Mitigating Cyber Crime on Cyber Monday

High-impact cases of cyber crime affect organizations which were was fully compliant with its respective regulatory frameworks. Organizations can become blinded by compliance to the point where they have a false sense of assurance about managing people-related risk.

This is defined as counter-productive behaviour, from inadvertent to malicious, and can range from oversight and corner-cutting – such as sharing passwords or propping open doors – to opportunistic behaviour including theft, fraud and sabotage. A recent example of the potential damage that people risk can cause is when an investment bank suffered significant losses through a single broker’s late-night trading. While the bank was compliant in identifying individual anomalies, its lack of a holistic approach led to it losing £6m. The broker took Monday off work (an operational state anomaly) and by the evening had made his first batch of unauthorized trades (role, authorization and operational anomalies). He notched up thousands of trades worth a total of $520m (£345m). He bought a net 7.13 million barrels of oil during the typically quiet overnight period (a time anomaly). His actions sent prices surging (price/market anomaly) by more than $1.50 to $73.50 for a barrel of Brent crude oil – the highest for eight months (another time anomaly). The deals potentially cost companies worldwide more than $100m. By taking a holistic approach to people risk management, the bank could have avoided this loss. In September, Holistic Management of Employee Risk was published by the UK’s Centre for the Protection of National Infrastructure (CPNI) and PA Consulting Group. Homer recommends as series of key steps for organizations to manage people risk effectively.  How effective can these cyber crime mitigation tactics for business be applied to consumers shopping this Christmas season on-line? Share your comments with the Cloud and Cyber Security Center.

Christmas Shopping at the New Home and Computer Security Superstore

The Home and Computer Security Superstore offers a wide variety of home security, surveillance and CCTV systems, computer security software from vendors such as Norton, McAfee, Kaspersky Labs, Viper and Bullguard, and yes, even remote baby monitors for new parents.  While we commit to keep any posts which are actually "commercials" to an absolute minimum we greatly value your feedback on this one-time basis.

Our goal is provide both homeowners, computer users, small businesses and young parents with quality security products that will reduce their threat of traditional and Internet crime. We are just launching this new eCommerce store and encourage all of our readers to visit and send us your feedback on which additional security products will best suit your needs. While we commit to keep any posts which are actually "commercials" to an absolute minimum we greatly value your feedback on this one-time basis. Visit the Home and Computer Security Superstore at: http://homecomputersecuritysuperstore.com/

Cyber Terrorism: The Threat to Business and eCommerce

Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.  If your look at the projected eCommerce number for this year, the Internet being down for just one day could disrupt nearly $6.5 billion worth of transactions.

More than just eCommerce transactions flow over the Internet. eMail, voice communications, some banking machines, credit card authorizations for physical stores and the list goes on and on. Information is the life blood of commerce, regulatory oversight and even social status. The importance of the information and the ability to access it, transfer it and act upon it has increased to the point that it is unfathomable for all but the smallest of businesses to operate without computers or networks. As the value of the computing infrastructure increases so to does the value of disruption. The financial implications are one thing, but the psychological impact of the Internet disruption could be even more damaging. How likely is this to happen? It is not, if it will happen, but when. The likelihood of a cyber terrorism attack disrupting the Internet increases every day. The increased reliance on the Internet by business, government and society has made it a prime target for terrorist intent on disrupting our economy and way of life. How likely is the West to be targeted by major cyber terrorism attacks in the coming months? Share your comments with the Cloud and Cyber Security Center.

SAS Cybercecurity - A New Entrant into the Cybersecurity Arena

The vendor SAS has long been known as a world-class statical analysis software vendor. With the introduction of SAS Cybersecurity the company seeks to level its brand and statistical expertise to gain a foothold in the cyber security software market.

  The solution offers: Contextual data enrichment. Augments network flow with business information and external threat data to detect cyberrisks based on your specific business workflows, "Right-timed," multilayered analytics. Optimizes the speed and complexity of analytics across the real-time, near-time and "any-time" continuum for faster and deeper situational awareness, Visual data exploration. Enables risk exploration without requiring previous analytics knowledge or expertise, Continuously updated intelligence. Behavioral analytics automatically evolve cyberanalytic models based on new events, new data and new context, and Cost-efficient, optimized data storage. Reduces your storage footprint by saving only the relevant data for analysis on commodity hardware. How effective will this new software be in combating cyber threat? Share your assessment with the Cloud and Cyber Security Center.

