[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]<\/p>\n
* Companies refusing to intern students studying ethical hacking
\n* Malware Top 10: Conficker Grabs Top Spot, Tinba Takes Second
\n* New Report Finds Insider Corporate Data Theft and Malware Infections among Biggest Threat to Digital Business in 2016
\n* Cyber risk management of third party suppliers and partners
\n* Google Chrome security tips for the paranoid at heart
\n* CEOs need better cyber security skills as half fall victim to phishing scams
\n* The Unfriendly Skies: Airlines Must Bolster Anti-Hacker Defenses
\n* Book Review \u2013 Dark Territory: The Secret History of Cyber War; peek into the past, present & future
\n* Polytechnique launching new degree in cybersecurity
\n* 30 of 50 banks may not meet capital adequacy norms: RBI
\n* The Terrorist Watch List Explained
\n* InfoSecurity Europe: AWS Security Best Practices
\n* Adaptive Security Demands A Shift In Mindset: Part 2 In A Series
\n* Security Prevention Alone Is Not Enough
\n* Russian parliament adopts data retention, encryption law
\n* Why Every DevOps Practice Needs Next-Generation Data Security
\n* Stare Into the Dark Side of DDoS Attacks
\n* Commerce Department Teams Up with DHS to Improve Its Cybersecurity
\n* Ten Tips to teach you to do network security analysis
\n* Where Do The Major Australian Political Parties Stand On Privacy And Encryption This Election?
\n* Security first: An overview of CompTIA CASP and SMSP certification
\n* Slideshow 14 ways a cyberattack hits your bottom line
\n* Another victim of SWIFT attackers, they steal $10 million from a Ukrainian bank<\/p>\n
Companies refusing to intern students studying ethical hacking
\nBotho College students who studied Ethical Hacking are finding it extremely difficult \u2013 in some cases impossible, to get internships with companies.
\nThe most reluctant are said to be commercial banks who fear what might happen if the interns hack systems through which they manage hundreds of millions of pula.
\nBotho offers Ethical Hacking as a module under a degree programme in Computer Forensics.
\nWhat appears to be the problem is the second word in the name of the course and the first doesn\u2019t seem to allay fears.
\nAs part of the programme, students have to get internship positions in order to put their classroom learning to practical use.
\nTypically, tertiary education institutions don\u2019t secure such places for students but the latter have to do so on their own.
\nThe internship hunt is aided by a script listing all the courses that a student has studied.
\nIn the particular case of students who are enrolled for the Computer Forensics programme, Ethical Hacking is on the list.
\nThis debacle attests to the fact that it will be some time before the industry and tertiary education institutions establish common ground on how education should be packaged for the job market.
\nFar too many of Botswana\u2019s university graduates are unemployed because what they learnt in school was not relevant to what the job market requires.
\nWorking with Business Botswana, the Ministry of Education and Skills Development is supposed to have developed a curriculum that plugs all the gaps.
\nThe ordeal of Botho students shows that there is still a lot that the two parties need to agree on.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7c2fb1196e&e=20056c7556<\/p>\n
Malware Top 10: Conficker Grabs Top Spot, Tinba Takes Second
\nSecurity firm Check Point just released its list of the 10 Most Wanted Malware for May 2016.
\nThe Conficker worm grabbed the top spot, followed by banking Trojan Tinba and highly complex malware Sality.
\nWhat\u2019s more, the total number of active malware families spiked 15 percent last month with 2,300 unique global groups.
\nWhile the top 10 include old threats, new vectors and a host of sophisticated attack avenues, there are a number of up-and-coming concerns that are also worth a look.
\nConsider the Godless malware currently making the rounds on Android devices.
\nMay was a big month for malicious actors, with historic code Conficker taking top spot in the malware rankings.
\nBanking Trojans stay strong, while worms, mobile malware, exploit kits and botnets all make an appearance in the top 10.
