Tag Archives: systems

My latest Gartner research: Market Opportunity Map: Security and Risk Management Software, Worldwide

20 April 2017  |  The security software market is transforming through four vectors: analytics, adoption of SaaS and managed services, expanded ecosystems, and regulations. Technology business unit leaders must realign their product and go-to-market strategies to address these key forces….

Gartner clients can access this research by clicking here.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] IoT risks raise concerns among IT specialists in central and eastern Europe

www.computerweekly.com/news/4500272253/IoT-risks-raise-concerns-among-IT-specialists-in-CEE By Krzysztof Polak ComputerWeekly.com 04 Feb 2016 The internet of things (IoT) has gone from an industry buzzword to a highly promising phenomenon in central and eastern Europe – but IT specialists are concerned about how to protect networks from the extra strain of new connected devices. The driving force behind IoT is the desire to gain knowledge and insights about, for example, buildings, cars, industrial installations, healthcare, aviation and civil infrastructure, using smart and connected devices. But according to Sylwester Chojnacki, director, enterprise business group at Huawei CEE, the designers of IoT equipment have not learned the lessons from the early years of internet development. “They do not pay sufficient attention to the safety of devices and applications,” he said. IoT devices are often the first target in cyber attacks, leading to intrusions into computer systems and large databases. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NSA Hacker Chief Explains How to Keep Him Out of Your System

www.wired.com/2016/01/nsa-hacker-chief-explains-how-to-keep-him-out-of-your-system/ By Kim Zetter Security Wired.com 1/28/2016 IT WAS THE talk most anticipated at this year’s inaugural Usenix Enigma security conference in San Francisco and one that even the other speakers were eager to hear. Rob Joyce, the nation’s hacker-in-chief, took up the ironic task of telling a roomful of computer security professionals and academics how to keep people like him and his elite corps out of their systems. Joyce is head of the NSA’s Tailored Access Operations—the government’s top hacking team who are responsible for breaking into the systems of its foreign adversaries, and occasionally its allies. He’s been with the NSA for more than 25 years but only became head of the TAO division in April 2013, just weeks before the first leaks from Edward Snowden were published by the Guardian and Washington Post. Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NSA Hacker Chief Explains How to Keep Him Out of Your System

www.wired.com/2016/01/nsa-hacker-chief-explains-how-to-keep-him-out-of-your-system/ By Kim Zetter Security Wired.com 1/28/2016 IT WAS THE talk most anticipated at this year’s inaugural Usenix Enigma security conference in San Francisco and one that even the other speakers were eager to hear. Rob Joyce, the nation’s hacker-in-chief, took up the ironic task of telling a roomful of computer security professionals and academics how to keep people like him and his elite corps out of their systems. Joyce is head of the NSA’s Tailored Access Operations—the government’s top hacking team who are responsible for breaking into the systems of its foreign adversaries, and occasionally its allies. He’s been with the NSA for more than 25 years but only became head of the TAO division in April 2013, just weeks before the first leaks from Edward Snowden were published by the Guardian and Washington Post. Joyce acknowledged that it was “very strange” for someone in his position to stand onstage before an audience. The TAO has largely existed in the shadowy recesses of the NSA—known and unknown at the same time—until only recently when documents leaked by Snowden and others exposed the workings of this cabal as well as many of its sophisticated hacking tools. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cloud security roadmap essential for healthcare as off-site threats persist, experts say

www.healthcareitnews.com/news/cloud-security-roadmap-essential-healthcare-site-threats-persist-experts-say By Jack McCarthy Health IT News January 28, 2016 The onset of cloud computing brought with it an information technology revolution, allowing organizations to have their IT resources hosted off site, reducing their costs and simplifying operations. Unfortunately, the move to the cloud did not mean organizations could forget about requirements for a successful security profile. Healthcare organizations making the move to a cloud-centric strategy can’t lower their guard on security defenses, said Chris Bowen, founder and chief privacy and security officer of ClearDATA, a healthcare cloud computing company. “People may think that by offloading security responsibility to the cloud, they won’t have to worry, but that’s not the case,” Bowen said. “We know that threats exist in the cloud.” Bowen will discuss this issue at HIMSS16 along with J. Gary Seay, senior vice president and CIO of Community Health Systems, Bowen will give a presentation entitled, “Developing a Cloud Security Roadmap.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NASA, Dept of Defense, Commerce etc probed over use of backdoored Juniper kit

www.theregister.co.uk/2016/01/26/juniper_us_government/ By Chris Williams The Register 26 Jan 2016 A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. The House of Representatives’ Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. Juniper’s ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to introduce two vulnerabilities: one was an administrator-level backdoor accessible via Telnet or SSH using a hardcoded password, and the other allowed eavesdroppers to decrypt intercepted VPN traffic. The flaws, which were smuggled into the source code of the firmware, were discovered on December 17 by Juniper, and patches were issued three days later to correct the faults. The backdoor (CVE-2015-7755) affects ScreenOS versions 6.3.0r17 through 6.3.0r20, and the weak VPN encryption (CVE-2015-7756) affects ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Broad use of cloud services leaves enterprise data vulnerable to theft, report says

www.networkworld.com/article/3025944/security/broad-use-of-cloud-services-leave-enterprise-data-vulnerable-to-theft-report-says.html By Patrick Nelson Network World Jan 25, 2016 Data theft is a very real and growing threat for companies that increasingly use cloud services, says a security firm. Workers who widely share documents stored in the cloud with clients, independent contractors, or even others within the company are creating a Swiss-cheese of security holes, a study by Blue Coat Systems has found. In some cases, cloud documents were publicly discoverable through Google searches, the researchers say of their analysis. ‘Broadly shared’ The study found that 26% of documents stored in cloud apps are shared so widely that they pose a security risk. Compounding the issue is that many organizations aren’t even aware of it. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Flint hospital hit with cyber attack after hacker group Anonymous promises action on water crisis

www.healthcareitnews.com/news/flint-hospital-hit-cyber-attack-after-hacker-group-anonymous-promises-action-water-crisis By Mike Miliard Health Care IT News January 25, 2016 Flint, Michigan-based Hurley Medical Center was targeted with a cyber attack this past week, soon after the hacktivist group Anonymous released a video promising “justice” for the city’s ongoing water crisis. The attack was confirmed by the hospital on Jan. 21. “Hurley Medical Center has IT systems in place, which aid in detecting a virus or cyber attack,” spokeswoman Ilene Cantor said, according to MLive. “As such, all policies and protocols were followed in relation to the most-recent cyber attack on our system. Patient care was not compromised and we are closely monitoring all systems to ensure IT security is consistently maintained.” Anonymous’ posted a video online launching what it dubbed the #OpFlint campaign. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail