Category Archives: EDITOR’S NEWS

Amazon Prime Day: 60% increase in cloud transactions impact business apps

Amazon Prime Day took place this week, with the retailer claiming that the first 10 hours grew even faster than the first 10 hours on the same day in 2017, exceeding the £766m ($1bn) in sales globally. According to reports, spending jumped 89 percent in the first 12 hours of the event compared to the same period last year.

Zscaler released its own data, which reveals the number of Amazon transactions taking place in the Zscaler cloud from Monday 16th July at 1am BST to end of the day Tuesday 17th July. The data revealed there were 60 percent more cloud transactions to Amazon.com on Prime Day than seen in the Zscaler cloud on a typical day. You can see the network traffic spikes in the graph attached.

Matt Piercy, vice president and general manager EMEA at Zscaler, commented on the results, noting that as businesses increasingly move their infrastructure to the cloud, these daytime spikes have a reduced impact on business applications:

“Our data indicates that, during Amazon Prime Day, Amazon traffic in the Zscaler cloud rose considerably during the working day, with tens of millions more people visiting Amazon.com than usual over the two days. The growing popularity of retail events like Amazon Prime Day means people are likely going to find ways of shopping while at work, which can have a significant impact on network bandwidth – something that has traditionally posed a problem for the IT team. Indeed, as more businesses adopt BYOD policies, we’re finding a growing number of personal as well as corporate devices connected to the WLAN. Online shopping to this extent can hamper the performance of business critical applications, such as file sharing, backup, and Office 365.

“The truth is, however, that the modern enterprise will incur network spikes, planned or not, that will put a strain on network resources. Whether it’s Amazon Prime Day or another popular sale such as Black Friday/Cyber Monday, unexpected demand for a product, or even an oversubscribed employee webcast, network spikes are no longer an anomaly – they’ll happen. The good news is that we are on the cusp of a new era for business. More and more enterprises are moving their infrastructure to the cloud, which offers a level of elasticity that businesses have not previously experienced. By embracing digital transformation, enterprises no longer need to buy new appliances, install virtual machines or block major retail events like Amazon Prime to accommodate spiked traffic.”

The post Amazon Prime Day: 60% increase in cloud transactions impact business apps appeared first on IT SECURITY GURU.

Cyber Security Incidents: Insider Threat falls in UK (to 65%) and Germany (to 75%) post GDPR, but US risk increases (to 80%)

New research by data security company, Clearswift, has shown that year on year cyber security incidents from those within the organisation, as a percentage of all incidents, have fallen in the UK and Germany, two countries currently now under the ruling of GDPR. However, in the United States, a country outside of the direct jurisdiction, threats are on the rise.

 

The research surveyed 400 senior IT decision makers in organisations of more than 1,000 employees across the UK, Germany, and the US. The data has revealed that when looking at the true insider threat, which takes into account inadvertent and malicious threats from the extended enterprise – employees, customers, suppliers, and ex-employees – this number sits at 65% in the UK, down from 73% in 2017. Similarly, senior IT decision makers in Germany also saw a drop to 75%, down from 80% the previous year. US respondents actually saw a rise in the insider threat up to 80%, a number rising from 72% in 2017.

 

Direct threats from an employee within the business – inadvertent or malicious – now make up 38%, of incidents. This has halted the rising threat evident in 2017 and 2015 showing 42% and 39% respectively. Threats from ex-employees account for 13% of all cyber security incidents, highlighting a clear need for better processes when employees part ways.

 

“Although there’s a slight decrease in numbers in the EMEA region, the results once again highlight the insider threat as being the chief source of cyber security incidents. Three quarters of incidents are still coming from within the business and its extended enterprise, far greater than the threat from external hackers. Businesses need to shift the focus inwards”, said Dr Guy Bunker, SVP Products at Clearswift.

 

“I think at the very least what GDPR has done is ensure firms have a better view of where critical data sits within their business and highlighted to employees that data security is an issue that is now of critical importance, which may be why we’ve seen a drop in the insider threat across EU countries. If a firm understands where the critical information within the business is held and how it is flowing in and out of the network, then it is best placed to manage and protect it from the multitude of threat vectors we’re seeing today.”

