Cybersecurity Blog: The Cyber Scene is evolving, are you?

With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in the realm of physical security. From the most ancient castles, security was built to initially keep intruders from entering using some sort of barrier like a lock or a moat. However, castles were also built with high towers with sentries posted around the clock to see the enemy coming because we knew that simple barriers would never be enough for a determined adversary. Finally, armies were at the ready to repel invaders if the sentries determined that the barriers would not be sufficient. Even today for most basic security for our homes, we understand the difference between a basic control and a security system. If we asked a builder for a security system and his response was that there were locks on the doors, we wouldn’t be satisfied. Most of us know that when we say security system, it means a combination of controls working together. At minimum, we would expect locks, sensors on all exterior doors and first floor windows connected to a central panel with an audio alarm, and the ability to automatically notify a watch center operating at all times that could notify us and/or the police to respond.

Read more

One of the most compelling questions asked today by security operations is, “Can we enable our analysts to make security decisions that will have a positive impact on the overall security posture of our organization?” The short answer is, “Yes. But it’s not easy.”

Read more

Last month I spoke at a cybersecurity forum of public power utilities. Many were fairly small, and for the most part, were subjected to the provisions of the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) standards that many of their larger brethren have been struggling to comply with. Nonetheless, I was struck by how many were trying to “do the right thing” with respect to cybersecurity. Given their limited budgets, much of that commitment was centered on the efforts of their employees rather than the purchase of expensive technologies. But I was still heartened by that effort when many larger utilities seem to be checking the box. Some of that is an understandable exhaustion from multiple years of intensive scrutiny by NERC CIP auditors and their overseers at the Federal Energy Regulatory Commission (FERC). With the most recent deadline passing last April, it’s not surprising that some utilities may be taking a breather. At the very least, the urgency is less now despite some passing news. For a while we thought that the Russians were hacking Burlington Electric, but that story fizzled, notwithstanding the utility’s laudable efforts to alert the industry to a threat. Potentially more serious were Turkey’s claims that someone in the United States hacked their grid and caused an outage, but weather was the more likely culprit. Finally, it seems we had a sort of a repeat of December 2015's power grid outage in Ukraine; this one being investigated as a cyber attack in Kiev.

Read more

Malicious insiders present real risk to the business. Their inside knowledge and understanding of systems and data make them particularly dangerous, as they are hard to detect and know where the most valuable data resides. Media reports about external threats have thrust cyberattacks into the mainstream, but breaches caused by malicious insiders rarely make headlines. Because insider threats require a top-down approach, executives and boards of directors need education about the threat posed by malicious insiders and how to defend against them. 

Following our webinar with guest speaker Forrester Senior Analyst, Joseph Blankenship, we asked him to address some of the questions from the audience around how security leaders can address insider threats with senior leadership. Below are his responses.

Read more

Insider threats have become a huge problem for organizations around the world – just turn on the news and you’ll see the latest set of compromised companies dealing with the severe consequences of an insider breach – brand damage, lost customers, lost revenue, issuance of regulatory fines, employee safety... and the list goes on and on. 

Read more

Decisions that Make Companies Vulnerable to Insider Attacks

With the steady rise in cyber-attacks, network defense has become a security team’s number one priority. Many organizations have responded by investing heavily in the best tools to protect their information and systems from outsiders. The hard truth is these technologies are not designed to identify, let alone prevent an insider—contractor, employee, or trusted business partner—from taking information or corrupting a system they are authorized to access.

Read more

Enterprise security leaders are faced with a dilemma. Missing just one attack can result in a catastrophic data breach. Forced to defend their enterprise with strained resources, limited intelligence and an excess of security threats, companies need a new approach to cybersecurity that focuses on getting the most out of their available resources.

Following our webinar with guest speaker Forrester Senior Analyst, Joseph Blankenship, we asked him to address some of the questions from the audience around the challenges organizations face as they look to enhance their cybersecurity programs. Below are his responses.

Read more

The United States and Europe have never quite been on the same page when it comes to privacy. Traditionally, European governments have taken a more stringent approach regarding their laws and regulations than the US Federal Government. Complicating matters further, brand new European privacy laws that are even stricter may be headed on a collision course with US-based firms, particularly with organizations within that embrace the Internet of Things (IoT) in record numbers. As a result, companies that do business internationally will need a solid plan and dedicated tools to keep ahead of the new regulations.

Read more

The value of segmenting local area networks into security zones is widely recognized yet rarely done well. Many large production environments are susceptible to today's sophisticated attacks due to a focus on perimeter security, leaving internal networks as a “flat” architecture, and difficult to defend from well-designed exploits. Attacks on poorly segmented networks are often the result of malware having found the easiest path in, then moving to penetrate more valuable assets within the enterprise WAN.

Read more

Regardless of policy or political position, all parties involved in the United States 2016 presidential election are focused on cyber-securing the election next week. Back in August, Homeland Security Secretary Jeh Johnson held a conference call with election officials across the country, stressing the importance of securing the voting technology used in the nation’s elections and offering federal help for the job.

Read more