\nUp-and-comers such as stealthy Android rootkits and phishing phone attacks round out this high-powered malware lineup.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a9375b6481&e=20056c7556<\/p>\n
New Report Finds Insider Corporate Data Theft and Malware Infections among Biggest Threat to Digital Business in 2016
\nNEW YORK–(BUSINESS WIRE)–Insider data theft and malware attacks top the list of the most significant concerns for enterprise security executives, a new report from Accenture and HfS Research reveals.
\nOf those surveyed, a majority (69 percent) of respondents experienced an attempted or successful theft or corruption of data by insiders during the prior 12 months, with media and technology organizations reporting the highest rate (77 percent).
\nThis insider risk will continue to be an issue, with security professionals\u2019 concerns over insider theft of corporate information alone rising by nearly two-thirds over the coming 12 to 18 months.
\nAdditionally, the research shows that a budget shortage for hiring cybersecurity talent and well-trained employees is hindering the ability of organizations to properly defend themselves against these attacks.
\nThe survey, \u201cThe State of Cybersecurity and Digital Trust 2016\u201d, was conducted by HfS Research on behalf of Accenture (NYSE:ACN).
\nMore than 200 C-level security executives and other IT professionals were polled across a range of geographies and vertical industry sectors.
\nThe survey examined the current and future state of cybersecurity within the enterprise and the recommended steps to enable digital trust throughout the extended ecosystem.
\nThe findings indicate that there are significant gaps between talent supply and demand, a disconnect between security teams and management expectations, and considerable disparity between budget needs and actual budget realities.
\nDespite having advanced technology solutions, nearly half of all respondents (48 percent) indicate they are either strongly or critically concerned about insider data theft and malware infections (42 percent) in the next 12 to 18 months.
\nWhen asked about current funding and staffing levels some 42 percent of respondents said they need more budget for hiring cybersecurity professionals and for training.
\nMore than half (54 percent) of respondents also indicated that their current employees are underprepared to prevent security breaches and the numbers are only slightly better when it comes to detecting (47 percent) and responding (45 percent) to incidents.
\nThe report identified five significant gaps disrupting the ability of enterprises to effectively prevent or mitigate well-organized and targeted cyber attacks, including:
\n– Talent
\n– Technology
\n– Parity
\n– Budget
\n– Management
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2ce538f08c&e=20056c7556<\/p>\n
Cyber risk management of third party suppliers and partners
\nDr.
\nJim Kennedy explains why managing the cyber risks posed by suppliers and partners is the weak link in many information security plans and looks at how to improve in this area.
\nHaving been involved in information\/cyber security for over 30 years, I have been asked to review computer and network security breaches for many Global 1000 corporations in the government, financial, pharmaceutical, electric power generation and distribution, manufacturing and telecommunications sectors of our economy.
\nIn many cases the breaches I analyzed came from failures of having inadequate security policies and operational procedures in place or not adhering to those policies or procedures that were in place.
\nTrusted insiders or employees also accounted for some of the losses of information and compromises to critical networks and systems.
\nHowever, a large number of the security breaches I investigated came from inadequately managing and controlling risks posed by third party partners or suppliers.
\nMany cases of knowingly allowed, unfettered access to an organization’s most critical and valuable information, systems, and networks was given to these third party entities without any or with minimal security review.
\nWhy.
\nTo facilitate the interconnection of these third party suppliers or partners to enable them to transact business or receive or deliver services.
\nSo when it comes to third party risk, what should be done?
\nBy entering into any business or operational agreement or contract the Trust component is already in place.
\nThe next order of business for the trusting organization is for its security team to Verify that adequate security is in place to validate that Trust of any connection between the two organizations.
\nTo begin this process, the value of the data to be sent, received, and\/or stored needs to be clearly understood along with critical network, storage, and systems security needed by both the primary organization and its proposed supplier or partner.
\nThe next order of business is to clearly identify and provide access only to the minimal amount of information and\/or data to be sent, received, or stored to meet the terms of the business contract or arrangement. \u2018Less is always Best\u2019.
