[From the desk of Paul G Davis – his opinion and no-one else’s, apart from those of the authors of the articles.]
\nAnd so, now the news<\/p>\n
* How Cybercrime Has Changed (Infographic)
\n* The modern look of a utility’s chief security officer
\n* Cyber security slated to become standalone practice
\n* Google Ramps Up Fight Against Deceptive Software Installations, Aims For ‘Clean Software’ Industry Standards
\n* This Software Is So Sleazy Google Calls It \u2018Ooze\u2019
\n* The advanced security techniques of criminal hackers
\n* How to Use Dungeons and Dragons for Security Training
\n* Solving the IT skills crisis: the five skills businesses need IT to master
\n* Dry Lighting Cracks against the Cloud: The Rise of the Advanced Persistent DoS (APDoS)
\n* 58% of orgs have no controls in place to prevent insider threats
\n* The four cybersecurity terms everyone is talking about at Black Hat
\n* Obama officials seek industry input on revising cyber-incident response strategy<\/p>\n
How Cybercrime Has Changed (Infographic)
\nAn infographic from security firm BTB Security shows how many more breaches and incidents of indentity theft there were in 2015 than in 2005.
\nAs a result, 190 million consumers were compromised last year, compared to only 44.2 million ten years earlier.
\nCheck out the infographic below to see how much these online attacks are costing businesses, then make sure you have a secure password.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ae85795ae9&e=20056c7556<\/p>\n
The modern look of a utility’s chief security officer
\nThe senior security professional, typically at the vice president or director level, now has direct access to the CEOand company boards of trustees, often to supply situational awareness of physical and cybersecurity issues.
\nThe CSO should have the ability to mold or shape policy from the boardroom or from the senior staff meeting.
\nThe good news for CSOs is that more board-level visibility can lead to more investment in security.
\nEven the best CSO, however, cannot be successful without backing from senior executives.
\nSo, what makes a CSO worth their weight in gold?
\nThe duties of the CSO have dramatically changed with the introduction of targeting electric infrastructure for attack, the advancement and reliance on cyber systems, and the job of ensuring compliance with the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards.
\nLikely the biggest responsibility is to create and foster a program that helps manage reputational risk.
\nA security event at a company, whether physical or cyber, can quickly ruin any good standing in the community or industry.
\nWhatever the range of duties, the security department’s prime mission must always align with the company’s.
\nThat means being a trusted partner.
\nThe modern CSO is business savvy and fully understands the impact that security has with respect to \u201ckeeping the lights on\u201d, business resiliency, reputational risk, and regulatory compliance.
\nToday\u2019s CSO must be an educator rather than an enforcer as he or she must be able to re-frame the security conversation away from mere loss avoidance and towards competitive advantage, efficiency, and risk reduction.
\nThe CSO must be technically adept, with an intuitive understanding of a company\u2019s assets, how attackers might penetrate them, and how to defend against attacks.
\nAnd because no company, no matter how invested it is in security, is fully immune from physical threats, the CSO must also understand how to deter, detect, and mitigate the attacks that do occur.
\nThe required skills for this position have matured and evolved over the past decade.
\nFormer law enforcement officers continue to be the logical first pick for many utilities.
\nHowever, very few investigations, domestic violence episodes, drug cases, or traffic violations occur at a utility.
\nFormer military personnel remain an effective alternative, especially those with an antiterrorism and force protection background, but often times lack advanced degrees or corporate experience.
\nhe biggest mistake that CSOs make is when they become complacent and think they\u2019ve solved the problem they are facing.
\nIn this business, you\u2019ve never solved the problem.
\nInstead, great CSOs are always scanning the horizon: They consider what mistakes they may be making and learn from the mistakes that others in their position make.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b4980927d1&e=20056c7556<\/p>\n
Cyber security slated to become standalone practice
\nThe rapidly increasing level and complexity of cyber security work conducted by lawyers, coupled with the introduction of mandatory data breach notification, could see cyber security become a standalonepractice area, according to a partner.
