[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
**
\n————————————————————<\/p>\n
**
\n————————————————————
\n* GSMA outlines thoroughly sensible IoT security rules
\n* New Trustwave Report: Cybersecurity Pros Face Increased Pressures
\n* Why SMBs should build a threat intelligence program — no tech investment required
\n* Infosec pros still pressured to release unsecure projects: Survey
\n* 5 Big Incident Response Mistakes
\n* Time to rethink your approach to security budgeting
\n* CERT Bulgaria Registered 737 Cyber Incidents in 2015
\n* Marsh names former U.K. intelligence director as cyber risk adviser
\n* Interview with Troels Oerting on cybersecurity in modern organizations
\n* Terrorism key security threat facing Singapore
\n* The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
\n* Tripwire Study: IT Professionals Overconfident in Cyber Attack Detection
\n* How to build secure supply chains: 3 key steps<\/p>\n
GSMA outlines thoroughly sensible IoT security rules
\nAbout time: the GSM Association has released a bunch of guidelines to try and address the chronic insecurity of the Internet of Things.
\nThe group has put together documents for the three key segments (as it sees the IoT market anyhow): telecommunication carriers, service operators, and device manufacturers.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=cc493cd884&e=20056c7556<\/p>\n
New Trustwave Report: Cybersecurity Pros Face Increased Pressures
\nCHICAGO, IL – Trustwave\u00ae today released the 2016 Security Pressures Report, based on a survey of 1,414 in-house information security professionals, which shows a rise in both the current and expected pressures in the career field and offers ways for security professionals globally to mitigate the increasing tensions.
\nIn addition to providing year-over-year comparisons of 2014 and 2015, the third-annual report adds previously unmeasured insight related to cybersecurity pressures including new data and regional viewpoints.
\nIn addition to respondents from the United States, Canada and the United Kingdom, the 2016 report features 398 Asia Pacific respondents from Australia and Singapore and adds new questions that address the timing of increased pressure, job security, and specific security threats that pose the greatest challenges to security practitioners.
\nKey findings from the 2016 Security Pressures Report from Trustwave include:
\nUnder pressure: 63% of information security professionals felt more pressure to secure their organizations in 2015 compared to the previous 12 months, and 65% expect to feel additional pressure this year.
\nThose numbers grew 9% and 8%, respectively, compared to last year.
\nSkills gap: Shortage of security expertise has climbed from the eighth-biggest operational pressure facing security pros to the third-biggest, behind advanced security threats and adoption of emerging technologies.
\nBoard burden: 40% of respondents feel the most pressure in relation to their security program either directly before or after a company board meeting – 1% higher than how they feel after a major data breach hits the headlines.
\nDetection trumps prevention: The largest security responsibilities facing 54% of respondents are related to detection of vulnerabilities, malware and compromised systems.
\nMoved to managed: The number of respondents who either already partner or plan to partner with managed security services providers has climbed from 78% to 86%.
\nEmpty promises: Pressure to select security technologies containing all of the latest features has jumped from 67% to 74% among respondents, but having the proper resources to put them to use has fallen from 71% to 69%.
\nData and DDoS gloom: Customer data theft and intellectual property theft remain the top two worrying outcomes following an attack or data breach, but a disabled corporate website is the biggest riser (from 7% to 13%).
\nDemand outpacing supply: Respondents wishing to quadruple their staff from its current size has risen from 24% to 29%.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff2d0b1ff0&e=20056c7556<\/p>\n
Why SMBs should build a threat intelligence program — no tech investment required
\n“Contrary to popular narrative, I believe it makes a lot of sense for small information security programs to build a threat intelligence capacity,” mentions Swanson in this Swannysec blog post. “While this may not be a popular opinion, I know smaller operations can benefit from a right-sized threat intelligence program because I’m in the process of building one currently and there have been tangible results.”
\n“Anyone interested in threat intel should start by seeking out and reading published threat reports from companies such as FireEye, Palo Alto, or Symantec,” suggests Swanson. “A large repository of these reports can be located on GitHub.”
\nThe next step, according to Swanson, would be introducing low-effort and low investment automation to process the freely available threat intelligence.
\nHowever, before even considering any form of automation, Swanson feels the following must be considered.
\nNo matter how empowering machine learning is humans need to be part of the equation. “No automated system is going to make any amount of threat intelligence magically useful without people making informed decisions about the data as it relates to the security and risk posture of the organization,” explains Swanson.
\nWith threat data coming in and being analyzed, the next step is developing a plan based on information gleaned from the threat intelligence.
\nBesides external threat intel, Swanson suggests data mining all possible internal sources for actionable intelligence.
