[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
\nI had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.<\/p>\n
* Big data is changing the game for backup and recovery
\n* A Hybrid Approach Is the Future of MSSPs
\n* State Names New \u2018Cyberczar\u2019 to Help Protect Its Networks Against Hackers
\n* [Australian] Government’s $230 million bid to fight cyber crime will fail without specialists, industry warns
\n* Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months
\n* Malware infections by Locky, Dridex, and Angler drop — but why?
\n* What government\u2019s CISOs think about security in Digital India – See more at: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=305c2479f8&e=20056c7556
\n* Is the CEO really to blame for cyber attacks & data breaches?
\n* How to assess your stakeholder matrix as part of a cloud security strategy
\n* Why a global threat sharing program is vital to protect global infrastructure
\n* USB devices still represent a major security threat for enterprises
\n* The Poisoned Archives
\n* Cyber threats leap to top of manufacturers’ list of risks
\n* Majority of American Business Owners Unlikely to Pay Off Cybercriminals in Ransomware Attack, Yet Lack Resources to Overcome Attack<\/p>\n
Big data is changing the game for backup and recovery
\nIt’s well-known in IT that when you change one part of the software stack, there’s a good chance you’ll have to change another.
\nFor a shining example, look no further than big data.
\n“Traditional backup products have challenges with very large amounts of data,” said Dave Russell, a vice president with Gartner. “The scale-out nature of the architecture can also be difficult for traditional backup applications to handle.”
\nToday’s horizontally scalable databases do include some capabilities for availability and recovery, but typically they’re not as robust as those IT users have become accustomed to, Russell added.
\n“If you need scalability, you need to give up consistency — you have to give up one or the other,” Thakur said.
\nThat makes it tough to get a reliable snapshot of the big picture for point-in-time recovery.
\nNot only is it more difficult to track which data might have moved where in a distributed database at any given moment, but the resiliency features that often come “baked” into newer distributed databases — replication, for example — won’t protect you if data gets corrupted, said Simon Robinson, a research vice president with 451 Research.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a130243b0d&e=20056c7556<\/p>\n
A Hybrid Approach Is the Future of MSSPs
\nWhy a Hybrid Approach Is the Future of MSSPsBeyond the troubling data breach statistics, businesses of all sizes face a serious cyber security issue\u2014a cyber skills shortage and the cost of hiring rare security network experts.
\nThe level of difficulty to build an expert in-house security operations center is leading companies across all industries to consider other means of improving cyber security.
\nOne approach is to hire a third-party managed security service provider (MSSP).
\nAccording to IBM\u2019s Senior Manager of Security Services, Michael Sanders, the functions shared between your internal security operations team and an external MSSP include:
\n– Rule and device administration
\n– Real-time collection and analysis of activities that impact IT security
\n– Sweeping for incidents
\n– Threat monitoring
\n– Threat analysis
\n– Incident response management
\n– Emergency incident response planning
\nHowever, even the greatest communication between your in-house security team and your MSSP can be hindered by improper network architecture.
\nAlways ensure that your in-line security appliances and out-of-band monitoring devices are connected via proper networks TAPs.
\nWith network TAPs in place, you know that you have guaranteed visibility into every bit, byte and packet\u00ae of network traffic allowing the security tools to do their job while maintaining 100% network uptime, even when the appliance requires updates or trouble-shooting.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2e5ff7d007&e=20056c7556<\/p>\n
State Names New \u2018Cyberczar\u2019 to Help Protect Its Networks Against Hackers
\nAs NJ becomes increasingly reliant on computer networks, it grows correspondingly more vulnerable to expensive, intrusive cyber attacks
\nTo that end, Gov.
\nChris Christie announced yesterday that he\u2019s stepping up the state\u2019s cybersecurity efforts by creating a cabinet-level technology officer and naming David Weinstein, the top cybersecurity expert from the state Office of Homeland Security, to fill the new job.
\nA top state lawmaker also called yesterday for the creation of a new legislative committee to advance laws combatting cyberattacks.
\nChristie said yesterday that Weinstein\u2019s elevation to a $141,000-a-year cabinet-level position will help better protect New Jersey\u2019s government servers against threats posed by aggressive hackers.
\nWeinstein will be in charge of the state\u2019s day-to-day cybersecurity operations and intelligence analysis.
\nHe will also work closely with the state Office of Homeland Security, Christie said.
\nChristie said the new $10 million allocation for cybersecurity will come out of funds in the state\u2019s current, $34 billion fiscal year budget, which is in place until June 30.
\nThe money will be used to harden state government computer systems against sophisticated cyberattacks and to allow for audits of the state\u2019s computer networks and other infrastructure for potential weaknesses.