The Impact of Cyber Threats on Our Professional and Personal Lives

Cyber criminals are invading countless homes and offices across the nation—not by breaking down windows and doors, but by breaking into laptops, personal computers, and wireless devices via hacks and bits of malicious code. 

The collective impact is staggering. Billions of dollars are lost every year repairing systems hit by such attacks. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services around the country. Who is behind such attacks? It runs the gamut—from computer geeks looking for bragging rights…to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets…to spies and terrorists looking to rob our nation of vital information or launch cyber strikes. Today, these computer intrusion cases—counterterrorism, counterintelligence, and criminal—are the paramount priorities of our cyber program because of their potential relationship to national security. Combating the threat. In recent years, we’ve built a whole new set of technological and investigative capabilities and partnerships—so we’re as comfortable chasing outlaws in cyberspace as we are down back alleys and across continents. Which cyber threats have the most direct impact on your daily business and professional lives? Share your comments with the Cloud and Cyber Security Center.

Top Cyber Security Threats - Mitigation and Countermeasures

From identity theft and fraud to corporate hacking attacks, cybersecurity has never been more important for businesses, organizations and governments. Hacking experts warn there are plenty more security risks ahead in 2015 as cyber criminals become more sophisticated. While "traditional" cybercrime such as internet password fraud will still be widespread in 2015, larger scale espionage attacks and hacking the Internet of Things (IoT) will also be risks.

Some of the top cyber threats in 2015 include: Cyber espionage, cyber threats, insecure passwords, Internet of Things and ransomware. The U.S. government has budgeted $14 billion for cybersecurity for fiscal year 2016, so clearly, this threat is being taken seriously at the highest levels of government. Unfortunately, security experts expect cyberattacks seen in 2015 to continue in the new year, if only because those most likely to be victimized simply haven't done much to step up security. In fact, many federal agencies have not even instituted two-factor authentication, something as simple as requiring both a card and a PIN number.Which cyber threats have you encountered this year and what mitigation measures have you taken? Share your thoughts with the Cloud and Cyber Security Center.

Cyber Threat Mitigation Strategies - Can They Succeed?

Advances in IT security are continuing to cause headaches for today’s cyber criminals, yet as a new breed of increasingly savvy hackers emerge, exposure to a variety of threats remains a fact of life for most organizations across the globe. 

Without appropriate security measures in place, companies are facing the risk of data breaches, loss of employee productivity, damage to brand reputation and non-compliance, leading to potentially severe fines. Malware is constantly evolving, with millions of forms of malware being released every year. In fact, McAfee catalogs over 100,000 new malware samples a day (69 per minute). With that, successful cyber-attacks have risen 20 percent year on year, with the average cost of cybercrime standing at over $7m dollars a year. Increasingly, threats faced by enterprises are coming from the inside as well as the outside. Recent headlines have been dominated by stories of data theft driven by maverick insiders. Details of the most high profile event, the notorious breach by Edward Snowden at the NSA, continue to emerge over a year later. With research commissioned by the UK BIS finding that 84% of data breach incidents are caused by staff, business leaders must be prepared for the risks associated by insiders gaining access to corporate information. Can such strategies succeed in preventing or at least mitigating against cyber threats? Send your comments to the Cloud and Cyber Security Center.

Fortinet Offers Advanced Threat Defense Framework - Prevent-Dectect-Mitigate

Fueled by the success of profile hacks, Fortinet expects to see continued innovation among cybercriminals with an even greater focus on deceiving and evading existing security solutions. Malicious hackers have attempted to conceal malware by using different file types and compression schemes with the intent to exploit weaknesses in traditional means of network protection. We also anticipate an increase in sophisticated malware platforms that can be customized for targeted attacks. Once malware has breached a network, it will, either automatically or under control of cybercriminals, morph, adapt, and move about undetected for as long as possible, mining data ranging from customer records and intellectual property to device profiles and employee credentials. 

  If security controls  cannot detect the malware or its communication during this period, then it’s only a matter of time before collected data is staged and exfiltrated, that is, sent back to the cybercriminal. There is no “silver bullet” to protect organizations against the types of advanced targeted attacks outlined above. Rapid innovation on the malware front, frequent zero-day attacks, and emerging evasion techniques can all render any single approach ineffective at preventing tailored intrusion. Instead, the most effective defense is founded on a cohesive and extensible protection framework. This framework incorporates current security capabilities, emerging technologies and a customized learning mechanism that creates actionable security intelligence from newly detected threats. The latter component is arguably most critical to staying ahead of the threat curve. How effective will the Prevent-Detect-Mitigate Framework be in resolving cyber threats? Share your thoughts with the Cloud and Cyber Security Center. Graphic provided care of Fortinet.

