With the fallout of the data breach at the Office of Personnel Management still in the news cycle, now is a good time for federal organizations to reflect on the state of their own security and the sophistication of their enemies.
There are many security analysts out there who are more than willing to give their two cents on what the OPM did wrong, but we can all agree that the department was woefully ill prepared to address the tactics of their adversary.
The reality is that most attackers are not breaking into networks; they are just logging in. Defenders are waiting for threat actors to hack through the firewall, but it is easier and more effective for attackers to compromise the credentials and access privileges of organization insiders, then operate with all of the privileges of legitimate users. They are turning innocent users into insider threats.
It is often cited that an enterprise’s employees are its biggest vulnerability. What are company’s doing about it? In a significant number of cases, companies are perhaps doing nothing.
According to the SANS Institute and SpectorSoft, 74 percent of the 772 IT security professionals they recently surveyed are “concerned about malicious employees.” The survey pool spans 10 industries including financial, government, and technology and IT services. The survey data also shows that 32 percent of respondents “have no technology or process in place to prevent an insider attack”.
The Payment Card Industry Security Standards Council (PCI SSC) has published guidance for organizations to handle data breaches effectively and with minimal financial consequence, Out-Law.com reports. “Prevention, detection and response are always going to be the three legs of data protection,” said Stephen W. Orfei, PCI SSC general manager. “Better detection will certainly improve response time and the ability to mitigate attacks, but managing the impact and damage of compromise comes down to preparation, having a plan in place and the right investments in technology, training and partnerships to support it.” The guidance may prove timely for organizations looking to avoid expensive breach claims, which a NetDiligence study found averaged $4.8 million in 2015 for large companies.
If you’re in the USA, it’s officially National Cyber Security Awareness Month, starting today, October 1, 2015.
We’ll refer to it more loosely just as CSAM, in the hope that Naked Security readers all over the world will join in.
Of course, CSAM isn’t an invitation to take cybersecurity more seriously only during October, followed by falling off the wagon in November, and ending up back where you started by Christmas.
Fox Technologies presents the security challenges of moving from a virtual machine to a container, and strategies to get a Linux container-based solution through its first audit. In this 30-minute webinar, David Dingwall discusses the security strengths and limitations of implementing Linux container production operations. He provides strategies to get a new Linux container-based solution through its first Audit.
According to the results of the First Advantage 2015 Cybersecurity Survey, people within companies are a huge cybersecurity concern: 62% of cybersecurity professionals see insider threats growing.
The respondents, who represented a variety of professions human resources, risk management and C-suite executives, were questioned about the security controls best equipped to protect companies from cyber attacks and threats.
Nearly 60 percent pointed to employee background screenings as a significant tool for better protecting organizations, while anti-malware services came in as a close second at 53 percent.
To better estimate how a breach can affect the bottom line, Verizon looked at actual data from 200 cyber insurance claims. You can view that infographic here.
You may also be interested in: Best Practices for Unix/Linux Privileged Identity and Access Management
FoxT Access Management & Governance solutions complement your existing technologies by adding granular control and enforcement of authentication and authorization policies for both privileged and end users. www.foxt.com/boks
An annual report investigating trends in data breaches analyzes data from nearly 80,000 security incidents and more than 2,000 data compromises from 61 countries. While the report acknowledges that malicious hackers are finding ever more sophisticated ways to gain access to an organization’s critical data, the majority of attacks still rely on phishing and hacking. The report also indicates that organizations can decrease their risks by prioritizing their approach to information security.
Below are some key takeaways from the report:
Employee awareness is critical. Whether it is becoming a victim of a phishing scam, theft, or abusing work-related privileges, employees account for a large number of data breaches. The report found the following:
Phishing attacks still account for more than 20% of security incidents. In fact, according to the report, “a campaign of 10 emails yields a greater than 90% chance that at least one person will become the criminal’s prey.” Continue reading
While it may be obvious that addressing vulnerabilities eats up the most time for IT security pros, what may surprise you is the source of those vulnerabilities.
Most people think that IT security professionals spend most of their time thwarting external threats from hackers, cybercriminals and bad actors from the Dark Web. In fact, infosec pros find the biggest time suck coming from addressing security vulnerabilities introduced by applications developed in-house or even from off-the-shelf purchases. In fact, as a survey of attendees at this summer’s Black Hat conference indicates, “Most enterprises are not spending their time, budget and staffing resources on the problems that most security-savvy professionals consider to be the greatest threats.”
More than 10 million records were exposed in a data breach of health insurer Excellus BlueCross BlueShield and a partner company. That’s only a fraction of the size of a similar hack earlier this year, but it raises the question, “Again?”
The hack of Rochester, New York-based Excellus follows not just the breach of about 80 million health records from Anthem in January, but several smaller attacks against health care databases in California and New York. In July, the UCLA Health System announced hackers had accessed 4.5 million of its patient records. In June, an employee of a hospital called Montefiore Medical Center in New York was indicted for helping to steal 12,000 health care records.