\nAll state departments will also undergo a cyberthreat evaluation, the governor\u2019s office said.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e8a7e79511&e=20056c7556<\/p>\n
[Australian] Government’s $230 million bid to fight cyber crime will fail without specialists, industry warns
\nThe professional association for Australia’s ICT industry has warned there are not enough specialists to deliver the federal government’s $230 million cyber security strategy.
\nAustralian Computer Society president Anthony Wong said the government faced a shortfall of up to 100,000 ICT professionals by 2020 and urgent action was needed to expand the workforce.
\nEarlier this year, the government announced it was prepared to strike back against foreign cyber attacks with funds to be spent recruiting hundreds of police and cyber security specialists.
\nThe funding boost comes after another $400 million was allocated to pay for staff with hacking experience to work for the Australian Signals Directorate, a key intelligence agency.
\nBut consultants have warned a recruitment drive for close to 900 positions will cause headaches for the government in coming years.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4d4cb16db6&e=20056c7556<\/p>\n
Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months
\nTotal number of Business Email Compromise (BEC) related crimes have reached epidemic levels, at nearly $3.1 billion in losses and involving 22,143 victims worldwide since January 2015, according to a new FBI report.
\nMost victims, according to reports to FBI, “use wire transfers as a common method of transferring funds for business purposes; however, some victims report using checks as a common method of payment.
\nThe fraudsters will use the method most commonly associated with their victim’s normal business practices.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3708d6d99d&e=20056c7556<\/p>\n
Malware infections by Locky, Dridex, and Angler drop — but why?
\nMalware infections by Locky, Dridex, and Angler drop — but why?Malware infections by Locky, Dridex, and Angler drop — but why?Why have these infamous and prolific malware infections suddenly dropped off the radar so quickly.
\nResearchers point out the decline follows the arrest of 50 people in Russia who are accused of using malware to steal over $25m, reportedly by the malicious Lurk Trojan infecting victims’ PCs and stealing bank account details.
\nGiven that the threats from Locky and Dridex haven’t disappeared completely, it’s thought that these malware campaigns aren’t directly linked to those responsible for using Lurk.
\nHowever, Symantec researchers suggest that the arrests may have resulted in the shutdown of networks used to host campaigns by other hacking and cybercriminal groups.
\nWhile that’s slowed activity for now, it’s probably only a matter of time before Locky, Dridex, and other forms of malware are on the rise again — because cybercriminals know this form of malicious activity is an easy way to exploit victims for ransom money.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=cf7e631ee6&e=20056c7556<\/p>\n
What government\u2019s CISOs think about security in Digital India – See more at: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=39679a4cc0&e=20056c7556
\nWith the focus on the Digital India programme, the number of e-governance projects have increased across all the government departments.
\nMost of these projects are executed either through tender or public private partnership (PPP) mode.
\nTherefore, it is essential to have proper information security strategy in place to secure the data.
\nAnd, this is what government\u2019s technology heads are gearing up to safeguard by creating an integrated framework to address the challenge of heterogeneity and complexity in managing cyber security for government projects.
\nWith the success of some of the e-governance projects like passport seva, Aadhar, government has realised that technology can help them in improving governance.
\nAnd, now the Digital India project is taking these things to the next level by not only focusing on its nine-pillars, but also strengthening the back-end platform and process.
\nMost of the government services are getting digitised.
\nBut having achieved these objectives, the government now has to ensure that the information collected remains secure.
\nTo fight the challenge, the government has taken number of steps.
\nThe MHA has recently issued a National Information Security Policy & Guidelines that could be taken as reference by all the central ministries, state governments and public sector units (PSUs) for developing their own information security and control mechanism.
\nBut beyond the guidelines, it is essential that for framing a policy which really serve the purpose, government organisations must understand their requirements, their processes and functions.
\nAlong with the policy guidelines, they can refer to standards like ISO 27001, COBIT framework etc.
\nAn ideal cyber security framework is also constrained by the fact that across the world the concept of security is changing.
\nSecurity is moving beyond firewalls.
\nThe old rule of anything inside firewall is good and outside is bad, and network as a perimeter are now diminishing.
\nOrganisations are now focusing on continuous monitoring of the cyber infrastructure for predicting things in advance.
\nIn addition to a technology partners for e-governance projects, most of the government departments involve a consultant for the project management.
\nThis increases the number of stakeholders and the risk for the data breach.
\nThat is why Rudramurthy of MHA, says that the security measures should be part of the contract itself.
\nService provider must be completely checked prior to onboarding and they must also be monitored on a continuous basis during the execution. \u201cIn addition, government departments need to have complete clarity around intellectual property rights, data protection rights and technology retention rights,\u201d says Rudramurthy, adding that the controls generally does not need to be only liquidated damage, one should consider proactive, corrective and reactive mechanism.
\nHowever, the right flow and the direction will come when there is right talent.
\nTherefore, the time has come for the top of the government to scale up, in terms of the human resource talent and its technical expertise to understand the nitty\u2013gritty of the scope of the work given to service provider.
\nThis will help them to understand \u2013 what is expected during the implementation and how to get the work done within time.
\nRight now, most of these controls are in administrative hands but ideally it should be taken care by a technical person.
\nBut very few talented person are interested in working under the programme management unit (PMU) set-up due to unpredictable future and weak appraisal system.
\nAbove all the challenges, the good news is that in recent past, the awareness about cyber security has increased.
\nEverybody, be it political leaders, bureaucrats, RBI, SEBI or corporate, are talking about it.
\nThanks to some of the notable data breaches and Edward Joseph Snowden, whose disclosure on numerous global surveillance programs run by different governments has led to an intense debate on data security and privacy, which has finally catalysed the concept of data localisation, leading to different government departments taking steps to beef-up their cyber security mechanism. \u201cThe awareness level has increased but on the technical front, lot of maturity is needed,\u201d says Rajiv Prakash Saxena, ex-deputy director general, National Informatics Centre (NIC).
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e89a5a570a&e=20056c7556<\/p>\n
Is the CEO really to blame for cyber attacks & data breaches?
\nMPs have this week set out a series of recommendations for companies who fail to guard against cyber attacks and data breaches.
\nOne of the most talked about recommendations from the Culture, Media and Sport Committee concerned the salary of CEOs, specifically that salaries of the top brass should be linked to effective cyber security.
\nThis move by the government to enforce a firmer hand in cyber security has been generally welcomed by the security industry, with all but some agreeing that the buck stops at the CEO.
\nThey are the leader, the one at the top, after all.
\nHowever, the issue of penalties and salaries linked to cyber security has divided the security industry.
\nWhile others, like Javvad Malik, Security Advocate at AlienVault, believe it is wrong to blame one individual for security failings, saying:
\n“I feel it’s wrong to simply attribute a single security incident to a CEO and impose financial penalties upon the individual.”
\nUltimately, are CEO’s to blame for cyber security failings.
\nYes and no.
\nA CEO cannot be blamed for a cyber attack hitting a company, but they can be blamed for not having the right personnel, expertise, technology, strategy and company-wide education in place to deter and minimise the impact of an attack or data breach.
\nFor Mark James, Security Specialist at ESET, the question of who to blame should not even be asked at all.
\n“However, the question should be “have they taken enough preventative measures?” not “who’s to blame?” Finding out what went wrong, how it can be stopped in future and finding ways to better protect us, the users, are the key points that need addressing.”
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fcac37cd73&e=20056c7556<\/p>\n
How to assess your stakeholder matrix as part of a cloud security strategy
\nIT teams have a difficult or impossible time cobbling together a full picture of what their cloud security looks like at any point in time, and other stakeholders in the organization are effectively blind to what is happening in their cloud environment.
\nThis can result in gaping holes in cloud security and compliance postures, frustration, and perhaps even more serious consequences, should an attacker see an opportunity to take advantage.
\nThis is why cloud security needs to take a strategy-first approach, where every tool purchased and solution leveraged fits into a bigger strategy that meets the needs of each stakeholder within the organization.
\nUnderstanding the needs of everyone within the cloud security stakeholder matrix will not only lead to a strong security strategy, where the objectives outlined, tactics taken, and technologies employed meet the security needs of the business, but will also bring together leaders at every level, creating champions for its execution across an entire organization.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=77caa16628&e=20056c7556<\/p>\n
Why a global threat sharing program is vital to protect global infrastructure
\nWe live in a time where the global sharing of threat intelligence is not only possible; it\u2019s vital to the security of our global infrastructure, and the public and private sectors have been working tirelessly to create these programs.
\nToday, thanks to the Cybersecurity Information Sharing Act of 2015 (CISA), enterprises now have the ability to share threat data with the Department of Homeland Security in a legal framework that protects good samaritans.
\nTo address the high-level technological needs of this endeavor, the DHS recently partnered with OASIS to revamp, standardize, lower the cost, and expand the reach of STIX and TAXII \u2014 data-sharing frameworks that now allow both humans and machines to exchange threat intelligence across borders in an automated fashion.
\nFurther, the U.S. government is also calling for more Information Sharing and Analysis Organizations (ISAOs) to be developed \u2014 diverse communities of private-sector companies that collaborate to share intelligence and help thwart cyber attacks.