\nFor a long time, privacy law in Australia has been focused on the Australian Privacy Principles and their predecessor, the National Privacy Principles, meaning a lot of legal work around privacy was relatively simple, according to Mr Salter.
\nAnother factor that may contribute to the increase of cyber security-related work is the introduction of mandatory data breach notification legislation in Australia.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0c72c159fa&e=20056c7556<\/p>\n
Google Ramps Up Fight Against Deceptive Software Installations, Aims For ‘Clean Software’ Industry Standards
\nGoogle\u2019s Safe Browsing service, used by Chrome, Firefox, and Safari, generates 60 million monthly warnings to users about deceptive software installations.
\nThis is three times more than the number of warnings shown by the service for malware.
\nGoogle and New York University (NYU) performed a study on all types of deceptive software and ads out there in order to better identify how to fight against them.
\nOver the course of a year, Google and NYU discovered that four of the largest pay-per-install (PPI) advertising networks routinely distributed unwanted ad injectors, browser settings hijackers, and scareware flagged by over 30 antivirus engines.
\nThese bundles were promoted through fake software updates, phony content lockers, and spoofed brands.
\nAll of these methods were being discussed openly on underground forums.
\nGoogle and NYU determined that there are three parties that enable the pay-per-install distribution model: advertisers, affiliate networks and publishers.
\nBeyond that, the company is also trying to work with other stakeholders in the industry, including anti-virus companies and bundling platforms, to distribute \u201cclean software.\u201d The initiative aims to create industry-wide standards that give users clear choices when installing software, while at the same time blocking deceptive ads.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f9ca5b9976&e=20056c7556<\/p>\n
This Software Is So Sleazy Google Calls It \u2018Ooze\u2019
\nWhat qualifies as ooze.
\nGenerally, any software that deceives people into downloading it.
\nOoze can include ad injectors that cram unwanted ads onto webpages, browser setting hijackers that change the defaults on a person\u2019s web browser (for instance, by making a hijacker\u2019s preferred search engine the standard), or \u201cscareware\u201d that urges a person to install it to \u201cclean up\u201d his or her computer.
\nIn the shadier parts of what\u2019s known as the \u201cpay per install\u201d economy, software developers make money by bundling applications with other objectionable software, leading to the ooze epidemic, the researchers note.
\nThe incentives reward deception aimed at maximizing downloads, regardless of the consumer experience or outcome. (What separates this from the \u201cblackmarket\u201d variety is that it asks for user consent, albeit often underhandedly.)
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=28016fbf33&e=20056c7556<\/p>\n
The advanced security techniques of criminal hackers
\nI spoke with Rick Holland, former Forrester analyst and VP of strategy at Digital Shadows, at Black Hat about the security tools and techniques currently in use by cybercriminals.
\nWhat Holland had to say was both illuminating and, when considering the business of cybercrime, not entirely unfamiliar.
\n\u201cOpsec is a really good topic to be talking about in Vegas [Black Hat conference].
\nA lot of the things individuals are doing here, some of that applies to the bad guys,\u201d Holland says.
\nA term from the military world, “opsec” refers to tactics used to protect privacy and anonymity.
\nThe irony is that criminals rely on many of the same tools that defenders and internet users on the good side adopt to stay secure online — tools such as Tor and VPNs for network connectivity, bulletproof hosting, and Jabber and OTR protocol for online chats, according to Holland.
\nSnowden popularized Tails, the Linux distribution for the paranoid, Holland adds.
\nDefenders can capitalize on weak attacker opsec to gain insights into the people, process, and technology the attackers are using.
\nLapses in opsec give defenders the clue they need to stop the attack.
\nIn the new world where everything is online, any break is helpful.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e0f085b529&e=20056c7556<\/p>\n
How to Use Dungeons and Dragons for Security Training
\nA Black Hat talk by Tiphaine Romand Latapie, Research Team Lead for Airbus Group Innovation, suggested a very novel approach to security training.
