Tag Archives: Protection

My latest Gartner research: Forecast Snapshot: Endpoint Detection and Response, Worldwide, 2017

3 March 2017  |  The EDR market will present large opportunities and grow at a CAGR of 45.27% from 2015 through 2020, dwarfing overall IT security and endpoint protection growth rates. Buyer demand for improved detection and response to augment failing protection methods are fueling growth….

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Invest Insight: Focus on Imperva

This research looks at various segments relevant to Imperva — Web application firewalls (WAFs), data-centric audit and protection (DCAP), cloud security, and cloud access security brokers (CASBs) — to provide the reader with the ability to assess the company’s prospects. Based in Redwood Shores, California, Imperva provides hardware and software cybersecurity solutions designed to protect data and applications in the cloud and on-premises. Customers use these solutions to discover assets and risks, protect information, and comply with regulations. …

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] US watchdog: Anthem snubbed our security audits before and after enormous hack attack

http://www.theregister.co.uk/2015/03/05/us_watchdog_anthem_audits/ By Shaun Nichols The Register 5 Mar 2015 A year or so before American health insurer Anthem admitted it had been ruthlessly ransacked by hackers, a US federal watchdog had offered to audit the giant’s computer security – but was rebuffed. And, after miscreants looted Anthem’s servers and accessed up to 88.8 million private records, the watchdog again offered to audit the insurer’s systems, and was again turned away. “We do not know why Anthem refuses to cooperate,” government officials told The Register today. The Office of the Inspector General (OIG) for the US Office of Personnel Management (OPM) told us it wanted to audit Anthem’s information security protections back in 2013, but was snubbed by the insurer. According to the agency, Anthem participates in the US Federal Employees Health Benefits Program, which requires regular audits from the OIG, audits that Anthem allegedly thwarted. Other health insurers submit to Uncle Sam’s audits “without incident,” we’re told. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Credit Card Breach at Mandarin Oriental

http://krebsonsecurity.com/2015/03/credit-card-breach-at-mandarian-oriental/ By Brian Krebs Krebs on Security March 4, 2015 In response to questions from KrebsOnSecurity, upscale hotel chain Mandarin Oriental Hotel Group today confirmed that its hotels have been affected by a credit card breach. Reached for comment about reports from financial industry sources about a pattern of fraudulent charges on customer cards that had all recently been used at Mandarin hotels, the company confirmed it is investigating a breach. “We can confirm that Mandarin Oriental has been alerted to a potential credit card breach and is currently conducting a thorough investigation to identify and resolve the issue,” the company said in an emailed statement. “Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.” Mandarin isn’t saying yet how many of the company’s two-dozen or so locations worldwide may be impacted, but banking industry sources say the breach almost certainly impacted most if not all Mandarin hotels in the United States, including locations in Boston, Florida, Las Vegas, Miami, New York, and Washington, D.C. Sources also say the compromise likely dates back to just before Christmas 2014. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Did Obama’s Cyber Summit Miss the Mark?

http://www.bankinfosecurity.com/did-obamas-cyber-summit-miss-mark-a-7918 By Tracy Kitten Bank Info Security February 16, 2015 Payments security was a marquee topic at last week’s White House Summit on Cybersecurity and Consumer Protection. But was it all just talk, or will decisive action result from the Summit? Some observers say that, despite commitments made by leading payment card brands to enhance security, the Summit produced no specifics about how public and private sectors will collaborate to curb cyber-fraud. They also say the card brands’ plans fail to address tokenization concerns that banking/security leaders and retailers have been at odds over for the past several months. Fraud expert Avivah Litan, an analyst at the consultancy Gartner, says most of the payments security initiatives noted by the White House are more of a roundup of innovative private-sector initiatives, rather than specific action points the government plans to take to curb cyber-related fraud. Most notable of all, Litan says, is the lacking specificity the Obama Administration has provided about action it plans to take to stop data breaches, “for example, by coming up with a method to tokenize Social Security numbers.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] PSA: Your crypto apps are useless unless you check them for backdoors

http://arstechnica.com/security/2015/02/psa-your-crypto-apps-are-useless-unless-you-check-them-for-backdoors/ By Dan Goodin Ars Technica Feb 4, 2015 At the beginning of the year, I did something I’ve never done before: I made a new year’s resolution. From here on out, I pledged, I would install only digitally signed software I could verify hadn’t been tampered with by someone sitting between me and the website that made it available for download. It seemed like a modest undertaking, but in practice, it has already cost me a few hours of lost time. With practice, it’s no longer the productivity killer it was. Still, the experience left me smarting. In some cases, the extra time I spent verifying signatures did little or nothing to make me more secure. And too many times, the sites that took the time to provide digital signatures gave little guidance on how to use them. Even worse, in one case, subpar security practices of some software providers undercut the protection that’s supposed to be provided with digitally signed code. And in one extreme case, I installed the Adium instant messaging program with no assurance at all, effectively crossing my fingers that it hadn’t been maliciously modified by state-sponsored spies or criminally motivated hackers. More about those deficiencies later—let’s begin first with an explanation of why digital signatures are necessary and how to go about verifying them. By now, most people are familiar with man-in-the-middle attacks. They’re waged by someone with the ability to monitor traffic passing between an end user and a website—for instance, a hacker sniffing an unsecured Wi-Fi connection or the National Security Agency sniffing the Internet backbone. When the data isn’t encrypted, the attacker can not only read private communications but also replace legitimate software normally available for download with maliciously modified software. If the attack is done correctly, the end user will have no idea what’s happening. Even when Web connections are encrypted with the HTTPS standard, highly skilled hackers still may be able to seed a website with malicious counterfeit downloads. That’s where digital signatures come in. A prime candidate for such an attack is the OTR plugin for the Pidgin instant messenger. It provides the means to encrypt messages so (1) they can’t be read by anyone monitoring the traffic sent between two parties and (2) each party can know for sure that the person on the other end is, in fact, who she claims to be. Fortunately, the OTR installer is provided through an encrypted HTTPS connection, which goes a long way to thwarting would-be man-in-the-middle attackers. But strict security practices require more, especially for software as sensitive as OTR. That’s why the developers included a GPG signature users can check to verify that the executable file hasn’t been altered in any way. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Australian infosec budgets are probably wrong: Deloitte

http://www.zdnet.com/article/australian-infosec-budgets-are-probably-wrong-deloitte/ By Stilgherrian ZDNet News February 4, 2015 Australian organisations are lagging when it comes to shifting the focus of their information security efforts from merely securing their networks to detecting intrusions, responding to them, and building resilience, according to senior security and risk executives from Deloitte, the international consulting firm. Deloitte divides an organisation’s infosec spend into three areas, each labelled with an adjective. “Secure” is the technology that protects critical assets against known and emerging threats across the ecosystem. This includes traditional network protection capabilities such as firewalls, anti-malware and anti-spam systems, and intrusion detection and prevention systems (IDS/IPS). “Vigilant” is about having the intelligence and monitoring capabilities to detect both known and unknown bad-guy activities, and understanding the extent to which they’re a risk to the business. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] What every utility should know about the new physical security standard

http://www.intelligentutility.com/article/15/01/what-every-utility-should-know-about-new-physical-security-standard By William E. Reiter intelligentutility.com Jan 29, 2015 On April 16, 2013, an incident in San Jose, California, led to development of a new physical security standard for owners and operators of transmission stations and substations. In the 2013 incident, a sniper attack on a Pacific Gas & Electric transmission substation knocked out 17 large transformers that powered Silicon Valley. The sniper attack served as a dramatic wake-up call for the industry and raised fears regarding the vulnerability of the nation’s power grid to terrorist attack. The more than 160,000 transmission line miles that comprise the U.S. power grid are designed to handle natural and man-made disasters, as well as fluctuations in demand; but what about physical attack? As a result of the San Jose assault, the Federal Energy Regulatory Commission (FERC) in April 2014 required the North America Energy Reliability Corporation (NERC) to establish Critical Infrastructure Protection (CIP) standards to “address physical security risks and vulnerabilities related to the reliable operation” of the bulk power system. NERC developed and issued what is now commonly referred to as CIP-014-1. This is a physical security standard that has a stated purpose to identify and protect transmissions stations and transmission substations and their associated primary control centers that—if rendered inoperable or damaged as a result of a physical attack—could result in uncontrolled separation or cascading within an interconnection. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail