Firewalls are the most widely deployed network security devices. Enterprises expect next generation firewalls (NGFWs) to prevent exploits and malware from infecting critical systems. NSS Labs 2019 NGFW Group Test NSS Labs announced the results of its 2019 NGFW Group Test. Twelve of the industry’s NGFW products were tested to compare NGFW product capabilities across multiple use cases. Products were assessed for security effectiveness, total cost of ownership (TCO), and performance. This is the ninth … More
The password has been one of the great inventions in the history of computing: a solution that allowed simple and effective identity and access management when the need arose for it. Unfortunately, as time passed, the downsides of using (just) passwords became apparent: they can be forgotten, guessed, cracked, stolen and, finally, misused. While we wait for the password to die… During the last decade or so, many IT and IT security professionals have foretold … More
The post True passwordless authentication is still quite a while away appeared first on Help Net Security.
SD-WAN security drives selection, skills gaps remain a primary obstacle to adoption, and adoption continues to rise, according to Masergy. The survey, conducted in partnership with IDG Research, analyzed responses from IT decision makers in global enterprises across a variety of industries. This survey was also conducted in 2017 as a benchmark in order to measure SD-WAN trends over time. Optimizing the network to support cutting-edge technology stands out as the most prominent objective that … More
The post Skills gap remains a top barrier to SD-WAN adoption appeared first on Help Net Security.
It’s no secret that attackers traditionally go after low-hanging fruit when hacking a system. Historically, this has meant targeting user applications, and, for deeper persistence, the operating system (OS) kernel to gain control. But, as OS security has advanced, it’s become more difficult to compromise an OS with any kind of persistent kernel rootkit. As a result, hackers (and researchers) have moved below the OS level and are now targeting firmware – most notably the … More
Businesses worldwide are gaining control of previously unmonitored and unsupported cloud applications and devices, known as shadow IT, that lurk in their IT environments, according to the 2019 Duo Trusted Access Report. The average number of organizations protecting cloud apps with Duo surged 189 percent year-over-year, indicating that enterprises are catching up with the explosion of cloud use and shadow IT in the workplace. In addition, the frequency of out-of-date devices has dropped precipitously, hardening … More
The post Enterprises catching up with the explosion of cloud use and shadow IT in the workplace appeared first on Help Net Security.
The sheer volume of data created by the Internet of Things (IoT) is increasing dramatically as the world is becoming progressively more connected. There is projected to be a mind-boggling 75 billion IoT devices in the world by 2025. Meanwhile, edge computing is set to be adopted into the mainstream by as early as 2020. This means that increasingly vast amounts of IoT data will be stored, processed and analyzed on the edge. While edge … More
In this Help Net Security podcast, Marco Rottigni, Chief Technical Security Officer for Qualys across EMEA, talks about the importance of IT asset management within digital transformation processes. He illustrates why it’s crucially important to understand what you have, and how to build security in versus bolting it on. Here’s a transcript of the podcast for your convenience. Hello, my name is Marco Rottigni and I work for Qualys as a Chief Technical Security Officer … More
The post The importance of IT asset management within digital transformation processes appeared first on Help Net Security.
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, according to Sophos. The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa. Cybercriminals use multiple attack methods and payloads for maximum impact The Sophos survey shows how attack techniques … More
The post Multi-stage attack techniques are making network defense difficult appeared first on Help Net Security.
Healthcare organizations have high levels of confidence in their cybersecurity preparedness despite most of them using only basic user authentication methods in the face of an increasing number of patient identity theft and fraud instances in the marketplace, according to LexisNexis Risk Solutions. Key survey findings Specifically, the survey results showed: 58% believe that the cybersecurity of their patient portal is above average or superior when compared to other patient portals 65% report that their … More
The post How well are healthcare organizations protecting patient information? appeared first on Help Net Security.
- Have you documented security incidents? How did you remediate those incidents?
- Do you have the result of your last business continuity test? If yes, can you share it?
- What security controls exist for your users? Do they use multifactor authentication, etc.?
- How are you maturing your security program?
- Are you ISO, SOC 1/SOC 2, and NIST Compliant, and is there documentation to support this?
If you’re unsatisfied with the answers from a potential partner regarding their security, it’s OK to walk away, especially if you make the determination that working with the vendor may not be critical to your business.
- Remediation: Can you work with the vendor to remediate the technical risk?
- Compensating controls: If you cannot remediate the risks entirely, can you establish technical compensating controls to minimise or deflect the risk?
These are policies that users of the offering should follow, such as limits on the types and amounts of data that can be input securely. Some typical policy scenarios include:
- Regulatory compliance: For example, a vendor’s non-compliance could mandate you walk away from a third-party relationship.
- Contractual obligations: Are there contractual obligations in place with your existing clients that prevent you from working vendors who don’t meet certain security and privacy standards?
- Security best practices: Ensure your policies around risk are enforced and determine whether they may conflict with your vendors’ policies.
Cloud Security should not be an afterthought
It is essential for security to be baked into a new cloud services design, requirements determination, and in the procurement process. In particular, defining and documenting the areas of security responsibility with the intended cloud service provider.
Cloud does not absolve the business of their security responsibilities
All cloud service models, whether the standard models of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) or Software as a Service (SaaS), always involve three areas of security responsibilities to define and document:
- Cloud Service Provider Owned
- Business Owned
- Shared (Cloud Service Provider & Business)
Regardless of the cloud model, data is always the responsibility of the business.
- Cloud Security Alliance
- PCI SSC Cloud Computing Guidelines
- NCSC Cloud Security Guidance
- Microsoft O365 Security and Compliance Blueprint UK
February was a rather quiet month for hacks and data breaches in the UK, Mumsnet reported a minor data breach following a botched upgrade, and that was about it. The month was a busy one for security updates, with Microsoft, Adobe and Cisco all releasing high numbers of patches to fix various security vulnerabilities, including several released outside of their scheduled monthly patch release cycles.
A survey by PCI Pal concluded the consequences of a data breach had a greater impact in the UK than the United States, in that UK customers were more likely to abandon a company when let down by a data breach. The business reputational impact should always be taken into consideration when risk assessing security.
I will be speaking at the e-crime Cyber Security Congress in London on 6th March 2019, on cloud security, new business metrics, future risks and priorities for 2019 and beyond.
Finally, completely out of the blue, I was informed by 4D that this blog had been picked by a team of their technical engineers and Directors as one of the best Cyber Security Blogs in the UK. The 6 Best Cyber Security Blogs - A Data Centre's Perspective Truly humbled and in great company to be on that list.
- What's the greater risk to UK 5G, Huawei backdoors or DDoS?
- The Business of Organised Cybercrime
- Is Huawei a Threat to UK National Security?
- Customers Blame Companies not Hackers for Data Breaches
- Automotive Technologies and Cyber Security
- The 6 Best Cyber Security Blogs - A Data Centre's Perspective
- Parenting Website Mumsnet hit by Data Breach
- UK Officials Concerned over Huawei’s Presence
- UK Consumers more likely to Abandon a Breached Company according to Research
- US Military Hackers took Russian troll factory offline during midterms, report claims
- GCHQ Chief: Cyber conflict could deteriorate into a Wild West if left unchecked
- Australia’s Major Political Parties Hacked by 'state actor' ahead of Elections
- High Stress Levels Impacting CISOs Physically, Mentally
- 60,000 EU Data Breaches filed under GDPR
- Dow Jones database holding 2.4 million records of politically exposed persons
- Palisades Park receives £151,000 advance after Cyberattack
- UK Bank Customers hit by Dozens of IT shutdowns due to operational and security incidents
- Musical.ly (TikTok App) fined a Record £4.3 Million under United States COPPA
- Microsoft Patches 76 Vulnerabilities, including 20 Critical for Windows, Edge, Hyper-V, Chakra and Adobe Flash
- Microsoft Fixes IIS Vulnerability that can cause CPU usage to Soar 100% when processing HTTP/2 requests
- Adobe Releases fixes 70 Vulnerabilities in Acrobat and Acrobat Reader
- Adobe issues New patch for Acrobat and Reader Out of Band
- RDP Flaws could allow Hackers to take over control of Systems
- Cisco rolls out Multiple Security Updates across its Product Portfolio
- Apple Patches Two Flaws Exploited in Zero-Day Attacks; also fixes FaceTime Eavesdropping Bug
- Mozilla Foundation issues Firefox Updates
- Cisco Network Assurance Engine (NAE) contains Password Vulnerability
- Cisco Patches Two Code Execution Vulnerabilities
- Carbon Black Global Threat Research Project
- 2019 CrowdStrike Global Threat Report
- Netscout Threat Landscape Report: IoT Devices Attacked Faster than Ever, DDoS Attacks up dramatically