[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
\nI had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.<\/p>\n
* Meet The Woman Powering The Fight Against Cybercrime
\n* DHS Hacker Warnings Will Soon Carry Reputation Scores
\n* 68% of Nifty 50 companies are vulnerable to cyber attacks:Study
\n* 6 steps to creating a hybrid integration strategy
\n* Cloud SLAs Can Overlook Security. Don\u2019t Let Them.
\n* Four Out Of Five Enterprise Networks Show Evidence Of Malicious DNS Activity
\n* Vormetric: U.S. Retailers Spending Security Funds on Wrong Solutions
\n* Top 10 technologies for information security and their implications<\/p>\n
Meet The Woman Powering The Fight Against Cybercrime
\nHaving served previously as chief information security officer (CISO) of two giant US companies in Time Warner Cable and Home Depot HD -0.17%, Tammy Moskites is exceptionally well-placed to take a leading role in the fight for cyber security.
\nNow, as CISO of Venafi, Moskites oversees the development of systems that help organizations learn more about who they can and cannot trust in online environments.
\nMoskites explains that our internet-enabled world today has an identity tagging architecture similar in many ways to that used within the human body as part of our immune systems.
\n\u201cIn the wrong hands, keys and certs can enable bad guys to appear trusted, hide in encrypted traffic, exfiltrate data and even take control of your devices \u2013 it\u2019s like giving them an invisibility cloak and magic key that opens all your doors,\u201d she explains.
\nThings have sometimes been extremely challenging as a woman in a male-dominated profession.
\nMoskites suggests that negative experiences early on in her career actually helped spur her on to greater successes and eventually to the position she\u2019s in today.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9cdd03487b&e=20056c7556<\/p>\n
DHS Hacker Warnings Will Soon Carry Reputation Scores
\nThe Homeland Security Department will soon rate the trustworthiness of tip-offs about hacking groups it receives from outside sources before sharing them with other agencies and industry.
\nEssentially, the ranking would tell companies and agencies, with a certain degree of confidence, the reliability of a threat warning.
\nTo derive a score, DHS will analyze the indicator it receives from an outsider with intelligence it already has from federal partners and other materials involving the reputation of that notifier.
\nRoughly 30 organizations nationwide are receiving the Automated Indicator Sharing feeds.
\nAbout 100 have signed up to do so at some point, according to testimony heard by the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies on June 15.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=aebde10ef3&e=20056c7556<\/p>\n
68% of Nifty 50 companies are vulnerable to cyber attacks:Study
\nThe PwC survey about transgressions in Indian cyberspace of these companies further said, 525 email addresses belonging to the 34 companies were compromised, meaning hackers had access to those email addresses.
\n“Cybersecurity is no more restricted to Chief Information Officers (CIOs) or Chief Security Officers (CSOs) but needs serious attention of the higher management,” Sivarama Krishnan, Leader, Cyber Security – PwC India said.
\nFurthermore, 200 Internet Protocol (IP) addresses belonging to the 34 companies were blacklisted by various Internet Service Providers (ISPs), implying that the ISPs found these IPs to be involved in spreading malicious traffic on the Internet, sending spam emails, or acting as a botnet in large cyber attacks, the report noted.
\nAccording to the report, transgressions in Indian cyberspace have more than doubled over the past year to 6,284 incidents\/respondent.
\nThe average number of attacks in India is catching up with the global average of 6,853 incidents\/respondent.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d1769eb72c&e=20056c7556<\/p>\n
6 steps to creating a hybrid integration strategy
\nAgencies are adopting cloud-based software-as-a-service (SaaS) applications at increasing rates.
\nMany are simultaneously moving existing applications and systems to public and\/or private cloud infrastructures, making hybrid IT environments the new standard.
\nBelow are six essential steps for creating a successful hybrid integration strategy:
\n1- Understand your integration “center of gravity.”
\n2- Determine how much control and responsibility you want or need.
\n3- Know your users.
\n4- Plan how to keep up with project demands.
\n5- Use a flexible approach for different types of projects.
\n6- Consider how you will ensure data quality for your systems of record.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c14c600d09&e=20056c7556<\/p>\n
Cloud SLAs Can Overlook Security. Don\u2019t Let Them.
\nCloud service level agreements (SLAs) are common \u2013 but how well do they protect you, the customer.
\nSLAs typically focus on performance, offering assurances of 99.9% or higher cloud service availability.
\nBut they often fall short in detailing how cloud service providers will secure and protect the data you place into the cloud.
\nIn essence, cloud SLAs are as much marketing tools designed to protect the cloud provider as they are guarantees for their customers.
\nFirst, a reality check.
\nJust as it\u2019s impossible for cloud providers to guarantee 100% uptime, it\u2019s also impossible to guarantee 100% secure operations.
\nAs such, your goal should be to make sure the provider has a comprehensive security and privacy regime that provides protections that match the value and sensitivity of the data you\u2019ll place in the cloud.
\nIt\u2019s also important to determine how you and the cloud provider may share responsibilities to safeguard your data, and to make those respective responsibilities clear in any contract you sign.
\nThe questions you need to pose to a prospective cloud services provider should explore every aspect of data security and privacy as well as general operational information
\nThese questions are just a sample of the full list of topics you should explore.
\nMany questions will relate to the specific characteristics and needs of the operations and data you will place in the cloud.
\nOne final caution when it comes to evaluating the security controls and assurances your cloud providers may offer: Don\u2019t forget about performance.
\nSecurity measures must be strong enough to provide adequate protections, but not so onerous and sluggish that they grind your service performance to a snail\u2019s pace.
