CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career

Security System - BORDERS Alert and Ready

CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career                                                                           Why is it different? No other certification that assesses baseline cybersecurity skills has performance-based questions on the exam. Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues. More choose Security+ for DoD 8570 compliance than any other certification. Security+ focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection. The new Security+ certification covers the Junior IT Auditor/Penetration Tester job role, in addition to the previous job roles for Systems Administrator, Network Administrator, and Security Administrator. About the exam CompTIA Security+ is the first security certification IT professionals should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on trouble-shooting to ensure security professionals have practical security problem-solving skills. Cybersecurity professionals with Security+ know how to address security incidents – not just identify them. Security+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. The new CompTIA Security+ SY0-501 exam is available as of October 4, 2017. More information on both versions of the exam is available in the Exam Details below.
When WIRED reached out to Google, the company said that it appreciated SRL’s research, but responded by pointing out that some of the devices SRL analyzed may not have been Android certified devices, meaning they’re not held to Google’s standards of security. They noted that modern Android phones have security features that make them difficult to hack even when they do have unpatched security vulnerabilities. And they argued that in some cases, patches might have been missing from devices because the phone vendors responded by simply removing a vulnerable feature from the phone rather than patch it, or the phone didn’t have that feature in the first place. The company says it’s working with SRL Labs to further investigate its findings. “Security updates are one of many layers used to protect Android devices and users,” added Scott Roberts, Android product security lead, a statement to WIRED. “Built-in platform protections, such as application sandboxing, and security services, such as Google Play Protect, are just as important. These layers of security—combined with the tremendous diversity of the Android ecosystem—contribute to the researchers’ conclusions that remote exploitation of Android devices remains challenging.”1
Computer security, also known as cybersecurity or IT security, refers to the security of computing devices such as computers and smartphones, as well as computer networks such as private and public networks, and the Internet. The field has growing importance due to the increasing reliance on computer systems in most societies. It concerns the protection of hardware, software, data, people, and also the procedures by which systems are accessed. The means of computer security include the physical security of systems and security of information held on them.

Homepage - IEEE Security & Privacy | IEEE Computer Society

Approaches to security are contested and the subject of debate. For example, in debate about national security strategies, some argue that security depends principally on developing protective and coercive capabilities in order to protect the security referent in a hostile environment (and potentially to project that power into its environment, and dominate it to the point of strategic supremacy). Others argue that security depends principally on building the conditions in which equitable relationships can develop, partly by reducing antagonism between actors, ensuring that fundamental needs can be met, and also that differences of interest can be negotiated effectively.https://www.lynda.com
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

The Best Free Firewalls Of 2018 — So Far

The Best Free Firewalls Of 2018 — So Far

FirewallsIn the 1990s, Microsoft had a problem: Windows seemed to suffer from endless security problems that hackers and other online villains were quick to exploit. One way to fight back was to install a firewall — an app that blocked malicious and/or unwanted network traffic and that could ensure that dodgy software couldn’t sneak onto your PC.
So Microsoft began building its own firewall into Windows, but there has been ongoing controversy as to its robustness as a ‘best solution.’ or whether it’s merely just good enough. That remains the case today, with the potential for cyber-attacks still very much a danger, and the promise that third-party software can make your system even more secure. These are the firewall apps we think you should consider using no matter which version of Windows you’re running.
Most of us run a hardware firewall on our router, and a software firewall on our Windows PC. Some antivirus providers bundle a firewall with their free antivirus software, while others only include one with their premium security suites. Here we’re looking at firewalls that can be used alongside your regular antivirus software.
ZoneAlarm Free Firewall 2018
For many of us, ZoneAlarm Free Firewall 2018 was the app that introduced us to firewalls in the first place, and it was a must-have app back in the days when Windows effectively told the internet “Hack me! I’m easy!”
The current version of ZoneAlarm Free Firewall hides open ports, identifies potentially dodgy traffic, disables malicious programs and connects to DefenseNet, which provides real-time security updates as new threats are detected. It also protects your computer on public Wi-Fi networks, and offers 5GB of online data backup via IDrive.
When you’re installing the software, read through each step carefully if you don’t want to set Yahoo as your default homepage; the ‘Customize installation’ option is quite well hidden. You’ll also need to submit an email address to activate the firewall, though ZoneAlarm promises not to share it with any third parties. If that isn’t an issue for you, ZoneAlarm Free Firewall is the best free firewall you can download.
Comodo Firewall
It’s worth taking your time when installing Comodo Free Firewall because it comes bundled with an extra browser, and if you click through too hastily you might find that it’s installed itself without you realizing.
Comodo Free Firewall sits in a small window at the top right of your desktop, providing one-click access to sandboxed versions of Chrome, Firefox and Comodo Browser for safer surfing. You can also run any other programs in a sandbox — ideal if you enjoy experimenting with free software, as these apps can sometimes offer more than you bargained for.
It’s easy to control permissions for different networks, and you can create rules for specific programs too (allowing incoming traffic, outgoing traffic, both, or neither). Viruscope monitors the behavior of processes for anything that looks suspicious (though your regular antivirus software probably has this covered), and website filtering enables you to block certain sites.
Comodo Free Firewall will also offer to set Yahoo as your homepage, but the checkbox is much easier to see and untick than ZoneAlarm’s. It will also suggest making its own secure Comodo Dragon your default browser and importing your settings from Chrome. You can’t opt out of installing the browser, but you can choose not to use it.
Comodo Free Firewall will offer to change your DNS (domain name resolution service) provider to Comodo Secure DNS for more faster, safer browsing.
GlassWire
GlassWire is a slick looking free firewall that shows you exactly which programs are sending and receiving data over your network, and how much, making it easy to identify anything unusual. There’s a huge amount of information available, which might seem alarming at first, but you can clear all of GlassWire’s logs in a few seconds.
You’ll be notified when a new application or service wants internet access, and you can allow or block it with a single click. In actual fact, GlassWire is really just an interface built on top of the Windows firewall, so while certainly more attractive (and informative) than the latter, it’s not going to be any more robust.
The premium versions of GlassWire includes some extra features like monitoring of your webcam and microphone, storing records for more than a month, and monitoring multiple remote connections, but for basic use the free edition is superb.
TinyWall
TinyWall is better known for what it doesn’t do than what it does: unlike some free firewalls it doesn’t interrupt you with pop-up warnings about what seems to be every second bit of data.
TinyWall (now on version 2.1) is designed to improve Windows’ own firewall features without requiring any expert knowledge, and while it offers the same whitelisting features as other packages — to ensure that the apps you use can get online without any difficulty — it does it through hotkeys or lists rather than pop-ups.
TinyWall lives up to the ‘tiny’ part of its name, and only takes up about 1MB on your hard drive, and is a very useful addition if you decide to stick with Windows’ built-in security tool.
OpenDNS
OpenDNS isn’t a downloadable free firewall; it’s a change you can make to your router’s settings so it connects to the internet via OpenDNS’ servers. That means the protection applies to any device on your network, which is useful in today’s hyper-connected homes and businesses.
OpenDNS Home automatically blocks known offenders and offers a range of content filtering options to keep the kids away from filth, too, and it helps prevent phishing attacks. The service is free, and there are full setup instructions for every kind of device.http://www.lifewire.com

 

 

Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Artificial Intelligence Key To Do ‘more With Less’ In Securing Enterprise Cloud Services

Artificial IntelligenceArtificial Intelligence Key To Do ‘more With Less’ In Securing Enterprise Cloud Services

Security professionals in the enterprise are facing an uphill battle to maintain control of corporate networks.
Data breaches and cyberattacks are rampant, sensitive information belonging to both companies and individuals is spilling unchecked into the underbelly of the Internet, and with the emergence of state-sponsored threat actors, it is becoming more and more difficult for organizations to keep up.
It is estimated the cyberattacks and online threats will cost businesses up to $6 trillion annually by 2021, up from $3 trillion in 2015.
Once cyberattackers compromise an enterprise network or cloud service, information can be stolen, surveillance may be conducted, or in some cases, ransomware attacks can lock down an entire operation and hold a business to ransom.
However, new technologies are entering the cybersecurity space which may help reduce the financial cost and burden on cybersecurity professionals pressed for time and often operating with limited staff and budgets.
Artificial intelligence (AI), machine learning (ML), and predictive analytics applications may one day prove to be the key to maintaining control and preventing successful hacks, data breaches, and network compromise.
These technologies encompass deep learning, algorithms, and Big Data analysis to perform a variety of tasks. The main goal of AI and ML is usually to find anomalies in systems and networks of note, whether it be suspicious traffic, unauthorized insider behavior and threats, or indicators of compromise.
Able to evolve over time, the purpose of AI technologies is to learn, detect, and prevent suspicious and dangerous activities with improvements and refinements the longer such applications and systems are in use. This provides companies with a custom cybersecurity system which tailors itself to their requirements, in comparison to an off-the-shelf, traditional antivirus security solution — which is no longer enough with so many threats lurking at the perimeter.

