5 January 2017 | …EPP providers starting to offer EDR features. At least 50% of endpoint detection and responseproviders will incorporate enhanced analytics of user and attacker…the next 12 to 24 months, up from less than 15% today. The endpoint detection and response (EDR…
Gartner clients can access this research by clicking here.
http://www.defenseone.com/technology/2015/03/cia-restructuring-adds-new-cyber-focus/106953/ By Patrick Tucker defenseone.com March 6, 2015 The CIA will create a new directorate designed to boost the agency’s ability to collect and use digital intelligence in operations, agency CIA Director John Brennan announced. The move to launch a “directorate of digital innovation” comes a two weeks after the Washington Post first reported that Brennan would be restructuring the agency to place a much stronger emphasis on the use of computers and electronic intelligence. The move is a big change for the agency, one that reflects a fundamental evolution in intelligence gathering. CIA traditionally has been tasked with collecting information from human sources (also called HUMINT). The NSA, conversely, is tasked with collecting information from electric sources in the form of signals (also called SIGINT). Today’s announcement is a formal recognition that the electronic world is overtaking the human one, and that collecting information from humans now has a digital component to it. “Digital technology holds great promise for mission excellence, while posing serious threats to the security of our operations and information,” Brennan said, in message to the Intelligence Community, released Friday. “We must place our activities and operations in the digital domain at the very center of all our mission endeavors.” Brennan said a new senior position will “oversee the acceleration of digital and cyber integration across all of our mission areas.” […]
http://www.theregister.co.uk/2015/03/05/us_watchdog_anthem_audits/ By Shaun Nichols The Register 5 Mar 2015 A year or so before American health insurer Anthem admitted it had been ruthlessly ransacked by hackers, a US federal watchdog had offered to audit the giant’s computer security – but was rebuffed. And, after miscreants looted Anthem’s servers and accessed up to 88.8 million private records, the watchdog again offered to audit the insurer’s systems, and was again turned away. “We do not know why Anthem refuses to cooperate,” government officials told The Register today. The Office of the Inspector General (OIG) for the US Office of Personnel Management (OPM) told us it wanted to audit Anthem’s information security protections back in 2013, but was snubbed by the insurer. According to the agency, Anthem participates in the US Federal Employees Health Benefits Program, which requires regular audits from the OIG, audits that Anthem allegedly thwarted. Other health insurers submit to Uncle Sam’s audits “without incident,” we’re told. […]
http://krebsonsecurity.com/2015/03/credit-card-breach-at-mandarian-oriental/ By Brian Krebs Krebs on Security March 4, 2015 In response to questions from KrebsOnSecurity, upscale hotel chain Mandarin Oriental Hotel Group today confirmed that its hotels have been affected by a credit card breach. Reached for comment about reports from financial industry sources about a pattern of fraudulent charges on customer cards that had all recently been used at Mandarin hotels, the company confirmed it is investigating a breach. “We can confirm that Mandarin Oriental has been alerted to a potential credit card breach and is currently conducting a thorough investigation to identify and resolve the issue,” the company said in an emailed statement. “Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.” Mandarin isn’t saying yet how many of the company’s two-dozen or so locations worldwide may be impacted, but banking industry sources say the breach almost certainly impacted most if not all Mandarin hotels in the United States, including locations in Boston, Florida, Las Vegas, Miami, New York, and Washington, D.C. Sources also say the compromise likely dates back to just before Christmas 2014. […]
http://techcrunch.com/2015/02/25/target-says-credit-card-data-breach-cost-it-162m-in-2013-14/ By Ingrid Lunden Techcrunch.com February 26, 2015 When it comes to data breaches, retailers are one of the biggest targets these days, and today we have some detail on the costs around one of the more high-profile attacks. Target today said that it has booked $162 million in expenses across 2013 and 2014 related to its data breach, in which hackers broke into the company’s network to access credit card information and other customer data, affecting some 70 million customers. The figure, revealed in the company’s Q4 earnings published today, includes $4 million in Q4, and $191 million in gross expenses for 2014, as well as $61 million gross for 2013. Target says that the gross number was offset in part by insurance receivables of $46 million for 2014 and $44 million for 2013. This is also not including whatever expenses Target may incur as a result of class action lawsuits filed after the breach, or wider damage to its reputation with customers. In January, a federal judge gave plaintiffs the nod to proceed with their class action case against the company. Overall Target posted revenues of $21.8 billion, beating analyst estimates, and adjusted earnings per share of $1.50, beating its guidance. The company also recorded a pre-tax loss of $5.1 billion related to the company pulling out of operating in Canada. In pre-market trading, the company’s shares were up a little over 1% to $77.85 per share. […]