Tag Archives: Protection

My latest Gartner research: Forecast Snapshot: Endpoint Detection and Response, Worldwide, 2017

3 March 2017  |  The EDR market will present large opportunities and grow at a CAGR of 45.27% from 2015 through 2020, dwarfing overall IT security and endpoint protection growth rates. Buyer demand for improved detection and response to augment failing protection methods are fueling growth….

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Outrage: Iran deal commits U.S. to teach them how to defeat a cyber attack

http://www.americanthinker.com/blog/2015/07/outrage_iran_deal_commits_us_to_teach_them_how_to_defeat_a_cyber_attack_.html By Thomas Lifson American Thinker July 22, 2015 Perhaps the very worst aspect of the Iran deal reached in Vienna is the commitment of the U.S. and European powers to teach the Iranians how to resist attacks such as Stuxnet. Although it has received very little media coverage (Adam Kredo of the Free Beacon is the notable exception), the agreement states (buried on page 142 of the 159-page deal, in Annex III, under Civil Nuclear Cooperation, Section D, under Nuclear Safety, Safeguards and Security, item 10): 10. Nuclear Security E3/EU+3 parties, and possibly other states, as appropriate, are prepared to cooperate with Iran on the implementation of nuclear security guidelines and best practices. Co- operation in the following areas can be envisaged: 10. Co-operation in the form of training courses and workshops to strengthen Iran’s ability to prevent, protect and respond to nuclear security threats to nuclear facilities and systems as well as to enable effective and sustainable nuclear security and physical protection systems; 10. Co-operation through training and workshops to strengthen Iran’s ability to protect against, and respond to nuclear security threats, including sabotage, as well as to enable effective and sustainable nuclear security and physical protection systems. The language obviously s not limited to physical threats, so it must include advanced cyber warfare training. The Israelis are outraged. Ari Yasher of Israel National News writes: […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] GAO: Early look at fed’s ‘Einstein 3’ security weapon finds challenges

http://www.networkworld.com/article/2946040/security0/gao-early-look-at-feds-einstein-3-security-weapon-finds-challenges.html By Michael Cooney Network World July 9, 2015 When it comes to the government protecting all manner of state and personal information, the feds can use all the help it can get. One of the most effective tools the government has is the National Cybersecurity Protection System (NCPS), known as “EINSTEIN.” In a nutshell EINSTEIN is a suite of technologies intended to detect and prevent malicious network traffic from entering and exiting federal civilian government networks. The Government Accountability Office has been tracking EINSTEIN’s implementation since about 2010 and will later this year issue an update on the status of the system. But this week, it included some details of its report in an update on the state of federal security systems, and all is not well. Preliminary EINSTEIN observations from the GAO: •The Department of Homeland Security [which administers EINSTEIN] appears to have developed and deployed aspects of the intrusion detection and intrusion prevention capabilities, but potential weaknesses may limit their ability to detect and prevent computer intrusions. For example, NCPS detects signature anomalies using only one of three detection methodologies identified by NIST: signature-based, anomaly-based, and stateful protocol analysis. Further, the system has the ability to prevent intrusions, but is currently only able to proactively mitigate threats across a limited subset of network traffic (i.e., Domain Name System traffic and e-mail). […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] A Review of Common HIPAA Technical Safeguards

http://healthitsecurity.com/news/a-review-of-common-hipaa-technical-safeguards By Elizabeth Snell Health IT Security June 26, 2015 HIPAA technical safeguards are just one piece of the larger health data security plan that covered entities and their business associates must put together. However, it is a very important aspect. Over the next few weeks, HealthITSecurity.com will discuss some common examples of all three HIPAA safeguards, and how they could potentially benefit healthcare organizations. Not all types of safeguards are appropriate or necessary for every covered entity. But by having a comprehensive understanding of what is required by HIPAA and the HITECH Act, and how various safeguards can be used, organizations will be able to identify which ones are most applicable. From there, they can create and implement the right data security protections for their daily workflow and ensure they maintain HIPAA compliance. As previously mentioned, HIPAA technical safeguards are an important part to keeping sensitive health data secure. Whether a small primary care clinic is debating health data encryption options or a large HIE is considering BYOD for employees, understanding the basics of HIPAA technical safeguards is essential. What are HIPAA technical safeguards? The HIPAA Security Rule describes technical safeguards as ““the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.” However, an important note is that the Security Rule does not require specific technology solutions. Rather, healthcare organizations need to determine reasonable and appropriate security measures for their own needs and characteristics. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Report: Hack of government employee records discovered by product demo

http://arstechnica.com/security/2015/06/report-hack-of-government-employee-records-discovered-by-product-demo/ By Sean Gallagher Ars Technica June 11, 2015 As officials of the Obama administration announced that millions of sensitive records associated with current and past federal employees and contractors had been exposed by a long-running infiltration of the networks and systems of the Office of Personnel Management on June 4, they claimed the breach had been found during a government effort to correct problems with OPM’s security. An OPM statement on the attack said that the agency discovered the breach as it had “undertaken an aggressive effort to update its cybersecurity posture.” And a DHS spokesperson told Ars that “interagency partners” were helping the OPM improve its network monitoring “through which OPM detected new malicious activity affecting its information technology systems and data in April 2015.” Those statements may not be entirely accurate. According to a Wall Street Journal report, the breach was indeed discovered in April. But according to sources who spoke to the WSJ’s Damian Paletta and Siobhan Hughes, it was in fact discovered during a sales demonstration of a network forensics software package called CyFIR by its developer, CyTech Services. “CyTech, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network,” Paletta and Hughes reported. And, according to federal investigators, that malware may have been in place for over a year. US intelligence agencies have joined the investigation into the breach. But it’s still not even clear what data was accessed by the attackers. Meanwhile, the breach has triggered outrage from unions representing federal employees. In a letter to OPM Director Katherine Archuleta, American Federation of Government Employees president J. David Cox expressed displeasure at the way OPM had handled the breach, calling the 18 months of credit monitoring and $1 million liability insurance OPM is offering federal employees “entirely inadequate, either as compensation or protection from harm.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Invest Insight: Focus on Imperva

This research looks at various segments relevant to Imperva — Web application firewalls (WAFs), data-centric audit and protection (DCAP), cloud security, and cloud access security brokers (CASBs) — to provide the reader with the ability to assess the company’s prospects. Based in Redwood Shores, California, Imperva provides hardware and software cybersecurity solutions designed to protect data and applications in the cloud and on-premises. Customers use these solutions to discover assets and risks, protect information, and comply with regulations. …

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] House cyber bills may hit floor separately

http://thehill.com/policy/cybersecurity/239062-house-cyber-bills-may-hit-floor-separately By Cory Bennett thehill.com 04/16/15 The two House bills to increase public-private cybersecurity information sharing may hit the floor separately next week after all, despite weeks of speculation the pair would be combined. The House Intelligence and Homeland Security committees have worked since January to develop two complementary bills. Together, the measures would grant companies liability protection when sharing cyber threat data with civilian government agencies. Committee leaders had hoped to merge their efforts before a floor vote to simplify the path to passage. But according to notifications from the House Rules Committee, the two bills will get individual floor votes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail