Posts Tagged ‘social media’
Posted by Heather Howland in Cybersecurity, Log Management, SIEM, Threat Management
image via prweb.com
Businesses today can’t afford to ignore the customer insight and connections they can gain through social media. Being able to connect with your customers and prospects where they already are offers unprecedented access into their lives and lets you build relationships that extend the value of your brand. But aside from the great benefits you can gain, there’s also a dark side organizations need to consider and be prepared to address.
We’ve moved on from the age-old discussion of social media the “time- drainer”, and whether or not employee access should be blocked for productivity reasons. The conversation instead should be about something much more serious: protecting the vital information and assets of your organization from breach. In this article from USA Today, some very staggering statistics are cited that remind us that social media isn’t simply the utopian data-mine we’ve heard of. The information that businesses are finding so valuable for building relationships is also giving power to hackers just waiting to break in. Some highlights:
- “In most of the high-profile breaches we’ve seen in the past 12 months, hackers used social engineering to get an initial foothold inside the company,” says Hugh Thompson, RSA conference program committee chair. “It isn’t a generic stranger trying to deceive your employees; it’s someone who knows them through online reconnaissance.”
- Web traffic of 5,500 PC users in 20 nations was analyzed and it was found that 1 : 60 Facebook postings and 1 : 100 Twitter posts carried malicious code.
- “Companies now routinely permit employees to connect their personally owned smartphones and tablet PCs into company systems, creating a myriad of fresh pathways into corporate networks. A recent Juniper Networks survey of applications available for all mobile device operating systems [found] 28,472 malicious mobile apps in 2011, a 155% increase from the 11,138 malicious apps that existed in 2010.”
So what can you do about these new persistent threats?
You need to adopt security intelligence to monitor activity and content to and from social networks and independent devices. You need a security intelligence platform that can monitor your entire network, giving you complete visibility into everything going on across your network. Preferably, you need a solution that can automatically detect new devices and provide instant monitoring. You want to be alerted to new risks and vulnerabilities as they appear. And you want context to be able to understand what the data you are collecting means, and access to advanced reporting and analytics that can help you dive into and address redflags immediately.
To learn more, and to evaluate what a next generation log management and Security Information and Event Management (SIEM) solution can do for your organization, download this white paper, “Five Practical Steps to Protecting your Organization Against Breach.”
Posted by Heather Howland in Security Intelligence, Webinars
Big data is still big, but looks a heck of a lot different than it has in the past.
For the previous ten years or so, “big data” growth has been defined using the three v’s: volume, velocity, and variety. From an IT security perspective, is there one of these traits that has the most impact? Could it be that the variety of new types of big data is causing most of the headaches for enterprise IT departments? Here are examples of new sources of big data and their impact on IT security departments.
Social Media
According to Q1 Labs’ CSO, Chris Poulin, the social media boom has resulted in two major challenges when it comes to enterprise IT security. In this Forbes article, he states that the first challenge is how to best keep networks safe from hackers utilizing spear-fishing techniques (or similar) to target employees and partners. The second challenge, most applicable to the topic of big data, is how to effectively detect network anomalies, considering the massive quantities and types of data generated by social media applications.
Electronic Health Records
As Healthcare organizations are gradually moving towards electronic patient health records (EHR), it not only demands compliance with HIPAA regulations, but it also presents an immediate leap of data volume and complexity. Why is it complex? Before EHR, patient data was stored in a room, in folders, on shelves. Usually only a handful of administrators would directly access the data for physicians. Now, with EHR in the mix, that same data is available to more people and regularly exchanged between partner health organizations. The chance of sensitive data loss and exposure is exponentially higher.
Given new types of big data resulting from sources including social media applications, credit card data storage (across many locations and providers), and electronic health records, IT departments everywhere are trying to wrap their heads around the best way to monitor and protect it all from internal and external threats.
QRadar operates at a big data scale, with real-time security analytics pin-pointing risks and providing actionable security intelligence. For example, one of our customers operates at a trance inducing 6 billion events per day and is able to isolate critical security information from the noise. Another customer, who happens to be a Fortune 100 energy company, uses QRadar to monitor 6 million card swipes per day and is able to detect 25-50 high priority offenses out of 2 billion daily events.
If I was big data, I’d feel a bit humbled right now.
Read more about security intelligence and be sure to register for our upcoming webcast on Febrary 22, with Dark Reading, titled “No One is Immune to Being Hacked. Strategies for Staying Out of the Headlines”.
Posted by Heather Howland in Compliance, Security Intelligence, Threat Management
At a recent customer meeting, I had the opportunity to speak with a Director of Information Security from a large hospital system in the mid -West. I asked him about what Security Intelligence means to his organization. Three things in his reply stood out: compliance, detecting and preventing threats, and the exposure resulting from social media use. As a large healthcare organization, they are responsible for protecting the information of their patients that visit them as well as all hospital associates. They are bound by HIPAA, and because they do a lot of credit card transactions (pharmacies, gift shops, and doctor visit payments), they are bound by PCI DSS as well. These regulations and standards require them to not simply keep logs but also be able to know what is touching and going on in the networks, including smaller sites into which they lack direct visibility.
They need to be able to correlate events to get the intelligence needed to track down possible breaches or anything going on in the network that could involve HIPAA or PCI. Security Intelligence allows them to find that needle in the pile of needles, and this is important: in real time, and to determine what happened when, and proactively prevent things that have the potential to become a big problem. In the past they were reactive and spent a lot of time building special scripts to dig through logs. With Security Intelligence, not only were they able to catch a zero- day attack during a demonstration prior to installation, but now they have the intelligence to see things before they occur, allowing them to easily show value to their executive team.
Compliance and threat detection are pretty common themes with many customers with whom I speak. What really piqued my interest was when we started talking about social media, as my expertise lies in leveraging online media for marketing. This is a topic that over the past year continues to grow with many of our customers. Like many customers, they are still working through their policy for social media. What’s interesting is how the organization is using security intelligence to help build their strategy. Right now they allow their employees to use Facebook, and one of their biggest concerns was around how much time and bandwidth is consumed. With Security Intelligence, they have the visibility they need to help them make better decisions in terms of what they want to allow and how they want to configure devices in terms of limiting or preventing some of that traffic.
Chris Poulin, Q1 Labs’ Chief Security Officer, has recently gotten many requests to speak about this topic. Check out the latest video of Chris talking about “How to Balance the Risks of Social Media.” This video is part of a series we will be publishing on social media risks, so stay tuned!
The latest on Cyber Security