Palo Alto Networks Releases New CyberSecurity Buyer's Guide

Cyber attacks themselves are becoming more complex, composed of multiple layers and techniques, each outsourced to specialty groups, ensuring zero-day effects. This they achieve by making sure nothing stays constant. Each stage in the attack changes by leveraging morphing techniques, such as dynamic DNS, fresh URLs for command and control (CnC), self-destruct tools, and more.

Yesterday’s zero-day code has already been packaged and sold to other cyber criminals for use in secondary campaigns. In short,  the threat landscape’s rate of change is accelerating rapidly, increasing the security gaps organizations must deal with and leaving them more exposed than ever before. As surprising as it may sound, the “new” tactics of cyber criminals are not as new as you might think. Attackers actually recycle many of the same attack components. In fact, as many as 90 percent of these so-called “new” attacks can be prevented simply by correctly using existing security technologies as part of an end-to-end cybersecurity plan. Attackers typically use the most proven forms of attack because they work. And they work because organizations are often several steps behind in patching their systems and updating their defenses against the latest attack methods. Cybercrime has become a booming industry, accelerating in the last 5 years, complete with automated tools, customer support, and guarantees for product effectiveness.The commoditization of new attacks and weaponized tools means that even the most amateur hacker can now effectively deliver professional-level threats into a targeted organization. Share your comments on PAN's assessment of cyber security with the Cloud and Cyber Security Center. Download the PAN report at: www.paloaltonetworks.com

iSIGHT Partners Launches New ThreatScape® Threat Intelligence Platform

ThreatScape® threat intelligence platform subscriptions provide you with the intelligence necessary to align your security program with business risk management goals and to proactively defend against new and emerging cyber threats.
With intelligence coverage across the global threat landscape and rich, contextual reporting, ThreatScape arms your team with the Actionable Intelligence required to combat today’s most sophisticated threats. iSIGHT Partners delivers the best commercial cyber threat intelligence in the world. Every ThreatScape subscription includes a range of deliverables designed to ensure that our customers are able to integrate our industry leading intelligence into every aspect of their security and risk management program. Our intelligence goes way beyond the basic information that low level “data feeds” provide. Instead of an IP address or domain name and simplistic rating, ThreatScape intelligence includes the forward looking and highly contextual information you need to build proactive defenses, prioritize alarms and improve incident response. Will the new ThreatScape® solution prove effective in preventing cyber threats. Send your comments to the Cloud and Cyber Security Center. Image provided care of iSIGHT Partners. Many thanks.

Zurich Insurance Issues New Report on Cyber Security Risk and Liability

There is an urgent need to act to stem cyber risks, including threats that originate across borders. Better global governance would be a significant step toward efforts to mitigate risks. A report by the ESADEgeo-Center for Global Economy and Geopolitics and Zurich reviews the challenges to this approach and offers innovative solutions. 

In 2011, cyber insurance was still a novelty to many risk managers, and relatively few companies bought the cover. In 2015, more than 60 percent of companies participating in the fifth annual survey are insured. Five consecutive years of data demonstrate how attitudes have changed and how the marketplace reacts to emerging issues. The vast majority of respondents continue to perceive cyber risks as at least a moderate threat, and more organizations are viewing it as an extremely serious threat. Large organizations on average perceive the threat as greater than smaller organizations. That may be a reason why smaller companies are less likely to allocate resources to cybersecurity. The Internet and related information and communications tools have delivered enormous benefits to the global economy. These gains, however, are expected to tail off as the technologies become more ubiquitous, while the costs and associated risks may rise. The million dollar question, then, is whether the costs outweigh the benefits and what we can do to provide the best possible outcome. Just how great are the cyber risks to large corporations in 2015 and beyond? Share your assessment with the Cloud and Cyber Security Center.

Cyber Security Assessment Methodologies - Chosing the Best Methodology for Your Needs

Placed within the Identify function of the NIST Cybersecurity Framework is a category called Risk Assessment.  According to NIST, the goal of a risk assessment is for an organization to understand “the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.”  

As set out by NIST, conducting a risk assessment typically includes the following six steps: 1) Identify and Document Asset Vulnerabilities, 2) Identify and Document Internal and External Threats, 3) Acquire Threat and Vulnerability Information from External Sources, 3) Identify Potential Business Impacts and Likelihoods, 4) Determine Enterprise Risk by Reviewing Threats, Vulnerabilities, Likelihoods and Impacts, and 5) Identify and Prioritize Risk Responses

In the security industry, we refer to these steps as being proactive (as opposed to being reactive, a euphemism for incident response).  Best practices for conducting a risk assessment include, first and foremost, adequate preparation.  But what does that require?   In the world of risk assessments, preparation means setting out the ground rules, to include having a clear understanding of the assessment’s purpose and scope, assumptions and constraints, information sources, and whether a particular risk model or analytic approach is being used. Which cyber security assessment model is best suited for your business or government agency? Share your comments with the Cloud and Cyber Security Center.

Clearwater Compliance Cosen as US Air Force’s Provider of Risk Analysis Software

Clearwater Compliance, LLC has been designated as the sole source provider of risk analysis software for the United States Air Force. This announcement reflects an increase in the U.S. Air Force’s commitment to play their part in helping to keep veteran’s health and other personal information safe and secure. Bob Chaput, Clearwater CEO, has expressed pride in receiving the designation, stating: “We are honored to be playing a role in helping the Air Force to safeguard the information of active military and veterans who receive treatment at one of the 63 military treatment facilities in the U.S.”

Clearwater’s IRM|Analysis™ software will be used by the U.S. Air Force to help them to complete a thorough risk assessment to not only ensure their compliance with HIPAA regulations but to improve their overall risk management of important information. The software will also provide the Air Force with the tools necessary to respond to and monitor data security risks as part of their goal to maintain a complete information risk management program. With the ever-increasing threats to information security emanating from adversarial insiders and outsiders and constantly changing technology, Clearwater Compliance strives to give organizations solid guidelines and methods to protect patient information.  Is the sole source provider approach for sourcing US Federal Government cyber security solutions? Share your comments with the Cloud and Cyber Security Center.

BlackRidge Helps Stop Cyber Attacks and Protects Against Insider Threats

BlackRidge Technology announced the availability of new identity integration, automation, and platform scalability enhancements. ^rd party risk, and supports regulatory compliance; New virtual and physical appliance options – high performance 10GbE platforms with industry's highest throughput and lowest latency network security, and a low cost branch gateway for flexible remote deployment; Ciena Agility Matrix integration – Virtual Network Function (VNF) on KVM for flexible and low cost deployment in cloud-based SDN/NFV environments. Initial BlackRidge deployments include segmenting internal networks and protecting network management and control systems. IT management networks and systems are the foundation upon which business systems are built and they need to be further protected from cyber-attacks and insider threats, including privileged account and 3^rd party risks. Can the BlackRidge solution deliver on its promises of cyber attack and insider-threat protection? Share your comments with the Cloud and Cyber Security Center.

BlackRidge changes the protection game by authenticating identity and applying security policy before a network connection is established, with our patented First Packet Authentication technology. The BlackRidge solution removes visibility of resources (servers and networks are "cloaked") from unauthorized users, while stopping unknown attacks and breaches from occurring, and protecting against insider threats with real-time attribution

Cyber Security and the Impact on the Internet of Things

Until the concept of IoT was introduced, people, process, data and things used to work independently. But now that we have entered the era of coordination of machine-to-machine, people-to-machine and people-to-people, connections have become much easier.Cyber risks are growing and are changing rapidly. Every day, hackers are working on new techniques for getting through the security of organizations, including yours. They are doing this so that they can cause damage, access sensitive data and steal intellectual property. As old sources of cyber threat fade, new sources will emerge to take their place. To get cybersecurity right, the first step is to Activate and get the foundations right.Once the foundation has been mastered, the next stage is to Adapt your cybersecurity to be more dynamic, better aligned, and integrated into key business processes. And then comes the real opportunity: the chance to Anticipate and get ahead of cybercrime. In the meantime, there is a rapidly expanding threat landscape, the power of cyber criminals is growing, and organizations are still struggling with a number of roadblocks.  Which vendor solutions offer the best protection against emerging cyber threats? Share your comments with the Cloud and Cyber Security Center. Graphic above care of Ernest and Young.