\nBlack Hat Bug Art”I’m going to talk to you about the role-playing game I designed to teach people who don’t know anything about security,” said Ms.
\nLatapie. “At first, I designed this just for me, to make my job easier, to train my coworkers.
\nI tested it on my family, friends, and coworkers, including project managers, top managers, retail, customer support, and call centers.”
\n“I looked at all the trainings available,” she said. “Most are technical trainings.
\nLet’s train them without talking about the technical aspects.
\nTheir misunderstandings are not technical.” She pointed out that neophytes do just fine with physical security.
\nThey close the door in the morning.
\nThey have insurance for their property. “I’m going to use that knowledge to teach them computer security,” said Latapie. “It will be different from other trainings.
\nI’m convinced people learn better when they’re having fun.
\nI want them to think for themselves, so a role-playing game seemed really good to me.”
\nLatapie proceeded to lay out the RPG process. “You need one meeting room and a paperboard or drawing board,” she said. “It’s an old-fashioned paper game, not a video game.
\nIt’s for four to eight people, on two teams, for 90 to 120 minutes.
\nYou don’t need dice, or a dragon.
\nI’m very sorry about that.
\nThe gamesmaster conducts the game scenario for 30-45 minutes and then debriefs the teams.”
\nHere’s how it works.
\nThere’s a big skyscraper in a busy city with an important object inside, something that would just fit in a backpack.
\nThe attacking team attempts to steal the object, while the defenders prevent the theft.
\nBoth have unlimited budget, but their in-game actions must hew to the laws of physics.
\nIn addition, the defenders must obey the law.
\nOnce the gamesmaster declares the game over, the debriefing begins. “How do you make it infosec.
\nYou go back to the minutes and show how each thing they said relates to security,” said Latapie. “They say they’ll add a badge reader, and you translate that to access control.
\nThey say they’ll use facial recognition, and you talk about biometrics.
\nThe attackers propose to black out the building’s electricity, and you tell them about denial of service attacks.”
\nLatapie offered tips for a successful scenario, such as asking who wants to be on the attacking team. “You don’t want shy attackers,” she said, “and you can switch the teams if you need to.
\nYou’re the gamesmaster; you are the rules.” She noted that the game doesn’t work well on security people. “They go too far too fast.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bf674a6f54&e=20056c7556<\/p>\n
Solving the IT skills crisis: the five skills businesses need IT to master
\nNigel Hawthorn discusses the IT skills crisis and the five skills that will become vital to businesses operating in the cloud
\nHere are five skills that businesses will need IT to master to keep sensitive data secure:
\n1) Incident response management
\n2) Communication with non-IT departments and executives
\n3) Analysis expertise with very large datasets
\n4) Ability to write code and application development experience
\n5) Security certifications
\nUltimately, if IT is expected to drive innovation and growth, it requires individuals with the relevant abilities.
\nIT managers may already be complaining about the lack of skills within their teams, but the situation is only going to be exacerbated if the required steps aren’t taken now.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3d1d71b841&e=20056c7556<\/p>\n
Dry Lighting Cracks against the Cloud: The Rise of the Advanced Persistent DoS (APDoS)
\nWikipedia defines APDoS as:
\n\u201cAPDoS is more likely to be perpetrated by actors who are well resourced, exceptionally skilled and have access to substantial commercial grade computer resources and capacity.
\nAPDoS attacks represent a clear and emerging threat needing specialised monitoring and incident response services and the defensive capabilities of specialised DDoS mitigation service providers.
\nThis type of attack involves massive network layer DDoS attacks through to focused application layer (HTTP) floods, followed by repeated (at varying intervals) SQLI and XSS attacks.
\nTypically, the perpetrators can simultaneously use from 2 to 5 attack vectors involving up to several tens of millions of requests per second, often accompanied by large SYN floods that can not only attack the victim but also any service provider implementing any sort of managed DDoS mitigation capability.