screen-shot-2018-03-20-at-11-28-04.jpg

iboss CEO Paul Martini
In an interview with ZDNet, Paul Martini, CEO and co-founder of cloud gateway and security firm iboss said that enterprises are experimenting with these kinds of technology to “alleviate the staffing pressures caused by the well-known skills shortage in cybersecurity.”
Cybersecurity Ventures estimates that by 2021, there will be 3.5 million vacancies in the cybersecurity market left unfulfilled. To make matters worse, a report from Capgemini estimates that only 43 percent of individuals in IT roles have the cybersecurity skills required for their jobs.
While the market as a whole, training facilities, and IT organizations rush to bridge the gap, AI and machine learning technologies may be able to alleviate some of the pressure that enterprise players now face to keep data secure and networks safe.
“AI, predictive analytics, and automation allow security teams to leverage technology and do more with less,” the executive says. “AI and predictive analytics are critical aspects of improving efficiency and productivity because they reduce the number of false alarms and streamline time-intensive manual tasks.”
“For cloud services, in particular, AI and predictive analytics can leverage network anomaly detection to not only identify potential security concerns but performance issues like latency,” Martini added.
The range of these technologies is broad, but according to the executive, “any technology that takes the burden off your security and IT team is extremely useful.”
Behavioral analysis, malware prevention, and email-based security solutions are of particular use to enterprise players when the cloud is concerned.
AI, machine learning, and predictive analytics used to monitor cloud services and networks can detect suspicious traffic, anomalies, and fraudulent emails, in order to hopefully prevent an attack before it occurs.
As both personal and corporate networks have now evolved from simple PC to router systems to include mobile devices, different operating systems, and Internet of Things (IoT) products, more robust security systems are required to keep threats at bay.
“AI and predictive analytics certainly make it more difficult for threat actors to penetrate networks but as we’ve seen throughout the years, threat actors are innovative and resourceful, skilled and dedicated attackers will continue to find ways to penetrate network security,” Martini says. “While AI and predictive analytics will do well preventing the most frequent and basic attacks, highly targeted attacks that leverage unorthodox or custom attack methods will continue to cause problems for enterprise security teams.”
However, AI and machine learning technologies are not intended to replace cybersecurity teams or human input.
Instead, these technologies are best suited as a means to augment security teams — freeing them up from manual tasks to focus on more difficult challenges, patch processes, and critical security issues.
See also: AI is becoming ubiquitous across enterprise software
Data also comes into the mix. AI, ML, and predictive analytics are only as effective as the information the systems are working with, and unless enterprise firms are collecting high-quality information relating to services, users, network traffic, and more, they may find that avoidable false positives and incorrect conclusions will reduce performance levels.
“AI and predictive analytics are better suited for cloud-based cybersecurity functions because they have the benefit of larger datasets,” the executive added. “The more historical and real-time data AI programs have, the better they will be. While AI and predictive analytics will still be valuable for traditional security solutions, the highest level of performance will always be in the cloud.”
According to Gartner, 59 percent of organizations are still in the midst of developing AI strategies, while the remainder is in the process of piloting or adopting AI solutions across the board.
The research firm says that enterprises should focus on narrow AI, which are ML-based solutions which target specific tasks, including security and monitoring, rather than general AI applications, in order to maximize business value.
Previous and related coverage

Artificial Intelligence Is Rapidly Transforming The Art Of War

Several months ago, Vladimir Putin said, “Artificial intelligence is the future, not only for Russia, but for all humankind … whoever becomes the leader in this sphere will become the ruler of the world.” Artificial Intelligence (AI) and its sister technologies will be the engine behind the fourth industrial revolution, which the World Economic Forum described as “unlike anything humankind has experienced before.”
These technologies are capturing people’s imagination. However, one area remains in the shadow of public discourse: AI’s implications for national security and future warfare.
ADVERTISEMENT
AI’s promise, in the context of national security and armed conflicts, is rooted in three main fields: improving efficiency through automation and optimization; automation of human activities; and the ability to influence human behavior by personalizing information and changing the way information is shared.
Efficiency — the optimal use of minimal resources — is key. In 2016, Google successfully reduced its data center cooling energy use by 40 percent with the “deep mind” neural network. If military planners could reduce spending by 40 percent while maintaining a high level of strategic supremacy and operational readiness, precious resources could be allocated to long-term capacity building, as well as curing the chronic disease of democracy — the constant, growing burden of defense and security spending.
The characteristics of the current and future battlefield pose a great challenge to advanced militaries. Modern battlefields have become a hide-and-seek playground, especially since armed conflicts now focus on heavily populated urban areas. Advanced militaries must choose one of two alternatives: exercise air power, thus causing civilian casualties, or deploy boots on the ground, thus risking heavy losses.
AI could change this costly equation. Combined with “big data” and predictive analytics, it could help militaries identify patterns, links, and anomalies in vast amounts of information. Image processing could find the enemy needle in the urban haystack, while fusion centers could automatically combine massive amounts of data from various sources into landscape analysis for forces in the field.
In cyberspace, AI is already used by both attackers and defenders. Given the state of cybersecurity today, however, greater implementation of AI systems could be a real turning point. New generations of malware and cyberattacks can be difficult to detect with conventional cybersecurity protocols, especially if they themselves use AI. Machine learning allows defending systems to adapt over time, giving defenders a dynamic edge over hackers. AI-based systems can also categorize and prioritize attacks based on threat level. With this kind of automation, there’s almost no doubt that we will soon witness cyber wars machine-to-machine.
And while robots might yield better results in military tasks than humans, full-scale implementation is still far from feasible, especially given the current limits of such basic physical abilities as walking and running. It is more likely that we will witness the emergence of “swarms” of micro-drones capable of performing a wide array of tasks, such as intelligence gathering, gaining aerial dominance, or firing highly-accurate micro-missiles.
Finally, AI will play a significant role in winning the hearts and minds of civilians. Advertisers already use AI to tailor messages to the consumer, based on observed-past and predicted-future behavior. Furthermore, AI can create an alternative truth, with no basis in real facts. Current software can create scenes that have never occurred by manipulating existing visuals and sounds. These capabilities are already used to influence political behavior, and there’s every reason to believe that the battle over narratives — or the truth — is only in its infancy.
These rapid technological developments pose a great challenge to national security, but they also hold incredible promise. We can only hope that our policy-makers will deploy AI to its greatest advantage.
Shay Hershkovitz, Ph.D., is a political science professor specializing in intelligence studies. He is also a former IDF intelligence officer whose book, “Aman Comes To Light,” deals with the history of the Israeli intelligence community.

 

Artificial Intelligence In Security Market Strategic Focus Report With Growth Intelligence And Analysis For Period 2018 – 2023

 (EMAILWIRE.COM, March 27, 2018 ) Artificial Intelligence in Security Market Analysis to 2023 is a specialized and in-depth study of the Artificial Intelligence in Security industry with a focus on the global market trend. The report aims to provide an overview of global Artificial Intelligence in Security market with detailed market segmentation by product/application and geography. The global Artificial Intelligence in Security market is expected to witness high growth during the forecast period. The report provides key statistics on the market status of the Artificial Intelligence in Security players and offers key trends and opportunities in the market.
Publisher projects that the Artificial Intelligence in Security market size will grow from USD 3.92 Billion in 2017 to USD 20.01 Billion by 2023, at an estimated CAGR of 31.22%. The base year considered for the study is 2017, and the market size is projected from 2018 to 2023.
High usage of the Internet and the constant need for employees to be online are contributing to the increasing incidents of cyberattacks as more number of computing devices are being connected to the Internet of Things. The artificial intelligence in security market, in this report, has been segmented on the basis of offering, deployment type, security type, security solution, technology, end-user industry, and geography. Among all offerings, software holds the largest share of the overall AI in security market owing to the developments in AI software and related software development kits.
Artificial Intelligence in Security Market Players:
· Nvidia
· Intel
· Xilinx
· Samsung Electronics
· Micron
· IBM
· Cylance
· Threatmetrix
· Securonix
· Amazon
· Sift Science
· Acalvio
· Skycure
· Darktrace
· Sparkcognition
· Antivirus Companies
· High-Tech Bridge
· Deep Instinct
· Sentinelone
· Feedzai
Request a Sample Report at http://www.reportsweb.com/inquiry&RW00011692165/sample
By Offering
Software, Hardware, Services
By Deployment Type
Cloud Deployment, On Premise Deployment,
By Security Type
Endpoint Security, Network Security, Application Security, Cloud Security,
By Technology
Machine Learning, Natural Language Processing (NLP), Context Awareness Computing,
The report provides a detailed overview of the industry including both qualitative and quantitative information. It provides overview and forecast of the global Artificial Intelligence in Security market based on product and application. It also provides market size and forecast till 2023 for overall Artificial Intelligence in Security market with respect to five major regions, namely; North America, Europe, Asia-Pacific (APAC), Middle East and Africa (MEA) and South America (SAM), which is later sub-segmented by respective countries and segments. The report evaluates market dynamics effecting the market during the forecast period i.e., drivers, restraints, opportunities, and future trend and provides exhaustive PEST analysis for all five regions.
Inquire before Buying at http://www.reportsweb.com/inquiry&RW00011692165/buying
Also, key Artificial Intelligence in Security market players influencing the market are profiled in the study along with their SWOT analysis and market strategies. The report also focuses on leading industry players with information such as company profiles, products and services offered, financial information of last 3 years, key development in past five years.
Reason to Buy
– Highlights key business priorities in order to assist companies to realign their business strategies.
– The key findings and recommendations highlight crucial progressive industry trends in the Artificial Intelligence in Security market, thereby allowing players to develop effective long term strategies.
– Develop/modify business expansion plans by using substantial growth offering developed and emerging markets.
– Scrutinize in-depth global market trends and outlook coupled with the factors driving the market, as well as those hindering it.
– Enhance the decision-making process by understanding the strategies that underpin commercial interest with respect to products, segmentation and industry verticals.
Inquire for Discount at http://www.reportsweb.com/inquiry&RW00011692165/discount
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Protect Your Network & Respond To Security Threats Today. Free Trial.

