Posts Tagged ‘Cyber Security’
Posted by Heather Howland in Federal, Security Intelligence, Webinars
Government agencies, like their private sector brethren, are knee deep in IT security challenges, threats, and regulations. While that’s not much of a shock, this might be – according to the Government Accountability Office, the number of reported security incidents increased by over 650 percent during fiscal years 2006–2010. At the same time, government agencies have widespread deficiencies in security controls, leading to vulnerabilities undetected breaches, and insider fraud.
To help meet these challenges, the federal government is implementing a risk-based IT security strategy based on deploying enterprise continuous monitoring solutions. These solutions will continually assess the actual security state of agencies’ IT networks and systems, while providing scoring information that managers can use to prioritize actions needed to reduce risk and improve their security grades. Continuous monitoring will enable agencies to determine their own security health and compare it to other agencies. Scoring will also allow the different lines of business within an agency to more effectively work together, while enabling agencies to gain the same operating efficiencies from IT investments that Fortune 500 companies have realized.
Recently, along with our friends at 1105 Media and partner Accuvant, we discussed the importance of continuous monitoring and related steps agencies should take while approaching it. Security intelligence plays a critical role in achieving continuous monitoring because of its ability to centralize information into a single console from various data sources.
Most importantly, we talked about how many government agencies are successfully addressing previously disparate functions — including SIEM, risk management, log management, and network behavior analytics — into a total security intelligence solution that fits the constrained budgets and resources of government agencies. The QRadar Security Intelligence Platform enables our customers to leverage existing assets, stabilize budgets, and easily comply with new mandates while maintaining a proactive stance on risk management and security.
If you missed the webinar, or just want to revisit it, watch the whole thing HERE. For a deeper look at how security intelligence helps federal agencies adopt a continuous monitoring security program without requiring additional resources, download this white paper.
Posted by Melissa Stevens in Cloud Security, Cybersecurity
Last October I posted a list of my favorite information security themed infographics, and would you believe it (?!), our readers seem to love these graphics just as much as I do! So, for your viewing pleasure, I have curated 10 new information security infographics that have appeared online since January 2012, covering topics ranging from application security to cloud security, and device and social media security.
Enjoy!
1) With incidents of social phishing on the rise, Veracode released this infographic in March detailing how individuals and Enterprises can protect themselves while socializing online.
2) CounterTack research posted this infographic highlighting the worldwide spend on information security products in 2012, which is expected to reach $32 Billion. Where does your organization spend its budget?
3) This is one of the most popular infographics on my list; I think I’ve seen it on dozens of websites in the past few days. If you haven’t seen it, take a look and see how Backgroundcheck.org has summarized findings from the 2012 Data Breach Investigations Report by wired.com.
4) Critical application breaches have highlighted the need for programmers to practice “safe coding” as SQL injections and data leakage have become preferred methods of breach for many hackers. This infographic from Veracode showcases the top vulnerabilities and tips for staying safe.
5) IBM defined 2011 as the year of the breach (read the IBM X-Force Trend and Risk Report for more details). That said, this infographic from backgroundcheck.org outlines the worst security breaches as monitored by Verizon since 2004, and the impact these breaches had on the organizations and their customers.
6) Here’s another great infographic illustrating the major breaches of 2011, provided by BusinessWeek.
7) “Cloud” is one of the most popular terms in IT these days. Here are two infographics highlighting concerns around information security in the cloud.
- CIO.com- “How Secure is the Cloud?“
- Interxion- “Biggest Concerns with Cloud Security“
8 ) Financial organizations hold onto a lot of consumer information and store a lot of sensitive data. It’s no wonder these organizations are targets for breach. This infographic, created by Century Link Business, features lessons learned from some high profile breaches and preventative measures others are taking to protect themselves.
9) Bit9, one of Q1 Labs’ Security Intelligence Partners, recently released the results of their own data breach survey (download the full report here). The results are featured in this great infographic reminiscent of a Pacman game!
10) Another concern of IT security workers is securing mobile workers, especially in the ever-popular BYOD environment. This infographic summarizes the findings of a recent report, The Impact of Mobile Devices on Information Security, sponsored by Check Point Software Technologies.
Have you seen any other great infographics on the web? Please share your links in the comments below!
PS- Check out this infographic that just came out yesterday from IBM, “Mobile Device Defense: A Do or Die Dilemma”!
Posted by Melissa Stevens in Cybersecurity, Log Management, SIEM, Threat Management
image via prweb.com
Businesses today can’t afford to ignore the customer insight and connections they can gain through social media. Being able to connect with your customers and prospects where they already are offers unprecedented access into their lives and lets you build relationships that extend the value of your brand. But aside from the great benefits you can gain, there’s also a dark side organizations need to consider and be prepared to address.
