predecessor-version":[{"id":3674,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1187\/revisions\/3674"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}