AP Reports EPA’s Pruitt Spent Millions On Security, Travel

Security ThreatsEnvironmental Protection Agency chief Scott Pruitt’s concern with his safety came at a steep cost to taxpayers as his swollen security detail blew through overtime budgets and at times diverted officers away from investigating environmental crimes.
Altogether, the agency spent millions of dollars for a 20-member full-time detail that is more than three times the size of his predecessor’s part-time security contingent.
EPA spokesman Jahan Wilcox cited “unprecedented” threats against Pruitt and his family as justification for extraordinary security expenses such as first-class airfare to keep him separate from most passengers — a perk generally not available to federal employees.
But Pruitt apparently did not consider that upgrade vital to his safety when taxpayers weren’t footing the bill for his ticket. An EPA official with direct knowledge of Pruitt’s security spending said the EPA chief flew coach on personal trips back to his home state of Oklahoma.
The EPA official spoke on condition of anonymity for fear of retaliation.
New details in Pruitt’s expansive spending for security and travel emerged from agency sources and documents reviewed by The Associated Press. They come as the embattled EPA leader fends off allegations of profligate spending and ethical missteps that have imperiled his job.
Shortly after arriving in Washington, Pruitt demoted the career staff member heading his security detail and replaced him with EPA Senior Special Agent Pasquale “Nino” Perrotta, a former Secret Service agent who operates a private security company.
The EPA official knowledgeable about Pruitt’s security spending says Perrotta oversaw a rapid expansion of the EPA chief’s security detail to accommodate guarding him day and night, even on family vacations and when Pruitt was home in Oklahoma.
Perrotta also signed off on new procedures that let Pruitt fly first-class on commercial airliners, with the security chief typically sitting next to him with other security staff farther back in the plane. Pruitt’s premium status gave him and his security chief access to VIP airport lounges.
The EPA official said there are legitimate concerns about Pruitt’s safety, given public opposition to his rollbacks of anti-pollution measures.
But Pruitt’s ambitious domestic and international travel led to rapidly escalating costs, with the security detail racking up so much overtime that many hit annual salary caps of about $160,000. The demands of providing 24-hour coverage even meant taking some investigators away from field work, such as when Pruitt traveled to California for a family vacation.
The EPA official said total security costs approached $3 million when pay is added to travel expenses.
Wilcox said Pruitt has faced an unprecedented number of death threats against him and his family and “Americans should all agree that members of the President’s cabinet should be kept safe from these violent threats.”
A nationwide search of state and federal court records by AP found no case where anyone has been arrested or charged with threatening Pruitt. EPA’s press office did not respond Friday to provide details of any specific threats or arrests.
Pruitt has said his use of first-class airfare was initiated following unpleasant interactions with other travelers. In one incident, someone yelled a profanity as he walked through the airport.
But on weekend trips home for Sooners football games, when taxpayers weren’t paying for his ticket, the EPA official said Pruitt flew coach.
The source said Pruitt sometimes used a companion pass obtained with frequent flyer miles accumulated by Ken Wagner, a former law partner whom Pruitt hired as a senior adviser at EPA at a salary of more than $172,000. Taxpayers still covered the airfare for the administrator’s security detail.
Walter Shaub, who until last year ran the federal Office of Government Ethics, said it is a potential ethics violation for Pruitt to accept the airline tickets, even if Wagner didn’t pay cash for them. Federal officials are barred from accepting gifts from employees that have a market value of more than $10.
“It would be a very serious ethics problem, indeed, if Pruitt accepted airline tickets from a subordinate,” Shaub said.
The EPA administrator has come under intense scrutiny for ethics issues and outsized spending. Among the concerns: massive raises for two of closest aides and his rental of a Capitol Hill condo tied to a lobbyist who represents fossil fuel clients.
At least three congressional Republicans and a chorus of Democrats have called for Pruitt’s ouster. But President Donald Trump is so far standing by him.
A review of Pruitt’s ethical conduct by White House officials is underway, adding to probes by congressional oversight committees and EPA’s inspector general.
Pruitt, 49, was closely aligned with the oil and gas industry as Oklahoma’s state attorney general before being tapped by Trump. Trump has praised Pruitt’s relentless efforts to scrap, delay or rewrite Obama-era environmental regulations. He also has championed budget cuts and staff reductions at the agency so deep that even Republican budget hawks in Congress refused to implement them.
EPA’s press office has refused to disclose the cost of Pruitt’s security or the size of his protective detail, saying doing so could imperil his personal safety.
But other sources within EPA and documents released through public information requests help provide a window into the ballooning costs.
In his first three months in office, before pricey overseas trips to Italy and Morocco, the price tag for Pruitt’s security detail hit more than $832,000, according to EPA documents released through a public information request.
Nearly three dozen EPA security and law enforcement agents were assigned to Pruitt, according to a summary of six weeks of weekly schedules obtained by Democratic Sen. Sheldon Whitehouse of Rhode Island.
Those schedules show multiple EPA security agents accompanied Pruitt on a family vacation to California that featured a day at Disneyland and a New Year’s Day football game where his home state Oklahoma Sooners were playing in the Rose Bowl. Multiple agents also accompanied Pruitt to a baseball game at the University of Kentucky and at his house outside Tulsa, during which no official EPA events were scheduled.
Pruitt’s predecessor, Gina McCarthy, had a security detail that numbered about a half dozen, less than a third the size of Pruitt’s. She flew coach and was not accompanied by security during her off hours, like on weekend trips home to Boston.
Pruitt was accompanied by nine aides and a security detail during a trip to Italy in June that cost more than $120,000. He visited the U.S. Embassy in Rome and took a private tour of the Vatican before briefly attending a meeting of G-7 environmental ministers in Bologna.
Private Italian security guards hired by Perrotta helped arrange an expansive motorcade for Pruitt and his entourage, according to the EPA official with direct knowledge of the trip. The source described the Italian additions as personal friends of Perrotta, who joined Pruitt and his EPA staff for an hours-long dinner at an upscale restaurant.
Perrotta’s biography, on the website of his company, Sequoia Security Group, says that during his earlier stint with the Secret Service he worked with the Guardia di Finanza, the Italian finance police.
The EPA spent nearly $9,000 last year on increased counter-surveillance precautions for Pruitt, including hiring a private contractor to sweep his office for hidden listening devices and installing sophisticated biometric locks for the doors. The payment for the bug sweep went to a vice president at Perrotta’s security company.
The EPA official who spoke to AP said Perrotta also arranged the installation of a $43,000 soundproof phone booth for Pruitt’s office.
At least five EPA officials were placed on leave, reassigned or demoted after pushing back against spending requests such as a $100,000-a-month private jet membership, a bulletproof vehicle and $70,000 for furniture such as a bulletproof desk for the armed security officer always stationed inside the administrator’s office suite.
Those purchases were not approved. But Pruitt got an ornate refurbished desk comparable in grandeur to the one in the Oval Office.
Among the officials who faced consequences for resisting such spending was EPA Deputy Chief of Staff for Operations Kevin Chmielewski, a former Trump campaign staffer who was placed on unpaid administrative leave this year.
The prior head of Pruitt’s security detail, Eric Weese, was demoted last year after he refused Pruitt’s demand to use the lights and sirens on his government-owned SUV to get him through Washington traffic to the airport and dinner reservations.

5 Common Browser Security Threats, And How To Handle Them

The web browser is inarguably the most common portal for users to access the internet for any given array of consumer or business purposes. Innovative advances have allowed many traditional “thick client” apps to be replaced by the browser, enhancing its usability and ubiquity. User-friendly features such as recording browsing history, saving credentials and enhancing visitor engagement through the use of cookies have all helped the browser become a “one stop shopping” experience
However, the browser also has the potential to betray the user through the very same options which are intended to make life easier since it serves as a ripe target for the theft of confidential data because it holds so many proverbial eggs in its basket.
Security intelligence organization Exabeam conducted some recent research to analyze dozens of popular websites such as Google, Facebook, Amazon, and others to determine what kind of user data is stored when interacting with these entities. They found a significant amount of user information kept both on local storage and in the browser.
As a result, Exabeam released a recent blog post which outlines some of the ways your browser can be used against you along with recommended techniques to stay safe.
Here is a summary of their findings along with some other tips for protection:
1. Accessing browser history
Your browser history is a veritable map of where you go on the internet and for what purpose. And it’s not only possible to tell where you’ve been, but when you’ve been there, establishing your behavioral patterns.
Knowing you access certain sites can lead to phishing attacks against you to obtain your credentials for those sites (assuming you haven’t stored this information in the browser), establishing your purchasing habits (for instance if you are a football fan and visit NFL sites, your credit card company isn’t likely to raise an eyebrow if a slew of charges for football merchandise start showing up on your compromised credit card) or even blackmail if the site(s) in question prove illegal or unethical, or allegations thereof can be made.
Recommendations:
Clearing the browser cache is a good way to flush potentially damaging information, especially after engaging in confidential activities such as conducting online banking. This can be performed manually or set to do so automatically such as when closing the browser (Google the details for your browser version and operating system to carry out this and the other recommendations as the steps involved may be subject to change).
Use incognito mode (private browsing) since no harvestable data is stored (if you must use a public system, always make sure to do so with incognito mode).
SEE: Nine ways to disappear from the internet (free PDF) (TechRepublic)
2. Harvesting saved login credentials
Saved logins paired with bookmarks for the associated sites you visit are a deadly combination. Two mouse clicks might be all it takes for a criminal to have access to your banking/credit card website. Some sites do use two-factor authentication, such as texting access codes to your mobile phone, but many of them utilize this on a one-time basis so you can confirm your identity on the system you’re connecting from. Unfortunately, that system is then deemed trusted, so subsequent access may go entirely unchallenged.
Saved credentials associated with your email account is basically like Kryptonite to Superman in a scenario like this. An attacker who can get into your email can reset your password on almost any other website you access. And keep in mind they might not need to be on your system to do so – if they obtain your email address and password they can work at leisure from any other system they choose.
Just taking a series of screenshots (or even utilizing the camera on a mobile phone) can allow an attacker on your system to record all of your saved passwords. Firefox lets you view these quite easily. While Chrome at least requests your logon password to do so, as stated resetting this is quite easy with administrative access (which can be simple to obtain thanks to password reset utilities such as Offline NT Password and Registry Editor).
Recommendations:
Don’t save credentials in the browser. Instead, take advantage of free password managers such as KeePass or Password Safe to store passwords (never write them down) via a central master password. These password managers can securely store all your website passwords. A password manager can even access a saved URL and login for you, adding to the convenience and security of your information.
3. Obtaining autofill information
Autofill information can also be deadly. Chrome can save your home address information to make it easier to shop online, but what if your device fell into the wrong hands? Now an attacker knows where you live – and probably whether you’re home.
Recommendations:
Turn off autofill for any confidential or personal details.
SEE: Password management policy (Tech Pro Research)
4. Analyzing cookies
Cookies (files stored locally which identify users/link them to sites) are another potential attack vector. Like the browsing history, they can reveal where you go and what your account name might be.
As with #1, incognito mode can also come in handy here.
Recommendations:
Disabling cookies is touted as a potential solution, but this has been a problematic “fix” for years since many sites depend on cookies or at least severely limit your functionality (or possibly annoy you with nagging prompts) if these are turned off.
Instead, purging cookies periodically can help protect you, though be prepared to enter information repeatedly as prompted by websites.
5. Exploring the browser cache
The browser cache involves storing sections of web pages for easier access/loading on subsequent visits, which can outline where you’ve been and what you’ve seen. Malware can be tailored to prey upon cache data as well.
Exabeam also considered location history and device discovery to be risky elements in their blog post, stating these could expose user location and other devices used.
Recommendations:
As with #1 and #4, incognito mode can also come in handy here, or manually clear the cache as needed, particularly after sensitive operations.
Some other suggestions
I strongly support setting and utilizing complex passwords on your devices which are rotated periodically, and always encrypt local storage devices, especially on portable systems, to reduce the risk of access to browser data.
Use physical security such as cable locks for laptops, and always lock the screen of your systems when not in use (I do this on my home Windows PC as well). Don’t share machines/passwords with other people.
Take advantage of two-factor authentication where possible and set up recovery accounts where possible for your website accounts, and specify your mobile number and security questions for password resets. Be on the lookout for suspicious activity like emails about new accounts or password resets you didn’t request.
Some sites like Facebook can tell who is currently logged into your account (go to Settings then Security and Login), so check these details periodically – especially if anything out of the ordinary is going on.
Exabeam also recommends utilizing anti-malware software which is routinely updated along with several browser-related options (Google your browser and operating system version for the specific details on how to enact these as settings may change).
Users should also consider changing browser settings to further protect their privacy, or at least analyzing them to be aware of what options are currently enabled/disabled. There are guides online for Chrome, Firefox, Internet Explorer, Safari and Opera.
Also see: istock-681625520.jpg
Image: iStock/fizkes