 

Although internal threats pose the biggest threat to most organisations, employers believe that the majority (62%) of incidents are accidental or inadvertent rather than deliberate in intent; a number that is slightly down on 2017 (65%).

 

The insider threat was slightly less for companies with over 3,000 employees (36%), as opposed to those with between 1,000 – 3,000 employees. This is a possible indication of more robust internal processes and checkpoints at larger businesses.

 

Bunker added, “Organisations need to have a process for tracking the flow of information in the business and have a clear view on who is accessing it and when. Businesses need to also ensure that employees ‘buy into’ the idea that data security is now a critical issue for the business. Educating them on the value of data, on different forms of data, what is shareable and what’s not, is crucial to a successful cyber security strategy.

 

“Having said that, mistakes can still happen and technology can act as both the first and last line of defence. In particular, Adaptive Data Loss Prevention solutions can automatically remove sensitive data and malicious content as it passes through a company network.”

 

The post Cyber Security Incidents: Insider Threat falls in UK (to 65%) and Germany (to 75%) post GDPR, but US risk increases (to 80%) appeared first on IT SECURITY GURU.

Alert Logic announces industry-first container security capabilities

Alert Logic, the leading provider of Security-as-a-Service solutions, today announced at the AWS Summit, New York, the industry’s first network intrusion detection system (IDS) for containers, available in Alert Logic Cloud Defender and Threat Manager solutions. This innovation brings organisations powerful new capabilities to inspect network traffic for malicious activity targeting containers, and faster detection of compromises to enhance the security of workloads running on the AWS Cloud.

The Alert Logic network IDS capability supports containers deployed on AWS including Docker, Amazon Elastic Container Service, Kubernetes, CoreOS, and AWS Elastic Beanstalk. Support for additional cloud-deployed containers will be available before the end of the year. The Alert Logic incident console can also now display which containers and hosts might be compromised along with the associated metadata.

Containers enable organisations to leverage the low overhead, power, agility, and security of virtualization with the improved benefit of portability. While the container market is growing fast given these benefits, with an estimated CAGR of 40% through 2020 according to 451 Research, many businesses have delayed container adoption and the related cost and time benefits due to security concerns. Until now, the security industry hasn’t provided the critical ability to inspect the network traffic that targets containers.

“Without real-time detection capabilities, attackers and intruders can lurk within containers installing trojans, malware, ransomware and cryptominers or even corrupting and exfiltrating data,” said Chris Noell, Senior Vice President, Engineering at Alert Logic. “Network intrusion detection is critical to providing the visibility into container attacks that other approaches miss. With Alert Logic, organisations can confidently move forward with their container deployments knowing that they are protected by the only security solution in the market that addresses container visibility at the network layer.”

Customers and Partners Adopt New Network IDS Capabilities for Containers

Accesso Technology, a best-in-class eCommerce, point of sales and ticketing solution provider, helps its clients increase sales and streamline operations and is an early adopter of Alert Logic’s container security innovation.

“As Accesso continues to focus on our industry-leading technology and security infrastructure, we need to ensure our containerized environment is protected without introducing additional complexity,” said William DeMar, Director, Information Security, Accesso Technology. “With Alert Logic, we have extended IDS security monitoring and detection to the container level and have gained more granular visibility into our container environments across multiple cloud platforms. Alert Logic partnered with us to get up and running quickly, and their team of security analysts and consultants proactively escalates incidents so we can prioritise our team’s efforts.”

Wealth Wizards is another Alert Logic customer using the new network IDS capability for containers. “We’re writing products our financial services clients want today, which means we need to build software really quickly,” said Richard Marshall, Head of Platform, Wealth Wizards. “We run in a 100% container environment, using Kubernetes and Docker. Security is a big priority for us, but we need to keep our engineering team focused on delivering the best experience for our clients. With Alert Logic we can concentrate on our core business while being safe in the knowledge we have security experts covering the operational side for us.”