\nThese attacks can persist for several weeks.\u201d
\nNow, if you digest this and take a look at the types of attacks, it\u2019s clear that APDoS would require a lot of varied technology to stop the nature of network floods, HTTP application-level DDoS and encrypted threats.
\nMoreover, the case of Protonmail, we are now seeing the problem manifest to SMTP attacks (somewhat new vector) and secure-SMTP such as TLS over SMTP.
\nMany companies who have procured DDoS solutions have no thought about the threat from a broader spectrum such as SMTP or FTP and secure variants such as those.
\nThe task is clearly daunting and real.
\nAs the next generation of DDoS threats emerge we must be very diligent and proactive.
\nI believe that companies need to rise above the normal corporate culture of security controls and become obsessive about removing risks and compulsive about action.
\nAfter all, these organizations may literally be holding life and death decisions in their hands \u2013 and this makes their actions rather profound and very unique.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a0302fccc4&e=20056c7556<\/p>\n
58% of orgs have no controls in place to prevent insider threats
\nMore than half of organizations (58 percent) still lack the appropriate controls to prevent insider attacks, with just under half (44 percent) unaware if their organization has experienced an insider attack at all, according to a new survey of more than 500 cybersecurity professionals.
\nThe Insider Threat Spotlight Report also found that nearly half of those surveyed have seen an increase in insider attacks over the last 12 months.
\nInadvertent data breaches (71 percent) top the list of insider threats companies care most about.
\nNegligent data (68 percent) and malicious data (61 percent) breaches come in a close second and third.
\nThe biggest threat comes from privileged users, such as managers, with access to sensitive information, with 67 percent believing that the fact insiders have credentialed access makes insider attacks more difficult to prevent.
\nAccording to the survey, the endpoint is the most common launching point for an insider attack\u2014by a wide margin (58 percent more than the next most common launching point: mobile devices).
\nTracking file movement across the network is a critical component of a data security strategy, according to 75 percent of respondents, with 57 percent naming databases as the most vulnerable asset to an inside attack.
\nSurvey respondents also named three barriers to better insider threat management:
\n– Lack of training and expertise (60 percent)
\n– Insufficient budgets (50 percent)
\n– Lack of collaboration between departments (48 percent).
\nNotably, lack of collaboration is the barrier with the highest gain since the previous survey, moving up 10 percentage points.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=00c8e57e98&e=20056c7556<\/p>\n
The four cybersecurity terms everyone is talking about at Black Hat
\nHere are four cybersecurity terms that are rooting many conversations, both on the expo floor and among experts and analysts in the briefing rooms:
\n– Behavior Baselining
\n– Active Response
\n– Security Analytics
\n– Public Key Cryptography
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=78826819ee&e=20056c7556<\/p>\n
Obama officials seek industry input on revising cyber-incident response strategy
\nSeveral of the Obama administration’s top officials on cybersecurity policy are urging industry leaders to get involved in revising the government’s strategy for responding to major cyber attacks, noting that drafting of the new plan has already begun and that a proposed version will be out for public comment as early as September.
\nThe revised cyber-response plan is being developed under Presidential Policy Directive 41 issued last week to address \u201csignificant incidents,\u201d a point that was stressed by White House…
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e307a95513&e=20056c7556<\/p>\n
* Best practices in cyber vulnerability assessment
\n* Are Healthcare CISOs Suffering from Cybersecurity Solution Fatigue? An Expert Probes Some of the Issues
\n* Will Faster Payments Mean Faster Fraud?
\n* Accenture : Data theft, malware infection big threat to digital businesses
\n* Ponemon Institute: External Cyber Attacks Cost Enterprises $3.5M\/year, 79% of Businesses Lack Comprehensive Strategies to Manage these Risks
\n* 2016 Malware Levels Now Stand at Nearly Four Times 2015 Totals
\n* Twitter Hacking and Social Media\u2019s Risk to Executive Security
\n* Beyond Data: Why CISOs Must Pay Attention To Physical Security
\n* $2.7 Million HIPAA Penalty for Two Smaller Breaches
\n* Using compliance as a tool for change
\n* In the Breach War, File Protection Is Just as Important as Data
\n* Data security and breach notification in Finland
\n* ISO compliance in the cloud: Why should you care, and what do you need to know?