 

How Experts View Cybersecurity Threats In Businesses: Part 1

Data breach problems have occurred several times during the last few years. They have affected big businesses and even government agencies and political organizations. It is true that getting connected is increasingly necessary. However, the risks of cybersecurity threats in businesses are also growing expotentially. More businesses are at stake, not only the customer data, but also the intellectual property, company reputations, as well as asset safety.
We certainly still remember the attack of WannaCry ransomware that happened several months ago. Databases of many hospitals in different countries were encrypted, thus denying the access by the owners. Likewise, some cases of data breach from credit card companies also happened lately. Unfortunately, several cybersecurity threats in businesses are overlooked by the owners. When the attacks happen, they are not able to mitigate the risks fully.
Cybersecurity Threats in Businesses in the Experts’ Eyes
Don Steinberg from KPMG Voice lately published his interviews with three experts in cybersecurity industry on Forbes website. They provided some insights on cybersecurity threats in businesses. They are Tony Buffomanto from KPMG, Gadi Evron – CEO of Cymmetria (a cybersecurity service provider), and Leonard Brody – the creator of The Great Rewrite.

cybersecurity threats in businesses

Information Security Threats Since 2017
The first question of the interview is about information security threats, which have occured since 2017. According to Brody, the cyber attacks have been more technologically sophisticated. As a result, the attacks are broader and more things become the potential victims. On the other side, Evron views the wider cyber attacks are the results of failure to consider the security aspects of the new types of technology. He even predicts that the medical sector will become the targets in the next three or five years.
Similarly, Buffomante notes the shift from personal information attacks, such as credit cacrd information or Social Security numbers to more destructive ones. His special concerns go to medical devices, implantable and wearable devices.  In other words, there will be more cybersecurity threats in businesses. The account owners or subscribers are required to have personal code to login to their accounts on online store or  online payment systems. The attackers may use the machine learning technology to steal the customer information.
Overlooked Vulnerabilities
When asked about the most overlooked aspects in web-based businesses, Buffomante points out to the security associated with privileged user accounts. Imagine what the hackers can do if they get access to the super-user privileged accounts managed by a business. He said that many tools owned by the businesses were poorly deployed, thus living the privileged accounts at stakes.
Evron mentioned the security problems in internal network. Sometimes, the businesses owners overlook the possibility that attackers get access into the internal network. If this is the case, there will be very little chance to recover from the damage caused by the hackers. Brody showed similar concerns that many businesses fail to anticipate the internal security attacks.
Buffomante, Evron, and Brody provided us with some insights on the cybersecurity issues. The businesses may overlook important security aspects when building their infrastructure. Do not miss their views on cybersecurity threats in businesses in the interviews conducted by Don Steinberg from KPMG on the next post http://www.blog-search.com 
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Just how Threat Actors Will Maltreatment AI To Defeat Web Security

Web SecurityJust how Threat Actors Will Maltreatment AI To Defeat Web Security
“There are no silver bullets in web security, ” is old but accurate advice. Therefore CISOs who hoping that artificial intelligence/machine learning will do more than simply take the load off an already over-worked security team are dreaming. AJAI won’t be the silver precious metal bullet that creates an impenetrable wall around the enterprise.
In fact, alerts SecurityWeek columnist Kevin Townsend today, AI is merely as likely to be used against an enterprise — and AI-based products by using — by destructive actors as it is to prevent attacks.
His column is an enlargement and commentary on an academic article last month on the actual malicious misuses of artificial intelligence. Quickly, the paper states what every infosec practitioner should know: Any tool will be turned against you. CISOs probably don’t believe about it, but AI techniques and algorithms will have vulnerabilities that can be exploited. And it is not only that threat actors can use AI/ML to systemize processes, the report remarks. The technology shows signs of being able to generate synthetic images, textual content, and audio tracks which may be used to impersonate others online, or to swing public view by releasing AI-generated content through cultural media channels.
Think imitation news is common now? Just wait.
“There is currently a great offer of interest among cyber-security researchers understand the security of ML systems, inches Townsend quotes the newspaper as saying, “though at present there seem to be to be more questions than answers. “
Townsend quotations securities vendor who remarks the report doesn’t refer to an example of a potential attack: Using AJAI to undo the de-anonymization of data.Web Security
Still, the paper does speak about many other attacks likely to be seen soon if enough defenses aren’t created. It also warns that once governments realize the implications they will be tempted to part of. Since a result the writers urge policymakers to work together closely with technical analysts to review, prevent, and offset potentialmalicious uses of AJAI. Additionally, they say AJAI researchers and developers “should take the dual-use character of their work seriously” and consider how their work could be mistreated.
The good news is the cyber security industry is aware of the problem, says Townsend. AJAI can be leveraged to daily (or hourly) review the configuration of an environment for changes or compliance with security best practices, says one merchant.
In the meantime what can a CISO do? Last year I offered a column with a security vendor who advised questions infosec leaders should ask of providers whoever solutions include artificial brains. That’s a good start. Another is reading the research paper.https://en.wikipedia.org/wiki/Computer_security
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Improve Information Security By Giving Employees Options

Improve Information Security By Giving Employees Options

Rob Crossler, Carson College of Business, assistant professor of information systemsCrossler
By Eric Hollenbeck, Carson College of Business
PULLMAN, Wash. – Computer users ― at home and at work ― often engage in behaviors that create security risks and privacy threats, despite having a variety of security options available.
Clicking on unfamiliar links, choosing weak passwords and sharing personal information can leave a user’s computer or employer open to having information stolen.
For businesses, this is especially concerning because employees who engage in risky behaviors at home may carry those habits into the workplace, putting the company, fellow employees and customers at risk. According to IBM and the Ponemon Institute, the average cost of a data breach for companies in 2017 was more than $3.5 million.
Give employees a reason to care
A recent study published in the Journal of Management Information Systems suggests information security managers and supervisors could have greater success in motivating employees to act more securely by avoiding cold, authoritative commands, and instead create security messages that are relatable and provide options for how employees can better protect information and respond to threats.
According to Washington State University researcher and co-author Rob Crossler, Carson College of Business assistant professor of information systems, employees may fail to realize they are putting company data at risk or have less of an interest in taking steps to ensure security because it’s not their personal data.
“If you want people inside an organization to truly change their security behaviors, you have to give them a reason to care,” said Crossler. “You have to get them motivated in order to be effective at changing behaviors.”
Choices not mandates
According to Crossler, when employees feel they have a choice in their response in what works best for them, they tend to take actions that are more secure.
computer security threats He recommends information systems managers avoid messaging that is too rigid in its instruction, and instead focuses on different strategies for protecting information and responding to threats. For example:
Your passwords are the keys to your digital life, and your online accounts are a proverbial gold mine for someone looking to steal your identity. Hackers often accomplish identity theft by figuring out online passwords. Regardless of how confident you are in your computer skills, you can learn how to create strong passwords and manage them using a password manager. A password manager is software that aids in keeping track of multiple passwords. We recommend using Dashlane, 1Password, KeePass or LastPass. Each of these is an adequate solution, so feel free to choose the software you like the best as your password manager.
The goal is “changing the conversation to be about a partnership,” Crossler said. “The focus should be ‘We are in this together, and you have options on what you can do to help,’ as opposed to ‘You have to do this or that.’”
Better security not perfection
“When it comes to securing what you are doing, we are all going to fail. We are not going to be perfect. Phishing attacks are getting so good that even the most alert individual is going to make a mistake,” he said. “If they fail in their actions, employees should be encouraged to immediately report it and do the right thing without fear of being reprimanded.”
Organizations can work to safeguard against security threats and encourage their employees to make better decisions by providing information and security training on a more frequent, year-round basis, said Crossler. Managers and supervisors also can find the latest information on security issues and threats, as well as access up-to-date education and training resources, on the United States Computer Emergency Readiness Team website (www.us-cert.gov).
“User Motivations in Protecting Information Security: Protection Motivation Theory Versus Self-Determination Theory” is available online in the Journal of Management Information Systems at http://www.tandfonline.com/doi/full/10.1080/07421222.2017.1394083.
Contacts:
  • Robert Crossler, assistant professor of information systems, WSU Carson College of Business, 509-335-6843, crossler@wsu.edu
  • Eric Hollenbeck, communications manager, WSU Carson College of Business, 509-335-3597, edhollenbeck@wsu.edu http://www.ibm.com/IT-Security/Solutions

 

Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Vulnerability Assessments Versus Penetration Tests