Logicworks, a cloud automation and managed services company, partners with Alert Logic and has extended network IDS for containers capabilities to its customers. “Although container technology is relatively new, it’s already a ‘go to’ code deployment strategy for Logicworks,” said Steven Zeller, Vice President, Product Marketing for Logicworks. “Containers help our customers work smarter, and Logicworks ensures that our customers’ containers run securely and efficiently on AWS. Alert Logic’s container security solutions give our customers confidence in the continuous security of their cloud infrastructure.”

Products + Services Approach

The Alert Logic container security solutions work by analysing the signature of data packets as they traverse the container environment to detect cyberattacks in real-time and provide a graphical representation of the compromised container and its relationships. The intrusion detection capabilities for containers are fully managed by Alert Logic’s 24×7 security and compliance experts in the company’s Security Operations Centers. When a container threat is detected, Alert Logic’s security experts prioritise the threat, proactively escalate within 15-minutes, provide visual context, and offer remediation advice for customers.

The post Alert Logic announces industry-first container security capabilities appeared first on IT SECURITY GURU.

Mimecast Opens Early Adopter Program for New Web Security Service

Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the launch of its early adopter program after conducting a successful private beta for the new Domain Name System (DNS) Security Gateway solution.

The Mimecast DNS Security Gateway cloud-based service guards against malicious activity initiated by user action or malware while blocking access to websites deemed unsafe or inappropriate based on each organization’s objectives and policies. The program is open for existing Mimecast customers looking to improve their defenses against web-based attacks.

Combining Mimecast DNS Security Gateway with the Mimecast Secure Email Gateway services enables organizations to implement an agile, easy-to-deploy solution that protects against the two most prevalent cyberattack vectors—email and web.

Backed by a comprehensive cloud platform proven at over 30,000 customers globally, the Mimecast DNS Security Gateway leverages Mime|OS, Mimecast’s operating system that delivers a portfolio of cloud-based security services to customers. This new web security service is also supported by the Security Operations Center (SOC) team and global threat intelligence and analytics that support Mimecast’s email security services. A unified, integrated security and business continuity platform allows customers to capitalize on multiple layers of services that together deliver high-performance and exceptional efficacy against the threat landscape.

“A vast proportion of security incidents occur via email or the web, and DNS requests make up a large portion of the associated web activity. The Mimecast DNS Security Gateway adds an all-important security layer for web-based activity,” said Christina Van Houten, chief strategy officer at Mimecast. “We’re laser-focused on collaborating with our customers to strengthen their cyber resilience and ensure their organizations are safe for business. The feedback from early adopter customers has been overwhelmingly positive and we’re eager to open the beta program more broadly before the product is generally available.”

Customers interested in participating in the early adopter program for Mimecast DNS Security Gateway should contact DNSPreview@mimecast.com for more information. Mimecast DNS Security Gateway will be generally available in the fourth quarter of 2018.

The post Mimecast Opens Early Adopter Program for New Web Security Service appeared first on IT SECURITY GURU.

Search for the UK’s Security Serious Unsung Heroes begins

Eskenzi PR, the driving force behind Security Serious , has today announced the third annual Security Serious Unsung Heroes Awards are now open for nominations.  The awards are a chance for the people, not products, on the front lines – whether it’s teaching others, working with law enforcement or battling cyber threats in organisations – to come together and receive the recognition they deserve.

Nominations are open until the 3rd of August and The Unsung Heroes Awards will take place on Tuesday, 2nd October 2018, during Security Serious Week – a week during October’s European Cyber Security Awareness Month dedicated to events put on by cyber-security experts to encourage others in business to take cyber security more seriously.

The Unsung Heroes Awards, started by Eskenzi PR, Smile on Fridays and the IT Security Guru, are backed by the cyber security industry from certification bodies such as CREST to major corporations like Canon and Publicis Groupe as well as vendors CyberArk, Cybereason, Operatix, Janrain, Intelisecure, Mimecast and Gigamon.

The sponsors all make it possible for the Unsung Heroes Awards to be free to enter and free to attend, unlike any other industry award.

“Our unique format means that people can nominate their customers, colleagues, friends or professors to be recognised for the fantastic – but often thankless –  work they do behind the scenes,” said Yvonne Eskenzi, Director of Eskenzi PR and founder of Security Serious. “The Unsung Heroes awards are about unearthing new talent and thanking all those incredible IT security professionals who work tirelessly behind the scenes doing great work.  We also want to encourage new talent into the industry and show them how rewarding a career in cyber security can be.”

The categories are now open for nominations until 3rd August 2018 and include:

Fraud Fighter

Captain Compliance

Godfather of Security

Cyber Writer

Security Avengers (team)

Best Security Awareness Campaign

Security Leader/Mentor

Apprentice/Rising Star

Best Educator

Data Guardian

SecDevOps Trailblazer

CISO Supremos – Retail, CNI, Finance, Manufacturing, Media & Entertainment, Charity and Telecoms

“There are many other ‘Security Awards’ evenings in London, most of which take themselves far too seriously. Security Serious (ironically) gets the mix right – recognising those who make a valuable contribution to our work, our professional community and our society but, for a variety of reasons, don’t seem to get selected for other awards,” said Gerry O’Neill, Security and Assurance Advisor

Director, Inforisca Services who attended the awards last year for the first time.

The post Search for the UK’s Security Serious Unsung Heroes begins appeared first on IT SECURITY GURU.

Two thirds embarrassed by their out of date tech

A study of 1000 UK adults, carried out in May 2018, showed that the main reason people upgrade their smartphone is due to the embarrassment of having an older handset, rather than the desire to have the latest tech.

 

Despite mobile technology drastically improving in recent years, the research, by Satsuma Loans, revealed that 63% of respondents would be embarrassed if their peers saw them using a handset that was more than a couple of years old, and this would impact their decision to upgrade more than their desire to have new features.

 

When it comes to which age group feel most embarrassed by their out of date tech, surprisingly more respondents aged 45-54 admitted to feeling embarrassed by their phone than any other age group.

 

According to the study, the top five reasons for upgrading are:

 

Embarrassment of using an old handset (63%)

Peer pressure to fit in with others (59%)

Desire to always have the latest tech (51%)

Coming to the end of a phone contract (43%)

Desire to have a specific new feature (27%)

 

Looking at how often people involved in the study upgrade their phone, the majority (61%) upgrade each time they reach the end of their current contact, however 14% admitted they try to upgrade every six months – spending over £1000 a year on their mobile phone handset.

 

At the other end of the scale, one in ten adults surveyed stated that they believe smartphones are a waste of money and are happy with a basic handset. As well as the initial cost of the phone handset and monthly contract payments, there are also a number of hidden costs associated with owning a smartphone.  Hidden costs to consider are:

  • Insurance – insurance for top of the range phones can be as high as £14.99 per month
  • Cases, covers and screen protectors – without them you could be looking at a hefty bill for fixing a smashed handset after an accident
  • Cloud storage and backups – if you don’t back up you risk losing all of your precious photos and videos if you lose or damage your handset
  • Anti-virus protection – even the most tech-savvy can be caught out by malware

The post Two thirds embarrassed by their out of date tech appeared first on IT SECURITY GURU.

Organisations need a zero trust model for cyber security, Unisys survey finds

New research from Unisys Corporation found that IT professionals reported three incidents on average where sensitive information had been lost last year, with some respondents reporting 11 losses for the year. Respondents also reported an average of nine incidents per month where they had to address highly severe security issues.

The survey, conducted by information insights company Information Services Group Inc. (ISG), asked 404 enterprise IT professionals in North America, Europe and Asia Pacific to assess their security operations. The findings illustrate high levels of awareness among respondents of their challenges as well as the need to establish digital trust with their customers as they transform their businesses to cloud and mobile platforms.

As a result of these findings, ISG is forecasting that 60 percent of businesses globally will suffer a major service failure due to the new security issues introduced by shifting workloads to the cloud and enabling mobile and remote employees. The research indicates that between 2016 and 2020, on-premises workloads will decline from 55 percent to 20 percent of all workloads.

To address the challenges associated with digital trust, Unisys recommends the adoption of the “zero trust” model – an approach to security that recognizes threats emanate not only from outside the perimeter, but also from malicious insiders within trusted zones. The zero trust approach of granting least privileged access to all users requires a combination of microsegmentation and security services such as security information and event management (SIEM), endpoint protection and risk assessment, eliminating the need to buy new gear, rip and replace or add complexity to an already unwieldy architecture.