\nOne common problem to consider, for example, will antivirus solutions introduce long delays during scans because they aren\u2019t designed for use in highly virtualized cloud environments?
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c97a098277&e=20056c7556<\/p>\n
Four Out Of Five Enterprise Networks Show Evidence Of Malicious DNS Activity
\nInfoblox Inc. (NYSE:BLOX), the network control company, today announced results of the Infoblox Security Assessment Report for the first quarter of 2016, which finds that 83 percent\u2014more than four out of five\u2014of enterprise networks tested by Infoblox show evidence of malicious DNS activity.
\nAmong the specific threats found in files during the first quarter, by percentage, are:
\n– Botnets \u2013 54%
\n– Protocol anomalies \u2013 54%
\n– DNS tunnelling \u2013 18%
\n– ZeuS malware \u2013 17%
\n– Distributed denial of service (DDoS) traffic \u2013 15%
\n– CryptoLocker ransomware \u2013 13%
\n– Amplification and reflection traffic \u2013 12%
\n– Heartbleed \u2013 11%
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9670504db6&e=20056c7556<\/p>\n
Vormetric: U.S. Retailers Spending Security Funds on Wrong Solutions
\nU.S. retailers are spending more money than ever on data protection, but a general lack of understanding as to which areas require the most attention is still a major issue, according to a new report from Vormetric and 452 Research.
\nA majority of retailers surveyed said they spend most of their security budget on network defenses, end point solutions and mobile device solutions, despite the fact that data-at-rest defenses and data-in-motion defenses are more effective means of protection.
\nFurthermore, protecting a company\u2019s brand and reputation were seen as the top data protection drivers for retail, with data breach prevention ranking as the least concern, despite the fact that the two issues are deeply intertwined.
\nDespite the general lack of concern for protecting their most critical assets, there is hope that more retailers are beginning to understand that data protection and brand protection go hand in hand.
\nVormetric reported that 44 percent of respondents plan to invest in data-at-rest defenses this year.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b72c247a72&e=20056c7556<\/p>\n
Top 10 technologies for information security and their implications
\nCloud access security brokers (CASBs) provide information security professionals with a critical control point for the secure and compliant use of cloud services across multiple cloud providers.
\nMany SaaS apps have limited visibility and control options; however, SaaS adoption is becoming pervasive in enterprises, which exacerbates the frustration of security teams looking for visibility and control.
\nThe market for endpoint detection and response (EDR) solutions is expanding quickly in response to the need for more effective endpoint protection and the emerging imperative to detect potential breaches and react faster.
\nEDR tools typically record numerous endpoint and network events, and store this information either locally on the endpoint or in a centralized database.
\nDatabases of known indicators of compromise (IOC), behavior analytics and machine-learning techniques are then used to continuously search the data for the early identification of breaches (including insider threats), and to rapidly respond to those attacks.
\nPurely signature-based approaches for malware prevention are ineffective against advanced and targeted attacks.
\nMultiple techniques are emerging that augment traditional signature-based approaches, including memory protection and exploit prevention that prevent the common ways that malware gets onto systems, and machine learning-based malware prevention using mathematical models as an alternative to signatures for malware identification and blocking.
\nUser and entity behavioral analytics (UEBA) enables broad-scope security analytics, much like security information and event management (SIEM) enables broad-scope security monitoring.
\nUEBA provides user-centric analytics around user behavior, but also around other entities such as endpoints, networks and applications.
\nThe correlation of the analyses across various entities makes the analytics\u2019 results more accurate and threat detection more effective.
\nOnce attackers have gained a foothold in enterprise systems, they typically can move unimpeded to other systems.
\nTo address this, there is an emerging requirement for \u201cmicrosegmentation\u201d (more granular segmentation) of east\/west traffic in enterprise networks.
\nIn addition, several of the solutions provide visibility and monitoring of the communication flows.
\nSecurity needs to become an integral part of DevOps style workflows \u2014 DevSecOps.
\nDevSecOps operating models are emerging that use scripts, \u201crecipes,\u201d blueprints and templates to drive the underlying configuration of security infrastructure \u2014 including security policies such as application testing during development or network connectivity at runtime.
\nAn intelligence-driven security operations center (SOC) goes beyond preventative technologies and the perimeter, and events-based monitoring.
\nAn intelligence-driven SOC has to be built for intelligence, and used to inform every aspect of security operations.
\nTo meet the challenges of the new \u201cdetection and response\u201d paradigm, an intelligence-driven SOC also needs to move beyond traditional defenses, with an adaptive architecture and context-aware components.
\nMost attacks start by targeting end-users with malware delivered via email, URLs or malicious websites.
\nAn emerging approach to address this risk is to remotely present the browser session from a \u201cbrowser server\u201d (typically Linux based) running on-premises or delivered as a cloud-based service.
\nDeception technologies are defined by the use of deceits and\/or tricks designed to thwart, or throw off, an attacker\u2019s cognitive processes, disrupt an attacker\u2019s automation tools, delay an attacker\u2019s activities or disrupt breach progression.
\nFor example, deception capabilities create fake vulnerabilities, systems, shares and cookies.
\nIf an attacker tries to attack these fake resources, it is a strong indicator that an attack is in progress, as a legitimate user should not see or try to access these resources.
\nAs enterprise security departments are asked to extend their protection capabilities to operational technology and the Internet of Things, new security models must emerge to provision and manage trust at scale.
\nTrust services are designed to scale and support the needs of billions of devices, many with limited processing capability.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d99ed78164&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=47356b7d27)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage1.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change. * Meet The Woman Powering The…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1238","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1238"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1238\/revisions"}],"predecessor-version":[{"id":3725,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1238\/revisions\/3725"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}