Information security, network and communications practitioners must implement specific best practices to prevent, detect and mitigate advanced threats. These practitioners should leverage both existing and emerging security technologies in their security architectures. … …
Gartner customers can access this research by clicking here.
Deception techniques such as honeypots are not a new concept in security; however, new techniques and capabilities promise to deliver game-changing impact on how threats are faced. This research articulates how product managers can successfully use threat deception as a threat response tactic.
Gartner subscribers can read this research by clicking here.
Information security practitioners must implement specific strategic and tactical best practices to detect and mitigate advanced persistent threats and targeted malware by leveraging both existing and emerging security technologies in their security architectures. Management silos between network, edge, endpoint and data security systems can restrict an organization’s ability to prevent, detect and respond to advanced attacks. Adversaries continue to use social engineering and social networks to target sensitive roles or individuals within …
Gartner clients can access this research by clicking here.
http://www.autonews.com/article/20150309/FINANCE_AND_INSURANCE/303099941/small-time-security-threats-bigger-concern By David Barkholz Automotive News March 9, 2015 The biggest threats to a dealership’s data aren’t Russian hackers breaking through electronic firewalls or robots trying a thousand passwords on security codes until they finally crack into the system. It’s more likely the mundane stuff that will cause a breach that enables personal consumer data to slip out of the store, said Brad Miller, director of legal and regulatory affairs for the National Automobile Dealers Association. Watch out, he said, for laptops that may contain sensitive files being stolen out of cars. A thumb drive that contains code capable of capturing passwords or data can be plugged into the laptop. Also, software vendors long ago dropped by a dealership may retain active pass codes that enable data to be taken from the dealership, unbeknownst to store employees, Miller said. Or pirates may send dealership employees a “phishing” email hoping to fool one into giving out information or a password that opens the system to the thieves. […]
http://www.defenseone.com/technology/2015/03/cia-restructuring-adds-new-cyber-focus/106953/ By Patrick Tucker defenseone.com March 6, 2015 The CIA will create a new directorate designed to boost the agency’s ability to collect and use digital intelligence in operations, agency CIA Director John Brennan announced. The move to launch a “directorate of digital innovation” comes a two weeks after the Washington Post first reported that Brennan would be restructuring the agency to place a much stronger emphasis on the use of computers and electronic intelligence. The move is a big change for the agency, one that reflects a fundamental evolution in intelligence gathering. CIA traditionally has been tasked with collecting information from human sources (also called HUMINT). The NSA, conversely, is tasked with collecting information from electric sources in the form of signals (also called SIGINT). Today’s announcement is a formal recognition that the electronic world is overtaking the human one, and that collecting information from humans now has a digital component to it. “Digital technology holds great promise for mission excellence, while posing serious threats to the security of our operations and information,” Brennan said, in message to the Intelligence Community, released Friday. “We must place our activities and operations in the digital domain at the very center of all our mission endeavors.” Brennan said a new senior position will “oversee the acceleration of digital and cyber integration across all of our mission areas.” […]