Tag Archives: managed

My latest Gartner research: Market Opportunity Map: Security and Risk Management Software, Worldwide

20 April 2017  |  The security software market is transforming through four vectors: analytics, adoption of SaaS and managed services, expanded ecosystems, and regulations. Technology business unit leaders must realign their product and go-to-market strategies to address these key forces….

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Market Insight: Security Market Transformation Disrupted by the Emergence of Smart, Pervasive and Efficient Security

1 February 2017  |  …fits into/addresses these situations. Analysis by Perry Carpenter and Lawrence Pingree Technologies such as cloud, software-defined networking (SDN), network…or managed services. Analysis by Ruggero Contu, Perry Carpenter and Lawrence Pingree By 2020, integrated security models, such as…

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hackers give up when they go up against this cybersecurity company

http://fortune.com/2015/07/29/crowdstrike-cybersecurity-george-kurtz/ By Robert Hackett @rhhackett Fortune.com July 29, 2015 It’s not every day that a company can compel hackers to give up. Yet that’s exactly what CrowdStrike managed to do earlier this year. CEO and co-founder George Kurtz tells it like this: A besieged customer needed backup. So Kurtz’s team sent in reinforcements, placed its cloud-based software sensors across the breached business’s computing environment, and started gathering intel. Aha! Investigators spotted Hurricane Panda, an old Chinese nemesis that Kurtz’s crew had been battling since 2013. What happened next surprised them: When the attackers scanned an infected machine only to find traces of CrowdStrike, they fled. CrowdStrike’s reputation precedes it. The company, founded in 2011 and based in Irvine, Calif., has gone toe-to-toe with some of the world’s most sophisticated state-sponsored hacking groups. The firm analyzed the data behind the breaches of millions of sensitive records at the Office of Personnel Management, the federal agency responsible for human resources, in what may have been the biggest act of cyberespionage the U.S. has ever seen. It has published threat reports on many of the more than 50 adversaries it tracks, which include the likes of Ghost Jackal (the Syrian Electronic Army), Viceroy Tiger (an Indian intruder), and Andromeda Spider (a criminal coterie). Between 2013 and 2014 its revenue grew 142% and its customer base more than tripled, two reasons Google Capital GOOG 0.63% , the tech giant’s growth equity arm, led a $100 million investment in CrowdStrike in July, its first ever for a computer security company. Kurtz used to travel hundreds of thousands of miles a year as CTO of McAfee, now called Intel Security INTC 0.17% , to meet with beleaguered customers. It struck him that they did not need more anti-malware and antivirus products, the traditional realm of information security, so much as software oriented toward tradecraft and technique, the domain of cyberspies. Co-founder and CTO Dmitri Alperovitch, then McAfee’s head of threat intelligence, agreed. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Computer hack reveals identity of Syrians in contact with Israel

http://www.timesofisrael.com/computer-hack-reveals-identity-of-syrians-in-contact-with-israel/ By Elhanan Miller The Times of Israel July 12, 2015 Computer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides. Al-Akhbar, a newspaper serving as Hezbollah’s mouthpiece in Lebanon, published a series of articles over the weekend purporting to divulge correspondence between Mendi Safadi, a Druze Israeli and former political adviser to Deputy Regional Cooperation Minister Ayoub Kara, with members of the Syrian opposition around the world, taken from taken from Safadi’s computer. The article also contains screenshots of word documents and text message exchanges saved on Safadi’s computer. The article alleged that Safadi, working on behalf of the Israeli government, tried to recruit Israeli agents in Syria and Lebanon, smuggle weapons into the hands of Islamist rebel groups in Syria, and locate targets within Syria to be bombed by coalition forces. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Lizard Squad Hacker Who Shut Down PSN, Xbox Live, And An Airplane Will Face No Jail Time

http://www.forbes.com/sites/insertcoin/2015/07/09/lizard-squad-hacker-who-shut-down-psn-xbox-live-and-an-airplane-will-face-no-jail-time/ By Paul Tassi Contributor Forbes.com 7/09/2015 Last Christmas, a hacking collective known as the “Lizard Squad” managed to take down PSN and Xbox Live right as everyone was attempting to play their consoles during holiday, creating one of the worst outages in the history of either network. The attacks soon evolved into a more personal nature, targeting then-president of Sony Online Entertainment, John Smedley, which included posting his personal details and actually grounding an American Airlines flight he was on with a Twitter TWTR -1.15%-issued bomb threat. Since then, everyone has been wondering just who the members of Lizard Squad were and if they’d ever be brought to justice. Recently, one individual, 17 year-old Julius “zeekill” Kivimaki was identified, and after standing trial in his native Finland, has just been convinced of an incredible 50,700 charges of computer-related crimes. He will serve a two-year suspended sentence, and effectively face no jail time. If you imagine the general public might be upset about such a lax sentence, you’d be right, but no one is more angry than John Smedley himself, now leading Daybreak, the studio responsible for games like H1Z1 and Planetside 2. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] FS-ISAC: Remote-Access Attack Alert