\n* Federal Privacy Commissioner Provides Submission on New Data Breach Notification and Reporting Regulations
\n* Breach notification reporting can be complicated without proper skills, tools
\n* Banks must do better on cyber security: KPMG
\n* Australia gets one-quarter of a minister for national infosec
\n* The Case for Continuous Security Monitoring
\n* Arbor Networks Releases Global DDoS Attack Data for 1H 2016
\n* 5 Best Practices for Outsourcing Cybersecurity
\n* Most CISOs and CIOs need better resources to mitigate threats<\/p>\n
Best practices in cyber vulnerability assessment
\nHere are the best practices for cyber vulnerability assessment.
\nFirst and foremost you should have a very clear understanding of why you need a cyber vulnerability assessment.
\nResearch other companies in your industry.
\nTo know exactly which parts of your business structure need an assessment, you need to research your company\u2019s processes with a focus on the systems that are critical to keeping your business running.
\nOnce you\u2019ve identified the systems that need an assessment, you should rank them according to both their importance to your overall business model and to the sensitivity of the information they contain.
\nNow that you know exactly which systems and software need an assessment and how they rank in terms of priority, you should make sure you\u2019re aware of the security systems you already have in place.
\nf you\u2019ve completely mapped out both your vulnerabilities and your already-in-place security, and your inter-departmental security task force is in agreement on what\u2019s needed, you\u2019re ready to perform your vulnerability scans.
\nf you did your homework on what you needed to assess and also on the vulnerability assessment tool you chose, then you should fully trust the results of your cyber vulnerability assessment and act on them.
\nDon\u2019t wait.
\nDon\u2019t second guess.
\nThe assessment will produce recommendations for remediation that you should act on right now.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=28bcaef55c&e=20056c7556<\/p>\n
Are Healthcare CISOs Suffering from Cybersecurity Solution Fatigue? An Expert Probes Some of the Issues
\nA recent Institute for Critical Infrastructure Technology report provided some intriguing thoughts about the pressure facing chief information security officers (CISOs) to keep their organizations secure and how they are combating information and vendor solution overload.
\n\u201cDue to the plague of APTs, malware, ransomware and other malicious initiatives by invisible adversaries, few C-level executive positions are as critical as the CISO,\u201d Scott writes.
\nIn a recent report, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology (ICIT), a Washington, D.C.-based cybersecurity think tank, points out that a well-informed CISO can improve the engagement of the C-suite and improve the cyber posture of the organization.
\nWhile the report offers a cross-industry perspective of the CISO role and the challenge of vendor solution overload, the report author does spend moments focusing on healthcare organizations, specifically in a section detailing how CISOs can assess the return on investment of cybersecurity solutions.
\nThe report provides an interesting perspective about the need for CISOs to ignore the hype surrounding \u201csilver bullet\u201d solutions in order find the most effective cybersecurity solutions and strategies for their particular organizations, but at the same time, the report author also highlights the part that the vendor community plays in this problem.
\n\u201cIn many cases, CISOs operate under the unrealistic expectation that they should be able to prevent every breach with a finite budget.
\nThey are expected to have enough technical expertise to develop a strategy to protect the business and enough business acumen to convince the board to adopt that strategy because it aligns with the goals of the organization,\u201d he writes.
\nAnd, he asserts that modern CISOs tend to function more as Chief Information Risk Officers, managing the risk to data and technology.
\nAccording to the ICIT report, there is rapid burnout among CISOs, as the average turnover rate is 17 months.
\n\u201cVendor attempts to offer silver bullet solutions undermine the community at large and poisons the vendor-customer relationship.