\nOnce a global sharing program hits its stride, companies can rest assured that hackers will face more resistance than ever.
\nFor example, if Nike experiences an attempted breach, it can use STIX and TAXII to immediately report all the relevant details to the rest of the sharing ecosystem, and businesses across the globe will instantaneously have the ability to strengthen their defenses.
\nIf these same hackers try again at another location later on, they\u2019ll have no such luck.
\nThe industrial internet has the potential to create better, stronger, more innovative companies across all industries \u2014 which would undeniably improve the world as a whole.
\nBut, Industry 4.0 will only reach this lofty potential if businesses feel confident that their data is secure \u2014 and a crucial part of making that happen is encouraging widespread participation in a global threat sharing program.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e0b2561bce&e=20056c7556<\/p>\n
USB devices still represent a major security threat for enterprises
\nThe survey of 2016 Infosecurity Europe visitors looks at the use of USB storage devices in the enterprise and the policies governing them.
\nThe research found that 74 percent of respondents’ organizations allow employees to use USB devices in their networks, yet only 35 percent of companies force employees to use encrypted USB devices.
\nWhat’s surprising in the age of cloud is that 65 percent of employees still use USB devices to transfer company data. “This is a significant percentage and, in correlation to the 74 percent that are allowed to connect USB devices to their computers, and with the fact that USB thumb drives are constantly improved with bigger storage capacity and higher transfer speeds, makes them vulnerability for data security and exposes organizations to potential data leakage and data loss,” says Roman Foeckl, CoSoSys CEO and founder.
\nYou can find out more about the survey findings on the CoSoSys blog.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=28dcc11cf6&e=20056c7556<\/p>\n
The Poisoned Archives
\nlibarchive is an open-source library that provides access to a variety of different file archive formats, and it\u2019s used just about everywhere.
\nCisco Talos has recently worked with the maintainers of libarchive to patch three rather severe bugs in the library.
\nBecause of the number of products that include libarchive in their handling of compressed files, Talos urges all users to patch\/upgrade related, vulnerable software.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a17df3a9c0&e=20056c7556<\/p>\n
Cyber threats leap to top of manufacturers’ list of risks
\nCyber security is the top concern for more than nine out of 10 manufacturers surveyed, BDO USA L.L.P. said Tuesday, up 44% from 2013 and marking the first time cyber risk cracked the list of top 10 risk factors.
\nMore than 92% of manufacturers in BDO’s 2016 Manufacturing RiskFactor Report cited cyber security concerns in their disclosures to the U.S.
\nSecurities and Exchange Commission this year.
\nThe report, which analyzes the latest 10-K filings from the largest 100 publicly traded U.S. manufacturers across five subsectors, found that 91% also named operational infrastructure risk, including information systems and implementation of new systems and maintenance.
\nOther top concerns include federal, state and or local regulations; labor concerns or underfunded pensions; competition and consolidation in manufacturing; and commodity or raw material prices.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3c0a3c6496&e=20056c7556<\/p>\n
Majority of American Business Owners Unlikely to Pay Off Cybercriminals in Ransomware Attack, Yet Lack Resources to Overcome Attack
\nSCOTTSDALE, Ariz., June 21, 2016 \/PRNewswire\/ — Business owners in the U.S. recognize the severity of ransomware and the potential disruption to business operations, yet 84 percent say they would not pay in the event of an attack, according to a new survey by IDT911\u2122, a leading data security and identity theft protection firm.
\nOf these business owners, some routinely back-up their business files and could therefore restore processes, whereas others simply wouldn’t pay cybercriminals\u2014even if it meant not recovering information.
\nWhile such interference is detrimental to organizations of all sizes, every minute a business is forced to spend offline, is particularly damaging to revenue streams.
\nMore than half (60 percent) of business owners acknowledge this vulnerability and agree that they would immediately report the attack to law enforcement authorities, as one out of three respondents (33 percent) say they could not go without access to critical business systems for any length of time.
\nAdditional key findings include:<\/p>\n
Only three percent say they would pay $10,000 or more in a ransomware attack, whereas 10 percent would pay between $1 and $100.
\nNearly a quarter of business owners (22 percent) say they are unsure how to, or were not aware of the need to, back up their system and files.
\nA mere five percent of business owners currently set aside funds in case of ransomware attacks.
\nFemale business owners are more likely than men to report ransomware attacks to authorities right away.
\nMillennials (ages 18 to 34) are more likely to have cyber insurance protecting their business than those respondents aged 35 to 44.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4e39b642d8&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=f46b76716d)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change. * Big data is changing the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1239","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1239"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1239\/revisions"}],"predecessor-version":[{"id":3726,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1239\/revisions\/3726"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}