Vulnerability Assessments Versus Penetration Tests

vulnerability assessment toolsIn computing, Vulnerability assessment and penetration testing are used to assess systems in light of the organization’s security posture, but they have different purposes.
Introduction
Let’s first have a look at the definition of some terms:
• Risk — threats × vulnerabilities × consequences
• Threat — something or someone that can take advantage of vulnerabilities
• Vulnerability — the absence of safeguard (vulnerabilities may be the result of poorly or improperly configured systems, known or unknown hardware or software flaws, or operational weaknesses in processes or technical countermeasures).
• Consequence — damage that occurs because the threat took advantage of the vulnerability
• Risk Assessment — identify assets, threats and vulnerabilities
• Risk Analysis — a value of potential risk
• Vulnerability assessments — identify weaknesses
• Penetration testing — exploits weaknesses
In order to evaluate the organization’s security posture; the following steps should be performed:
• Conduct vulnerability assessments.
• Analyze collected information to identify vulnerabilities and potential for exploitation.
• Conduct authorized penetration tests to evaluate the organization’s security posture.
• Analyze and report the results of a penetration test and make mitigation recommendations.
The difference between Vulnerability Assessment and Penetration Testing
Vulnerability assessment is the process of identifying and quantifying security vulnerabilities in an environment. It is an in-depth evaluation of your information security posture, indicating weaknesses as well as providing the appropriate mitigation procedures required to either eliminate those weaknesses or reduce them to an acceptable level of risk.
Vulnerability assessment is normally defined as:
• The process of identifying and quantifying security vulnerabilities in an environment.
• A process that defines, identifies and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure.
• The process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system.
Vulnerability assessments follow these general steps:
• Catalog assets and resources in a system
• Assign quantifiable value and importance to the resources
• Identify the security vulnerabilities or potential threats to each resource
• Mitigate or eliminate the most serious vulnerabilities for the most valuable resources
Vulnerability assessments can use automated tools to search for known vulnerabilities in systems, applications, and networks. These flaws may include missing patches, misconfigurations, or faulty code that exposes the organization to security risks. Penetration testing could follow the vulnerability assessment to further verify that the vulnerability is exploitable.
The intent of a penetration test is to determine the feasibility of an attack and the amount of business impact of a successful exploit if discovered. It is a component of a full security audit. Penetration tests use active tools and security utilities to evaluate security by simulating an attack on a system. A penetration test will verify that a threat exists, then will actively test and bypass security controls, and finally will exploit vulnerabilities in the system.
The Penetration Testing scope should include:
• Determine the possibility of success of attack vectors.
• Identify vulnerabilities.
• Determine the impact on the business if an attack was successful.
• Test the ability of security controls to successfully detect and defend the attack.
• Provide evidence to support increased investments in security personnel and technology.
Vulnerability Assessment
In a given environment, there should be a security policy in place, and a security audit to review the configuration of security controls, if they are configured correctly to match the policy, for example, hardware configuration, software configuration, default settings, permissions given to users, etc.
A vulnerability assessment is an evaluation of a system’s security and ability to meet compliance requirements based on the configuration state of the system, as represented by information collected from the system. Essentially, the vulnerability assessment determines if the current configuration matches the ideal configuration.
The vulnerability assessment can help identify possible attack vectors and determine whether they have been exploited. Risk assessment depends heavily on vulnerability assessment; It cannot be done without first identifying the vulnerabilities on a system.
The vulnerability assessment process should be performed:
• When you first deploy new or updated systems.
• New vulnerabilities have been identified.
• A security breach occurs.
• When you need to document the security state of systems.
The vulnerability assessment considers the potential impact of loss from a successful attack as well as the vulnerability of the asset to an attack. A key component of the vulnerability assessment is properly defining the ratings for the impact of loss and vulnerability.
Vulnerability assessments should be done on a regular basis to identify new vulnerabilities. This assessment looks at a specific control or compliance issue.
The vulnerability assessment process consists of the following steps:
• Collect a predetermined set of a target.
• Store the collected sample for reference.
• Organize the data to prepare it for analysis and comparison.
• Analyze and document the differences between the current configuration and the baseline.
• Report on the results.
The first step of vulnerability assessment is usually a light discovery of the systems that need to be assessed, such as identifying what services are running on the target system, which version and which firmware version. This information is enough to highlight the system as vulnerable or not. For example, if we are running a server with an old firmware known to be vulnerable, there is no need to further continue in the assessment as this system is definitely vulnerable and exploitable.
After running the first discovery, we can move to a vulnerability scan. There are many tools that can be used to accomplish a vulnerability scan such as Nessus, Nexpose, GFI, etc. These tools try to match conditions found on the target system with known vulnerabilities. They don’t find new vulnerabilities; rather, they count on a database to identify the existence of certain weaknesses.
This stage does not verify or try to exploit the vulnerability; it just lists and ranks the identified weaknesses. It is possible to see false positive results at this stage, which is why we need to continue the vulnerability assessment. The scan can be run with supplemented credentials to reduce the false positive results.
Vulnerability scans may be credentialed in that they implement credentials to ascertain vulnerabilities at the highest privilege levels, or they may be non-credentialed, meaning they run without credentials to see what a hacker would see at a lower level.
While you may discover more weaknesses with a credentialed scan, you sometimes will want to narrow your focus in order to think like an attacker who doesn’t have administrative access. This can also save time and resources, both of which may be more costly in a credentialed scan.
The last stage, which is the actual vulnerability assessment, depends on discovery and scans initiated in the earlier stages. This phase tries to verify the vulnerabilities found, and this process is automated and done with little or no user interaction.
Penetration Testing
Depending on vulnerability assessment, penetration resting involves exploitation of identified vulnerabilities to gain further access. Using this approach we can understand the ability of an attacker to gain access to confidential information, affect data integrity, or availability of a service and the resultant impact.
Penetration Testing is an intentional attack (simulates a real attack ) on a system to discover security weaknesses left by either the security officer who designed the defence strategy or the security controls that are incapable to defend against a given threat.
Penetration testing is approached using a consistent and complete methodology in a way that allows the tester to use their skills, the output from a range of tools and their own knowledge of networking and systems to find threats that could not be identified by automated tools.
Penetration testing can be automated by using several tools. Although it’s not as accurate or professional as the manual test, it does save time and resources. Automated tests have less impact on the network resources and reduce the human mistakes that could damage a system, however, the main benefit of manual penetration testing is that skilled and expert security professionals are conducting it.
The Penetration testing process consists of the following steps:
• Discovery – Obtain the footprint and information about the target.
• Enumeration – Perform ports scans, OS finger, DNS zone transfer and resource identification.
• Vulnerability mapping – Identify vulnerabilities in systems and resources.
• Exploitation – Attempt to gain unauthorized access by exploiting the vulnerabilities.
• Report – Report the results to management with suggested countermeasures.
The Penetration testing strategies include the following:
• External testing
• Internal testing
• Blind testing – Limited info to the Penetration Testing team
• Double-blind testing – No information to the internal security team
• Targeted testing – Both internal and penetration testing team aware
Penetration testing can be performed either externally or internally. The difference between external and internal testing is what to test. External testing aims to exploit identified vulnerabilities to check what information could be exposed to the outside world. Internal testing simulates what an insider attack could accomplish.
The targets are the same as external Penetration testing, but the difference is the attacker either has authorized access or is starting from a point within the internal network. Internal attacks have the potential of being much more devastating than the external attack because insiders already have the knowledge of which systems are important within a network and where it’s located, something that external attackers don’t usually know from the start.
Penetration testing implementation guidelines are:
• Uses a risk-based approach to determine the preferred scope, method and attack origin for the test.
• Perform at least annually, as well as after significant changes to the environment.
• Carefully plan and perform to avoid potential availability or integrity impacts.
• Sufficient safeguards are in place to minimize any operational impact.
• The outcome is documented and used as an input for the security update process.
The most important first step for a penetration test is getting permission (obtain documented legal authorization from the system’s owner) to conduct the test. A penetration test is a continuous process and should be conducted regularly.
Remember, penetration testing is not complete without testing the human behaviour. Educating employees about security threats and cyber-attacks should not be considered a waste of money, but rather an investment in mitigating threats.
Third-Party Penetration Testing
Occasionally, organizations need to work with a third-party who will conduct penetration tests on their systems, rather than doing these tests in-house. The advantage of relying on a third-party comes from the fact that some attacks will be external and unpredictable, which is not necessarily something you can replicate yourself. It is organization responsibility to keep this third-party grounded and following a strict Rules of Engagement (ROE), it provides the pen tester with guidelines. ROE defines how a pen test will be executed, and what constraints will be in place.
In this case, the organization must ensure that third-party:
• Agreed to a well-defined scope with the relevant constraints.
• Carefully document their approach to pen testing.
• Carry liability insurance.
• Provide the credentials and professional experience of all their personnel.
• Keep track of all their testing actions in a log that can be analyzed.
• Provide well-written reports at the end of the test.
Penetration Testing Considerations
The following are factors must be taken into consideration prior to conducting a penetration test:
• Will the pen test be performed internally or by an external vendor?
• If using an external tester, do they come highly recommended or are they unknown?
• Will the test be conducted in secret or will it be public knowledge?
• Will the test focus on breaking into the system or searching for multiple vulnerabilities?
• Is there a wireless local area network that needs to be included in the test?
• How secure are the physical premises?
• Is there a security awareness program in effect?
• Is social engineering allowed?
• Do employees access the corporate network using a virtual private network?
• Are there clear boundaries for protecting sensitive information during the test?
• Does a written Rule of Engagement (ROE) document exist?
• Will the information security department be involved in the test?
• Have the stakeholders been identified?
Conclusion
Penetration Testing is one type of security assessment where security policy creation, risk identification, vulnerability scan, vulnerability assessment, security audit and penetration testing are effectively used together to give the best result in order to secure an environment.
Reference Documents:
https://www.swift.com/myswift/customer-security-programme-csp/security-controls
https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf
https://www.coresecurity.com/blog/10-reasons-to-pen-test-your-network
https://www.studynotesandtheory.com/single-post/CISSP-Process-Guide-Notes-PDF-Free
https://www.isc2.org/Certifications/CBK
https://www.isaca.org/Journal/archives/2012/Volume-2/Pages/Security-Through-Effective-Penetration-Testing.aspx
https://www.wbdg.org/resources/threat-vulnerability-assessments-and-risk-analysis
http://logicaloperations.com/certifications/1/CyberSec-First-Responder
https://www.secureworks.com/blog/vulnerability-assessments-versus-penetration-tests
http://predragtasevski.com/posts/2013/11/penetration-testing-vs-vulnerability-assessment

 

FedRAMP Issues Guide For Vulnerability Scans

online documents cloudFedRAMP issues guide for vulnerability scans
  • By Sara Friedman
  • Mar 21, 2018
To help agencies and cloud service providers ensure a secure cloud environoment, the Federal Risk and Authorization Management Program announced the release of three documents designed to simply the ongoing vulnerability scanning process.
The Guide for Determining Eligibility and Requirements for the Use of Sampling for Vulnerability Scans is designed to limit the amount of information scanned to a subset of assets that can be used to ascertain the state of the entire population.
The ability to use a subset of components is the result of the “high fidelity” of system configurations and processes for each CSP’s assets, John Hamilton, FedRAMP’s program manager of operations, said during a March 13 webinar.  This guidance applies only to system builds that are deployed on standard images that remain unchanged when pushed to other devices or machines in production.

vulnerability assessment tools

The FedRAMP Vulnerability Scanning Requirements, meanwhile, replaces the JAB P-ATO Vulnerability Scan Requirements Guide.  It gives CSPs a known vulnerability severity scoring framework so they can create and use an automated Common Vulnerability Scoring System tool for automatic risk adjustments.
By automating the continuous monitoring process, CSPs can take advantage of correlative analytics and cross-cutting metrics to identify commonly found risks across all systems that have Joint Authority Board authorization.
FedRAMP is also asking industry for input on its draft of the Automated Risk Adjustment Framework Guidance.
“Our goal is to enable a CSP to leverage standardized vulnerability risk assessment … based on scores on individual metrics that are transparent,” Hamilton said.  “We hope that this will reduce the level of effort and the time required for CSPs to establish the appropriate risks or vulnerabilities within their environment.”
Comments on the draft framework are expected to be open for approximately one year.
About the Author
 Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.
Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.
Friedman can be contacted at sfriedman@gcn.com or follow her on Twitter @SaraEFriedman.
Click here for previous articles by Friedman.