\nThe culture promoting these inadequate solutions distracts CISOs, technical personnel and solution developers from the risks and threats in the threat landscape and it distracts them from designing the right solutions to address the market needs.\u201d
\nIn the report, the author offers strategic recommendations for calculating a cybersecurity solution\u2019s ROI and uses a healthcare organization as an example.
\nThe ROI of security solutions can be equated to the fiscal component of the impact that the organization would assume if an adversary exploited the vulnerability that the solution addresses, the author writes.
\nThe report concludes with statistics sourced from the Economist Intelligence Unit that indicates proactive CISO-led strategies can cut the success rate of cyber-breaches by more than 50 percent, hacking successes by 60 percent and ransomware infections by 47 percent.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=838c018415&e=20056c7556<\/p>\n
Will Faster Payments Mean Faster Fraud?
\nCrowe contends that to ensure global payments interoperability, faster payments are a necessity.
\nThe U.S. will soon be at a competitive disadvantage if it does not enable faster payments, she argues.
\nParry says the most fundamental risk to payments is poor identity management.
\nAnd it’s a legitimate concern.
\nAfter all, poor identity management apparently enabled hackers to steal $81 million from the central bank of Bangladesh in February, as part of a fraudulent transaction that was approved by the Federal Reserve Bank of New York.
\nAnd in a real-time or near-real-time environment, once the money is gone, it’s gone.
\nUnlike in the United Kingdom, Australia and other economically advanced parts of the world, faster payments are not the norm in the U.S.
\nCrowe declined to touch the interchange issue. “Cost is not the No. 1 worry for the Fed when it comes to faster payments,” she noted during the summit.
\nThe top concern, she says, is “a faster process that is still secure for business.”
\nThe Secure Payments Task Force’s goals differ from the goals of the Faster Payments Task Force.
\nAnd the Secure Payments Task Force has identified four areas that must be addressed to ensure the ongoing security of the payments system in the U.S. going forward.
\nFaster payments will be part of that, but not all.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=dc1567f2ea&e=20056c7556<\/p>\n
Accenture : Data theft, malware infection big threat to digital businesses
\nThe new report from Accenture and HfS Research say that 69 percent of respondents experienced an attempted or successful theft or corruption of data by insiders during the prior 12 months, with media and technology organizations reporting the highest rate (77 percent).
\nThis insider risk will continue to be an issue, with security professionals’ concerns over insider theft of corporate information alone rising by nearly two-thirds over the coming 12 to 18 months.
\nThe survey, “The State of Cyber security and Digital Trust 2016′”, was conducted by HfS Research on behalf of Accenture.
\nMore than 200 C-level security executives and other IT professionals were polled across a range of geographies and vertical industry sectors.
\nThe survey examined the current and future state of cyber security within the enterprise and the recommended steps to enable digital trust throughout the extended ecosystem.
\nThe findings indicate that there are significant gaps between talent supply and demand, a disconnect between security teams and management expectations, and considerable disparity between budget needs and actual budget realities.
\nDespite having advanced technology solutions, nearly half of all respondents (48 percent) indicate they are either strongly or critically concerned about insider data theft and malware infections (42 percent) in the next 12 to 18 months.
\nWhen asked about current funding and staffing levels some42 percent of respondents said they need more budget for hiring cyber security professionals and for training.
\nMore than half (54 percent) of respondents also indicated that their current employees are underprepared to prevent security breaches and the numbers are only slightly better when it comes to detecting (47 percent) and responding (45 percent) to incidents.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5d409f726c&e=20056c7556<\/p>\n
Ponemon Institute: External Cyber Attacks Cost Enterprises $3.5M\/year, 79% of Businesses Lack Comprehensive Strategies to Manage these Risks
\nTORONTO–(BUSINESS WIRE)–Despite acute awareness of the millions of dollars in annual costs, and the business risks posed by external internet threats, security leaders highlight the lack of staff expertise and technology as a key reason that these attacks are unchecked, according to results from a new Ponemon Institute study sponsored by BrandProtect.