\nSwanson cautions to start small, “Generate top ten lists of exploits, malware, brute-force attempts, etc. and start to observe trends in those reports.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=12fd4da89a&e=20056c7556<\/p>\n
Infosec pros still pressured to release unsecure projects: Survey
\nDespite an increase in the number of data breaches last year infosec pros say they continue to be pressured by the business side to release projects that aren\u2019t fully secure, according to an international survey.
\nThe survey, paid for by Trustwave, showed that 77 per cent of respondents in five countries \u2014 and 71 per cent of Canadians \u2014 felt either frequent or periodic pressure to roll out IT projects that weren\u2019t security ready.
\nThe good news is that the majority agreed it was once or twice rather than frequently.
\nHowever, if a bug slips by that could be once too many.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=615dd5c21c&e=20056c7556<\/p>\n
5 Big Incident Response Mistakes
\nWhile the initial breach itself tends to draw the most attention, how an organization responds to the incident shapes the eventual scope and damage of the attack.
\nNot having a formal plan and being unprepared are just two of the mistakes that organizations make.
\nHere are some of the others:
\n1) Responding before understanding the full scope of the breach.
\n2) Not communicating effectively.
\n3) Not getting legal involved early.
\n4) Tipping your hand.
\n5) Using an improperly staffed response team.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=57b3809549&e=20056c7556<\/p>\n
Time to rethink your approach to security budgeting
\nSome healthcare security budgets are increasing at a modest pace according to Forrester; 16% of the IT budget compared with 19% across all industries.
\nHowever, there are still many other healthcare security budgets that appear to get trivial increases, and, in some cases, a reduction in security-related expenditures.
\nIncreases in the accompanying chart are not exceptionally large.
\nAccording to Forrester, almost 30% of the healthcare security budget consists of staffing and maintenance costs with staffing representing almost 14% and maintenance of existing on-premises security technology representing approximately 15%.
\nBut scarce security skills in the labor pool are ongoing challenges for all healthcare organizations.
\nThis not only raises the cost of staffing but also restricts efficiency.
\nTo reduce both staffing and maintenance costs, Forrester recommends that healthcare organizations consider increasing the adoption of managed security or security-as-a-service.
\nThey contend that security is a critical function, but not all of it needs to be delivered in-house.
\nSecurity spending in the healthcare industry can vary widely, as does the efficiency and cost-effectiveness of that spending.
\nHealthcare organizations can guide their budgets for optimal outcomes by thinking through and answering the types of functions and activities that it should own and the staff skills to hire vs. outsource.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1b6d12d5df&e=20056c7556<\/p>\n
CERT Bulgaria Registered 737 Cyber Incidents in 2015
\nA total of 737 cyber incidents were registered at the websites of central and local government authorities and other institutions in Bulgaria last year, according to the National Computer Security Incidents Response Team (CERT Bulgaria).
\nThe largest number of those incidents involved malicious code (294), followed by fraud (105), offensive content (100), attempted unauthorized intrusion (65), reaping information (26), and intrusions (10).
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3c764f7915&e=20056c7556<\/p>\n
Marsh names former U.K. intelligence director as cyber risk adviser
\nMarsh L.L.C. on Thursday said it has appointed Sir Iain Lobban, the former director of the U.K.
\nGovernment Communications Headquarters, the country’s security and intelligence organization, as senior adviser on cyber risk.
\nIn his newly created role, Mr.
\nLobban \u201cwill provide strategic advice as Marsh works with governments, regulators and clients on how best to address the growing threat of cyber risk,\u201d Marsh said in a statement.
\nHe will report to Mark Weil, Marsh’s CEO of U.K. and Ireland.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e59636b54b&e=20056c7556<\/p>\n
Interview with Troels Oerting on cybersecurity in modern organizations
\nThe role of the chief information security officer (CISO) has profoundly changed over the years, from IT security management to high-level risk management.
\nToday Troels Oerting is the Chief Information Security Officer (CISO) at Barclays, I consider him a Master, in my opinion, only a few professionals have had its experience in cyber security, Troels is the incarnation of the modern CISO.
\nn the past, which is not so long ago, I believe that the CISO role was considered to be a technical role.
\nThe profile should be technical and it would often report to the Operations & Technology chief in any bigger organisation.
\nThe role was rather reactive and aiming at \u2018ticking\u2019 boxes in auditors control schemes based on various vulnerabilities.
\nI think you will find that there is a growing understanding for the fact that the CISO role is not a tech role but a wider business role.
\nWhen we, in Barclays, assess the threat we first identify our Adversaries.
\nWho are they.
\nWe have intrusion attempts from Nation States, Organised cybercriminal networks and hacktivists.
\nNext in our assessment is to have a look at the Intent of each of the Adversaries.
\nam never satisfied if we have losses.