 

San Mateo County Sea Level Rise Vulnerability Assessed, Finalized

REDWOOD CITY-WOODSIDE, CA – From the San Mateo County Government: The San Mateo County Board of Supervisors on Tuesday will consider the finalized Sea Level Rise Vulnerability Assessment, confirming the County’s commitment to preparing and protecting its vulnerable communities.
At the March 13 meeting, the Board will hear a presentation on the assessment and an overview of the County’s larger Climate Change Preparedness Action Plan. Both the assessment and action plan serve as tools to inform and guide the County and its cities in climate change preparedness and adaptation planning.
San Mateo County’s location between the San Francisco Bay and the Pacific Coast makes it especially vulnerable to sea level rise, said Office of Sustainability Director Jim Eggemeyer.
The Office of Sustainability administers Sea Change SMC, the County’s sea level rise initiative, and in June 2015 initiated a comprehensive assessment of flooding, erosion and sea level rise impacts on people, infrastructure and community functions. The assessment focuses on the entire eastern bayshore and along the western coast from Half Moon Bay north.
The assessment’s key findings point to the need for:
  • Both near- and long-term actions to protect the county’s networked infrastructure which contains roads and highways, levees, electric substations, transmission towers, wastewater treatment plants and pump stations;
  • Actions at multiple geographic scales focused on emergency preparedness, policy, plan and procedure updates, and shoreline and site-specific protection measures;
  • Strategies to support residents’ mental and physical health when sea levels rise and prevent post-flood health hazards and social and economic disruption;
  • Coordinated and collaborative action across multiple jurisdictions.
The assessment not only evaluates the potential impacts but also suggests solutions to protect people and places. However, the work is far from done, said Board President Dave Pine who led two countywide convenings on sea level rise.
“This assessment is an important first step toward a coordinated effort throughout the county to prepare for sea level rise,” Pine said. “Every jurisdiction must understand its own areas of risk, but sea level rise crosses jurisdictional borders so we must work together to keep our communities safe.”
The Office of Sustainability via Sea Change SMC will expand its adaptation planning for sea level rise while simultaneously implementing an overall Climate Change Preparedness Action Plan. The plan will assess sea level rise vulnerability for the south coast of the county and major facilities while also identifying other climate change impacts. The plan will assess sea level rise vulnerability for the south coast of the county and major facilities while also identifying other climate change impacts, including heat, wildfire, storms and precipitation, at-risk transportation and communities and potential adaptation strategies.
“Understanding climate change risks is crucial in building a prepared and stronger county,” Eggemeyer said.
The Climate Change Preparedness Action Plan will raise awareness and build support for collaboration on climate change. The plan includes creating a menu of policies and strategies to integrate climate change adaptation into County and city planning and operations and partnering with cities to develop Community Resilience Plans for vulnerable communities.
View the complete Final Sea Level Rise Vulnerability Assessment along with highlights and summary findings at http://seachangesmc.com
The Board of Supervisors meet Tuesday, March 13, 2018, in Board Chambers, 400 County Center, Redwood City. The complete Board agenda is available at https://sanmateocounty.legistar.com/Calendar.aspx
Image via Shutterstock
Get the Redwood City-Woodside newsletterSubscribe
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Scanlan, Rice On Girls Hoops First Team For CCAA East 1

Scanlan, Rice On Girls Hoops First Team For CCAA East 1

OBSERVER File Photos Silver Creek’s Abby Rice (left) and Gowanda’s Miya Scanlan were named to the First Team of the 2017-18 CCAA East 1 Girls basketball All-Stars.
Gowanda’s Miya Scanlan and Silver Creek’s Abby Rice made the First Team of the 2017-18 CCAA Division 1 East Girls Basketball All-Stars.
Scanlan, a freshman, averaged 18.3 points per game and 6.6 rebounds per game for the Lady Panthers. Though Rice is just an eighth grader, she nevertheless scored 16.3 points game, grabbed 9.2 rebounds per game and averaged 4.3 assists a game for the Black Knights.
The division’s Most Valuable Player was senior Morgan Davis of Allegany-Limestone. Davis averaged 19.1 points and 13.4 rebounds per game. The Lady Gators wound up the Section 6 Class C champions and will be playing for a state title this weekend.
The other First Team members are junior Sydney Colligan of Portville, senior Brooke Giardini of Allegany-Limestone, freshman Sydney Hvizdak of Randolph and Portville’s Karly Welty, a sophomore.
Gowanda senior Alexis Hawkins highlights the Second Team, which also includes Kara Leeper of Randolph, Bryn Milne of Portville, Salamanca’s Caryn Miller and Allegany-Limestone’s Molly Wolfgang.
Local Honorable Mentions include Silver Creek senior Tessa Douglas and her junior teammate, Emma Rice.
OBSERVER File Photos Silver Creek’s Abby Rice (left) and Gowanda’s Miya Scanlan were named to the First Team of the 2017-18 CCAA East 1 Girls basketball All-Stars.

Bergen County Mayors Demand Accountability After Snowstorm Outages

PSE&G removes a broken tree branch from a power line before restoring the electricity to a neighborhood on N Browning Ave in Tenafly. Tariq Zehawi/NorthJersey.com
Mike Bean, a troubleshooter with PSE&G, removes a broken tree branch from a power line to restore electricity on North Browning Avenue in Tenafly on March 8, 2018.(Photo: Tariq Zehawi/NorthJersey.com)
Apoplectic elected officials across North Jersey are seeking ways to hold their power companies responsible for what they describe as poor or nonexistent service, particularly during the second of two storms to hit the area this month.
In Wyckoff, Mayor Brian Scanlan says the Township Committee will take a no-confidence vote against the Orange & Rockland utility at a meeting on Tuesday. They will also consider a motion calling on the New Jersey Board of Public Utilities to revoke the utility’s franchise in Wyckoff and allow PSE&G to serve the entire township instead.
Meanwhile, Upper Saddle River Mayor Joanne Minichetti says she has been asked by the Northwest Bergen Mayors’ Association, which represents 12 towns, to organize a meeting with PSE&G and Orange & Rockland representatives, state and federal legislators, and the state Board of Public Utilities to discuss the response to the March 7 storm and “potential ways to improve these efforts.”
“There is a significant difference in the way this storm was handled by O&R as opposed to Sandy, which caused a great deal of frustration to me as well as some of the other municipalities,” Minichetti said. “Having a dialogue with the utility companies is obviously the first step.”
OUTAGES: JCP&L could be fined only $100 a day for storm response
LOWRY: Nor’easter roadside conversation at the tail end of the storm
DEBATE: Why don’t we bury power lines underground?
Thousands of customers across North Jersey lost power for days after the March 7 storm. At Gov. Phil Murphy’s direction, the state Board of Public Utilities is conducting an investigation of the power companies’ response to that storm, as well as one the week before.
Wyckoff’s central business district, police station and town hall, two major traffic lights, and 2,500 homes were without power for four days after the last storm, Scanlan said.
“There is a pattern of mismanagement at Orange & Rockland, particularly a lengthy delay of three days before mutual aid trucks arrived from other states,” Scanlan said. “Wyckoff is at the end of the line, the end of the alphabet. It’s a disgrace the way this company treated us.”

A broken tree branch caught fire on a power line in Ho-Ho-Kus on Thursday, March 8.

A broken tree branch caught fire on a power line in Ho-Ho-Kus on Thursday, March 8. (Photo: Amy Newman/NorthJersey.com)
Orange & Rockland spokesman Mike Donovan defended the utility’s response.
“O&R/Rockland Electric’s storm response was a complicated and dangerous effort, and the devastation in Wyckoff and the surrounding area was substantial, certainly on a par with Superstorm Sandy,” Donovan said. “We’ve done nearly everything we could to tackle this challenge from an operational and logistical perspective.”
However, he acknowledged, “We fell short in providing information customers needed to plan their day. Specifically, O&R’s response was marred because O&R was unable to provide reliable service restoration times for some customers.”
Donovan said the utility is offering to reimburse customers for food and prescription medicine spoilage if they lost power for three consecutive days or more during the two storms.

A downed tree rests on power lines, blocking Hillcrest

A downed tree rests on power lines, blocking Hillcrest Avenue near Norman Drive in Ridgewood, on March 8, 2018, after the previous day’s storm. (Photo: Amy Newman/NorthJersey.com)
Despite Wyckoff’s experience, officials in other towns reported better service during the storm.
Orange & Rockland had a representative at West Milford’s Office of Emergency Management throughout the day during the March 7 storm, Mayor Bettina Bieri said.
“I personally interacted with him at the OEM office, as we reported outages to him and he was able to answer questions and send crews to respective locations,” Bieri said.
Donovan said similar service was provided to Wyckoff through the Franklin Lakes emergency management office. However, Scanlan said that neither he nor Police Chief David Murphy had heard of such a station.
A tree was uprooted and leaning on power lines on Wheaton Place in Rutherford. Tariq Zehawi/NorthJersey.com
Orange & Rockland, a Con Edison subsidiary, serves 304,947 electric customers —232,593 in New York and 72,354 in Bergen and Passaic counties.
Assemblyman Chris DePhillips, R-Wyckoff, says he is researching and drafting legislation to address power companies that do not meet customer needs during future emergencies.
“Everything is on the table, including the transfer of service to other companies,” DePhilips said. “I am completely fed up with Orange & Rockland. It’s as if Irene and Sandy never happened. No lessons were learned.”
The state Board of Public Utilities’ president, Joseph Fiordaliso, said his office was also investigating the legality of allowing municipalities to switch utility companies.
However, he cautioned that the board may not have the authority to make such a move, which he said may require legislation.
The board will explore whether the protocols developed after Superstorm Sandy were followed, and whether any of them need to be changed or added, Fiordaliso said.
“It will be an opportunity for the utility companies to evaluate their procedures,” he said. “If they did not follow the protocols, they will be held accountable.”
Email: stoltz@northjersey.com
Read or Share this story: https://njersy.co/2pmRfD1