\nSeventy-nine percent of the IT and IT security practitioners polled indicated their defensive infrastructure to identify and mitigate those threats are either non-existent, ad hoc or inconsistently applied throughout the enterprise.
\nThe findings reveal that the companies represented in this research averaged more than one cyber attack per month and incurred annual costs of approximately $3.5 million because of these attacks.
\nThe report \u201cSecurity Beyond the Traditional Perimeter,\u201d sponsored by internet risk detection and mitigation expert BrandProtect, examined the threats, costs and responses of companies to external internet cyber attacks.
\nThese threats include executive impersonations, social engineering exploits, and branded attacks arising outside a company\u2019s traditional security perimeter.
\nSecurity professionals cited an acute need for expertise, technology, and external services to address their growing concerns about these external threats.
\nSome of the key findings include:
\n– Fifty-nine percent of respondents say the protection of intellectual property from external threats is essential or very important to the sustainability of their companies.
\n– External internet attacks are frequent and the financial costs of these attacks are significant.
\nRespondents in this study report they experienced an average of 32 material cyber attacks or slightly more than one per month, costing their companies an average $3.5 million annually.
\n– Seventy-nine percent of respondents described their security processes for internet and social media monitoring as non-existent (38 percent), ad hoc (23 percent) or inconsistently applied throughout the enterprise (18 percent).
\n– Sixty-four percent of security leaders (directors or higher) feel that they lack the tools and resources they need to monitor, sixty-two percent lack the tools and resources they need to analyze and understand, and sixty-eight percent lack the tools and resources they need to mitigate external threats.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ddcbb18977&e=20056c7556<\/p>\n
2016 Malware Levels Now Stand at Nearly Four Times 2015 Totals
\nGULF BREEZE, Fla., July 19, 2016 (GLOBE NEWSWIRE) — via PRWEB – Necurs is back with a vengeance, according to the security research team at AppRiver.
\nIn its Q2 Global Security Report, the company notes that the infamous botnet’s return was one of the major reasons behind the escalation in malware activity–which clocked in at 4.2 billion malicious emails and 3.35 billion spam emails between April 1, 2016, and June 30, 2016.
\nFor the first time, the report also includes metrics from Web-borne threats, reporting an average of 43 million unique threats daily throughout the second quarter.
\nAppRiver’s security analyst team quarantined 4.2 billion emails containing malware in Q2, pointing to a continued increase in malware traffic this year and resulting in total of 6.6 billion emails quarantined during the first half of 2016.
\nFor comparison, analysts observed 1.7 billion emails containing malware during all of 2015.
\nRansomware levels, as predicted in the Q1 Global Security Report, have increased this quarter–and arguably pose the greatest threat to netizens.
\nAppRiver’s security researches predict that the massive volume of malware isn’t likely to subside anytime soon.
\nWith the likes of Locky and Zepto kidnapping users’ files until they pay a ransom, malware–especially ransomware–has become a business of its own.
\nThe popular channels that malware, like ransomware, travel through include obfuscated JavaScript, malicious macros, and OLEs (Object Linking and Embedding).
\nFifty-five percent of spam and malware traffic originated in North America, with Europe coming in second place.
\nAdditionally, AppRiver’s SecureSurf\u2122 Web filtering detected a spike in phishing attempts in June.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=35665b2aeb&e=20056c7556<\/p>\n
Twitter Hacking and Social Media\u2019s Risk to Executive Security
\nThe use of social media as a means for targeting victims \u2013 whether through phishing or social engineering scams \u2013 is nothing new.
\nHowever, i<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul G Davis – his opinion and no-one else’s, apart from those of the authors of the articles.] And so, now the news * How Cybercrime Has Changed (Infographic) * The modern look of a utility’s chief security officer * Cyber security slated to become standalone…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-2501","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2501"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2501\/revisions"}],"predecessor-version":[{"id":4988,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2501\/revisions\/4988"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}