\nRisks should be reviewed and determination made by senior management whether the risk is acceptable or can be mitigated to satisfaction.
\nHowever, senior security management should absolutely be involved in the final decision.
\nInterconnection and sharing of information between businesses and government is necessary to keep the economy functioning and for government organizations to accomplish their important missions.
\nAlso important is the protection of intellectual property, personal and patient information, customer and shareholder finances, and the critical infrastructure and governmental operations and information.
\nTo do this properly all third party entities needed to send, receive, repose, or process information on behalf of a business or government function needs to be assessed for risk they might pose to that information and make informed decisions so as to the insure the security and availability of that information.
\nI hope that I have help in identifying elements necessary to make those decisions.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ebab1a3a04&e=20056c7556<\/p>\n
Google Chrome security tips for the paranoid at heart
\nMore about IT Security
\nTech Pro Research’s Cybersecurity and Cyberwarfare Survey
\nWhat kind of data breaches have your organization scared, and what are you doing to fend them off.
\nTell us in this short survey and get a free copy of the research report.<\/p>\n
Read more
\nWhen you’re logged in to your Google account through Chrome, your Chrome settings sync with your account and every device you use with Chrome will inherit those settings.
\nThis isn’t always an optimal configuration, because it will sync cookies, passwords, history, and more.
\nThere will be cases where you do not want that information being sent into the ether to sync with your other devices.
\nFollow these steps to prevent this from happening.
\nLet’s move onto some less obvious browser settings that can be changed to help beef up your security.
\nFrom within the Settings window, click Show Advance Settings and then click Content Settings (under Privacy).
\nThis particular section is crucial to your security; it’s where you’ll configure what to do with Cookies, JavaScript, Plugins, Popups, and more.
\nThese are the settings I recommend you use.
\nLet’s move onto some less obvious browser settings that can be changed to help beef up your security.
\nFrom within the Settings window, click Show Advance Settings and then click Content Settings (under Privacy).
\nThis particular section is crucial to your security; it’s where you’ll configure what to do with Cookies, JavaScript, Plugins, Popups, and more.
\nThese are the settings I recommend you use.
\nI recommend unchecking the box for both settings under Passwords, even though this will cause you to always have to re-enter your passwords for every secure site you use.
\nI recommend unchecking the box for both settings under Passwords, even though this will cause you to always have to re-enter your passwords for every secure site you use.
\nFor those that really don’t want to risk security, when using Google Chrome, you can always run every session through an Incognito window.
\nMany desktop environments will allow you to open Chrome in Incognito without having to first launch Chrome and then open a new Incognito window.
\nElementary OS Freya, for instance, allows you to right-click the Chrome launcher and then select New Incognito Window (Figure D).
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=dac5abd44f&e=20056c7556<\/p>\n
CEOs need better cyber security skills as half fall victim to phishing scams
\nExecutive boards need better cyber security training, given half of chief security officers fall victim to phishing attacks, according to research conducted by security firm AlienVault.
\nThe research found that 82 per cent of IT security professionals worry that their high-ranking executives are still vulnerable to phishing scams.
\nDespite such concerns only 45 per cent provide cyber security training to all their employees including the executive board, while 20 per cent do not conduct any training and instead tackle the fallout of such cyber attacks when they occur.
\nAccording to the FBI there was a 270 per cent increase in CEOs becoming victims of fraud since the beginning of 2016.
\nSuch fraud has cost US organisation over $2.3bn over the past three years, while each attack is estimated to cost companies between $25,000 to $75,000.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d4911417fd&e=20056c7556<\/p>\n
The Unfriendly Skies: Airlines Must Bolster Anti-Hacker Defenses
\nThe Israeli military made (air)waves last week when it announced that it was installing cyber defenses on its F-35 jets.
\nWhile this may seem like a futuristic concept, it\u2019s actually long overdue from an online security standpoint.