 

Why Making The Porgs Was Terrifying, According To Star Wars’ Neal Scanlan

The Star Wars franchise is chock full of alien species that fans have fallen in love with over the years. Between the wookies and the tauntauns, there’s no shortage of weird creatures to populate these bizarre worlds. Star Wars: The Last Jedi added to that collection of beasts with the introduction of the porgs, but it turns out that developing the aliens proved to be a daunting and stressful part of the film’s development. Star Wars creature effects supervisor Neal Scanlan opened up in a recent interview and explained:
Doing the porgs actually was terrifying, because you have a fear that if you get it wrong all the fans are going to sort of hate you forever quite rightly… as soon as we heard there was a warm reaction to them, it’s great.
Neal Scanlan has a point. The puffin-inspired porgs became one of the most talked about aspects of Star Wars: The Last Jedi prior to the film’s debut last December. The reaction was generally warm, but before the film actually premiered, there was a constant conversation online about how they would influence the overall tone of the movie. That said, the release of Star Wars: The Last Jedi came and went, and the opinion towards them appears to remain “warm.”
We have already seen examples of this in the history of the Star Wars lore. Specifically, the Ewoks introduced in Star Wars: Return of the Jedi have become one of the more divisive elements of Star Wars fiction since the film was released. Some people love them for the ways in which they expand the overarching mythology, while other fans have criticized them for adding too much lightheartedness to the third installment in the original trilogy.
Of course, one thing not specifically mentioned in Neal Scanlan’s comments to ET about the development of Star Wars: The Last Jedi’s porgs is the worst-case scenario. Star Wars has been responsible for some magnificent creatures over the years, but if handled wrong, the porgs could’ve quickly fallen into the infamous Jar Jar Binks category of misfires.
Star Wars: The Last Jedi will debut on Digital HD on March 13, and the DVD and Blu-ray versions of the film will hit shelves two weeks later on March 27. Looking ahead at the rest of the Star Wars franchise, Solo: A Star Wars Story will premiere in theaters later this year on May 25, and Star Wars: Episode IX will hit theaters on December 20, 2019.
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Google Ups Cloud Security In Chrome Enterprise With New Endpoint Tools

Google Ups Cloud Security In Chrome Enterprise With New Endpoint Tools

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Google is offering Chrome Enterprise customers new EMM partnership options through Cisco, Citrix, IBM, and Zoho.
  • Google recently added new management features like per-permission extension blacklisting and Active Directory enhancement to Chrome Enterprise.
In an effort to make Chrome Enterprise a more secure endpoint solution, Google unveiled a host of security enhancements that include new enterprise mobility management (EMM) partnerships and updated management tools. The changes were detailed in a Thursday blog post.
Last year, “98% of businesses were affected by malware, and employee endpoints—like laptops, tablets, and smartphones—were increasingly the target of attacks,” according to the post. By positioning Chrome Enterprise as a fuller, more secure cloud endpoint solution, Google could win some more enterprise customers over to the Chrome ecosystem.
For starters are the EMM partnerships. Last year, Google gave VMware AirWatch the ability to manage Chrome OS. Now, the post noted, it has extended that functionality to Cisco, IBM, Citrix, and Zoho.
SEE: Network security policy (Tech Pro Research)
Cisco’s offering comes through its Meraki interface. In addition to endpoint management, it also offers wireless capabilities and switching solutions as well, the post said.
IBM, on the other hand, offers EMM features through MaaS360 with Watson—a solution with cognitive capabilities for endpoint and user management.
Finally, Citrix XenMobile offers device and application management, and Zoho performs endpoint management through its CRM offering.
Active Directory enhancements are also coming to Chrome Enterprise, according to the post. Admins can configure managed extensions through Group Policy Objects, and users will now be able to authenticate to Kerberos and NTLMv2 endpoints locally through Chrome OS.
“We’re also expanding our support for common enterprise Active Directory setups like multiple domain scenarios,” the post said. “And we’ve improved our existing certificate enrollment flows with Active Directory Certificate Services (ADCS).”
In terms of new management capabilities, Chrome Enterprise is getting the following four:
  • Per-permission extension blacklisting, which allows admins to give employees access to more apps, while also providing more control.
  • Sign-ins that can be disabled from an outdated OS to remain compliant with policy.
  • Admin option to ensure only managed devices can connect to their single sign-on servers by limiting access to those with device-wide certificates.
  • Automatic forced re-enrollment, which means a Chrome device that has been wiped or recovered can re-enroll into the corporate domain without admin credentials.
Additionally, Google is adding enforced existing user sign-on into Chrome Browser to bolster safety. “And in the coming months, we’ll be adding initial enterprise reporting capabilities in Chrome Browser that give IT admins access to local machine logs, so they can better understand each device under their control,” the post said.

securitylock.jpg

Image: iStockphoto/ChakisAtelier

 

Google Boosts Chrome OS Enterprise Management

Google is looking to make it easier to manage and secure Chrome desktops alongside enterprises’ existing infrastructure with enhancements to Chrome Enterprise, in partnership with Cisco, IBM, Citrix and Zoho, launched Thursday.
Chromebooks are suited to cloud applications in that they’re essentially just a browser running on hardware. Without the overhead of an operating system and client applications, the systems are theoretically more secure and easy to manage than the Windows corporate standard. Chrome Enterprise, launched in August, is designed to tailor Chrome to the business environment, with management tools for IT. (See Google Polishes Chromebooks for Enterprise.)
Want to learn more about network automation? Register today for Light Reading’s Automation Everywhere on April 4 in Dallas. We will be tackling the business and technology challenges behind driving network automation. The event is free for communications service providers – don’t miss out!
Despite Google (Nasdaq: GOOG)’s efforts, Chrome has had difficulty finding a foothold. Windows still has 83% market share as of last month, with Macs at 12%, and Chrome OS at a scant 1% — less than Linux at nearly 1.5%, and Unknown at 2.6%, according to StatCounter, which measures desktop market share by tracking visits at partner websites.
Last year, Google launched an enterprise mobility management (EMM) partnership with VMware Inc. (NYSE: VMW) AirWatch, the first third-party solution with the ability to manage Chrome OS. Now it’s expanding to four new EMM partnerships: Cisco Systems Inc. (Nasdaq: CSCO) Meraki, which adds Chrome OS to its portfolio of wireless, switching security, endpoints and security cameras; IBM Corp. (NYSE: IBM) MaaS360, which uses Watson to automate EMM; Citrix Systems Inc. (Nasdaq: CTXS) XenMobile for mobile security; and Zoho, which provides CRM that includes endpoint management.
Google enhanced Active Directory support to manage Chrome OS alongside legacy infrastructure.
Google also launched enhancements to the Chrome browser and Chrome OS, including allowing IT to block user access to extensions based on permissions required — for example, extensions requiring use of a webcam, Google says. IT gets tighter control of browser sign-ons, and Google plans increased reporting capabilities. “With Chrome Enterprise, our focus is not only on Chrome OS, but how businesses use Chrome Browser across all their platforms,” Google says.
My colleague Scott Ferguson has his take on the Google Chrome Enterprise on Security Now: Google Chrome Enterprise Addresses Cloud Security.
Related posts:
— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud News

 

Google Enhances Security Management Features In Chrome Enterprise

First Name: Last Name: E-mail Address: Password: Confirm Password: Username:
Title: C-Level/President Manager VP Staff (Associate/Analyst/etc.) Director
Function:
Role in IT decision-making process: Align Business & IT Goals Create IT Strategy Determine IT Needs Manage Vendor Relationships Evaluate/Specify Brands or Vendors Other Role Authorize Purchases Not Involved
Work Phone: Company: Company Size: Industry: Street Address City: Zip/postal code State/Province: Country:
Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail? Yes No
Your registration with Eweek will include the following free email newsletter(s): News & Views
By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.
By clicking on the “Register” button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.
Register
Continue without consent
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs

Network Security In The Digital Transformation Era

Network Security In The Digital Transformation Era

Network security has, for decades, remained one of the more focal aspects of IT management strategies. It consists of the policies and practices that businesses implement to protect their computer networks from cyber attacks. Such strategies are responsible for stopping people from accessing and modifying networks without the permission of system administrators.