“In the era of digital transformation, security professionals recognize that digital trust is table stakes – a requirement that, if not met and delivered as part of the experience for stakeholders of the enterprise’s value chain, will upend organizations everywhere,” said Doug Saylors, research director, ISG. “Enterprises that are first to adopt and leverage digital trust fabrics will realize competitive advantages driven by combinations of deeper customer intimacy, operational excellence and product leadership.”

The survey showed that IT professionals recognize the need to address threats coming from outside their enterprises as well as the need to create security-focused cultures within them.

When asked to choose from among 12 IT security challenges at their enterprises, the top challenge was “external threats,” selected by 43 percent of respondents. It was followed by security challenges related to 24×7 operations (selected by 36 percent) and challenges related to legacy technologies (selected by 34 percent).

“Trust in digital business is earned during every digital interaction with the enterprise,” said Tom Patterson, chief trust officer at Unisys. “This means establishing strong bonds of trust throughout their ecosystems of employees, partners, suppliers and customers. By operating resistant and resilient systems, establishing trusted identities, and focusing passionately on client success, it is possible to make trust your critical success factor.”

Unisys Security Solutions protect critical assets by establishing digital trust and providing secure access to trusted users. Unisys solutions help enterprises reduce their attack surface, easily comply with regulations and simplify the complexity of today’s network security. Combining expert consultants, advanced software and managed security services, Unisys helps enterprises build security into the fabric of their digital transformation.

The post Organisations need a zero trust model for cyber security, Unisys survey finds appeared first on IT SECURITY GURU.

Cylance Unveils “Cylance Smart Antivirus;” AI-Powered Antivirus for Consumers

Cylance Inc., the leading provider of AI-driven, prevention-first security solutions, today launched Cylance Smart Antivirus, AI-powered antivirus software designed specifically for consumers. By extending the enterprise-grade AI of CylancePROTECT into the home, Cylance provides internet users with next-generation security software that proactively predicts and blocks never-before-seen threats.

More than 350,000 new pieces of malware are created every day, and traditional consumer antivirus software simply can’t keep pace with today’s security reality. Existing solutions rely on reactive, signature-based technologies that slow down systems, bombard users with pop-up notifications, and require some form of breach in order to begin detecting malware. The exponential growth of malicious code, especially zero-day threats and ransomware, requires more innovative and thoughtful solutions to adequately—and effectively—protect end-users.

To help consumers stay ahead of bad actors, Cylance Smart Antivirus provides predictive security to spot and block threats before they have a chance to run without affecting device performance or disrupting the user.

“Consumers deserve security software that is fast, easy to use, and effective,” said Christopher Bray, senior vice president, Cylance Consumer. “The consumer antivirus market is long overdue for a groundbreaking solution built on robust technology that allows them to control their security environment.”

With Cylance Smart Antivirus, everyday internet users now have the option to purchase next-generation software built on artificial intelligence. Many people have experience with legacy products that are only as good as their last update. Such tools require extensive manual interactions such as downloads, installations, reboots, and scans. Cylance Smart Antivirus is a game-changer by offering an easy set-it-and-forget-it security experience that gives consumers true peace of mind and ease of use. Key features include:

  • Predictive threat prevention: With its AI-driven approach, Cylance Smart Antivirus is designed to proactively stop malicious threats, including complex malware variants.
  • Minimal impact on performance: Cylance Smart Antivirus runs silently and constantly without noticeable degradation of device performance, diminishing the constant pop-ups, scan requests, and bloatware features that characterize existing AV solutions.
  • Effortless user experience: Easy to install and manage, Cylance Smart Antivirus automatically updates in the background for a set-it-and-forget-it security experience. Users can get up and running in minutes, without unnecessary updates or reboots.
  • Visibility: Cylance Smart Antivirus empowers the technical expert in any family with full awareness and control of the security status of all devices regardless of device location. An easy-to-use web dashboard lets users set alerts if an attack has been blocked, monitor the status of protected devices, and view lists of malicious files blocked on each device.
  • Simple pricing: Cylance Smart Antivirus offers fair and transparent pricing. Unlike many vendors that steeply discount the first year of usage only to surprise consumers with auto-renewals at much higher rates, Cylance discounts subsequent years of use to encourage and reward long-term security hygiene.