We’ve moved on from the age-old discussion of social media the “time- drainer”, and whether or not employee access should be blocked for productivity reasons. The conversation instead should be about something much more serious: protecting the vital information and assets of your organization from breach. In this article from USA Today, some very staggering statistics are cited that remind us that social media isn’t simply the utopian data-mine we’ve heard of. The information that businesses are finding so valuable for building relationships is also giving power to hackers just waiting to break in. Some highlights:
- “In most of the high-profile breaches we’ve seen in the past 12 months, hackers used social engineering to get an initial foothold inside the company,” says Hugh Thompson, RSA conference program committee chair. “It isn’t a generic stranger trying to deceive your employees; it’s someone who knows them through online reconnaissance.”
- Web traffic of 5,500 PC users in 20 nations was analyzed and it was found that 1 : 60 Facebook postings and 1 : 100 Twitter posts carried malicious code.
- “Companies now routinely permit employees to connect their personally owned smartphones and tablet PCs into company systems, creating a myriad of fresh pathways into corporate networks. A recent Juniper Networks survey of applications available for all mobile device operating systems [found] 28,472 malicious mobile apps in 2011, a 155% increase from the 11,138 malicious apps that existed in 2010.”
So what can you do about these new persistent threats?
You need to adopt security intelligence to monitor activity and content to and from social networks and independent devices. You need a security intelligence platform that can monitor your entire network, giving you complete visibility into everything going on across your network. Preferably, you need a solution that can automatically detect new devices and provide instant monitoring. You want to be alerted to new risks and vulnerabilities as they appear. And you want context to be able to understand what the data you are collecting means, and access to advanced reporting and analytics that can help you dive into and address redflags immediately.
To learn more, and to evaluate what a next generation log management and Security Information and Event Management (SIEM) solution can do for your organization, download this white paper, “Five Practical Steps to Protecting your Organization Against Breach.”
Posted by Tom Kendall in Cybersecurity, Network Intelligence, Risk Management, Security Intelligence, Threat Management
This past weekend I watched a documentary on More4 that delved into the Wikileaks scandal. “Wikileaks: Secrets & Lies” went into great detail explaining how Julian Assange served as a middleman in this scandal. Although Julian Assange is viewed as the face and spokesperson for Wikileaks, the documentary showed that Assange would not have had any global status if it weren’t for insiders who are willing to send sensitive information to the organization.
This programme was not broadcasting how a hacker could break into a network and steal information; it uncovered a deeper concern of how an insider can revolt, stealing privileged information from inside the network and causing havoc along the way.
This threat is a concern that should be top of mind for organizations. In a report published by Verizon on Business Data Breaches, they found that 48% of total data breaches were caused by insiders and 48% of breaches involved a misuse of an insider’s privileges.
Although identifying the risk of an insider threat was highlighted, the documentary really drove home the need for better security measures, so these incidents can be prevented or halted as they occur and the people responsible can be identified and punished.
For companies without proper security technology, identifying the “rogue insider” is not an easy task. Wikileaks is an excellent example of why traditional perimeter security defenses, such as firewalls and anti-virus software, are no longer sufficient in the “post-perimeter” world. To prevent these types of incidents, organizations should deploy automated technologies that continuously monitor and correlate user activities across various sources (such as network devices, OS logs and applications). This Total Security Intelligence will allow rapid detection of unusual activities such as a large number of sensitive documents being downloaded from a SharePoint server during off-hours or from a remote access location.
To learn more about how Total Security Intelligence can help combat these insider threats and how organizations are using QRadar as the key component for their IT Security, click here.
Posted by Melissa Stevens in Cybersecurity, Federal, Security Intelligence, Threat Management
In a post published earlier this week, I invited you to read the latest article written by Chris Poulin for SecurityWeek. In this article, Chris presented his belief that full breach disclosure and better collaboration among security professionals is key to thwarting today’s cyber threats.
In line with this belief, proposed breach legislation is also attempting to make disclosure and collaboration a center point of the nation’s cyber security strategy. According to an article on CNN’s Security Clearance blog, such legislation would “enable the intelligence community to share classified information with the private sector while at the same time addressing the concerns private companies have with providing information about attacks on their systems to the government.”
This addresses weaknesses outlined in an INSA study published this past summer, in which the authors suggested both private industry and public agencies have a responsibility to defend the country against cyber attack. In this proposed law, not only would businesses be required to share information about attacks with the government, the government would also share intelligence with security-cleared organizations. This would open up communication channels in the cyber-intelligence community immensely, creating the type of collaborative environment Poulin describes in his article.
What do you think? Can collaboration between the federal government and private industry help defend the country from a major cyber attack? Does it seem too idealistic to imagine that these sectors can work together? Share your thoughts below!
The latest on Cyber Security