Most cyber security professionals agree that every business needs some form of network protection system in place, or they risk falling victim to cyber attacks.
It is also widely believed that these are the most effective protections against malware. Often, IT managers use network security procedures to control who can see and use company data. Usually, employees will need an ID and password combination to be able to get into company networks.
Traditionally, there have been two types of network security: public and private. Normally, private networks are reserved for use by employees within the company walls.
Meanwhile, others are designed for public use. Whatever the case, public and private security systems serve the same purpose – and that is to secure business networks. However, much of this technology has remained the same for years.
Cyber security threats are constantly growing in complexity and volume, and business networks continue to be lucrative targets for hackers. So companies need to have the most effective network security strategies in place to counter sophisticated attacks.
With the emergence of powerful detection and response capabilities, companies should be rethinking their network safeguards to change with the times and counter the ever-evolving attacks used by cyber criminals.
In the light of this changing threat landscape and businesses pursuit of digital transformation, we explore what CIOs are doing to protect their network.
The rise of cloud
Businesses are increasingly investing in cloud computing technologies, with network security strategies are evolving greatly as a result. Neil Thacker, European chief information security officer of US security software firm Netskope, believes that organisations cannot simply focus on protections for physical networks.
“As infrastructure and applications move to the cloud, the focus on network security moves to the cloud too. As a CISO, my role is to mitigate the risk, which results in ultimately following the data – how we connect, interact and collaborate with data relies less today on physical networks and more on client to cloud services,” he says.
Thacker is developing a more tailored cyber security strategy that is specific to today’s threats. Instead of trying to cover all areas, he is focusing on the layers that affect his company’s cloud infrastructure.
“The traditional seven-layer OSI model has therefore been replaced with three layers: identity, application and data. In summary, organisations must have better visibility into these three layers without necessarily prohibiting the use of services that businesses rely on,” he says.
“Cloud is not just the future, it’s how businesses work in the present day. Therefore, the security of these services and the data that resides in them must form part of a CISO’s principal strategy,” he adds.
Corey Nachreiner, CTO of cyber security firm WatchGuard Technologies, agrees with Thacker that strategies are changing as a result of cloud, virtualisation and mobile computing technologies. However, he believes that network protections will constantly be crucial for businesses.
“Independent of its evolution, network security is and will always be relevant and necessary. While our network designs and perimeters are changing due to the cloud, virtualisation and mobility, the network is still there and its protection will always be critical,” he says.
Nachreiner believes that, as an area, network security is always evolving to keep pace with new technologies and threats. He says it helps to “reinforce detection and response” considerations.
Independent of its evolution, network security is and will always be relevant and necessary Corey Nachreiner, WatchGuard Technologies
“Historically, IT organisations have focused more on preventing threats and less on discovering ones that got through their defences. With huge breaches proving that no defence is infallible, we are seeing more organisations shift some budgetary focus to detection and response,” he says.
“The problem is neither the endpoint nor the network can always catch all the stages of an attack. For instance, fileless malware often evades traditional endpoint protection. Meanwhile, some network attacks use techniques to bypass certain network protection measures.
“The best detection and response solutions actually correlate suspicious network events with suspicious endpoint events to find malware or threats in your network that you couldn’t find otherwise.”
Scott Crawford, an analyst at 451 Research, says network security “remains primary” in any truly comprehensive security strategy: “Network security provides the visibility into network traffic and content organisations need to be aware of threats or activity that could cause security problems.
“It can be examined at a high level for security-relevant trends or – when warranted – inspected in detail for specific indicators of suspicious activity or potential risk.”
However, Crawford admits that the field is evolving. “That is not to say there haven’t been changes in the nature of network security. With the shift of datacentre activity toward cloud concepts, third-party providers have taken on more of the functions traditionally handled in the enterprise datacentre, which has shifted some investment, including that historically allocated to on-premises networking and network security,” he says.
Layered approaches
While the definition of networks has changed dramatically over the past few decades, the importance of securing them has remained the same.
Alex Ayers, head of application security at information services firm Wolters Kluwer, says the objectives of network security have endured time. But he admits that it is particularly crucial for companies that develop network infrastructure as a service (IaaS).
Ayers believes that the most modern and effective strategies “balance performance, reliability, scalability, supportability and security”. At Wolters Kluwer, he has implemented a layered approach to stop cyber criminals from infiltrating the company’s systems.
“Perimeter controls restrict the traffic reaching our applications and network segmentation is used to isolate service infrastructure components. Supporting the architectural and technical controls is a security monitoring layer which, while often seen as an insurance policy, provides data that can be used to augment service health and performance indicators,” he says.
Through these different layers, Ayers says his company is able to “deploy, tune and replace discrete specialised technologies in response to changes in threats or business requirements”.
“Corporate network boundaries are a thing of the past. Today, we balance a corporate network, a production network, and a host of SaaS [software-as-a-service] offerings to run our businesses and maintain a competitive advantage,” he adds.
The importance of balance
Collaboration software firm Slack, like many other businesses, relies on a range of traditional network security mechanisms to tackle cyber crime.
Geoff Belknap, chief security officer at the company, says these continue to be effective for the firm, but the company has also had to invest in more modern detection and response technologies in recent years to keep ahead of increasing threats.
“Slack uses a combination of common technologies such as firewalls and network based intrusion detection, as well as modern network and endpoint-based malware detection methods. We monitor all network traffic at the kernel level to gain insight into how our services communicate and to detect potentially malicious traffic,” he says.
Belknap also questions the trustworthiness of every network. This way the company is able to probe for potential security risks. “We are also big believers in the beyondcorp/zero trust school of thought. We don’t assign any trust based on the source network that a given device’s request originates from.
“We treat all our networks as untrusted. Instead we make device identifiers a key component of our security, which allows us to make more accurate decisions about access control and make more informed decisions about suspicious activity,” he adds.
Julie Cullivan, chief information security of network security company ForeScout, says companies need to develop a deeper understanding of existing and emerging security risks. “An important first step in securing an enterprise network is understanding the cyber threat landscape and the challenges IT teams are facing,” she says.
“At a time where devices making up the internet of things become increasingly prevalent in industrial settings, enterprise security teams often struggle to see how many devices are connected to their network.”
Like Belknap, Cullivan believes that companies should take comprehensive network security approaches, adding: “Implementing a model that includes understanding any time new devices and new types of devices join a network is essential for managing your security risk posture.
“Factory passwords should always be changed, endpoint access to networks should be managed and in some cases restricted, and devices should always run the latest software and security updates. While some of these might sound trivial, cyber criminals will always try to identify and exploit the weakest link in a network,” she says.
Fending off attacks
Hervé Dhelin, senior vice-president of strategy at networking firm EfficientIP describes network security as a “make or break scenario” for companies. He says it can help them identify and respond to new threats, even if the source is untraceable.
“Having the right tools to launch the appropriate countermeasure is crucial. The recent example of the cyber attack of the Winter Olympics shows how important it is to have network security in place to be prepared to mitigate a large volume of possible attacks,” he says.
Specialising in domain name system (DNS) and cloud protection, EfficientiP works with companies such as Netflix, eBay, Orange, the London Stock Exchange and Vodafone. But it has also been helping large universities, hospitals and sporting events to ensure that their networks are unbreakable.
Roland Garros (the French Open) is another high-profile client of the company. It is using network security products from the firm to protect tens of thousands of sports fans from falling victim to breaches.
“Roland Garros needed to protect its network to ensure continuity of service for the 15,000 seats that may need to access the network,” says Dhelin.
“The French Federation of Tennis understood the importance of having the right tools to mitigate threats that might damage their business, and consequently installed DDoS [distributed denial of service] mitigation to absorb any large volumetric attacks, which could easily be executed thanks to the sheer number of unsecured user devices on stadium premises.
“Even if the FFT is not able to locate the direct source of the attack, they will always be able to ensure their customers – in this case, spectators, journalists, VIPs, and even players – uninterrupted service.”
Franck Labat, IT technical director of the French Tennis Federation, says network security defences are an integral part of the organisation’s cyber security blueprint. With them, the federation can keep its stakeholders safe.
“During a tournament, billions of DNS requests must be solved: more than 3,000 journalists, photographs, VIPs, players and trainers use our network services. We are now capable of avoiding any interruption of service to ensure a high level of availability. The quality of these services is vital to the tournament’s reputation,” he says.
Considering how long network security has been around, it is quite common for people to view it as an archaic part of cyber security strategies. But the fact is that networks play an important role in any private or public organisation, so it is crucial to have appropriate defences in place to ensure that hackers cannot bring them down.
That said, there is a clear sense among companies and IT professionals that network security must continue to change with the times. Cyber threats are becoming harder to trace and tackle – meaning that network security technologies and strategies need to be just as sophisticated.

 

Sparkle, Positive Technologies Roll Out Signalling Protection Service

Sparkle, the international services arm of the Telecom Italia Group, has joined forces with Positive Technologies to launch suite of security services designed specifically for signalling connectivity. The Sparkle Signalling Protection Suite is an all-in-one package that protects the signalling network of mobile operators by detecting and blocking unauthorised traffic and preventing potential privacy issues, operational instability and revenue losses, said the company.
The offering gives customers a set of advanced security services such as vulnerability testing, best practice compliance assessment, signalling firewall and security monitoring for real time detection of anomalous activities, added the partners.

Demisto’s SOAR Platform Honored By Info Security Guide

Demisto’s SOAR Platform Named Most Innovative Security Software Product of 2018 — Company’s Security Orchestration, Automation and Response (SOAR) Solution Named Gold Winner in 14th Annual Info Security Product Guide’s 2018 Global Excellence Awards
CUPERTINO, Calif., March 13, 2018 — Demisto, an innovator in Security Automation and Orchestration and Response technology, today announced that Info Security Products Guide, the industry’s leading information security research and advisory guide, has named its Security Operations Platform as a Gold Winner in the 14th Annual 2018 Info Security PG’s Global Excellence Awards®. Demisto took top honors in the Most Innovative Security Product (Software) of the Year Awards Category for companies with less than 100 employees.
These prestigious global awards recognize cybersecurity and information technology vendors with advanced ground-breaking products, solutions, and services that are helping set the bar higher for others in all areas of security and technologies.
Demisto Enterprise integrates with more than 160 security products and enables organizations to build playbooks for different security operations. By integrating other security products with Demisto, users can orchestrate actions across a suite of products in one window, automate response actions through playbooks, and run live security commands from a collaboration interface to remediate threats. All of which can reduce mean time to response (MTTR) for security incidents and maximize ROI for the user company’s entire security product investment. In addition, the case management and machine learning capabilities help security teams save resources and time while enforcing rigor and process to incident response. Demisto helps future-proof security operation centers (SOCs).
“We are pleased to be recognized as having the industry’s most innovative security software product of the year by Info Security Products Guide,” said Rishi Bhargava, Demisto co-founder and VP of Marketing. “Our most recent security orchestration, automation and response (SOAR) innovations enable SOC analysts to better understand the metrics and trends of collected incident data from their networks to most effectively respond to potential security issues. The industry turns to Demisto, including a number of Fortune 500 companies, to address not only the latest attacks threatening their organizations, but also the industry shortage of skilled incident response personnel.”
Demisto’s solution has seen world-wide traction by helping SOC teams reduce the number of alerts requiring human review by as much as 95 percent. It also solves the ever-growing problem of product fatigue — where analysts need to learn more and more products to mitigate threats throughout their infrastructure. By working in a platform that integrates with all major security products such as SIEM, network, threat hunting, and end-point, it provides a comprehensive view into incident response.
About Info Security PG’s Global Excellence Awards
Info Security Products Guide sponsors the Global Excellence Awards and plays a vital role in keeping end users informed of the choices they can make when it comes to protecting their digital resources and assets. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. Readers will discover a wealth of information in this guide including tomorrow’s technology today, best deployment scenarios, people and technologies shaping cyber security, and industry predictions and directions that facilitate in making the most pertinent security decisions. Visit www.infosecurityproductsguide.com for the complete list of winners.
About Demisto
Demisto Enterprise is the first and only comprehensive Security Operations Platform to combine security orchestration, incident management, machine learning from analyst activities, and interactive investigation. Demisto’s orchestration engine automates security product tasks and weaves in the human analyst tasks and workflows. Demisto enables security teams to reduce mean time to response (MTTR), create consistent incident management process, and increase analyst productivity. Demisto is backed by Accel and other prominent investors and has offices in Silicon Valley and Tel Aviv. For more information, visit www.demisto.com or email info@demisto.com.
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
Blog Search: The Source for Blogs