The post Cylance Unveils “Cylance Smart Antivirus;” AI-Powered Antivirus for Consumers appeared first on IT SECURITY GURU.

Janrain and Akamai partner to enhance security of digital customer identities

Janrain®, the company that pioneered the Customer Identity and Access Management (CIAM) category, and Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, today announced that they have partnered to provide Janrain Secure Edge, bringing new integrated security capabilities to the Janrain Identity Cloud®, the world’s largest identity network.

The value of customer profile data linked to customer identities has grown dramatically over the past decade and is one of the most crucial success factors for digital-first enterprises today.

This sensitive data, and the systems handling it, are facing an increasingly complex and sophisticated variety of threats ranging from opportunistic and sophisticated breach attempts, to malicious API calls, to Distributed Denial of Service (DDoS) attacks. In addition to these network-based threats, there is risk from fake or fraudulent user identity creation that aims to abuse a company’s systems or other users.

Akamai and Janrain have partnered to offer joint customers an unprecedented level of protection against both network-based and identity-based threats, leveraging and combining the capabilities of the Akamai Intelligent Platform™, which consists of more than 200,000 servers in more than 3,500 locations across 1,600 networks in 131 countries, and the Janrain Identity Cloud®, the world’s largest identity network reaching over 1.75 billion digital identities in more than 3,400 commercial deployments worldwide.

The result is Janrain Secure Edge, a new, always-on multi-component protection layer, which is now an integral part of the Janrain Identity Cloud. It combines industry-leading, risk-adaptive protection from the Akamai Intelligent Platform™ to safeguard against the latest digital attacks against websites, applications, and API infrastructure in general – including DDoS, Web Application Firewall, direct-to-origin attacks and a best-of-class Bot Management solution – with the identity-based security measures of the Janrain Identity Cloud, including risk-based adaptive authentication powered by automated fraud detection that safeguards against malicious account activities including fraudulent account creation and credential compromise.

Because Akamai applies protections at the edge of the internet, they can detect and help fend off malicious activities and bad actors before they even reach the actual systems of companies using the Janrain Identity Cloud. This not only minimises the risk of intrusion for Janrain clients but keeps attack traffic away from their sites, which helps to eliminate the need to launch additional and expensive compute resources and prevents negative impact on customer experiences from performance degradation or outages.

“Customer identities are crucial assets to companies, but especially to the individuals who they represent. As individuals engage with digital businesses across more areas of their lives, sensitive personal data ends up in their profile data,” said Josh Shaul, Vice President of Web Security, Akamai. “The Akamai Intelligent Platform provides a unique level of protection to Janrain’s clients, shielding them and their customers from an increasingly diverse and fast changing range of threats and attacks that are trying to steal that valuable customer data.”

“The combination of the leading network protection technology from Akamai with Janrain’s focus and innovation in authentication and authorization for each individual consumer (and thing) identity allows us to secure our clients from malicious activity at the edge in a way that is unique for every user,” said Jim Kaskade, CEO at Janrain. “As the leader in identity security, it was a natural step for us to collaborate with Akamai, the largest and most respected distributed platform operating at the edge of the Internet.”

“The integration of the Akamai Intelligent Platform with the Janrain Identity Cloud allows brands to focus on providing the best digital experiences without compromising on security and data protection, as well as performance or scale,” continued Shaul.

Janrain Secure Edge is available to all Janrain Identity Cloud customers in all global regions, including China and Russia.

As part of Janrain Secure Edge, both companies will work together to further extend security capabilities with an advanced use of data and analytics. “Most companies talking about ‘AI’ reach a level of automation with machine learning technology but miss the mark on self-learning that Artificial Intelligence promises.” said Kaskade. “Akamai and Janrain combined effectively have over one-third of the global internet traffic to learn from, model, and automate to provide the leading identity security solution for our clients.”

The post Janrain and Akamai partner to enhance security of digital customer identities appeared first on IT SECURITY GURU.