\n\u201cAs technology rapidly continues to advance, we must all work to ensure that the airline industry remains vigilant in protecting its aircraft and systems from cybersecurity breaches and attacks,\u201d Markey, a member of the Commerce, Science and Transportation Committee, wrote in the letter.
\nThe answers Markey received revealed that there is no uniform standard for cybersecurity testing, so in April he introduced the Cybersecurity Standards for Aircraft to Improve Resilience Act of 2016, which would require the disclosure of information relating to cyberattacks on aircraft systems, and would establish guidelines to identify and address cybersecurity vulnerabilities in commercial aviation.
\nThe bill was referrred back to Markey\u2019s committee, but no further action has been taken.
\nMarkey\u2019s office did not respond to several requests for comment.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6b344626f5&e=20056c7556<\/p>\n
Book Review \u2013 Dark Territory: The Secret History of Cyber War; peek into the past, present & future
\nCYBER WARFARE can be tough to explain.
\nLike the thousands of lines of coding that run through a computer programme, it entails complex technicalities.
\nBut in Dark Territory, Pulitzer Prize-winning American journalist and author Fred Kaplan takes readers through tapped phone lines and top-secret cyber units and operations to illustrate how US policymakers and organisations realised that the \u2018threat\u2019 was real and prepared for it.
\nIntelligence agencies and bodies like the National Security Agency, Central Intelligence Agency and the department of defense were key players in these preparations.
\nTheir evolution over the years is also depicted in detail in the book.
\nThe book also focuses on some recent incidents of cyber attacks that prove that the looming threat is omnipresent.
\nThe attack on Sony Pictures by North Korean hackers and an assault by Iranian cyber criminals on Las Vegas Sands Corporation, a conglomerate with assets worth more than $20 billion, are prime examples of strikes that were launched \u201cnot for money, trade secrets, or traditional espionage, but to influence a private company\u2019s behavior\u201d.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=00c60cba56&e=20056c7556<\/p>\n
Polytechnique launching new degree in cybersecurity
\nAs information and communication technology (ICT) has become integral to almost every facet of modern society, cybersecurity has become one of the hottest fields around.
\nWith a goal of boosting supply and expertise in the burgeoning field, Polytechnique Montr\u00e9al and Deloitte have teamed up to educate a new crop of cybersecurity experts.
\nThe engineering school, which is part of Universit\u00e9 de Montr\u00e9al, and the professional services firm are joining forces to fight cybercrime by expanding and upgrading Polytechnique\u2019s cybersecurity program \u2014 and creating a state-of-the-art curriculum that will meet current market needs.
\nThey aim to create the first bachelor\u2019s degree in cybersecurity \u2014 which will be offered in English next year as well \u2014 by offering three cutting-edge certificate programs in cyber investigation, online fraud and IT network computer security.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=62d529362d&e=20056c7556<\/p>\n
30 of 50 banks may not meet capital adequacy norms: RBI
\nThe Reserve Bank of India (RBI) has raised concerns over the capital adequacy ratio of many lenders (30 of 50), saying they might not be able to meet the norms under extreme scenarios.
\nIn its Financial Stability Report, it said this ratio doesn\u2019t seem threatened for now but could slip below the required level if there\u2019s a surge in bad loans.
\nTests conducted by RBI suggest that under a baseline scenario, gross non-performing assets (NPAs) could rise to 8.5 per cent of the total by March 2017, from 7.6 per cent in 2016.
\nHowever, if banks\u2019 asset quality faces any severe stress, it could rise to 9.3 per cent.
\n30 of 50 banks may not meet capital adequacy norms: RBI
\nAlso, says RBI, while all in the banking system are focusing on improving the usage of technology, the system needs tighter security.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6066b673f6&e=20056c7556<\/p>\n
The Terrorist Watch List Explained
\nThe Terrorism Screening Database is the official name for the terrorist watch list and is maintained by the FBI’s Terrorist Screening Center.
