[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
\nI had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.<\/p>\n
* How Many Layers Does Your Email Security Need?
\n* Why Boards Need To Get Smart About Cyber Innovation — Now
\n* Move over Healthcare, Ransomware Has Manufacturing In Its Sights
\n* Nearly Half of Organizations Unsure if Cyber Insurance will Payout for Evolving Email Attacks
\n* Anonymous Targets London Stock Exchange as #OpIcarus Advances<\/p>\n
How Many Layers Does Your Email Security Need?
\nCyber criminals have realized that email gateways are quite capable of blocking generic spam and have moved to different techniques, including targeted attacks.
\nTargeted attacks have adapted precisely to evade traditional methods most email gateways use to try to block unknown malware, such as the following techniques:
\nFirst off, techniques like Sender Protection Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) are designed to validate the identity of the sender, protecting against spoofed emails that appear to come from a friendly sender.
\nHowever, very few organizations bother to turn these capabilities on.
\nBe sure to use the same technologies when sending your own email.<\/p>\n
Secondly, your gateway needs to extract and explode all the elements of an email attachment to be able to deeply analyze it for malicious intent.
\nFinally, it is essential to ensure URLs are scanned at time of click.
\nIn practical terms, this means that URLs contained in emails must be rewritten with pointers that force them to go through a cloud-based web gateway whenever they are clicked upon.
\nSo, how many layers does your email security need?
\nYou always need at least one more layer of email security than the attacker can defeat.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=807b0e2484&e=20056c7556<\/p>\n
Why Boards Need To Get Smart About Cyber Innovation — Now
\nAriel Evans is an American Israeli cybersecurity expert, entrepreneur and business developer.
\nEvans is the go-to person in Israel that connects cyber startup companies to funding and business development opportunities.
\nToday she manages over Israeli 30 companies, secures them venture funding, M&A opportunities, and channel sales.
\nShe has raised over $200 million in the U.S. with private equity and venture capital firms.<\/p>\n
What are the biggest trends that you have seen in cybersecurity over the past five years?
\nCybersecurity has become a boardroom conversation.
\nIt is no longer adequate to speak solely in terms of technological vulnerabilities such as insufficient patching of servers and network specific devices.
\nInstead, organizations have begun to appraise the value of their assets and calculate how secure they are against a cyber-attack.<\/p>\n
How has the role of the chief information security officer (CISO) changed?
\nThe CISO is no longer a network guru, but instead a risk manager.<\/p>\n
What does an organization need to know in order to understand how effective their cybersecurity program is?
\nLots.
\nAgain, cybersecurity is a compilation of people, processes, and tools.
\nIf just one leg of that three-legged stool is broken, the stool fails.<\/p>\n
What are the most common issues that organizations face in cybersecurity?
\nThe most common issue is the lack of skilled people.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=871d9a04b3&e=20056c7556<\/p>\n
Move over Healthcare, Ransomware Has Manufacturing In Its Sights
\nFortinet research conducted over the past several months shows that manufacturing is likely to be the next industry specifically targeted by ransomware.
\nIn our latest report we detail two specific trends that support this conclusion.
\nThe first is an alarming spike in custom ransomware attacks targeted at the manufacturing industry, and the second is the development of a new generation of ransomware that is especially devastating.
\nBetween October 1, 2015 and April 30, 2016, Fortinet monitored and collated network traffic for 59 mid-sized to large manufacturers, spread out over 9 countries in key markets across the Americas, EMEA, and APAC.
\nDuring those seven months, we recorded 8.63 million attempted attacks on those 59 manufacturers.
\nAnd 78% of this malicious activity was targeted at large manufacturers with 1000 or more employees.
\nThat is a lot of attacks.
\nWith downtime and losses often calculated by the minute, manufacturers infected with ransomware would be highly motivated to pay a ransom in order to get their production floor back up and running.
\nAnd this wasn\u2019t your average ransomware.
\nThis new ransomware had undergone significant enhancements.
\nRecent variants of the Locky ransomware that we saw, for example, had traded custom encryption algorithms for much more solid and robust Windows APIs and RSA encryption.
\nThis seems to have clearly been an attempt to thwart organizations that try to decrypt their files without paying the ransom.
\nAnother ransomware variant we have been tracking is DMA Locker.
\nOnce it infects an organization, DMA Locker uses remote command-and-control servers to generate unique encryption keys.
\nBecause these encryption keys are generated off-site, reverse engineering the encryption is not currently possible.
\nWhich also means that if DMA Locker isn\u2019t entirely removed from an infected network, repeat flare-ups by the exact same ransomware can generate additional ransom demands.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b469b254c6&e=20056c7556<\/p>\n
Nearly Half of Organizations Unsure if Cyber Insurance will Payout for Evolving Email Attacks
\nLONDON, Jun 07, 2016 (BUSINESS WIRE) — Mimecast Limited, a leading email and data security company, today issued a warning to organizations relying on cyber insurance: your policies may not be fully up-to-date in covering new social engineering email attacks, leaving firms at risk for taking the full financial brunt of these attacks.
\nNew Mimecast research* into the growing cyber insurance industry and evolving email attack techniques reveals that almost half (45%) of firms with cyber insurance are unsure if their policy is up-to-date for covering new cyber social engineering attacks, and only 10% believe it is completely up-to-date.
\nJust 43% of firms with cyber insurance are confident that their policies would pay out for whaling financial transactions.
\nNearly two-thirds (64%) of firms don\u2019t have any cyber insurance at all.
\nWith the cybersecurity landscape constantly evolving, cyber insurers will have great difficulty keeping their coverage up-to-date.
\nA comprehensive cyber resilience strategy is only effective alongside regular employee training on the latest threats combined with appropriate technology fail-safes.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0895c864b3&e=20056c7556<\/p>\n
Anonymous Targets London Stock Exchange as #OpIcarus Advances
\nThe LSE website went offline at 9AM (08:00 GMT) local time, at the beginning of working hours, last Thursday, and was inaccessible for two hours.
\nLSE representatives have refused to comment on the issue, and kept the hack secret, but experts believe the site was exposed to a distributed denial of service (DDoS) attack, suggesting that no critical information was compromised.
\nThe attack was carried out within a framework called Operation Icarus, a stated effort by hackers to battle injustice by compromising banking sites around the globe.
\n\u200b Confirmed hacks include those on the Bank of Greece, the Central Bank of the Dominican Republic, the Dutch Central Bank, the Swiss National Bank, the Central Bank of Venezuela and the Federal Reserve Bank of San Francisco.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=68108d7b00&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage1.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=d2f96da285)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change. * How Many Layers Does Your…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1234","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1234"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1234\/revisions"}],"predecessor-version":[{"id":3721,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1234\/revisions\/3721"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}