\nRegardless if it is losses of sensitive data, money or other valuables in our digital repository.
\nI think that the executive management already have a full understanding of digital security.
\nI believe that trust is key, and we will be measured by our customers, society and regulators if we can keep their trust.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7a05e3df17&e=20056c7556<\/p>\n
Terrorism key security threat facing Singapore
\nTerrorism is the “most significant” security threat facing the Republic today, the Ministry of Home Affairs (MHA) said yesterday, even as it reassured Singaporeans that the overall crime rate here remains low.
\nThe ministry also highlighted trends of crime statistics which are set to be released by law enforcement agencies over the next few days.
\nThe overall crime rate remains low although there was a slight increase from 2014, fuelled by a sharp increase in online crime – such as scams – which has persisted since 2013.
\nAlmost all other types of crime have fallen.
\nViolent property offences and housebreaking are at their lowest levels in 20 years, while unlicensed moneylending harassment hit a 10-year low.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9dca7c68e6&e=20056c7556<\/p>\n
The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks
\nYou invest in the slickest, smartest, security gear.
\nThe latest in threat intelligence, behavior analysis, and every other cutting-edge tech that widened your eyes on the trade show floor.
\nIt’s excellent, exciting, expensive…and useless against a top-notch social engineer.
\nThese days, the social engineer’s favorite tool isn’t the smile; it’s the humble phishing message.
\nRead on to see which attack campaigns and categories earn the dubious honor of winning one of the coveted Phishie Awards.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2cc937427d&e=20056c7556<\/p>\n
Tripwire Study: IT Professionals Overconfident in Cyber Attack Detection
\nTripwire, Inc., a leading global provider of endpoint detection and response, security and compliance solutions, today announced the results of an extensive study conducted by Dimensional Research on behalf of Tripwire.
\nThe study evaluated the confidence of IT professionals regarding the efficacy of seven key security controls that must be in place to quickly detect a cyber attack in progress.
\nStudy respondents included 763 IT professionals from retail, energy, financial services and public sector organizations in the U.S.
\nThe majority of the respondents displayed high levels of confidence in their ability to detect a data breach even though they were unsure how long it would take automated tools to discover key indicators of compromise.
\nFor example, when asked how long it would take automated tools to detect unauthorized configuration changes to an endpoint on their organizations\u2019 networks, 67 percent only had a general idea, were unsure or did not use automated tools.
\nHowever, when asked how long it would take to detect a configuration change to an endpoint on their organizations\u2019 networks, 71 percent believed it would happen within minutes or hours.
\nConfiguration changes are a hallmark of malicious covert activity.
\nForty-eight percent of energy and health care respondents said they had the lowest percentage of successful patches in a typical patch cycle, with a success rate of less than 80 percent.
\nNearly two-thirds (62 percent) of respondents were unsure how long it would take for automated tools to generate an alert if they detected an unauthorized device on the network, while 87 percent believed it would happen within hours.
\nNearly half (48 percent) of respondents working for federal government organizations said not all detected vulnerabilities are remediated within 15 to 30 days.
\nForty-two percent of midmarket organizations do not detect all attempts to access files on local systems or network-accessible file shares by users who do not have the appropriate privileges.
\nSixty-one percent of respondents working in the financial services sector said their automated tools do not pick up all the information necessary to identify the locations, departments and other critical details about unauthorized configuration changes to endpoint devices.
\nOnly 23 percent of respondents said that 90 percent of the hardware assets on their organizations\u2019 networks are automatically discovered.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e8c582cb48&e=20056c7556<\/p>\n
How to build secure supply chains: 3 key steps
\nThe solution is not to build stronger firewalls, as one might think.
\nEven the Great Wall of China was breached \u2013 and, besides, firewalls inhibit the kind of seamless interaction on which collaborative supply chains depend.
\nThe better approach is for supply chains to adopt an approach that addresses the challenge holistically, and is agile enough to respond to an ever-changing threat landscape.
\nThe key here is to address security in terms not just of technology but also in terms of people and processes.
\nThis approach is critical because it allows supply chain companies to look at their risks properly.
\n1) Define the ecosystem.
\nCompanies need to define who their partners are in the supply chain, and categorise them by importance.
\n2) Identify the primary contacts within each partner company as well as their location \u2013 and make sure everybody in your company has this information.
\n3) Establish controls and guidelines for each business partner\/category of business partner.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=806c37480d&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=5fb2014fff)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: ** ———————————————————— ** ———————————————————— * GSMA outlines thoroughly sensible IoT security rules * New Trustwave Report: Cybersecurity Pros Face Increased Pressures * Why SMBs should build a threat…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1198","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1198","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1198"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1198\/revisions"}],"predecessor-version":[{"id":3685,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1198\/revisions\/3685"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}