http://www.bankinfosecurity.com/interviews/fs-isac-remote-access-attack-alert-i-2787 By Tracy Kitten Bank Info Security July 8, 2015 Remote-access attacks waged against smaller merchants are a growing threat, according to a cybersecurity alert published July 7. The alert was released by the Financial Services Information Sharing and Analysis Center, along with Visa, the U.S. Secret Service and The Retail Cyber Intelligence Sharing Center, which provides threat intelligence for retailers. While industry attention in late 2013 and early 2014 was focused on the large-scale RAM-scraping malware attacks that resulted in breaches at big-box retailers, including Target and Home Depot, more attention is now being paid to remote-access attacks against point-of-sale devices commonly used at smaller merchants, says Charles Bretz, director of payment risk at the FS-ISAC. The organization provides a conduit for information sharing among financial services institutions. “We are seeing a shift in the breaches of card data,” Bretz says in this interview with Information Security Media Group. Now that many of the larger retailers have implemented end-to-end encryption and tokenization, in conjunction with their rollouts of EMV-compliant POS terminals, hackers are turning their attention toward smaller retailers, he says. “Criminals continue to find success by targeting smaller retailers that use common IT and payments systems,” Bretz explains. “Merchants in industry verticals use managed service provider systems. There might be 100 merchants that use a managed service provider that provides IT and payment services for their business.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hard to Sprint When You Have Two Broken Legs

http://carnal0wnage.attackresearch.com/2015/06/hard-to-sprint-when-you-have-two-broken.html By Valsmith June 14, 2015 Now as a disclaimer, I don’t work for the government so there is a lot I don’t know but I have friends who do or who have in the past and you hear things. I also pay attention and listen to questions I get in my training classes and conference talks. This directive from the White House is laughable for a number of reasons and demonstrates just how out of touch decision makers in the Government are on these issues. 1.) Technically skilled people have been BEGGING to improve cyber security in the government for well over 15 years. I don’t think this is any kind of secret, just google for a bit or talk to anyone who works in government in the trenches. Asking for staff, tools, budget, authority, support and getting little of it. In a way, this directive is insulting to them after years of asking, trying and failing suddenly someone says: “oh hey I have an idea, why don’t you go and secure stuff!”. Right. Unless you are going to supply those things they need RIGHT NOW, they will fail. And government procurement and hiring organizations are notoriously slow so the chances of that happening are slim. 2.) IT Operations. The first thing that has to be in place for there to be any real chance is solid IT operations. Organizations have to be able to push out images and patches quickly, orderly, and with assurance. Backup recovery, knowledge of inventory, well managed systems, etc. are all paramount. Do you know how most government IT operations are managed? By contractors, aka the lowest bidder. These are the Raytheons, Booz Allens, Boeings, Lockheeds, etc. who bid on large omnibus support contracts, win them, and THEN try to fill the staffing requirements. How do you win the lowest bid in services / support contracts? By keeping staffing costs down, aka paying the lowest possible salaries. This results in some of the most piss-poor IT operations in the world. You want to know why Hilary Clinton, former Secretaries of Defense, and numerous other government staff run their own private mail servers? Most likely its because their work provided email DOESN’T work. Slow systems, tiny inbox quotas, inability to handle attachments, downtime, no crypto or crypto incompatible with anyone else, these are just a few of the issues out there. And its not just email. I have personally seen a government conference room system take 15-20 minutes to log in at the windows login prompt, due too poor IT practices. I was told that most of the time people resorted to paper hand outs or overhead projectors. Yeh like the ones you had in highschool in the 90s with the light bulbs and transparencies. Essentially what this directive is saying: “Hey you low end IT staff, winners of the lowest bid, who can barely keep a network up or run a mail server, make sure you become infosec experts and shore up our defenses, and you have 30 days to do it.” Right. I have heard horror stories from acquaintances in the government of waiting 6 months for an initial account setup ticket to get performed. Weeks to get a new desktop deployed. It is idiotic to think that current IT operations can support this kind of request. But that is who typically manages servers, network and desktops, and who would have to deploy whatever security tools would be needed to do this in support of pitifully small infosec teams. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] First Example Of SAP Breach Surfaces

http://www.darkreading.com/attacks-breaches/first-example-of-sap-breach-surfaces/d/d-id/1320382 By Ericka Chickowski Dark Reading 5/12/2015 USIS attack in 2013 stealing background check information about government personnel with classified clearance came by way of an SAP exploit. After the better part of a decade of warnings that SAP and other enterprise resource planning (ERP) systems are wide open to attack at most organizations, this week finally brought confirmation of a high-profile breach that used SAP as its initial attack vector. The attack is a good example of the high-stakes information contained in ERP systems that are ripe for the plucking—in this case the stolen goods were files used for background checks on federal employees and contractors with access to classified intelligence. Perpetrated back in 2013, this attack against US Investigations Services, a contractor in charge of conducting federal background checks, came to public light last year, but details at that time were sparse. Investigators had mentioned during the initial breaking of the story that they suspected state-sponsored Chinese attackers. But over the weekend Nextgov.com reported that an internal investigation points to evidence that attackers broke into USIS through an exploit in an SAP system managed by a third party. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail