Effective threat management requires security teams to combine security analytics with the abundance of machine-generated data that is prevalent in most enterprise environments. Tools such as network traffic analysis, endpoint detection, security information and event management (SIEM), and user behavior analytics (UBA) harvest this data and reveal who is doing what in the IT environment and when and how they’re doing it. This mix of data can help uncover unknown threats, but it can also confuse some security operations professionals who are not familiar with it when the data is only partially displayed.
By Zane Pokorny on April 26, 2019
The National Counterintelligence and Security Center (NCSC) declared April to be “National Supply Chain Integrity Month,” highlighting the growing cybersecurity risks coming from third parties in our increasingly connected world.
With our recent acquisition of Duo, Cisco Firepower Next-Generation Firewalls work with Duo to give you the enhanced security your business requires today. Just as importantly, it addresses a concern we’re hearing more frequently from our customers: How to help an overwhelmed IT team.
At a time when cybersecurity careers should be flourishing — the pay is good, opportunities abound and many colleges now offer degrees in security — positions remain unfilled. ISACA’s “State of Cybersecurity 2019” survey revealed that 58 percent of organizations have unfilled security positions and 32 percent said it takes at least six months to fill these open jobs, a six percentage-point increase from the previous year. One reason for the cybersecurity skills gap is a lack of technical security expertise; another is a lack of business insights.
A surge in ransomware and trojans in the first three months of the year led to a massive 235% year-on-year increase in detected cyber-threats to businesses in Q1 2019, according to Malwarebytes. The security vendor’s Cybercrime tactics and techniques report for the first quarter revealed a definite shift from consumers to businesses, which is apparently hitting SMBs with fewer IT resources particularly hard.
Cyberattacks don’t magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing has led to something called the “cybersecurity kill chain“: a way of thinking about cyber defense in terms of disrupting the attacker’s process.
Security orchestration, automation and response model has many benefits, including some that are unintended
On Tuesday, Stripe, the online payments platform provider, announced that it has upgraded its products to be compliant with Strong Customer Authentication (SCA) under the second Payment Services Directive (PSD2).
dryriver writes: Imagine for a second that a second, smaller internet infrastructure is built parallel to, but separate from, the regular internet. Lets call this the SafeNet. The SafeNet, which does not allow anonymous use, is not intended for general purpose use like watching Youtube videos, downloading a Steam game, or going on Facebook. Rather, it is a safer, more policed mini-internet that you access through a purpose-built terminal device and use for security critical tasks like online banking, stock trading, medical data transfer and sending confidential business emails, text messages or documents or other things that you don’t trust the general internet with.
Written by Sean Lyngaas
The strength of a new federal acquisition council on supply-chain security lies in its ability to directly involve classified information in agencies’ decisions to buy products and services, according to a senior White House official.
Third time lucky — unless you’re Facebook.
The social networking giant was hit Thursday by a trio of investigations over its privacy practices following a particularly tumultuous month of security lapses and privacy violations — the latest in a string of embarrassing and damaging breaches at the company, much of its own doing.
The removal of the password-expiration policies without the addition of other password-oriented security configurations does not directly translate into a decrease in security but, instead, it simply stands as proof that security-conscious organizations need to implement extra measures to enforce their users’ security. As Microsoft further detailed, “to try to avoid inevitable misunderstandings, we are talking here only about removing password-expiration policies — we are not proposing changing requirements for minimum password length, history, or complexity.”
John Lin is an associate partner at Trinity Ventures supporting investments in developer tools, artificial intelligence and real estate. More posts by this contributor
E-commerce is one of the economy’s bright spots; U.S. e-commerce sales have nearly doubled in five years, and now exceed $500 billion. Unsurprisingly, Amazon has swooped in to claim a disproportionate share of the riches, gobbling up nearly 50 percent of the market share, driving competitors out of business and solidifying its position as one of the world’s most valuable companies.
The ride-hailing app database was hosted on an insecure MongoDB server.
Another day, another data breach – This time, security researchers have identified a ride-hailing app exposing personal data of 1 to 2 million Iranian drivers, thanks to an insecure MongoDB database.
RFID payment systems are one of those things that the community seems to be divided on. Some only see the technology as a potential security liability, and will go a far as to disable the RFID chip in their card so that it can’t be read by a would-be attacker. Others think the ease and convenience of paying for goods by tapping their card or smartphone on the register more than makes up for the relatively remote risk of RFID sniffers. Given the time and effort [David Sikes] put into creating this contactless payment ring, we think it’s pretty clear which camp he’s in.
Written by Shannon Vavra
Cybercriminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, the National Security Council’s senior director for cybersecurity policy said Thursday.
Once your application security program is up and running, there are several metrics you can use to gauge your progress and optimize your program. For instance, companies typically measure their scan activity, flaw density, and policy compliance. However, very few include metrics for fix rate, despite the fact that it is an important indicator of a program’s success. Fix rate indicates how long it takes for a team to fix the vulnerabilities their scans find. Fix rate is calculated as follows:
Carl Hurd and Jared Rittle of Cisco Talos discovered these vulnerabilities.