\nThe Terrorism Screening Database is the country’s central repository of foreign and domestic known and suspected terrorists.
\nIt receives names of suspected international terrorists from the Terrorist Identities Datamart Environment, which is maintained by the National Counterterrorism Center in connection with the U.S. intelligence community and security agencies that have information on terrorists.
\nIt also receives data on domestic terrorists from the FBI.
\nFrom the Terrorism Screening Database, more specific lists are created for different purposes.
\nFor example, the No Fly and Selectee lists are used to prevent individuals from travelling or to subject them to greater scrutiny.
\nFor an individual to be included on the No Fly or Selectee list, additional evidence of his threat to aviation security and clear identifying information is needed above and beyond the reasonable suspicion standard.
\nTo get on the Terrorism Screening Database, U.S. officials nominate an individual whom they have “reasonable suspicion” to believe is engaged in or aiding terrorist activities.
\nThere must also be a sufficient level of identifying information to include an individual on the list.
\nThere have been, and continue to be, legal battles over whether proper avenues for redress exist to get off the No Fly list.
\nThe FBI’s decision to close its investigations will be reviewed.
\nFBI Director James Comey has said that it appears the bureau followed the correct procedures, but the steps the agents took are being examined to see if something fell through the cracks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2b79de091d&e=20056c7556<\/p>\n
InfoSecurity Europe: AWS Security Best Practices
\nEvident.io Founder and CTO Justin Lundy focused on securing Amazon Web Services (AWS) access with best security practices in the industry.
\nHere\u2019s a summary of some of the top tips:
\n– Disable the Root Account API Access Key
\n– Enable Multi-Factor (MFA) Everywhere
\n– Reduce the Number of IAM Users With Admin Access
\n– Use Roles for Apps that Run on EC2 Instances
\n– Enact the Principle of Least Privilege for Programs
\n– Rotate All Keys Regularly
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=759777427b&e=20056c7556<\/p>\n
Adaptive Security Demands A Shift In Mindset: Part 2 In A Series
\nBy adopting new ways of thinking about security, improving the capabilities of existing systems, and integrating key innovations, enterprises will be well on their way to better security.
\nIn blog 1 of our series, we examined three realities that are driving enterprises to embrace an adaptive approach to security — an idea coined by Gartner and explained in the report, Designing an Adaptive Security Architecture for Protection From Advanced Attacks.
\n\u201cBlocking and Prevention Solutions Will Keep All the Bad Guys Out.\u201d I\u2019m a big advocate of good nutrition, regular exercise, and sufficient rest.
\nBut even if you take these basic preventative measures, life can still throw you a curve ball.
\nWhile preventative controls are important against opportunistic attacks, most of today\u2019s most destructive threats are low-and-slow targeted attacks that can circumvent traditional signature-based defenses such as antivirus technology.
\nBasic prevention alone is not enough.
\n\u201cThere\u2019s Nothing We Can Do Once the Bad Guys Are In.\u201d In the security world, it\u2019s true that some malware or creative hacking will make it past enterprise defenses.
\nSo what do you do?
\n\u201cOur Security Products Don\u2019t Have to Communicate.\u201d As enterprises struggle to protect themselves against the next new attack, they are drawn to the promise of the latest shiny silver-bullet product.
\nhe premise behind an adaptive security infrastructure is much the same.
\nIf the technologies are connected and enabled to exchange insightful threat information and context, security teams and processes will be more effective both in the short term and long term.
\n\u201cIncident Response Only Needs to Happen on an As-Needed Basis.\u201d Getting back to health again, what happens if you have a car accident or suffer a severe injury?
\nMany enterprises have an \u201cemergency response\u201d consciousness.
\nThey look at incident response as something that happens only when a security event is discovered.
\nToday, this ad hoc approach is not an option.
\nThe new normal is the continual risk of compromise, which demands continuous response.
\nFinding the bad guys and stopping them from doing further damage must become an ongoing endeavor with formal plans and optimized processes that feed learnings back in to improve policies, processes, and technologies.
\nStay tuned for blog 3 of this series, which will address the specifics of what it takes to create an intelligence-driven security operations center (SOC).
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8a8cb09d86&e=20056c7556<\/p>\n
Security Prevention Alone Is Not Enough
\nThe combination of zero-day-threats and attacks from within the internal network are now driving new types of solutions referred to as \u201cAdvanced Threat Detection.\u201d
\nThese are not a replacement for security prevention, but a complement.
\nBoth preventive and detective solutions are needed to counteract attacks, but the information gathered by both can also be used in retrospective analysis to determine if any further measures need to be taken and to learn from experiences.
\nThe alert of potential malicious behavior can be compared against information from security prevention solutions to assess if an attack is underway.
\nConversely, it can be used to validate a threat alert from a security prevention solution that could be a \u201cfalse positive.\u201d
\nhe average cost of time wasted responding to inaccurate and erroneous intelligence was estimated by Ponemon Institute to be up to $1.27 million annually for a typical organization.
\nBecause of this, only four percent of all malware alerts are investigated.
\nThe Ponemon Institute also found that prevention tools miss 40 percent of malware infections in a typical week.
\nAt the heart of advanced threat detection solutions is the concept of continuous monitoring and analysis, not just of logs and NetFlow data but of packets themselves.
\nThe Maginot Line was once considered a work of genius, but after the Second World War became the butt of many jokes, such as: The Maginot Line is French for \u201cspeed bump ahead.\u201d If you don\u2019t want your network security to become a joke, then invest in security detection, continuous monitoring and automated tools for correlation of data alerts.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bb523fe725&e=20056c7556<\/p>\n
Russian parliament adopts data retention, encryption law
\nThe lower chamber of the Russian parliament has adopted an amendment to the Law on Telecommunications requiring communications providers to retain certain customer data, reports Tdaily.ru.
\nThey would need to store records of both incoming and outgoing calls of all subscribers for six moths as well as sent SMS for three years.
\nThe requirements are related to anti-terrorism measures by the government.
\nThe amendment also includes the requirement to provide state services with tools enabling them to decrypt protected services, including sites using the https protocol.
\nOperators would need to create a special data processing and storage system for this purpose.
\nAnalysts estimate that Russian operators would need to spend RUB 5,000 billion in order to comply with the new law.
\nRussian President Vladimir Putin must still sign the legislation before it can take effect.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e2364c1e92&e=20056c7556<\/p>\n
Why Every DevOps Practice Needs Next-Generation Data Security
\nA DevOps shop is an unusually tempting target for cybercrime.
\nAs an organization improves its DevOps practice, it grows increasingly vulnerable because more people have access to privileged data.
\nWith all the downside, why aren\u2019t DevOps projects increasing the priority of data security.
\nThe answer is probably a simple question of incentives.
\nSurveys show that DevOps transformations are driven by the need to ship higher quality code faster, not by cost or security concerns.
\nIf a DevOps leader has a mandate to deliver speed and quality, security solutions get treated like roadblocks.
\nAdditionally, security experts are not always integrated with DevOps teams, so responsibility for avoiding breaches – and the consequences for experiencing one – fall elsewhere.
\nA successful next-generation solution will have three components:
\n– It will use data masking.
\n– The solution will deliver data on demand, in minutes, and in a way that team members may spin up themselves.
\n– The solution must readily integrate with the rest of the DevOps toolchain.
\nA next-generation data security solution can actually accelerate your DevOps projects.
\nDriving ahead without one simply paints a target on your back.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=679dbc77d6&e=20056c7556<\/p>\n
Stare Into the Dark Side of DDoS Attacks
\nandwidth- or resource-saturating DDoS attacks are effective, but today they are not the most common type of DDoS attack.
\nResearchers are beginning to see a new motivation for the attacks they observe.
\nn order to effectively hide their tracks, attackers attempt to overwhelm security and logging tiers with smaller, repetitive DDoS attacks.
\nThe smaller attacks consume considerable time, attention, resources and log storage without filling the pipes.
\nWhile everyone is focused on the DDoS incident, attackers are performing more insidious actions to breach and remain persistent in a network.
\nWhat many fail to realize is that attackers understand security.
\nMost of them are experts at firewalls, IPS, sandboxes, anti-virus software and other attack detection technologies.
\nThey also understand how to use these systems to their advantage.
\nAnother dark side of DDoS that is growing in popularity is called DDoS for Ransom.
\nThis should not be confused with ransomware that encrypts hard drives and file systems, then prompts the victim to pay for a key to decrypt the data.
\nInstead, DDoS for Ransom always begins with a threat of a pending DDoS attack, most often delivered via email.
\nMost DDoS subject matter experts recommend a hybrid approach to defeating DDoS.
\nThis approach includes on premise DDoS defenses working in unison with cloud-based defenses.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1b0cbd0ba8&e=20056c7556<\/p>\n
Commerce Department Teams Up with DHS to Improve Its Cybersecurity
\nFor the U.S.
\nDepartment of Commerce, when it comes to cybersecurity it\u2019s better to be proactive than reactive.
\nCommerce has been partnering with the Department of Homeland Security to use new tools from a key DHS program to enhance its security posture.
\nOver the last few years, Commerce has been testing tools from DHS\u2019s Continuous Diagnostics and Mitigation (CDM) program, a five-year, $6 billion effort to give civilian agencies the tools and services required to monitor their IT systems and then respond almost instantaneously to vulnerabilities.
\nCommerce Department CIO Rod Turk tells Federal News Radio that the agency has been testing the CDM tools ahead of time to make sure it can quickly implement them when they are ready.
\nThat is forcing Commerce to upgrade its IT infrastructure to handle the tools.
\nCommerce has focused on using the software tools that DHS has provided to agencies under the CDM program, and Commerce is now moving from planning to implementation with many of those tools. \u201cWe\u2019re working very well with the DHS folks and we meet with them on a continuous basis and we are moving forward,\u201d Turk says.
\nCommerce\u2019s new system will support hardware management, software asset management and vulnerability management \u2014 the key elements of CDM.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8f1b81038a&e=20056c7556<\/p>\n
Ten Tips to teach you to do network security analysis
\nConfiguring security analysis to identify the best way for your company and having meaningful output feasibility insights.
\nTo avoid falling into the trap of analysis, it provides security professionals to find the best way to configure security analysis, to yield meaningful insights possessed the feasibility of the recommendations.
\n1. shaping the environment, increase the real alarm detection rate
\n2.Adjust the Security Event Management (SIEM) features
\n3. capture threats at an early stage
\n4.The data is not better
\n5.Reduce Network Security Alert inflows
\n6. a threat hunter
\n7.Use the context of reducing incident response time
\n8.First, narrow the scope of the attack, and then finish up analysis
\n9. wary of false positives
\n10.Use analytical support overhead
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=22d8805a1f&e=20056c7556<\/p>\n
Where Do The Major Australian Political Parties Stand On Privacy And Encryption This Election?
\nQuestions asked of the political parties in the survey covered open government partnership, encryption, telecommunications data retention, intelligence oversight, NBN, preferential trade agreements, copyright reform and enforcement, censorship, the Office of the Australian Information Commissioner, mandatory data breach notification, the privacy right of action, census data and health records.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8a4120bdad&e=20056c7556<\/p>\n
Security first: An overview of CompTIA CASP and SMSP certification
\nThe CompTIA Ad<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] * Companies refusing to intern students studying ethical hacking * Malware Top 10: Conficker Grabs Top Spot, Tinba Takes Second * New Report Finds Insider Corporate Data Theft and Malware Infections among…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-2492","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2492"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2492\/revisions"}],"predecessor-version":[{"id":4979,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2492\/revisions\/4979"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}